cert5.state.gov
- US Department of State -
Issued by GeoTrust SSL CA - G3
About this certificate
This digital certificate with serial number 27:ec:df:de:af:1b:bb:0e:40:37:24:6b:b6:14:ab:47 was issued on by GeoTrust Inc..
With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
US Department of State
Organization:
US Department of State
Organization unit: IIP
Organization unit: IIP
State / Province:
District Of Columbia
Locality: Washington
Country: US
Locality: Washington
Country: US
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 27:ec:df:de:af:1b:bb:0e:40:37:24:6b:b6:14:ab:47Serial Number (int): 53069814514413031914048061345746955079
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: d2:6f:f7:96:f4:85:3f:72:3c:30:7d:23:da:85:78:9b:a3:7c:5a:7c
Fingerprint (sha1): f2:49:e5:d8:54:d7:dc:7f:bf:45:2b:6a:5e:8e:e1:0c:26:5a:60:7b
Fingerprint (sha256): 06:10:66:69:09:d0:32:30:83:7b:5d:a1:a5:cd:8e:b5:19:0d:06:c7:85:4c:ca:ae:b2:14:6e:af:ef:b9:09:7f
Issuing Certificate URL: http://gn.symcb.com/gn.crt
Revocation information
OCSP Server: http://gn.symcd.comCRL Distribution Point: http://gn.symcb.com/gn.crl
Check the revocation status for certificate cert5.state.gov
7
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cert5.state.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.diplomaticsecurity.state.gov
www.dsmemorial.state.gov
www.keystonepipeline-xl.state.gov
china.usembassy-china.org.cn
www.oig.state.gov
www.arabianpeninsula.mepi.state.gov
cert5.state.gov
www.dsmemorial.state.gov
www.keystonepipeline-xl.state.gov
china.usembassy-china.org.cn
www.oig.state.gov
www.arabianpeninsula.mepi.state.gov
cert5.state.gov
Other certificates including the domain name state.gov
(limited to 100 certificates)
receptiontours.state.gov
cert5.state.gov
test-web-lws.edu.help
entranceondutytst.state.gov
womenofcourage.state.gov
pptform2.state.gov
tfa.state.gov
dev.cadatacatalog.state.gov
www.dvlottery.state.gov
test-cms.history.state.gov
pptform.state.gov
sni.cloudflaressl.com
receptiontours.state.gov
2001-2009.state.gov
oas.icdev.de
www.dvlottery.state.gov
exchanges.state.gov
pptform.state.gov
elibraryusa.state.gov
5636635823702016-fe2.pantheonsite.io
ivvsmarttraveler.state.gov
usrapchad.state.gov
adgsupport.state.gov
staging-bangkok.ilea.state.gov
www.design-engineering.princeton.edu
stsent.state.gov
alumni.dev.state.gov
iocareers.state.gov
bangkok.ilea.ign-uat.inl.state.gov
admin.eca.test.state.gov
globalhealth.playbooks.commons-dev.state.gov
caprovservice.state.gov
dev.diplomacy.state.gov
auth.passportappointment.travel.state.gov
rnet.state.gov
hrex.state.gov
www.j1visa.state.gov
search.usa.gov
www.blogs.earthjustice.org
readmypins.state.gov
sni.cloudflaressl.com
exportcontrol.state.gov
*.state.gov
j1visawaiverstatus.state.gov
directory-sandbox.state.gov
webdev.colorado.edu
state.gov
virtual2.unlv.edu
research-pp.stonybrook.edu
workflows.state.gov
fsilearncenter.state.gov
5636635823702016-fe2.pantheonsite.io
covid19.playbooks.commons-dev.state.gov
deccschat.pmddtc.state.gov
upenn-it.asc.upenn.edu
*.staging.pmddtc.state.gov
*.state.gov
geonode.state.gov
alumni.state.gov
diplomacy.state.gov
www.dvlottery.state.gov
starscream.sierra.state.gov
secondarycities.geonode.state.gov
synergy.state.gov
berlinwall.state.gov
playbooks.commons-dev.state.gov
oas.icdev.de
educationusa.state.gov
test-cms.history.state.gov
PassportStatus.state.gov
*.test.state.gov
ivvcadataapi.state.gov
tfa.state.gov
sait.state.gov
sni.cloudflaressl.com
commons-dev.state.gov
refugeesmigration.playbooks.commons.state.gov
cms.history.state.gov
sni.cloudflaressl.com
akamaisecure7.qualtrics.com
bangkok.ilea.state.gov
iservices.state.gov
secondarycities.state.gov
Server3.eRecruitment.State.gov
online-auction-controlpanel.state.gov
americanenglish.state.gov
amspaces.state.gov
cert5.state.gov
hiu.state.gov
readmypins.state.gov
adgsupport.state.gov
cfsc.state.gov
jsas.state.gov
pivogr.state.gov
sni.cloudflaressl.com
qa.californiasciencecenter.ca.gov
akamaisecure7.qualtrics.com
diplomacy.state.gov
ceac.state.gov
dev.cadataapi.state.gov
cert5.state.gov
test-web-lws.edu.help
entranceondutytst.state.gov
womenofcourage.state.gov
pptform2.state.gov
tfa.state.gov
dev.cadatacatalog.state.gov
www.dvlottery.state.gov
test-cms.history.state.gov
pptform.state.gov
sni.cloudflaressl.com
receptiontours.state.gov
2001-2009.state.gov
oas.icdev.de
www.dvlottery.state.gov
exchanges.state.gov
pptform.state.gov
elibraryusa.state.gov
5636635823702016-fe2.pantheonsite.io
ivvsmarttraveler.state.gov
usrapchad.state.gov
adgsupport.state.gov
staging-bangkok.ilea.state.gov
www.design-engineering.princeton.edu
stsent.state.gov
alumni.dev.state.gov
iocareers.state.gov
bangkok.ilea.ign-uat.inl.state.gov
admin.eca.test.state.gov
globalhealth.playbooks.commons-dev.state.gov
caprovservice.state.gov
dev.diplomacy.state.gov
auth.passportappointment.travel.state.gov
rnet.state.gov
hrex.state.gov
www.j1visa.state.gov
search.usa.gov
www.blogs.earthjustice.org
readmypins.state.gov
sni.cloudflaressl.com
exportcontrol.state.gov
*.state.gov
j1visawaiverstatus.state.gov
directory-sandbox.state.gov
webdev.colorado.edu
state.gov
virtual2.unlv.edu
research-pp.stonybrook.edu
workflows.state.gov
fsilearncenter.state.gov
5636635823702016-fe2.pantheonsite.io
covid19.playbooks.commons-dev.state.gov
deccschat.pmddtc.state.gov
upenn-it.asc.upenn.edu
*.staging.pmddtc.state.gov
*.state.gov
geonode.state.gov
alumni.state.gov
diplomacy.state.gov
www.dvlottery.state.gov
starscream.sierra.state.gov
secondarycities.geonode.state.gov
synergy.state.gov
berlinwall.state.gov
playbooks.commons-dev.state.gov
oas.icdev.de
educationusa.state.gov
test-cms.history.state.gov
PassportStatus.state.gov
*.test.state.gov
ivvcadataapi.state.gov
tfa.state.gov
sait.state.gov
sni.cloudflaressl.com
commons-dev.state.gov
refugeesmigration.playbooks.commons.state.gov
cms.history.state.gov
sni.cloudflaressl.com
akamaisecure7.qualtrics.com
bangkok.ilea.state.gov
iservices.state.gov
secondarycities.state.gov
Server3.eRecruitment.State.gov
online-auction-controlpanel.state.gov
americanenglish.state.gov
amspaces.state.gov
cert5.state.gov
hiu.state.gov
readmypins.state.gov
adgsupport.state.gov
cfsc.state.gov
jsas.state.gov
pivogr.state.gov
sni.cloudflaressl.com
qa.californiasciencecenter.ca.gov
akamaisecure7.qualtrics.com
diplomacy.state.gov
ceac.state.gov
dev.cadataapi.state.gov
Certificate
The complete raw certificate details for cert5.state.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHNTCCBh2gAwIBAgIQJ+zf3q8buw5ANyRrthSrRzANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTcwMjI3MDAwMDAwWhcNMTgwNTI5MjM1 OTU5WjCBijELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IE9mIENvbHVt YmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMR8wHQYDVQQKDBZVUyBEZXBhcnRtZW50 IG9mIFN0YXRlMQwwCgYDVQQLDANJSVAxGDAWBgNVBAMMD2NlcnQ1LnN0YXRlLmdv djCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALGUu3bhw0flol57B05H prlYzwQCvj5jQoSQp5/MV0jz4xAVgcBOR7r+Vz6KkwbIzEdt/QfQNsMSEZF9AHim Mkscm+5f7iu5P+2Y6RMBJA68LPHr84ROjY20yg20LEwRZBV/D24q/g8tfB6+8vJ4 G6vbCjtoWkjCP9UkTJh+2+hOEJQRklpxprGmZKQd5byrKOA8pAPeRFdeNCuyJDWI MqqkRW7xuFw54IUtawSwClqF75ag++RnxKflL1M8n5Pflv7cICkpvwtgLRzSvXWj pLbYsYHw7hgZM9+RcVNS1Hd3jhGDfUnOy3lcXHngG1x++GmNr7nptH+EtVmz1pmf 2G0CAwEAAaOCA9owggPWMIHRBgNVHREEgckwgcaCIHd3dy5kaXBsb21hdGljc2Vj dXJpdHkuc3RhdGUuZ292ghh3d3cuZHNtZW1vcmlhbC5zdGF0ZS5nb3aCIXd3dy5r ZXlzdG9uZXBpcGVsaW5lLXhsLnN0YXRlLmdvdoIcY2hpbmEudXNlbWJhc3N5LWNo aW5hLm9yZy5jboIRd3d3Lm9pZy5zdGF0ZS5nb3aCI3d3dy5hcmFiaWFucGVuaW5z dWxhLm1lcGkuc3RhdGUuZ292gg9jZXJ0NS5zdGF0ZS5nb3YwCQYDVR0TBAIwADAO BgNVHQ8BAf8EBAMCBaAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2duLnN5bWNi LmNvbS9nbi5jcmwwgZ0GA1UdIASBlTCBkjCBjwYGZ4EMAQICMIGEMD8GCCsGAQUF BwIBFjNodHRwczovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL3JlcG9zaXRv cnkvbGVnYWwwQQYIKwYBBQUHAgIwNQwzaHR0cHM6Ly93d3cuZ2VvdHJ1c3QuY29t L3Jlc291cmNlcy9yZXBvc2l0b3J5L2xlZ2FsMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjAfBgNVHSMEGDAWgBTSb/eW9IU/cjwwfSPahXibo3xafDBXBggr BgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9nbi5zeW1jZC5jb20wJgYI KwYBBQUHMAKGGmh0dHA6Ly9nbi5zeW1jYi5jb20vZ24uY3J0MIIBfQYKKwYBBAHW eQIEAgSCAW0EggFpAWcAdQDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+ zAAAAVqAljgyAAAEAwBGMEQCICWZ/LCNv1gS3f+reoxbPndK7hKEcPkYIjOQT1Ee e6q8AiA16md9O9M4hlSzNG/FdquOAK+ulVc7TQNVmVgTmDbbWAB2AKS5CZC0GFgU h7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABWoCWOFsAAAQDAEcwRQIhAKC4tyDv jT+iVUhqZch6tap04gvLO2QHos2/Ub8IVKEbAiANssxZD2jp3NQWmMuapTpeiYaB +FtrCFXqnePiWWIbJgB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3L AAABWoCWOjEAAAQDAEcwRQIgO5HS4YowLd6kFpvBj1mCb6cFuCBCUcvj82tzKXua SOYCIQCNOyi9qyfpBt3fku4bY3w8D7ecabHlIdSk8YX0M+1xCDANBgkqhkiG9w0B AQsFAAOCAQEASuCP19Pwcfnu30itCw3fWjEmAFRmyvHOVMijnX/52jnmZ8CZdSkA FelqhKCZ4fmfVyYL/1Bw+MExi4l7T7BGfFUSuc3sKffoZH1xTyjmvz2fJEFZCPV8 23B+Gtzjdmn1mK8ZMtbIK1UfrpLW7pwAS+g4E45momOU7lD+y3FHXirOyI/KC7NL serCqI9wrHbY8cxqIqVx9coXP58ga8pZTHrl7eIxcUXZy3VXBdjW38d/Inc8CjXK jcN5l1JBpIB/Zq1H0solwdxorUvZIM1jMyIV/ci9XKwbJ+A157+4xMe1E7uPRH0K pa7SsFXQrvQPjOnMavqRmIl9/5C1tHaO+Q== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZS7duHDR+WiXnsHTkem uVjPBAK+PmNChJCnn8xXSPPjEBWBwE5Huv5XPoqTBsjMR239B9A2wxIRkX0AeKYy Sxyb7l/uK7k/7ZjpEwEkDrws8evzhE6NjbTKDbQsTBFkFX8Pbir+Dy18Hr7y8ngb q9sKO2haSMI/1SRMmH7b6E4QlBGSWnGmsaZkpB3lvKso4DykA95EV140K7IkNYgy qqRFbvG4XDnghS1rBLAKWoXvlqD75GfEp+UvUzyfk9+W/twgKSm/C2AtHNK9daOk ttixgfDuGBkz35FxU1LUd3eOEYN9Sc7LeVxceeAbXH74aY2vuem0f4S1WbPWmZ/Y bQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 53069814514413031914048061345746955079 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-02-27 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-29 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'District Of Columbia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Washington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'US Department of State' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'IIP' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'cert5.state.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22417522601130217504351866909377705521146344517721409149960909574561767444168949570145005006058322610206257088877950350478528845616207276490137830074822837372000731879477099193691676771597030815246105141852139703581940271979323049386614447984517810539266531514994051413986895459190310538862231764767895601757512089608705585355178097293251628483690929475110787629138936798274866325099628578131770532511821925746211171588435252135251323868778852899590057869436027392059925432135474362926795812701580344244850594327225980498983912858173271595853557899095639318591369799644840864946632929354971850395804761321175617886317 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (201 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.diplomaticsecurity.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dsmemorial.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.keystonepipeline-xl.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'china.usembassy-china.org.cn' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.oig.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.arabianpeninsula.mepi.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cert5.state.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (149 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d26ff796f4853f723c307d23da85789ba37c5a7c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007500ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015a80963832000004030046304402202599fcb08dbf5812ddffab7a8c5b3e774aee128470f9182233904f511e7baabc022035ea677d3bd3388654b3346fc576ab8e00afae95573b4d03559958139836db58007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015a8096385b0000040300473045022100a0b8b720ef8d3fa255486a65c87ab5aa74e20bcb3b6407a2cdbf51bf0854a11b02200db2cc590f68e9dcd41698cb9aa53a5e898681f85b6b0855ea9de3e259621b26007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000015a80963a31000004030047304502203b91d2e18a302ddea4169bc18f59826fa705b8204251cbe3f36b73297b9a48e60221008d3b28bdab27e906dddf92ee1b637c3c0fb79c69b1e521d4a4f185f433ed7108 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004ae08fd7d3f071f9eedf48ad0b0ddf5a3126005466caf1ce54c8a39d7ff9da39e667c09975290015e96a84a099e1f99f57260bff5070f8c1318b897b4fb0467c5512b9cdec29f7e8647d714f28e6bf3d9f24415908f57cdb707e1adce37669f598af1932d6c82b551fae92d6ee9c004be838138e66a26394ee50fecb71475e2acec88fca0bb34bb1eac2a88f70ac76d8f1cc6a22a571f5ca173f9f206bca594c7ae5ede2317145d9cb755705d8d6dfc77f22773c0a35ca8dc379975241a4807f66ad47d2ca25c1dc68ad4bd920cd63332215fdc8bd5cac1b27e035e7bfb8c4c7b513bb8f447d0aa5aed2b055d0aef40f8ce9cc6afa9198897dff90b5b4768ef9