*.geico.com
- Government Employees Insurance Company -
Issued by GeoTrust SSL CA
About this certificate
This digital certificate with serial number 01:95:82 was issued on by GeoTrust, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Government Employees Insurance Company
Company registration number:
8N23kfVhGN/IQgEeWhMqx5BhwMa7hwT1
Organization: Government Employees Insurance Company
Organization: Government Employees Insurance Company
State / Province:
Maryland
Locality: Chevy Chase
Country: US
Locality: Chevy Chase
Country: US
GeoTrust, Inc.
Organization:
GeoTrust, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:95:82Serial Number (int): 103810
Serial Number lenght: 17 bits, 3 octets
SubjectKeyId: d2:ec:35:4a:e7:80:11:55:5c:1a:7d:5e:c9:fd:30:7e:0c:6f:fb:b4
AuthorityKeyId: 42:79:54:1b:61:cd:55:2b:3e:63:d5:3c:48:57:f5:9f:fb:45:ce:4a
Fingerprint (sha1): 2a:d3:2c:a6:26:f7:6a:50:ec:20:10:9a:6c:ec:fc:18:00:bf:11:e0
Fingerprint (sha256): 05:19:d0:7d:24:b9:3b:07:06:31:e7:e1:9f:ed:a4:a2:a8:19:20:be:c7:c7:7c:89:b5:e8:77:35:5d:1d:cc:cf
Issuing Certificate URL: http://gtssl-aia.geotrust.com/gtssl.crt
Revocation information
OCSP Server: http://gtssl-ocsp.geotrust.comCRL Distribution Point: http://gtssl-crl.geotrust.com/crls/gtssl.crl
Check the revocation status for certificate *.geico.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.geico.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Data Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.geico.com
geico.com
geico.com
Other certificates including the domain name geico.com
(limited to 100 certificates)
copart.geico.com
sattest.geico.com
Arbitration.geico.com
Ivanticsa6.private.geico.com
umbapp-umbuicustomer-ed1.geico.com
tierb2b-test.geico.com
partnersgateway-tt.geico.com
imperva.com
imperva.com
hive.geico.com
comcbs-ut1.geico.com
docusigneo-ut1.geico.com
imperva.com
docusigneo-EU1.geico.com
claims.geico.com
partnersgateway001-tr.geico.com
mstage2.service-ft.geico.com
umbrella-user.geico.com
service-ft.geico.com
mts-ut1.geico.com
psfthr-dr.oci.geico.com
awpocseg365.private.geico.com
partnersgateway001.geico.com
imperva.com
isotest1.geico.com
imperva.com
billingreportsapi-eu1.geico.com
Plazamail2016.geico.net
gragwns.private.geico.com
homeowners.geico.com
partnersgateway009-tr.geico.com
Ivanticsa12.private.geico.com
partnersgateway005-in.geico.com
tier2-int2.geico.com
ecams.geico.com
sales.geico.com
sales-in2.geico.com
boat-user.geico.com
dmvtest.geico.com
partnersgateway-tr.geico.com
egressgateway14-lt.geico.com
partners.geico.com
umbrella-user.geico.com
awprodsegv2.private.geico.com
ingressgateway07-ut.geico.com
sig-ft.geico.com
crm-cs-eapi-gateway-tr1.geico.com
*.geico.com
partnersgateway007.geico.com
edgein-tr.geico.com
claimsdr.geico.com
anbcui-prod.geico.com
tier.geico.com
ecams.geico.com
claimiq.geico.com
mts.geico.com
docusigneo-FT1.geico.com
imperva.com
atlastest.geico.com
vdipd1external.private.geico.com
propertysales.geico.com
polcomexpressvue-eu1.geico.com
edgeex-in.geico.com
imperva.com
commercial-in1.geico.com
nocpaa.np.geico.com
auto-buy-tr1.geico.com
imperva.com
optout.geico.com
portfolioex-lt.geico.com
ingressgateway08.geico.com
capsales-test.geico.com
partnersgateway002-dv.geico.com
adestimatetest.geico.com
polcomexpressvue-eu1.geico.com
bilpyh-ut1.geico.com
blaster.geico.com
umbrella-c-load.geico.com
edsinbound-trng.geico.com
umbapp-umbuicustomer-ed1.geico.com
FRWS7845.geico.net
claimsportal-tr1.geico.com
FredMail2016.geico.net
partnersgateway005.geico.com
salesb2b2-int.geico.com
telpdchvg01.anc.geico.net
cvshealth.geico.com
propertysales-ut1-api.geico.com
imperva.com
rewards-ut1.geico.com
*.geico.com
ivrpl.private.geico.com
edsinbound-load.geico.com
billingwdayinterface.geico.com
CHWS7104.geico.net
auto-buy-GZ-ftrack1.geico.com
PartnersTest.geico.com
auto-kate-fn1.geico.com
propertysales-It-api.geico.com
imperva.com
sattest.geico.com
Arbitration.geico.com
Ivanticsa6.private.geico.com
umbapp-umbuicustomer-ed1.geico.com
tierb2b-test.geico.com
partnersgateway-tt.geico.com
imperva.com
imperva.com
hive.geico.com
comcbs-ut1.geico.com
docusigneo-ut1.geico.com
imperva.com
docusigneo-EU1.geico.com
claims.geico.com
partnersgateway001-tr.geico.com
mstage2.service-ft.geico.com
umbrella-user.geico.com
service-ft.geico.com
mts-ut1.geico.com
psfthr-dr.oci.geico.com
awpocseg365.private.geico.com
partnersgateway001.geico.com
imperva.com
isotest1.geico.com
imperva.com
billingreportsapi-eu1.geico.com
Plazamail2016.geico.net
gragwns.private.geico.com
homeowners.geico.com
partnersgateway009-tr.geico.com
Ivanticsa12.private.geico.com
partnersgateway005-in.geico.com
tier2-int2.geico.com
ecams.geico.com
sales.geico.com
sales-in2.geico.com
boat-user.geico.com
dmvtest.geico.com
partnersgateway-tr.geico.com
egressgateway14-lt.geico.com
partners.geico.com
umbrella-user.geico.com
awprodsegv2.private.geico.com
ingressgateway07-ut.geico.com
sig-ft.geico.com
crm-cs-eapi-gateway-tr1.geico.com
*.geico.com
partnersgateway007.geico.com
edgein-tr.geico.com
claimsdr.geico.com
anbcui-prod.geico.com
tier.geico.com
ecams.geico.com
claimiq.geico.com
mts.geico.com
docusigneo-FT1.geico.com
imperva.com
atlastest.geico.com
vdipd1external.private.geico.com
propertysales.geico.com
polcomexpressvue-eu1.geico.com
edgeex-in.geico.com
imperva.com
commercial-in1.geico.com
nocpaa.np.geico.com
auto-buy-tr1.geico.com
imperva.com
optout.geico.com
portfolioex-lt.geico.com
ingressgateway08.geico.com
capsales-test.geico.com
partnersgateway002-dv.geico.com
adestimatetest.geico.com
polcomexpressvue-eu1.geico.com
bilpyh-ut1.geico.com
blaster.geico.com
umbrella-c-load.geico.com
edsinbound-trng.geico.com
umbapp-umbuicustomer-ed1.geico.com
FRWS7845.geico.net
claimsportal-tr1.geico.com
FredMail2016.geico.net
partnersgateway005.geico.com
salesb2b2-int.geico.com
telpdchvg01.anc.geico.net
cvshealth.geico.com
propertysales-ut1-api.geico.com
imperva.com
rewards-ut1.geico.com
*.geico.com
ivrpl.private.geico.com
edsinbound-load.geico.com
billingwdayinterface.geico.com
CHWS7104.geico.net
auto-buy-GZ-ftrack1.geico.com
PartnersTest.geico.com
auto-kate-fn1.geico.com
propertysales-It-api.geico.com
imperva.com
Certificate
The complete raw certificate details for *.geico.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFCjCCA/KgAwIBAgIDAZWCMA0GCSqGSIb3DQEBBQUAMEAxCzAJBgNVBAYTAlVT MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEYMBYGA1UEAxMPR2VvVHJ1c3QgU1NM IENBMB4XDTEyMDgwMjAwMTQwMloXDTE1MDgwNTA3MjI1OVowgagxKTAnBgNVBAUT IDhOMjNrZlZoR04vSVFnRWVXaE1xeDVCaHdNYTdod1QxMQswCQYDVQQGEwJVUzER MA8GA1UECBMITWFyeWxhbmQxFDASBgNVBAcTC0NoZXZ5IENoYXNlMS8wLQYDVQQK EyZHb3Zlcm5tZW50IEVtcGxveWVlcyBJbnN1cmFuY2UgQ29tcGFueTEUMBIGA1UE AwwLKi5nZWljby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4 qoG4e6nRqg2XoV2nbFR0XrFdI5ZMBhBYI3ZpK0eyN4w3rRqeywNT7eCXcQGNhewc D0PmKeFVugevIz6y/uz8LvWHzir87u50c+WuZ+tHfIgxNJ193mt9MvJ7pcgbs0Wx mkugwUJjOmhyNP0MXO704Lkk+0cBtd2HudnFPF6u5nbWmRigCSXVpzjQhA5wxeD/ xl8CwbQ3uHzfm+j7t4P0FNsKntJ89x5LM0uCNt+bPq2j/nNiRVE+xWv6IvxmKaiX LpiLOfYHZVoS0faWTDuktnxTmLQ3aplz4bLb97PvqLMx1YqoAUnhmt94to8YMtx7 mL4RJpxUXzQXPrbJtk8nAgMBAAGjggGiMIIBnjAfBgNVHSMEGDAWgBRCeVQbYc1V Kz5j1TxIV/Wf+0XOSjAOBgNVHQ8BAf8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMCEGA1UdEQQaMBiCCyouZ2VpY28uY29tgglnZWljby5jb20w PQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2d0c3NsLWNybC5nZW90cnVzdC5jb20v Y3Jscy9ndHNzbC5jcmwwHQYDVR0OBBYEFNLsNUrngBFVXBp9Xsn9MH4Mb/u0MAwG A1UdEwEB/wQCMAAwbwYIKwYBBQUHAQEEYzBhMCoGCCsGAQUFBzABhh5odHRwOi8v Z3Rzc2wtb2NzcC5nZW90cnVzdC5jb20wMwYIKwYBBQUHMAKGJ2h0dHA6Ly9ndHNz bC1haWEuZ2VvdHJ1c3QuY29tL2d0c3NsLmNydDBMBgNVHSAERTBDMEEGCmCGSAGG +EUBBzYwMzAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5nZW90cnVzdC5jb20vcmVz b3VyY2VzL2NwczANBgkqhkiG9w0BAQUFAAOCAQEAY6NmLX7mSjvfr+mAFWnFvFV0 vKJJE8hAPDS0SP5i8vc54QXyzO0u0s6zKRnuL2vXhT4u6TPeL2cuTuKnefP2NvdZ Or8zh9KmvBlqK+6r2KpcMykJBWAxV9fL/mF10YxzEBRZu93Xexv8MjyxhtGedqFT fncLEy08i/AggW8NgrXORHDlpieGoe9g/NafqixxpzxB/S/4iXuKUrBAgK5gs3sW ibw7LL1bnNHkyplLwjQIlbBDh2aM0MmXWpf8iCNboJ607MNyj+0VyS1BhvLHELeC WrPyhXi0OPEcZXyr7/h1HdskOMlg+w77+CVLi3TahfialAP/hPzAVKNijfedTQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKqBuHup0aoNl6Fdp2xU dF6xXSOWTAYQWCN2aStHsjeMN60anssDU+3gl3EBjYXsHA9D5inhVboHryM+sv7s /C71h84q/O7udHPlrmfrR3yIMTSdfd5rfTLye6XIG7NFsZpLoMFCYzpocjT9DFzu 9OC5JPtHAbXdh7nZxTxeruZ21pkYoAkl1ac40IQOcMXg/8ZfAsG0N7h835vo+7eD 9BTbCp7SfPceSzNLgjbfmz6to/5zYkVRPsVr+iL8Zimoly6Yizn2B2VaEtH2lkw7 pLZ8U5i0N2qZc+Gy2/ez76izMdWKqAFJ4ZrfeLaPGDLce5i+ESacVF80Fz62ybZP JwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 103810 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-08-02 00:14:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-08-05 07:22:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '8N23kfVhGN/IQgEeWhMqx5BhwMa7hwT1' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Maryland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chevy Chase' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Employees Insurance Company' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.geico.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23311928111701730810256213140340312764628894705248358220927771206195531616782567033565026694324098541302744110496720797933748223775437994616805987567095830955913512761573804822323978422050110553009513317499216569216829205648302467181408708919183926057873013497808226457277973923023087031418827351034977528708730204079442343643427338373508938030590261065423165044317703137450816318450139450437096666699201029216457655495657259133916967615462168429516161823739829447479246283049392771689750424451184296330442737513876726357384200196375910045959644683101727037671890890224236357291718621372983005454530475395101350055719 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 4279541b61cd552b3e63d53c4857f59ffb45ce4a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits) 04b0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.geico.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'geico.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtssl-crl.geotrust.com/crls/gtssl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d2ec354ae78011555c1a7d5ec9fd307e0c6ffbb4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtssl-ocsp.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtssl-aia.geotrust.com/gtssl.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.geotrust.com/resources/cps' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0063a3662d7ee64a3bdfafe9801569c5bc5574bca24913c8403c34b448fe62f2f739e105f2cced2ed2ceb32919ee2f6bd7853e2ee933de2f672e4ee2a779f3f636f7593abf3387d2a6bc196a2beeabd8aa5c33290905603157d7cbfe6175d18c73101459bbddd77b1bfc323cb186d19e76a1537e770b132d3c8bf020816f0d82b5ce4470e5a62786a1ef60fcd69faa2c71a73c41fd2ff8897b8a52b04080ae60b37b1689bc3b2cbd5b9cd1e4ca994bc2340895b04387668cd0c9975a97fc88235ba09eb4ecc3728fed15c92d4186f2c710b7825ab3f28578b438f11c657cabeff8751ddb2438c960fb0efbf8254b8b74da85f89a9403ff84fcc054a3628df79d4d