shpivee1-01.roche.com
Issued by GeoTrust DV SSL CA - G3
About this certificate
This digital certificate with serial number 32:77:0a:d0:05:e1:a1:81:7a:ab:6a:60:1d:b0:df:72 was issued on by GeoTrust Inc..
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=shpivee1-01.roche.com
GeoTrust Inc.
Organization:
GeoTrust Inc.
Organization unit: Domain Validated SSL
Organization unit: Domain Validated SSL
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 32:77:0a:d0:05:e1:a1:81:7a:ab:6a:60:1d:b0:df:72Serial Number (int): 67079502420785473664664961090885574514
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: ad:65:22:85:90:d0:3b:e3:a1:49:8b:37:f9:f1:0b:1d:5f:17:a0:77
Fingerprint (sha1): 22:a2:a9:f2:ed:0d:3d:ea:72:b0:0e:68:5b:de:22:9d:19:fc:bf:af
Fingerprint (sha256): 05:db:9e:a0:9b:39:f9:b3:c6:81:6f:37:d3:85:ea:46:d6:b1:95:5f:c6:07:a2:d1:a7:c5:cd:93:b5:b6:89:c5
Issuing Certificate URL: http://gt.symcb.com/gt.crt
Revocation information
OCSP Server: http://gt.symcd.comCRL Distribution Point: http://gt.symcb.com/gt.crl
Check the revocation status for certificate shpivee1-01.roche.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for shpivee1-01.roche.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
shpivee1.roche.com
glomra.roche.com
shpivee1-01.roche.com
glomra.roche.com
shpivee1-01.roche.com
Other certificates including the domain name roche.com
(limited to 100 certificates)
involve.roche.com
www.hpv16and18.com
easydrive-uat.roche.com
advancedanalytics.roche.com
main.rhelp.roche.com
sni.cloudflaressl.com
magentocloud28.map.fastly.net
rbalvprexd0.bas.roche.com
cieas01.roche.com
harmonytest.de
sequencing.roche.com
esource.roche.com
e-medical.roche.com
esource.roche.com
coaguchek.com
rsmsourcing.roche.com
deimos.roche.com
cert2.roche.com
sni.cloudflaressl.com
cdn.appstore.gene.com
shpivee1-01.roche.com
eews-dev.roche.com
myaccess.roche.com
ican.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
cert3.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
mrdivee2-02.netlab.roche.com
rodip.roche.com
nsrdcongresses.roche.com
rbavxsentry11.bas.roche.com
mobilesolution-dev.roche.com
wamua.roche.com
dialog-62-test.roche.com
rocheggcpac.roche.com
san-003.ceros.com
video.hive.roche.com
sni.cloudflaressl.com
rssg.roche.com
mftemeaext.roche.com
anadisuat01.sc1.roche.com
careers.roche.com
flow.roche.com
cert3.roche.com
sni.cloudflaressl.com
misp.roche.com
cert2.roche.com
careers.roche.com
api.rockwizz.roche.com
bitbucket-nala-qa.roche.com
careers.roche.com
wamdev.roche.com
sonar-dev-old.roche.com
diauxhub.roche.com
careers.roche.com
globalfms.roche.com
san-003.ceros.com
sc1lvflexq2.sc1.roche.com
easydrive-dev.roche.com
send-tst.roche.com
indigrow.roche.com
careers.roche.com
careers.roche.com
env5-remotedashboard.roche.com
mrd25.me
cert2.roche.com
*.esrv-hub-uat.roche.com
sb.eu.phcaa.science.roche.com
san-003.ceros.com
extaccess-nala.roche.com
magentocloud28.map.fastly.net
go.roche.com
magentocloud32.map.fastly.net
sni.cloudflaressl.com
ssl882748.cloudflaressl.com
sni.cloudflaressl.com
esrv-marketplace-dev.roche.com
careers.roche.com
imcore.roche.com
booster.roche.com
sni.cloudflaressl.com
akamai-san195.exacttarget.com
raumbuch.roche.com
pitas01.roche.com
sni.cloudflaressl.com
c1edb.roche.com
magentocloud45.map.fastly.net
shpivee1-01.roche.com
hpv16and18.com
hivemind.roche.com
searchsquad.roche.com
cferondanetrochedia-qa.roche.com
esign.roche.com
diaitsupport.roche.com
sni.cloudflaressl.com
magentocloud32.map.fastly.net
r32web.sap.roche.com
apis.cwp.roche.com
www.hpv16and18.com
easydrive-uat.roche.com
advancedanalytics.roche.com
main.rhelp.roche.com
sni.cloudflaressl.com
magentocloud28.map.fastly.net
rbalvprexd0.bas.roche.com
cieas01.roche.com
harmonytest.de
sequencing.roche.com
esource.roche.com
e-medical.roche.com
esource.roche.com
coaguchek.com
rsmsourcing.roche.com
deimos.roche.com
cert2.roche.com
sni.cloudflaressl.com
cdn.appstore.gene.com
shpivee1-01.roche.com
eews-dev.roche.com
myaccess.roche.com
ican.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
cert3.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
mrdivee2-02.netlab.roche.com
rodip.roche.com
nsrdcongresses.roche.com
rbavxsentry11.bas.roche.com
mobilesolution-dev.roche.com
wamua.roche.com
dialog-62-test.roche.com
rocheggcpac.roche.com
san-003.ceros.com
video.hive.roche.com
sni.cloudflaressl.com
rssg.roche.com
mftemeaext.roche.com
anadisuat01.sc1.roche.com
careers.roche.com
flow.roche.com
cert3.roche.com
sni.cloudflaressl.com
misp.roche.com
cert2.roche.com
careers.roche.com
api.rockwizz.roche.com
bitbucket-nala-qa.roche.com
careers.roche.com
wamdev.roche.com
sonar-dev-old.roche.com
diauxhub.roche.com
careers.roche.com
globalfms.roche.com
san-003.ceros.com
sc1lvflexq2.sc1.roche.com
easydrive-dev.roche.com
send-tst.roche.com
indigrow.roche.com
careers.roche.com
careers.roche.com
env5-remotedashboard.roche.com
mrd25.me
cert2.roche.com
*.esrv-hub-uat.roche.com
sb.eu.phcaa.science.roche.com
san-003.ceros.com
extaccess-nala.roche.com
magentocloud28.map.fastly.net
go.roche.com
magentocloud32.map.fastly.net
sni.cloudflaressl.com
ssl882748.cloudflaressl.com
sni.cloudflaressl.com
esrv-marketplace-dev.roche.com
careers.roche.com
imcore.roche.com
booster.roche.com
sni.cloudflaressl.com
akamai-san195.exacttarget.com
raumbuch.roche.com
pitas01.roche.com
sni.cloudflaressl.com
c1edb.roche.com
magentocloud45.map.fastly.net
shpivee1-01.roche.com
hpv16and18.com
hivemind.roche.com
searchsquad.roche.com
cferondanetrochedia-qa.roche.com
esign.roche.com
diaitsupport.roche.com
sni.cloudflaressl.com
magentocloud32.map.fastly.net
r32web.sap.roche.com
apis.cwp.roche.com
Certificate
The complete raw certificate details for shpivee1-01.roche.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF9DCCBNygAwIBAgIQMncK0AXhoYF6q2pgHbDfcjANBgkqhkiG9w0BAQsFADBm MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UECxMU RG9tYWluIFZhbGlkYXRlZCBTU0wxIDAeBgNVBAMTF0dlb1RydXN0IERWIFNTTCBD QSAtIEczMB4XDTE3MDYyOTAwMDAwMFoXDTE5MDYyOTIzNTk1OVowIDEeMBwGA1UE AwwVc2hwaXZlZTEtMDEucm9jaGUuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A MIICCgKCAgEAv/hXisUCn8q6u8hgxmNluEHGWV22aFp7KQBCr17BuW+Vaa+4tGPW ohY+x9uIxDywhlUs6nXu2D5Pett+cDuZGO3NYLRSFSzqwUaw56HsbRekHqn/p6dL +J4pmSn605m1anAPvhSmh4fjGL5N+Eq+Lr6NvzyFQxcZBBfqa7xErWjTcyj9xLX6 2LRYizMuGVcAX8nOFbyeE6Frjv6mGkKzgkL6pChda87yaTBDViwQEmvIoCfeq8SI VjpjjuYarJOfHHNNdu/pTmRHi1dAqQlshN+ipKnvpkEiy18vDKrlQNI3xlUnSDpz cDmJobXQnj2ekHsEft8hfyLv2/rVFsic+uMTnRWFLAwDf1966yLHqrVzJUKYJ7wh AEcZNnO2SBBZ0xhCL2B+TveOSP0/Q2LlP/hD/BVFTA0AeuxQTpKrguyVtpP/PN54 v9fTHubnkTIm8OEnRKhpzxoD9KzwtNK8Lc+F+aB0kBY+VQggmCPCSUOj8niqEtvw zjq2fBmUzDeKb5AnpzDqi4nHYNFocrXQCJR68xf1MNlCN9ZSBy+Y52XKgxSnfGrO oQGIyRdZWaKCpoKw6HuBK9XlrH1rwUctdw+ZAeUUercaaiReXQTFked/qcQPeMC4 4SZFtK8fj7H4KnqQgYkGKiRgU0fjuRb3JlA1sqE2ApO3tLbG6uslREECAwEAAaOC AeIwggHeMEYGA1UdEQQ/MD2CEnNocGl2ZWUxLnJvY2hlLmNvbYIQZ2xvbXJhLnJv Y2hlLmNvbYIVc2hwaXZlZTEtMDEucm9jaGUuY29tMAkGA1UdEwQCMAAwKwYDVR0f BCQwIjAgoB6gHIYaaHR0cDovL2d0LnN5bWNiLmNvbS9ndC5jcmwwgZ0GA1UdIASB lTCBkjCBjwYGZ4EMAQIBMIGEMD8GCCsGAQUFBwIBFjNodHRwczovL3d3dy5nZW90 cnVzdC5jb20vcmVzb3VyY2VzL3JlcG9zaXRvcnkvbGVnYWwwQQYIKwYBBQUHAgIw NQwzaHR0cHM6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5 L2xlZ2FsMB8GA1UdIwQYMBaAFK1lIoWQ0DvjoUmLN/nxCx1fF6B3MA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwVwYIKwYBBQUH AQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vZ3Quc3ltY2QuY29tMCYGCCsGAQUF BzAChhpodHRwOi8vZ3Quc3ltY2IuY29tL2d0LmNydDATBgorBgEEAdZ5AgQDAQH/ BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEc5KibwgfxI+VR/fJG9Ef2L1+Y4bVfva v8U8p1KsX4xMX5J4JyOf7ua2/z37S+b1hDYKjJ/KQwttGkgL1bw/RIylyk7oyF2I EKMPAEWaXQ42xggR/d5ib+WadtC+H+NpKC3QzRF/HOdq+osSi7K/Fss+Jpg8E0e4 MzPms/w/wt1uAegL2gJ88vdmbgjEz/xlIMaoWfEwvNcmcYnnxzZzl8Bnetpkpp3X OxuqYxz2Hn6ZupZISFcQhpDnIwg20mVKXojZzIn8yu+IBt1G4AOgrVgAZJ44VjNS NKlsZf0EDgYJ0p/0C9P7mE3umeUb7nPl1yl6pNUJuKLFLCG4cd0pHg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv/hXisUCn8q6u8hgxmNl uEHGWV22aFp7KQBCr17BuW+Vaa+4tGPWohY+x9uIxDywhlUs6nXu2D5Pett+cDuZ GO3NYLRSFSzqwUaw56HsbRekHqn/p6dL+J4pmSn605m1anAPvhSmh4fjGL5N+Eq+ Lr6NvzyFQxcZBBfqa7xErWjTcyj9xLX62LRYizMuGVcAX8nOFbyeE6Frjv6mGkKz gkL6pChda87yaTBDViwQEmvIoCfeq8SIVjpjjuYarJOfHHNNdu/pTmRHi1dAqQls hN+ipKnvpkEiy18vDKrlQNI3xlUnSDpzcDmJobXQnj2ekHsEft8hfyLv2/rVFsic +uMTnRWFLAwDf1966yLHqrVzJUKYJ7whAEcZNnO2SBBZ0xhCL2B+TveOSP0/Q2Ll P/hD/BVFTA0AeuxQTpKrguyVtpP/PN54v9fTHubnkTIm8OEnRKhpzxoD9KzwtNK8 Lc+F+aB0kBY+VQggmCPCSUOj8niqEtvwzjq2fBmUzDeKb5AnpzDqi4nHYNFocrXQ CJR68xf1MNlCN9ZSBy+Y52XKgxSnfGrOoQGIyRdZWaKCpoKw6HuBK9XlrH1rwUct dw+ZAeUUercaaiReXQTFked/qcQPeMC44SZFtK8fj7H4KnqQgYkGKiRgU0fjuRb3 JlA1sqE2ApO3tLbG6uslREECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 67079502420785473664664961090885574514 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust DV SSL CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-06-29 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-29 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'shpivee1-01.roche.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 783169621714004324971829737269685422955857898486972131819874802689049048974825560263795577379604196920596172706601362384297040929990847610910508829125890287334933128246444017756521811743858515809055195320211114710560564395247355035183368745880470254496232296284616797011056145224921038887593506967371046262077812233066976802053182268034159112427195757773383168190600101832401687091099052637962728312465396014561693793485347119414541412349360346345728042304717295961234458920143491381097208075184344752490328773883737858674509317352543052617852134745097413830733997422968727671550030252241450399072571102165623465951712911621265519154811926332112429579250892074528116803148181190068616867066647963564550874957712675983789205069314233718293257934521944381141418901926911318576560064376533161108781831344843581947733364603179840470594078984071669905998110289991855995566334415481863468926019850479069078828217301310986206495505602989538118259036993893980140469818810933097909022144049063196340045801445695887032064323208153271087819932464072837671867913434162260696576543520325614815212478681203959689417088059120369941479049794363940942983581058902023728239095583419529527414210485760073755272321508468396851662097601376643570871911489 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (63 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shpivee1.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'glomra.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shpivee1-01.roche.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gt.symcb.com/gt.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (149 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ad65228590d03be3a1498b37f9f10b1d5f17a077 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gt.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gt.symcb.com/gt.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0011ce4a89bc207f123e551fdf246f447f62f5f98e1b55fbdabfc53ca752ac5f8c4c5f927827239feee6b6ff3dfb4be6f584360a8c9fca430b6d1a480bd5bc3f448ca5ca4ee8c85d8810a30f00459a5d0e36c60811fdde626fe59a76d0be1fe369282dd0cd117f1ce76afa8b128bb2bf16cb3e26983c1347b83333e6b3fc3fc2dd6e01e80bda027cf2f7666e08c4cffc6520c6a859f130bcd7267189e7c7367397c0677ada64a69dd73b1baa631cf61e7e99ba96484857108690e7230836d2654a5e88d9cc89fccaef8806dd46e003a0ad5800649e3856335234a96c65fd040e0609d29ff40bd3fb984dee99e51bee73e5d7297aa4d509b8a2c52c21b871dd291e