www.dot.gov

- United States Department of Transportation -

Issued by DigiCert TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 04:45:31:ab:94:d2:3e:bf:06:7d:32:db:e4:c0:02:ca was issued on by DigiCert Inc.

With 100 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

United States Department of Transportation

Organization: United States Department of Transportation
State / Province: District Of Columbia
Locality: Washington
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:45:31:ab:94:d2:3e:bf:06:7d:32:db:e4:c0:02:ca
Serial Number (int): 5676187898522887655232118549983003338
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 04:52:4a:f1:23:8a:72:ee:7e:07:56:dd:91:99:f2:7e:84:a5:d1:90
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4

Fingerprint (sha1): f2:a7:28:b1:fc:5a:58:70:29:5a:5c:58:5f:0a:28:16:4a:36:5e:ec
Fingerprint (sha256): 03:7e:eb:59:c2:80:3d:0b:07:a5:6c:e8:d9:af:5d:5d:a5:f4:40:99:91:a5:57:a5:7f:0d:3e:e2:c7:38:08:82

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-2.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-2.crl

Check the revocation status for certificate www.dot.gov

100

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.dot.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.dot.gov
www7.transportation.gov
www7.phmsa.dot.gov
www7.highways.dot.gov
www7.fta.dot.gov
www7.fmcsa.dot.gov
www7.bts.dot.gov
www.volpe.dot.gov
www.usmma.edu
www.tsi.dot.gov
www.transportation.gov
www.transit.dot.gov
www.sharetheroadsafely.gov
www.secure.dot.gov
www.seaway.dot.gov
www.rita.dot.gov
www.protectyourmove.gov
www.portal.dot.gov
www.phmsa.dot.gov
www.permits.performance.gov
www.osdbu.dot.gov
www.maritime.dot.gov
www.marad.dot.gov
www.fta.dot.gov
www.fmcsa.portal.dot.gov
www.fmcsa.dot.gov
www.data.fra.dot.gov
www.civilrights.dot.gov
www.checkthebox.dot.gov
www.bts.gov
www.bts.dot.gov
volpe.dot.gov
utc.dot.gov
tsi.dot.gov
transit.dot.gov
transerve.dot.gov
sharetheroadsafely.gov
sfm.fmcsa.dot.gov
secure.dot.gov
seaway.dot.gov
score.fmcsa.dot.gov
railroads.fra.dot.gov
railroads.dot.gov
protectyourmove.gov
portal.dot.gov
pnt.rita.dot.gov
pipelinesafety.dot.gov
phmsa.dot.gov
osdbu.dot.gov
ntl.bts.gov
ntcscheduler.fmcsa.dot.gov
nationalregistry.fmcsa.dot.gov
maritime.dot.gov
marad.dot.gov
highways.fhwa.dot.gov
highways.dot.gov
hazmatsafety.dot.gov
hazmat.dot.gov
fta.dot.gov
fra.portal.dot.gov
fmcsa.portal.dot.gov
fmcsa.lms.dot.gov
fmcsa.dot.gov
dotcms.fra.dot.gov
dot.gov
cms8.phmsa.dot.gov
cms8.marad.dot.gov
cms8.fmcsa.dot.gov
cms8.fhwa.dot.gov
cms8.dot.gov
cms8.bts.dot.gov
cms7.phmsa.dot.gov
cms7.marad.dot.gov
cms7.fta.dot.gov
cms7.fra.dot.gov
cms7.fmcsa.dot.gov
cms7.fhwa.dot.gov
cms7.dot.gov
cms7.bts.dot.gov
cms.volpe.dot.gov
cms.usmma.edu
cms.secure.dot.gov
cms.seaway.dot.gov
cms.phmsa.dot.gov
cms.permits.performance.gov
cms.marad.dot.gov
cms.intranet.dot.gov
cms.fta.dot.gov
cms.fra.dot.gov
cms.fmcsa.secure.dot.gov
cms.fmcsa.dot.gov
cms.fhwa.dot.gov
cms.dot.gov
cms.buildamerica.dot.gov
cms.bts.gov
cms.bts.dot.gov
cms.aviation.dot.gov
civilrights.dot.gov
checkthebox.dot.gov
buildamerica.dot.gov

Other certificates including the domain name dot.gov

(limited to 100 certificates)
www.psp.fmcsa.dot.gov
www.dot.gov
acquia-sites.com
*.phmsa.dot.gov
vsa.volpe.dot.gov
marad.dot.gov
acquia-sites.com
www.standards.its.dot.gov
origin-www-esv.nhtsa.dot.gov
*.volpe.dot.gov
faces.fta.dot.gov
1c3rs.rita.dot.gov
itsdpro.ornl.gov
facesuat.fta.dot.gov
its2010.ornl.gov
www.faa.gov
ftp.nhtsa.dot.gov
rsac.fra.dot.gov
fl17vgisweb.hfl17do1.wfl.fld.fhwa.dot.gov
marapps.dot.gov
ask.fmcsa.dot.gov
crashstats.nhtsa.dot.gov
TSMART.VOLPE.DOT.GOV
www.dot.gov
acquia-sites.com
mcmis.fmcsa.dot.gov
its2010.ornl.gov
safeconsole.volpe.dot.gov
nhtsa.dot.gov
acquia-sites.com
NHTHQNF5B-M.nhtsa.dot.gov
fhw2xavwmup02.dmz.fhwa.dot.gov
pmars.marad.dot.gov
acquia-sites.com
dotcmsreporting.dot.gov
oetcrt.dot.gov
itsassets.ornl.gov
acquia-sites.com
acquia-sites.com
safercar.gov
enepa.fhwa.dot.gov
rspcb.safety.fhwa.dot.gov
itsassets.ornl.gov
marapps.dot.gov
www-odi.nhtsa.dot.gov
PoolSFC.dot.gov
fhw1xavwmup01.dmz.fhwa.dot.gov
flh.fhwa.dot.gov
swim.volpe.dot.gov
Access.dot.gov
www.dot.gov
www-nass.nhtsa.dot.gov
itsassets.ornl.gov
ftp.nhtsa.dot.gov
its.dot.gov
ftajira.ad.dot.gov
sphome.volpe.dot.gov
crashstats.nhtsa.dot.gov
www.environment.fhwa.dot.gov
scm.nhtsa.dot.gov
www.faa.gov
www.dot.gov
test.cdlis.dot.gov
elmsstaging.dot.gov
eas.dot.gov
crashviewer.nhtsa.dot.gov
PoolSFC.dot.gov
eas.dot.gov
transportation.gov
safety.fhwa.dot.gov
nhthqnlas865.ad.dot.gov
nhthqnwas603.ad.dot.gov
sftp.phmsa.dot.gov
score.fmcsa.dot.gov
eas.dot.gov
origin-www-odi.nhtsa.dot.gov
www.npms.phmsa.dot.gov
slfts.fhwa.dot.gov
CSAM.DOT.GOV
email.dot.gov
itsdpro.ornl.gov
www.dot.gov
fhfl15gisweb.flhd.fhwa.dot.gov
*.phmsa.dot.gov
VOLPEPHONEMGR.VOLPE.DOT.GOV
mscs.marad.dot.gov
faces.fta.dot.gov
facesdev5.fta.dot.gov
dtrack2013.ornl.gov
sra.volpe.dot.gov
hostedsites.volpe.dot.gov
smtp10.dot.gov
*.infopave.fhwa.dot.gov
www.faa.gov
nhthqnwas813.ad.dot.gov
transitapp.ost.dot.gov
elmsstaging.dot.gov
acquia-sites.com
nhthqnlas803.ad.dot.gov
rspcb.safety.fhwa.dot.gov

Certificate

The complete raw certificate details for www.dot.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIOWzCCDUOgAwIBAgIQBEUxq5TSPr8GfTLb5MACyjANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMjA2MjQwMDAwMDBa
Fw0yMjExMjkyMzU5NTlaMIGMMQswCQYDVQQGEwJVUzEdMBsGA1UECBMURGlzdHJp
Y3QgT2YgQ29sdW1iaWExEzARBgNVBAcTCldhc2hpbmd0b24xMzAxBgNVBAoTKlVu
aXRlZCBTdGF0ZXMgRGVwYXJ0bWVudCBvZiBUcmFuc3BvcnRhdGlvbjEUMBIGA1UE
AxMLd3d3LmRvdC5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs
powJUY3kKWeturC5uzmRDuP/crcaEION/5KgBtkXF+JmHROTHui1Xxg4HTd6BzFj
+KBk+vIo64jQgkeG48NuxycKZ6zODu9R+psu7A7TwHcZIuXRcevkDpmXRfWvPS63
XmYkIPOxn/TXO0ZkgQBZfaVw1nkhdVUdok2ac4RYx9HkiU8ohZGyASa9Ge06V3rS
DtOlCjw29CUkj1ubJ34jlPFiCB/Exw86/7rdStmVsHHrAO3/GK4aR688bQxzSka9
wts0g4/5o2XMhcPl0bKJcFOivPUeMyHxHUdoSzVkgR491YAZPh9Dm/1GxW/w7oz3
6cI2j1Oy3Xg/2qe6Uh8JAgMBAAGjggrzMIIK7zAfBgNVHSMEGDAWgBS3a6LqqKqE
jHnqtNoPmLLFlXa59DAdBgNVHQ4EFgQUBFJK8SOKcu5+B1bdkZnyfoSl0ZAwgged
BgNVHREEggeUMIIHkIILd3d3LmRvdC5nb3aCF3d3dzcudHJhbnNwb3J0YXRpb24u
Z292ghJ3d3c3LnBobXNhLmRvdC5nb3aCFXd3dzcuaGlnaHdheXMuZG90LmdvdoIQ
d3d3Ny5mdGEuZG90LmdvdoISd3d3Ny5mbWNzYS5kb3QuZ292ghB3d3c3LmJ0cy5k
b3QuZ292ghF3d3cudm9scGUuZG90LmdvdoINd3d3LnVzbW1hLmVkdYIPd3d3LnRz
aS5kb3QuZ292ghZ3d3cudHJhbnNwb3J0YXRpb24uZ292ghN3d3cudHJhbnNpdC5k
b3QuZ292ghp3d3cuc2hhcmV0aGVyb2Fkc2FmZWx5LmdvdoISd3d3LnNlY3VyZS5k
b3QuZ292ghJ3d3cuc2Vhd2F5LmRvdC5nb3aCEHd3dy5yaXRhLmRvdC5nb3aCF3d3
dy5wcm90ZWN0eW91cm1vdmUuZ292ghJ3d3cucG9ydGFsLmRvdC5nb3aCEXd3dy5w
aG1zYS5kb3QuZ292ght3d3cucGVybWl0cy5wZXJmb3JtYW5jZS5nb3aCEXd3dy5v
c2RidS5kb3QuZ292ghR3d3cubWFyaXRpbWUuZG90LmdvdoIRd3d3Lm1hcmFkLmRv
dC5nb3aCD3d3dy5mdGEuZG90LmdvdoIYd3d3LmZtY3NhLnBvcnRhbC5kb3QuZ292
ghF3d3cuZm1jc2EuZG90LmdvdoIUd3d3LmRhdGEuZnJhLmRvdC5nb3aCF3d3dy5j
aXZpbHJpZ2h0cy5kb3QuZ292ghd3d3cuY2hlY2t0aGVib3guZG90LmdvdoILd3d3
LmJ0cy5nb3aCD3d3dy5idHMuZG90LmdvdoINdm9scGUuZG90LmdvdoILdXRjLmRv
dC5nb3aCC3RzaS5kb3QuZ292gg90cmFuc2l0LmRvdC5nb3aCEXRyYW5zZXJ2ZS5k
b3QuZ292ghZzaGFyZXRoZXJvYWRzYWZlbHkuZ292ghFzZm0uZm1jc2EuZG90Lmdv
doIOc2VjdXJlLmRvdC5nb3aCDnNlYXdheS5kb3QuZ292ghNzY29yZS5mbWNzYS5k
b3QuZ292ghVyYWlscm9hZHMuZnJhLmRvdC5nb3aCEXJhaWxyb2Fkcy5kb3QuZ292
ghNwcm90ZWN0eW91cm1vdmUuZ292gg5wb3J0YWwuZG90LmdvdoIQcG50LnJpdGEu
ZG90LmdvdoIWcGlwZWxpbmVzYWZldHkuZG90LmdvdoINcGhtc2EuZG90LmdvdoIN
b3NkYnUuZG90LmdvdoILbnRsLmJ0cy5nb3aCGm50Y3NjaGVkdWxlci5mbWNzYS5k
b3QuZ292gh5uYXRpb25hbHJlZ2lzdHJ5LmZtY3NhLmRvdC5nb3aCEG1hcml0aW1l
LmRvdC5nb3aCDW1hcmFkLmRvdC5nb3aCFWhpZ2h3YXlzLmZod2EuZG90LmdvdoIQ
aGlnaHdheXMuZG90LmdvdoIUaGF6bWF0c2FmZXR5LmRvdC5nb3aCDmhhem1hdC5k
b3QuZ292ggtmdGEuZG90LmdvdoISZnJhLnBvcnRhbC5kb3QuZ292ghRmbWNzYS5w
b3J0YWwuZG90LmdvdoIRZm1jc2EubG1zLmRvdC5nb3aCDWZtY3NhLmRvdC5nb3aC
EmRvdGNtcy5mcmEuZG90LmdvdoIHZG90LmdvdoISY21zOC5waG1zYS5kb3QuZ292
ghJjbXM4Lm1hcmFkLmRvdC5nb3aCEmNtczguZm1jc2EuZG90LmdvdoIRY21zOC5m
aHdhLmRvdC5nb3aCDGNtczguZG90LmdvdoIQY21zOC5idHMuZG90LmdvdoISY21z
Ny5waG1zYS5kb3QuZ292ghJjbXM3Lm1hcmFkLmRvdC5nb3aCEGNtczcuZnRhLmRv
dC5nb3aCEGNtczcuZnJhLmRvdC5nb3aCEmNtczcuZm1jc2EuZG90LmdvdoIRY21z
Ny5maHdhLmRvdC5nb3aCDGNtczcuZG90LmdvdoIQY21zNy5idHMuZG90LmdvdoIR
Y21zLnZvbHBlLmRvdC5nb3aCDWNtcy51c21tYS5lZHWCEmNtcy5zZWN1cmUuZG90
LmdvdoISY21zLnNlYXdheS5kb3QuZ292ghFjbXMucGhtc2EuZG90LmdvdoIbY21z
LnBlcm1pdHMucGVyZm9ybWFuY2UuZ292ghFjbXMubWFyYWQuZG90LmdvdoIUY21z
LmludHJhbmV0LmRvdC5nb3aCD2Ntcy5mdGEuZG90LmdvdoIPY21zLmZyYS5kb3Qu
Z292ghhjbXMuZm1jc2Euc2VjdXJlLmRvdC5nb3aCEWNtcy5mbWNzYS5kb3QuZ292
ghBjbXMuZmh3YS5kb3QuZ292ggtjbXMuZG90LmdvdoIYY21zLmJ1aWxkYW1lcmlj
YS5kb3QuZ292ggtjbXMuYnRzLmdvdoIPY21zLmJ0cy5kb3QuZ292ghRjbXMuYXZp
YXRpb24uZG90LmdvdoITY2l2aWxyaWdodHMuZG90LmdvdoITY2hlY2t0aGVib3gu
ZG90LmdvdoIUYnVpbGRhbWVyaWNhLmRvdC5nb3YwDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBjwYDVR0fBIGHMIGEMECgPqA8
hjpodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYy
MDIwQ0ExLTIuY3JsMECgPqA8hjpodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGln
aUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0ExLTIuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EM
AQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB9
BggrBgEFBQcBAQRxMG8wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0
LmNvbTBHBggrBgEFBQcwAoY7aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Rp
Z2lDZXJ0VExTUlNBU0hBMjU2MjAyMENBMS5jcnQwCQYDVR0TBAIwADCCAX8GCisG
AQQB1nkCBAIEggFvBIIBawFpAHcARqVV63X6kSAwtaKJafTzfREsQXS+/Um4havy
/HD+bUcAAAGBlwaJBAAABAMASDBGAiEAvn+kIAThFMDaodDkRzdHfb+QtMzr5i1Q
KGSpMwzP5woCIQDkmfi1BskiNnxtmJMk0C4szGhCeiNAenubHyB3c8j54QB3AFGj
sPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABgZcGiRwAAAQDAEgwRgIh
AJyzsJNyHTkQaOsnjICAaeXilH54NRKU3goX1p7SBFcLAiEA5e0AtmLfBOXhxzqE
NG5Chf6nxbxlLA7Xfc7HL6HFGdEAdQBByMqx3yJGShDGoToJQodeTjGLGwPr60vH
aPCQYpYG9gAAAYGXBoj+AAAEAwBGMEQCIGcxXDAKLw5RCC7KaVrXOvqc1tjGkrhH
RKInXZczLpxZAiB1HLg45cnWKhv9+KWWOatz+JCBpIJ5Zp+LXjyvjA3Z5jANBgkq
hkiG9w0BAQsFAAOCAQEAtq3DGCfWYuWiFDvIKuEECHKYFl7H/X7TszgNw7TaA/uL
YVBFrdU5AEDMG/HXQKaBRZxUwlsAFfMBHwTyXtgDwKuPusyPIimIcoYKAfAfptAc
iHIGr9RJd0khjgogv1zAvFQqGA/N0/lzb1H8H96ipCftlzCUnNn6erCAzzH9YALd
chblrsIzFehqnIP38j/gHvrmcKB7xNQW2YxlVp/c0Uvz5vixDfcrqg7TX93ceZdH
UrKxPho4GL14U5vtM9TxGWoxri/LgpAxV8EXHAmLABrq8pmsRaiMxnWNKxtks+1M
++9AzNoj04xP7OmoubnRpL/sYsiJwqQZv23tSzNLzg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKaMCVGN5Clnrbqwubs5
kQ7j/3K3GhCDjf+SoAbZFxfiZh0Tkx7otV8YOB03egcxY/igZPryKOuI0IJHhuPD
bscnCmeszg7vUfqbLuwO08B3GSLl0XHr5A6Zl0X1rz0ut15mJCDzsZ/01ztGZIEA
WX2lcNZ5IXVVHaJNmnOEWMfR5IlPKIWRsgEmvRntOld60g7TpQo8NvQlJI9bmyd+
I5TxYggfxMcPOv+63UrZlbBx6wDt/xiuGkevPG0Mc0pGvcLbNIOP+aNlzIXD5dGy
iXBTorz1HjMh8R1HaEs1ZIEePdWAGT4fQ5v9RsVv8O6M9+nCNo9Tst14P9qnulIf
CQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5676187898522887655232118549983003338
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-06-24 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-29 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'District Of Columbia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'United States Department of Transportation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.dot.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21795115849268462218304530584670083680474635649784889230980902438808935927894548980061538244826091819996540128681899122031812735957248094060867189594088192630086273585536573942638671634720147307659493494483423903148311534204107268184088584375920148909051419829918492146713052295608525186148304430807194656501214867249755844120936281130994316182492020600737324805691798254259418689540434484187071193659790749998784766137420664416403359013459209743688852117702407046124818381922106359519355321013661058425287848572606875138963561076134592881844077766858549494498635439477517140794706325856937704806255611915849769819913
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							04524af1238a72ee7e0756dd9199f27e84a5d190
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1940 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www7.transportation.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www7.phmsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www7.highways.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www7.fta.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www7.fmcsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www7.bts.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.volpe.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.usmma.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tsi.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.transportation.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.transit.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sharetheroadsafely.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.secure.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.seaway.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rita.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.protectyourmove.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.portal.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.phmsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.permits.performance.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.osdbu.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.maritime.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.marad.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fta.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fmcsa.portal.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fmcsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.data.fra.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.civilrights.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.checkthebox.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bts.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bts.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'volpe.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'utc.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tsi.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'transit.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'transerve.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sharetheroadsafely.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sfm.fmcsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'seaway.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'score.fmcsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'railroads.fra.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'railroads.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protectyourmove.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pnt.rita.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pipelinesafety.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'phmsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'osdbu.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ntl.bts.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ntcscheduler.fmcsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nationalregistry.fmcsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maritime.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marad.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'highways.fhwa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'highways.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hazmatsafety.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hazmat.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fta.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fra.portal.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fmcsa.portal.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fmcsa.lms.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fmcsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dotcms.fra.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms8.phmsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms8.marad.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms8.fmcsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms8.fhwa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms8.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms8.bts.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms7.phmsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms7.marad.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms7.fta.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms7.fra.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms7.fmcsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms7.fhwa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms7.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms7.bts.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.volpe.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.usmma.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.secure.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.seaway.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.phmsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.permits.performance.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.marad.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.intranet.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.fta.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.fra.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.fmcsa.secure.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.fmcsa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.fhwa.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.buildamerica.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.bts.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.bts.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.aviation.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'civilrights.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'checkthebox.dot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'buildamerica.dot.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-2.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (113 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							016900770046a555eb75fa912030b5a28969f4f37d112c4174befd49b885abf2fc70fe6d4700000181970689040000040300483046022100be7fa42004e114c0daa1d0e44737477dbf90b4ccebe62d502864a9330ccfe70a022100e499f8b506c922367c6d989324d02e2ccc68427a23407a7b9b1f207773c8f9e100770051a3b0f5fd01799c566db837788f0ca47acc1b27cbf79e88429a0dfed48b05e5000001819706891c00000403004830460221009cb3b093721d391068eb278c808069e5e2947e78351294de0a17d69ed204570b022100e5ed00b662df04e5e1c73a84346e4285fea7c5bc652c0ed77dcec72fa1c519d100750041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f600000181970688fe0000040300463044022067315c300a2f0e51082eca695ad73afa9cd6d8c692b84744a2275d97332e9c590220751cb838e5c9d62a1bfdf8a59639ab73f89081a48279669f8b5e3caf8c0dd9e6
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b6adc31827d662e5a2143bc82ae104087298165ec7fd7ed3b3380dc3b4da03fb8b615045add5390040cc1bf1d740a681459c54c25b0015f3011f04f25ed803c0ab8fbacc8f22298872860a01f01fa6d01c887206afd4497749218e0a20bf5cc0bc542a180fcdd3f9736f51fc1fdea2a427ed9730949cd9fa7ab080cf31fd6002dd7216e5aec23315e86a9c83f7f23fe01efae670a07bc4d416d98c65569fdcd14bf3e6f8b10df72baa0ed35fdddc79974752b2b13e1a3818bd78539bed33d4f1196a31ae2fcb82903157c1171c098b001aeaf299ac45a88cc6758d2b1b64b3ed4cfbef40ccda23d38c4fece9a8b9b9d1a4bfec62c889c2a419bf6ded4b334bce