globalassethub.sonypictures.com

- Sony Pictures Entertainment, Inc. -

Issued by GeoTrust RSA CA 2018

About this certificate

This digital certificate with serial number 04:11:61:ae:29:4b:5c:63:5a:86:53:be:bd:b5:64:08 was issued on by DigiCert Inc.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Sony Pictures Entertainment, Inc.

Organization: Sony Pictures Entertainment, Inc.
State / Province: California
Locality: Culver City
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:11:61:ae:29:4b:5c:63:5a:86:53:be:bd:b5:64:08
Serial Number (int): 5407162221946578384939436338148893704
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: bf:1d:79:c8:84:78:6e:29:e5:22:0f:42:ac:71:51:a0:34:fc:cc:82
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5

Fingerprint (sha1): cb:f4:85:b9:09:49:5c:6e:20:80:83:ac:2a:c3:f2:6e:80:e0:66:7b
Fingerprint (sha256): 03:bb:f5:0a:94:55:7d:8b:da:ab:b1:eb:c4:6c:e1:f9:3b:05:90:19:c5:e4:a1:fe:f1:d8:17:f2:d6:64:5b:6a

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl

Check the revocation status for certificate globalassethub.sonypictures.com

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for globalassethub.sonypictures.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

globalassethub.sonypictures.com
www.sonypicturespublicity.co.nz
www.sonypicturespresse.fr
www.sonypicturespublicity.com

Other certificates including the domain name sonypictures.com

(limited to 100 certificates)
conectados.sonypictures.com
*.sonypictures.com
redeem.sonypictures.com
origin-flash.sonypictures.com
edge-micros1.sonypictures.com
secure.sonypictures.com
origin-flash.sonypictures.com
edge-micros2.sonypictures.com
brand.sonypictures.com
flash.sonypictures.com
microsites.sonypictures.com
extaz-qa.spe.sony.com
edge-micros2.sonypictures.com
edge-micros2.sonypictures.com
sites.sonypictures.com
sites.sonypictures.com
secure.sonypictures.com
globalassethub.sonypictures.com
www.stage6films.com
api.stg-stage-productionservices.sonypictures.com
pub.email.sonypictures.com
connect.sonypictures.com
sites.sonypictures.com
edge-micros1.sonypictures.com
edge-micros1.sonypictures.com
edge-micros1.sonypictures.com
globalassethub.sonypictures.com
stage-microsites.sonypictures.com
portals.sonypictures.com
microsites.sonypictures.com
image.20210419.200345.s6.et.yellsatcloud.com
globalassethub.sonypictures.com
portals.sonypictures.com
portals.sonypictures.com
conectados.sonypictures.com
edge-micros1.sonypictures.com
flash.sonypictures.com
sites.sonypictures.com
edge-portals.sonypictures.com
edge-micros1.sonypictures.com
globalassethub.sonypictures.com
edge-micros2.sonypictures.com
flash.sonypictures.com
pub.email.sonypictures.com
griffin.sonypictures.com
view.email.sonypictures.com
edge-micros1.sonypictures.com
edge-micros1.sonypictures.com
flash.sonypictures.com
microsites.sonypictures.com
sites.sonypictures.com
audiolibrary.sonypictures.com
edge-portals.sonypictures.com
stage-microsites.sonypictures.com
stage-microsites.sonypictures.com
akamai-san77.exacttarget.com
stage-microsites.sonypictures.com
www.sonypictures.co.uk
edge-portals.sonypictures.com
stage-microsites.sonypictures.com
stage-microsites.sonypictures.com
viewer.sonypictures.com
secure.sonypictures.com
edge-portals.sonypictures.com
sites2.sonypictures.com
edge-micros2.sonypictures.com
test.rewards.sonypictures.com
www.stage6films.com
test.rewards.sonypictures.com
microsites.sonypictures.com
stage-microsites.sonypictures.com
edge-micros1.sonypictures.com
gam.sonypictures.com
microsites.sonypictures.com
flash.sonypictures.com
view.email.games.sonypictures.com
rewards.sonypictures.com
test.redeem.sonypictures.com
edge-micros1.sonypictures.com
brand.sonypictures.com
gam.sonypictures.com
stage-microsites.sonypictures.com
perc.sonypictures.com
sony-prod.actioniq.mr-in.com
click.email.sonypictures.com
stage-edge-portals.sonypictures.com
stage-microsites.sonypictures.com
tweets.sonypictures.com
flash.sonypictures.com
rewards.sonypictures.com
pages.email.games.sonypictures.com
view.email.sonypictures.com
rewards.sonypictures.com
redeem.sonypictures.com
microsites.sonypictures.com
redeem.sonypictures.com
stage-microsites.sonypictures.com
microsites.sonypictures.com
microsites.sonypictures.com
origin-flash.sonypictures.com

Certificate

The complete raw certificate details for globalassethub.sonypictures.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG+DCCBeCgAwIBAgIQBBFhrilLXGNahlO+vbVkCDANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe
Fw0yMzA1MjIwMDAwMDBaFw0yNDAyMTcyMzU5NTlaMIGOMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTEUMBIGA1UEBxMLQ3VsdmVyIENpdHkxKjAoBgNV
BAoTIVNvbnkgUGljdHVyZXMgRW50ZXJ0YWlubWVudCwgSW5jLjEoMCYGA1UEAxMf
Z2xvYmFsYXNzZXRodWIuc29ueXBpY3R1cmVzLmNvbTCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBANI62bYdF14Dk3hRFmXhAb88BP5WW+Y43vp2ChnBUZep
gNgHogfGns3xD7StCkLNyLOy2t0lqS/yG1gVAmxWfjDQxzWosjP+KEFumRRr8DOJ
IoJ7saA+vxjxaQXc/T4zjFEmyg6hgn4EQ5+sjRCoSIEijpX33qUgPNnH/1yYL66t
lvz+0sjGbw5M0HPROpuGhnSKNF5+eZj2o85NUkZhIJGLFyJbYfP7351uqSBGCMVj
A7UgXt9pWuGHeUpuNfH2jr9KuZot0TOBxjsNhU1QXZrftTYvtp9VeOmuQXHtw77k
o0I3lcI8Fli0Kg0VQnCg2++hkoP/pjew+5OznzycrMkCAwEAAaOCA38wggN7MB8G
A1UdIwQYMBaAFJBY/7CcdahRVHex7fKjQxY4nmzFMB0GA1UdDgQWBBS/HXnIhHhu
KeUiD0KscVGgNPzMgjCBhQYDVR0RBH4wfIIfZ2xvYmFsYXNzZXRodWIuc29ueXBp
Y3R1cmVzLmNvbYIfd3d3LnNvbnlwaWN0dXJlc3B1YmxpY2l0eS5jby5ueoIZd3d3
LnNvbnlwaWN0dXJlc3ByZXNzZS5mcoIdd3d3LnNvbnlwaWN0dXJlc3B1YmxpY2l0
eS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
BQcDAjA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY2RwLmdlb3RydXN0LmNvbS9H
ZW9UcnVzdFJTQUNBMjAxOC5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggr
BgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMHUGCCsGAQUFBwEB
BGkwZzAmBggrBgEFBQcwAYYaaHR0cDovL3N0YXR1cy5nZW90cnVzdC5jb20wPQYI
KwYBBQUHMAKGMWh0dHA6Ly9jYWNlcnRzLmdlb3RydXN0LmNvbS9HZW9UcnVzdFJT
QUNBMjAxOC5jcnQwCQYDVR0TBAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFo
AHUA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGIRX4RdwAABAMA
RjBEAiAVGrM5YO28p3npFhLNBLX+BP6mTvUT4kMZ89rO12vdXAIgbyk4dJitF3OS
X2j3n3rv/Rksv1NFcCKi7Iv1X/4qMyYAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bd
LIHZu7+rOdiEcwAAAYhFfhGIAAAEAwBHMEUCIQCWw7k4CDv0R+6yQ5oVT5xFZlnk
+7edewrU5tDTc/rXGAIgG+0GSp08sE5IxyOlrt79IaSYNDKvPRvdmMglp3noD4IA
dwDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYhFfhFXAAAEAwBI
MEYCIQCbmC7TAljnZ247avHfWA5Lx5I/QHVEA5JxwdL8ZW+NdAIhANoTjcOEQaMM
XO2qhc2yQ5ObiGmedsokhAp7YDmXg36vMA0GCSqGSIb3DQEBCwUAA4IBAQBKLWmJ
V94ST1UMh7a6gqXu+AJSn4OpFSwY8bh6zXbJhunxixh6XCa9ymQ1eU/uIq7ig8x+
n31d6kS/bT1/Q2US/OGs86/uPkEEf5/+9zFRU+bGU1QzVStZ0L107uy3CwKvSvjx
RZ6Qc/iY6IkrJcZ3dfHuf6bQhCWjDPbEHsyPR4ore3qqmQqCXpQ6U2g3+FihIie5
DedBuuppaub7x8mdM7QtY+GSVrPy3rQqK0T2p6f0GYKIu8yCSws5pnnv70RW52lm
17uWzuq8abXhitMUC5J04IXWOqkKIokG233jSHEel7TpWmzddoeaKRUZ+ESrwvnb
d39MAgU8vmST607t
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jrZth0XXgOTeFEWZeEB
vzwE/lZb5jje+nYKGcFRl6mA2AeiB8aezfEPtK0KQs3Is7La3SWpL/IbWBUCbFZ+
MNDHNaiyM/4oQW6ZFGvwM4kignuxoD6/GPFpBdz9PjOMUSbKDqGCfgRDn6yNEKhI
gSKOlffepSA82cf/XJgvrq2W/P7SyMZvDkzQc9E6m4aGdIo0Xn55mPajzk1SRmEg
kYsXIlth8/vfnW6pIEYIxWMDtSBe32la4Yd5Sm418faOv0q5mi3RM4HGOw2FTVBd
mt+1Ni+2n1V46a5Bce3DvuSjQjeVwjwWWLQqDRVCcKDb76GSg/+mN7D7k7OfPJys
yQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5407162221946578384939436338148893704
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-22 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-17 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Culver City'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sony Pictures Entertainment, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'globalassethub.sonypictures.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26539064274010852859655902244667865846388619248989210519970969863120728120606042154276036289226458633174019365433480134430179254382659021805288074302310809374661484172658323579726472329662055107075332363539984219604465014740528444966359562864614148195075301326176403119328949121289245250158093383899093394529522917585865357292657638451177942913422231849064162760503881885232606186630848985360908433562818091537596179560789929063657171117673451936789301726819516168178006706846484723624835728550051805723114116252808797255376286164658940365577797432843692457689565275845153284400049746295105120467402569290883748637897
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							bf1d79c884786e29e5220f42ac7151a034fccc82
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'globalassethub.sonypictures.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sonypicturespublicity.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sonypicturespresse.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sonypicturespublicity.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000188457e117700000403004630440220151ab33960edbca779e91612cd04b5fe04fea64ef513e24319f3daced76bdd5c02206f29387498ad1773925f68f79f7aeffd192cbf53457022a2ec8bf55ffe2a332600760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000188457e1188000004030047304502210096c3b938083bf447eeb2439a154f9c456659e4fbb79d7b0ad4e6d0d373fad71802201bed064a9d3cb04e48c723a5aedefd21a4983432af3d1bdd98c825a779e80f82007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000188457e115700000403004830460221009b982ed30258e7676e3b6af1df580e4bc7923f407544039271c1d2fc656f8d74022100da138dc38441a30c5cedaa85cdb243939b88699e76ca24840a7b603997837eaf
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004a2d698957de124f550c87b6ba82a5eef802529f83a9152c18f1b87acd76c986e9f18b187a5c26bdca6435794fee22aee283cc7e9f7d5dea44bf6d3d7f436512fce1acf3afee3e41047f9ffef7315153e6c6535433552b59d0bd74eeecb70b02af4af8f1459e9073f898e8892b25c67775f1ee7fa6d08425a30cf6c41ecc8f478a2b7b7aaa990a825e943a536837f858a12227b90de741baea696ae6fbc7c99d33b42d63e19256b3f2deb42a2b44f6a7a7f4198288bbcc824b0b39a679efef4456e76966d7bb96ceeabc69b5e18ad3140b9274e085d63aa90a228906db7de348711e97b4e95a6cdd76879a291519f844abc2f9db777f4c02053cbe6493eb4eed