ticketsqa.universalorlando.com

- Universal City Studios -

Issued by GeoTrust SSL CA - G3

About this certificate

This digital certificate with serial number 27:fd:38:2b:70:56:c8:4b:8c:d4:92:a3:99:53:37:87 was issued on by GeoTrust Inc..

With 22 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Universal City Studios

Organization: Universal City Studios
Organization unit: Universal City Studios
State / Province: California
Locality: Universal City
Country: US

GeoTrust Inc.

Organization: GeoTrust Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 27:fd:38:2b:70:56:c8:4b:8c:d4:92:a3:99:53:37:87
Serial Number (int): 53154682197337057627604730845869586311
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: d2:6f:f7:96:f4:85:3f:72:3c:30:7d:23:da:85:78:9b:a3:7c:5a:7c

Fingerprint (sha1): ef:11:b5:2b:e5:ce:9c:6b:36:b9:62:e5:fe:a2:16:48:f9:40:09:52
Fingerprint (sha256): 04:1c:ae:45:29:d9:9d:40:62:ad:0e:90:22:c6:3d:d1:54:f0:76:93:f6:aa:f0:41:e7:11:fc:00:73:7a:2c:78

Issuing Certificate URL: http://gn.symcb.com/gn.crt

Revocation information

OCSP Server: http://gn.symcd.com
CRL Distribution Point: http://gn.symcb.com/gn.crl

Check the revocation status for certificate ticketsqa.universalorlando.com

22

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ticketsqa.universalorlando.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

131.universalorlando.com
services.universalorlando.com
qa.universaltravelagents.com
ticketsbeta.universalorlando.com
tickets-servicesqa.universalorlando.com
app.ticketsqa.universalorlando.com
ticketsuat.universalorlando.com
393.universalorlando.com
494.universalorlando.com
yg393.universalorlando.com
prod.universaltravelagents.com
events393.universalorlando.com
shopqa.universalorlando.com
262.universalorlando.com
ygprod.universalorlando.com
events494.universalorlando.com
giftcardsqa.universalorlando.com
giftcards.universalorlando.com
beta.universalorlando.com
me393.universalorlando.com
me494.universalorlando.com
ticketsqa.universalorlando.com

Other certificates including the domain name universalorlando.com

(limited to 100 certificates)
www.universalorlando.com
secure.universalstudios.com
origin-siteqa.universalorlando.com
secure.universalstudios.com
origin-purchaseqa.universalorlando.com
kronos.universalorlando.com
hhnsweeps.universalorlando.com
ticketstore-uat.universalorlando.com
projects.universalorlando.com
secure.universalstudios.com
ticketsqa.universalorlando.com
www.universalorlando.com
ticketsqa.universalorlando.com
secure.universalstudios.com
www.universalorlando.com
storage.universalorlando.com
ticketsqa.universalorlando.com
servicesstg2-origin.universalorlando.com
origin-portuguese.universalorlando.com
specifications.universalorlando.com
www.universalorlando.com
www.universalorlando.com
ticketsqa.universalorlando.com
www.thismoment.com
ticketsqa.universalorlando.com
specifications.universalorlando.com
blog.universalorlando.com
ukstore.universalorlando.com
tickets.universalstudioshollywood.com
www.universalorlando.com
servicesstg2-origin.universalorlando.com
servicesstg.universalorlando.com
secure.universalstudios.com
yguat.universalorlando.com
ticketsqa.universalorlando.com
servicesstg.universalorlando.com
ticketsqa.universalorlando.com
www.universalorlando.com
secure.universalstudios.com
hg.universalorlando.com
www.universalorlando.com
secure.universalstudios.com
www.universalorlando.com
www.universalorlando.com
yguat.universalorlando.com
www.universalorlando.com
origin-espanol.universalorlando.com
blog.universalorlando.com
ticketsqa.universalorlando.com
ticketsqa.universalorlando.com
beta.universalorlando.com
ticketsqa.universalorlando.com
ticketsqa.universalorlando.com
www.universalorlando.com
webmail.use.ucdp.net
ticketsqa.universalorlando.com
blog.universalorlando.com
www.universalorlando.com
specifications.universalorlando.com
origin393.UniversalOrlando.com
eviteuat.universalorlando.com
origin-tickets-services.universalorlando.com
origin-ticketsqa.universalorlando.com
www.universalorlando.com
blog.universalorlando.com
secure.universalstudios.com
ticketsqa.universalorlando.com
secure.universalstudios.com
teams.universalorlando.com
ticketsqa.universalorlando.com
tickets-servicesqa.universalorlando.com
blog.universalorlando.com
mediauat.universalorlando.com
osimg.universalorlando.com
www.thismoment.com
secure.universalstudios.com
www.universalorlando.com
www.universalorlando.com
www.thismoment.com
ticketsqa.universalorlando.com
testing.universalorlando.com
etdsprod.universalorlando.com
webmail.use.ucdp.net
tickets.universalstudioshollywood.com
etds.universalstudios.com
www.thismoment.com
ticketsqa.universalorlando.com
etdsuat.universalstudios.com
www.universalorlando.com
beta.universalorlando.com
media.universalorlando.com
testing.universalorlando.com
www.thismoment.com
hg.universalorlando.com
www.universalorlando.com
origin-site.universalorlando.com
www.universalorlando.com
secure.universalstudios.com
www.universalorlando.com
media.universalorlando.com

Certificate

The complete raw certificate details for ticketsqa.universalorlando.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHwjCCBqqgAwIBAgIQJ/04K3BWyEuM1JKjmVM3hzANBgkqhkiG9w0BAQsFADBE
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU
R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTYwNTA5MDAwMDAwWhcNMTcwODA4MjM1
OTU5WjCBpjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFzAVBgNV
BAcMDlVuaXZlcnNhbCBDaXR5MR8wHQYDVQQKDBZVbml2ZXJzYWwgQ2l0eSBTdHVk
aW9zMR8wHQYDVQQLDBZVbml2ZXJzYWwgQ2l0eSBTdHVkaW9zMScwJQYDVQQDDB50
aWNrZXRzcWEudW5pdmVyc2Fsb3JsYW5kby5jb20wggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuV14FIRy3Tevv5wJ6SiQVmrxsyqtbsXY5TaHatRccv2hh
joDSn5FzjtheyDn5HTVaD76N1CW4SA4zaTHyYYQ9NQO7iNB0w9WLLbSTTEMg/8Iy
Y3GM1dAmvHg/G/yLIcp39iZ23pGeXzB3KTRrqxYlRcdmpn2vqTmhsI/ubjP4dMBt
yR46FBH911kRfr0vjjK2zbu5xA2lETPhZDK2zf7sHBp5MVaiiiFcqRXGMVcTzLuK
LAVPluf1mVhhEUwAcVAxQo8d8HtoKWTwLXT4F4hivQOPYQVxKJZzXr/6dVjG1B3z
SsMH0GezuAQvUebbsphyRkJk+0AhPtvWwXb5OUo9AgMBAAGjggRLMIIERzCCAq0G
A1UdEQSCAqQwggKgghgxMzEudW5pdmVyc2Fsb3JsYW5kby5jb22CHXNlcnZpY2Vz
LnVuaXZlcnNhbG9ybGFuZG8uY29tghxxYS51bml2ZXJzYWx0cmF2ZWxhZ2VudHMu
Y29tgiB0aWNrZXRzYmV0YS51bml2ZXJzYWxvcmxhbmRvLmNvbYIndGlja2V0cy1z
ZXJ2aWNlc3FhLnVuaXZlcnNhbG9ybGFuZG8uY29tgiJhcHAudGlja2V0c3FhLnVu
aXZlcnNhbG9ybGFuZG8uY29tgh90aWNrZXRzdWF0LnVuaXZlcnNhbG9ybGFuZG8u
Y29tghgzOTMudW5pdmVyc2Fsb3JsYW5kby5jb22CGDQ5NC51bml2ZXJzYWxvcmxh
bmRvLmNvbYIaeWczOTMudW5pdmVyc2Fsb3JsYW5kby5jb22CHnByb2QudW5pdmVy
c2FsdHJhdmVsYWdlbnRzLmNvbYIeZXZlbnRzMzkzLnVuaXZlcnNhbG9ybGFuZG8u
Y29tghtzaG9wcWEudW5pdmVyc2Fsb3JsYW5kby5jb22CGDI2Mi51bml2ZXJzYWxv
cmxhbmRvLmNvbYIbeWdwcm9kLnVuaXZlcnNhbG9ybGFuZG8uY29tgh5ldmVudHM0
OTQudW5pdmVyc2Fsb3JsYW5kby5jb22CIGdpZnRjYXJkc3FhLnVuaXZlcnNhbG9y
bGFuZG8uY29tgh5naWZ0Y2FyZHMudW5pdmVyc2Fsb3JsYW5kby5jb22CGWJldGEu
dW5pdmVyc2Fsb3JsYW5kby5jb22CGm1lMzkzLnVuaXZlcnNhbG9ybGFuZG8uY29t
ghptZTQ5NC51bml2ZXJzYWxvcmxhbmRvLmNvbYIedGlja2V0c3FhLnVuaXZlcnNh
bG9ybGFuZG8uY29tMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMCsGA1UdHwQk
MCIwIKAeoByGGmh0dHA6Ly9nbi5zeW1jYi5jb20vZ24uY3JsMIGdBgNVHSAEgZUw
gZIwgY8GBmeBDAECAjCBhDA/BggrBgEFBQcCARYzaHR0cHM6Ly93d3cuZ2VvdHJ1
c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5L2xlZ2FsMEEGCCsGAQUFBwICMDUM
M2h0dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNvdXJjZXMvcmVwb3NpdG9yeS9s
ZWdhbDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAU
0m/3lvSFP3I8MH0j2oV4m6N8WnwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzAB
hhNodHRwOi8vZ24uc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vZ24uc3lt
Y2IuY29tL2duLmNydDATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsF
AAOCAQEAQSpE9hVDDldhEZXSQid+POi+jQf3QoXbZIRpofDa9wL7F9DLuznaeLUn
+rpHSWvtyrbyAdHEkgX6kUkj+cxAFi0B1QzUmJ12qJatquYzDYPsVg+GFqqhQdPw
icCM1GdY20cigo7GDP8lpTu7EeWCn2zjaB9mJohoIHy8mCA/U0AY01Km2Qg70xdW
ypvNC5w8BbXcPLqc9wclmww+59e0rih5e4jCloyFIazOA206cTFMiWgZtbqJzj0d
g8bsEna9uIunm0vP6xQ2k+lIz6xZC50th7RABnpI7O0CFq2tOdfrQMXyEM/q7XLx
cSwvMZQ2e3k9Gn3hWyU4gbDHEGN1Rw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArldeBSEct03r7+cCekok
FZq8bMqrW7F2OU2h2rUXHL9oYY6A0p+Rc47YXsg5+R01Wg++jdQluEgOM2kx8mGE
PTUDu4jQdMPViy20k0xDIP/CMmNxjNXQJrx4Pxv8iyHKd/Ymdt6Rnl8wdyk0a6sW
JUXHZqZ9r6k5obCP7m4z+HTAbckeOhQR/ddZEX69L44yts27ucQNpREz4WQyts3+
7BwaeTFWooohXKkVxjFXE8y7iiwFT5bn9ZlYYRFMAHFQMUKPHfB7aClk8C10+BeI
Yr0Dj2EFcSiWc16/+nVYxtQd80rDB9Bns7gEL1Hm27KYckZCZPtAIT7b1sF2+TlK
PQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 53154682197337057627604730845869586311
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA - G3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-05-09 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-08-08 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Universal City'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Universal City Studios'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Universal City Studios'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ticketsqa.universalorlando.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22008547468547399625259618508773373576152003208617894586300817440902976039706614102915642557124910442905527543344388264677870190291940866261495714242403862382742951721434281254642648276569025471751898314660424269073010814501637233171501522973499385926270105235153032904162770700714124228114488771320316696054142016019821876746792659267886831239933281056653211524533665113160899242108783042183199463231936438225332911035503105301621100170448506766870363543544255516893841367068187996581816478439600403714137724860387712448955692010645697203955661693179423103616795721860741226905282390564839356714013375007095086729789
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (676 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '131.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa.universaltravelagents.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ticketsbeta.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets-servicesqa.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app.ticketsqa.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ticketsuat.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '393.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '494.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yg393.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.universaltravelagents.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'events393.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shopqa.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '262.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ygprod.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'events494.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giftcardsqa.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giftcards.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beta.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'me393.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'me494.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ticketsqa.universalorlando.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (149 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d26ff796f4853f723c307d23da85789ba37c5a7c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00412a44f615430e57611195d242277e3ce8be8d07f74285db648469a1f0daf702fb17d0cbbb39da78b527faba47496bedcab6f201d1c49205fa914923f9cc40162d01d50cd4989d76a896adaae6330d83ec560f8616aaa141d3f089c08cd46758db4722828ec60cff25a53bbb11e5829f6ce3681f66268868207cbc98203f534018d352a6d9083bd31756ca9bcd0b9c3c05b5dc3cba9cf707259b0c3ee7d7b4ae28797b88c2968c8521acce036d3a71314c896819b5ba89ce3d1d83c6ec1276bdb88ba79b4bcfeb143693e948cfac590b9d2d87b440067a48eced0216adad39d7eb40c5f210cfeaed72f1712c2f3194367b793d1a7de15b253881b0c710637547