www.leitchfield.ky.gov

Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1

About this certificate

This digital certificate with serial number 05:6e:10:94:fa:91:f1:f5:25:e2:c0:60:a6:5d:88:73 was issued on by DigiCert, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.leitchfield.ky.gov

DigiCert, Inc.

Organization: DigiCert, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 05:6e:10:94:fa:91:f1:f5:25:e2:c0:60:a6:5d:88:73
Serial Number (int): 7217628955232810253191150798485948531
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 6d:05:48:a2:3e:a4:51:71:84:39:29:22:3f:f7:e0:1d:8b:0e:a2:b8
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23

Fingerprint (sha1): 6c:d6:ac:6a:cf:3d:40:27:80:64:d4:af:f7:a3:22:4e:87:e6:d7:34
Fingerprint (sha256): 04:f1:e9:20:ea:52:fc:74:23:04:de:13:dc:fe:05:28:e9:24:3b:e7:de:36:7b:ea:8b:ff:7a:a7:d3:a8:3b:bf

Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl

Check the revocation status for certificate www.leitchfield.ky.gov

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.leitchfield.ky.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.leitchfield.ky.gov

Other certificates including the domain name ky.gov

(limited to 100 certificates)
uat2.citizenconnect.ky.gov
justware.dpa.ky.gov
lessonbank.kyae.ky.gov
test.Kppps.kpeds.ky.gov
safeschools.ky.gov
mycgt.ky.gov
focusassisttest.ky.gov
FMWebWorks.ky.gov
staging.988.ky.gov
notify.education.ky.gov
oaa-adc.education.ky.gov
teds.ky.gov
cot1vp-apsx001.eas.ds.ky.gov
entrustapitest4.ky.gov
kspportal.ky.gov
trn3.kyplans.ky.gov
dfiweb.ky.gov
Kyeasxlyncpool01.eas.ds.ky.gov
refund.ky.gov
stu1.kyplans.ky.gov
brandenburg.ky.gov
cloud.chfsmail.ky.gov
cemcsapp.ky.gov
search.jeffersondeeds.com
vdi.ky.gov
impact.ky.gov
tls.automattic.com
trn2.kyplans.ky.gov
dev.pmis.ky.gov
test.precon.business.kytc.ky.gov
letrs.ky.gov
dev.kog.externalsync.ky.gov
lessonbank.kyae.ky.gov
muat.trs.ky.gov
portal.chfs.ky.gov
KYCHFSPCH01.KY.GOV
hbc.ky.gov
test.epayments.dor.ky.gov
cgt.ky.gov
kentuckyasm.kytc.ky.gov
www.ekos.ky.gov
safesleepky.com
ThinkKentucky.ky.gov
sso.mykentuckycareercenter.ky.gov
search.jeffersondeeds.com
uat4.kyagent.ky.gov
COT1VP-WS002.eas.ds.ky.gov
jeffersonpva.ky.gov
kyprdesxsctax1.eas.ds.ky.gov
test.justware.dpa.ky.gov
sso.uat.kog.ky.gov
uat2.kyagent.ky.gov
Abcdev.ky.gov
elsweb.kyboels.ky.gov
vdi.ky.gov
api.uat.dwc.ky.gov
intranet.education.ky.gov
mysite.ky.gov
hands.chfs.ky.gov
stlp.education.ky.gov
*.ky.gov
partnership.jcurve.xyz
trn4.kywaiver.chfsinet.ky.gov
*.kyret.ky.gov
kares.ky.gov
sp13cspnp.chfs.ky.gov
staging.nedssphinms.chfs.ky.gov
test.kaers.ky.gov
trn1.kyagent.ky.gov
onestop.portal.ky.gov
kohs.ky.gov
uat4.kyshop.ky.gov
perf.issuerportal.kynect.ky.gov
stu2.kyagent.ky.gov
cdcb2.ky.gov
trn4.kyplans.ky.gov
5702143428263936-fe2.pantheonsite.io
opsupport.education.ky.gov
training.ehands.chfs.ky.gov
sut-sst.ky.gov
impact.ky.gov
uat.webapps.chfs.ky.gov
media.education.ky.gov
epg.ky.gov
prdweb.chfs.ky.gov
uat.naicwebsrvgw.chfs.ky.gov
opengisdata.ky.gov
uat2.kyplans.ky.gov
PROD.KOG.SalesforceSSP.ky.gov
kchild.chfs.ky.gov
uat2.benefind.ky.gov
uat1.kyshop.ky.gov
uat3.kyshopping.ky.gov
epg.ky.gov
trn4.kyshop.ky.gov
perf.klocs.ky.gov
web1.ky.gov
kyfaces.ky.gov
kylmi.ky.gov
stu4.kywaiver.ky.gov

Certificate

The complete raw certificate details for www.leitchfield.ky.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHmDCCBYCgAwIBAgIQBW4QlPqR8fUl4sBgpl2IczANBgkqhkiG9w0BAQsFADBc
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT
K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN
MjMwMTI3MDAwMDAwWhcNMjMwNzI3MjM1OTU5WjAhMR8wHQYDVQQDExZ3d3cubGVp
dGNoZmllbGQua3kuZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
6XH0WgDn9S4VzuO4/edM1bMTiCqyT6dn3CFAWGqOxv+Hxd8j4PMNTl2SUQxkwQod
SDIfH0Z6I7KAO0U1s/x3s3FthPJiuntL0FDZeUmnn/WiOW5psdvF32UvYvlm5q4c
DGRD4WVPdLTQFn5YWdiLvWQXggJmmUCO2xcpx5QRm+j+kd7RoS3ouUc4xcLXALmT
L5bW7D40pJHbnT3G8cBuCTnEPbB44pgg11uwDfWrL1FUVFwKgJudoL1jzd7od7w/
fEzsKztimhYwAFoEDhXTf81sEskz9HFhnpbIbjAphIzbSn5t1lLQylz+AjP4QBS9
xweLy3UFsFZdmJzTyXYTsQIDAQABo4IDjzCCA4swHwYDVR0jBBgwFoAUpbTW6zbE
52um38RkCwEqIAS4ZiMwHQYDVR0OBBYEFG0FSKI+pFFxhDkpIj/34B2LDqK4MCEG
A1UdEQQaMBiCFnd3dy5sZWl0Y2hmaWVsZC5reS5nb3YwDgYDVR0PAQH/BAQDAgWg
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBnwYDVR0fBIGXMIGUMEig
RqBEhkJodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vR2VvVHJ1c3RHbG9iYWxUTFNS
U0E0MDk2U0hBMjU2MjAyMkNBMS5jcmwwSKBGoESGQmh0dHA6Ly9jcmw0LmRpZ2lj
ZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNy
bDA+BgNVHSAENzA1MDMGBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3
LmRpZ2ljZXJ0LmNvbS9DUFMwgYcGCCsGAQUFBwEBBHsweTAkBggrBgEFBQcwAYYY
aHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFEGCCsGAQUFBzAChkVodHRwOi8vY2Fj
ZXJ0cy5kaWdpY2VydC5jb20vR2VvVHJ1c3RHbG9iYWxUTFNSU0E0MDk2U0hBMjU2
MjAyMkNBMS5jcnQwCQYDVR0TBAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFo
AHUA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4AAAGF9QJLvQAABAMA
RjBEAiBM9fjj3M9EgS6RXx4Az4fiMwA40tDNyR1m4aqxl/uo7AIgRh41Sj5dpYZ/
6RkeSUdGDADeKWQnxYjJMLbju2iRql0AdwCzc3cH4YRQ+GOG1gWp3BEJSnktsWcM
C4fc8AMOeTalmgAAAYX1AkwgAAAEAwBIMEYCIQClEdGQCPx6Rqowkw51PC/Nnmv5
hJfuHozTdIy80RFKvgIhAO1Ol169hZKffJvxvCbPB7Dzq+mU0UREntBe4sGB12Sg
AHYAtz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGF9QJL0gAABAMA
RzBFAiApTADyzDqifXGtt8U9LgICSj8TflxTRdLwg6v+V2hwbgIhAJiT7vJwFcYf
h7OpKEHhcuUdg2YGjGHMbprXBjSN5pIOMA0GCSqGSIb3DQEBCwUAA4ICAQDGucqC
htPpWuIh7rWzm41wCHYdPkCsYkK0MwrmvdwT0d+pI5dmC/QErgTg20i6KVnRh5Ua
bgikarWML7gbUYcS0kBbk59m/uKiyiDLXymoQ+VE0OiLcvUMYuveAQFZYNHydIKN
Aq+a212q0VsaDI997JMbPdMz2aAGdm+qI5jTHHUIUkgESDMNQLmNARMjX8AjuG5B
9IL4Y+MtUSno28br7jVwFIViQCW3tE4QU+W6V8b3+xbxUWbZEsA4ZsyzWNnlw7sc
gdfJqeRhzqBW+siugjd2vAizyk926+AbrbQmdRcT8OV9YnmKPDjIwlN1oumzuQhU
BVgwjHxMLF1lxAdDVJmpeXdKNGG34x3I6xzgk1h4JsvuOcPesQY/9kMLKx/9GPDG
GqAbcstuw+ILxD6QnzOOeNZei2e22U/8H394U0ZboNaAog72Li7JbcJHKwlwwW2/
nX9cjr2qBN7qqf5w8vzLX3qS9fZ9vRI6LCH+WFJhg7LJify2rSagvX+sa+9/mZ0R
fNWJNcz64rQLI4AaXclBADGf/hY5P7jgKaU3z7SbWn2QJaWOA6XbDflKxu2awmLn
Iu6BM81rHQri03OAt3VvgLULTiR9B8YPnf2IS27F+YfDVldze5QCooWoKF+6Y5LV
BYR30cMo53aDcoUq625tE9rclKTLiFmFyMmSJg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6XH0WgDn9S4VzuO4/edM
1bMTiCqyT6dn3CFAWGqOxv+Hxd8j4PMNTl2SUQxkwQodSDIfH0Z6I7KAO0U1s/x3
s3FthPJiuntL0FDZeUmnn/WiOW5psdvF32UvYvlm5q4cDGRD4WVPdLTQFn5YWdiL
vWQXggJmmUCO2xcpx5QRm+j+kd7RoS3ouUc4xcLXALmTL5bW7D40pJHbnT3G8cBu
CTnEPbB44pgg11uwDfWrL1FUVFwKgJudoL1jzd7od7w/fEzsKztimhYwAFoEDhXT
f81sEskz9HFhnpbIbjAphIzbSn5t1lLQylz+AjP4QBS9xweLy3UFsFZdmJzTyXYT
sQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7217628955232810253191150798485948531
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-27 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-27 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.leitchfield.ky.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29469718114569522942088519306947995837698698511979262747139400889463344720397203029073382317342843860812220980939423488692992171849948661993093634526429784734825396176170333881852320728406644918122102280272658662866224609043926987408604494912964488917310800268447045393409202383836786496113761933777169040566811529261016687220643496988414591058093160314643514022697558436315320180966418766617963735621493185890116823548711657040176947980604579345304803592746708805479368039958518501849992596737908805730089460125070642788265723210321713053880937113527372384872294825203544913035449447447116055910176983988418720961457
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6d0548a23ea45171843929223ff7e01d8b0ea2b8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.leitchfield.ky.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000185f5024bbd000004030046304402204cf5f8e3dccf44812e915f1e00cf87e2330038d2d0cdc91d66e1aab197fba8ec0220461e354a3e5da5867fe9191e4947460c00de296427c588c930b6e3bb6891aa5d007700b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000185f5024c200000040300483046022100a511d19008fc7a46aa30930e753c2fcd9e6bf98497ee1e8cd3748cbcd1114abe022100ed4e975ebd85929f7c9bf1bc26cf07b0f3abe994d144449ed05ee2c181d764a0007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000185f5024bd200000403004730450220294c00f2cc3aa27d71adb7c53d2e02024a3f137e5c5345d2f083abfe5768706e0221009893eef27015c61f87b3a92841e172e51d8366068c61cc6e9ad706348de6920e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00c6b9ca8286d3e95ae221eeb5b39b8d7008761d3e40ac6242b4330ae6bddc13d1dfa92397660bf404ae04e0db48ba2959d187951a6e08a46ab58c2fb81b518712d2405b939f66fee2a2ca20cb5f29a843e544d0e88b72f50c62ebde01015960d1f274828d02af9adb5daad15b1a0c8f7dec931b3dd333d9a006766faa2398d31c750852480448330d40b98d0113235fc023b86e41f482f863e32d5129e8dbc6ebee35701485624025b7b44e1053e5ba57c6f7fb16f15166d912c03866ccb358d9e5c3bb1c81d7c9a9e461cea056fac8ae823776bc08b3ca4f76ebe01badb426751713f0e57d62798a3c38c8c25375a2e9b3b908540558308c7c4c2c5d65c407435499a979774a3461b7e31dc8eb1ce093587826cbee39c3deb1063ff6430b2b1ffd18f0c61aa01b72cb6ec3e20bc43e909f338e78d65e8b67b6d94ffc1f7f7853465ba0d680a20ef62e2ec96dc2472b0970c16dbf9d7f5c8ebdaa04deeaa9fe70f2fccb5f7a92f5f67dbd123a2c21fe58526183b2c989fcb6ad26a0bd7fac6bef7f999d117cd58935ccfae2b40b23801a5dc94100319ffe16393fb8e029a537cfb49b5a7d9025a58e03a5db0df94ac6ed9ac262e722ee8133cd6b1d0ae2d37380b7756f80b50b4e247d07c60f9dfd884b6ec5f987c35657737b9402a285a8285fba6392d5058477d1c328e7768372852aeb6e6d13dadc94a4cb885985c8c99226