goals.governor.pa.gov
Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1
About this certificate
This digital certificate with serial number 06:47:ca:25:a1:d0:4e:df:05:6b:ba:42:21:73:e5:89 was issued on by DigiCert, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=goals.governor.pa.gov
DigiCert, Inc.
Organization:
DigiCert, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 06:47:ca:25:a1:d0:4e:df:05:6b:ba:42:21:73:e5:89Serial Number (int): 8348121079926334274571237695417476489
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 8d:bb:fa:47:69:16:39:6f:1e:f7:25:cd:5f:1a:ad:b6:d2:d9:dc:96
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23
Fingerprint (sha1): be:8c:4d:74:c3:ec:58:5a:f5:a9:5d:c4:5b:40:96:fc:91:ed:8f:34
Fingerprint (sha256): 06:ca:d2:c5:21:cc:fb:e8:99:30:24:87:4d:2d:f4:36:bb:c6:5d:d2:74:10:c4:99:a3:d5:0a:93:3a:b0:20:b0
Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
Check the revocation status for certificate goals.governor.pa.gov
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for goals.governor.pa.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
goals.governor.pa.gov
Other certificates including the domain name pa.gov
(limited to 100 certificates)
www.penndotesafety.pa.gov
www.puc.state.pa.us
www.dotdom3.state.pa.us
www.uctax.beta.pa.gov
forms.dced.pa.gov
www.crashinfo.penndot.gov
forms.dced.pa.gov
www.snet.jnet.pa.gov
www.bpp.ob.pa.gov
ESECagSANCertProd.dot.pa.gov
www.swifpay.pa.gov
dliimagesua.pa.gov
pasmallbiz.dced.pa.gov
openscapewebconfw2.pa.gov
forms.dced.pa.gov
www.cfrs.pa.gov
padlsonline.pa.gov
www.ethics.pa.gov
PUC.eServices-DOT-CarrierID.pa.gov
www.oig.pa.gov
www.compas.dli.pa.gov
forms.dced.pa.gov
www.dlisecureweb.pa.gov
dsemms.pa.gov
ESECagSANCertSyst.dot.pa.gov
portal.pccd.beta.pa.gov
sts.beta.pa.gov
www.notaryreg.pa.gov
www.scicoll.pa.gov
ws.jnet.beta.pa.gov
spapps.pa.gov
gis.penndot.gov
www.portalxl.jnet.pa.gov
www.jobgatewaytr.pa.gov
docs.dcnr.pa.gov
www.pawatersupplyservicearea.pa.gov
services.dcnr.uat.pa.gov
www.puc.state.pa.us
*.pa.gov
www.inet.jnet.pa.gov
SMProxySANCertPROD.dot.pa.gov
events.dcnr.pa.gov
forms.dced.pa.gov
www.PaFoodSafety.beta.pa.gov
www.employment.pa.gov
sais.health.pa.gov
mail01.pa.gov
www.uctax-reg.beta.pa.gov
*.openrecords.pa.gov
www.agtrans.pa.gov
www.idprovider.dev.pa.gov
dynxrm.dev.pa.gov
www.dos.pa.gov
forms.dced.pa.gov
www.agtrans.state.pa.us
www.lcb.pa.gov
www.cupss.pa.gov
dev-bppcs.pd.pa.gov
www.campaignfinanceonline.beta.pa.gov
mysite.pa.gov
www.agriculture.pa.gov
www.gis.dcnr.beta.state.pa.us
www.rbaprovider.pa.gov
fdcbids.dcnr.pa.gov
www.PAFoodSafety.pa.gov
dced.pa.gov
damageprevention.puc.pa.gov
www.wcais.pa.gov
www.penndotesafetyqat.pa.gov
*.cor.beta.pa.gov
greenport.dev.pa.gov
staffalert.pa.gov
SMProxySANCertProd.dot.pa.gov
www.pcssmuat.dot.pa.gov
www.boardofappeals.state.pa.us
mysites.pa.gov
www.pgc.pa.gov
www.erstest.health.pa.gov
www.mypdeapps.pa.gov
osfc.sfa.pa.gov
edwin.dcnr.pa.gov
forms.dced.pa.gov
www.iwacs.phmc.pa.gov
ESECSanCertProd128.dot.pa.gov
apps.pwp.pa.gov
www.dominoextsyst.pa.gov
boe.ebr.uat.pa.gov
dynxrm.pa.gov
www.corporations.pa.gov
www.pawatersupplyservicearea.pa.gov
goals.governor.pa.gov
ndxs-dev.dhs.pa.gov
www.dot16.pa.gov
mysites.pa.gov
forms.dced.pa.gov
WWW.HHSLOGIN.DHS.PA.GOV
uat.esms.pa.gov
ppd.brokerportal.SWIF.pa.gov
ESECagSANCertSyst.dot.pa.gov
sureaddress.dev.pa.gov
www.puc.state.pa.us
www.dotdom3.state.pa.us
www.uctax.beta.pa.gov
forms.dced.pa.gov
www.crashinfo.penndot.gov
forms.dced.pa.gov
www.snet.jnet.pa.gov
www.bpp.ob.pa.gov
ESECagSANCertProd.dot.pa.gov
www.swifpay.pa.gov
dliimagesua.pa.gov
pasmallbiz.dced.pa.gov
openscapewebconfw2.pa.gov
forms.dced.pa.gov
www.cfrs.pa.gov
padlsonline.pa.gov
www.ethics.pa.gov
PUC.eServices-DOT-CarrierID.pa.gov
www.oig.pa.gov
www.compas.dli.pa.gov
forms.dced.pa.gov
www.dlisecureweb.pa.gov
dsemms.pa.gov
ESECagSANCertSyst.dot.pa.gov
portal.pccd.beta.pa.gov
sts.beta.pa.gov
www.notaryreg.pa.gov
www.scicoll.pa.gov
ws.jnet.beta.pa.gov
spapps.pa.gov
gis.penndot.gov
www.portalxl.jnet.pa.gov
www.jobgatewaytr.pa.gov
docs.dcnr.pa.gov
www.pawatersupplyservicearea.pa.gov
services.dcnr.uat.pa.gov
www.puc.state.pa.us
*.pa.gov
www.inet.jnet.pa.gov
SMProxySANCertPROD.dot.pa.gov
events.dcnr.pa.gov
forms.dced.pa.gov
www.PaFoodSafety.beta.pa.gov
www.employment.pa.gov
sais.health.pa.gov
mail01.pa.gov
www.uctax-reg.beta.pa.gov
*.openrecords.pa.gov
www.agtrans.pa.gov
www.idprovider.dev.pa.gov
dynxrm.dev.pa.gov
www.dos.pa.gov
forms.dced.pa.gov
www.agtrans.state.pa.us
www.lcb.pa.gov
www.cupss.pa.gov
dev-bppcs.pd.pa.gov
www.campaignfinanceonline.beta.pa.gov
mysite.pa.gov
www.agriculture.pa.gov
www.gis.dcnr.beta.state.pa.us
www.rbaprovider.pa.gov
fdcbids.dcnr.pa.gov
www.PAFoodSafety.pa.gov
dced.pa.gov
damageprevention.puc.pa.gov
www.wcais.pa.gov
www.penndotesafetyqat.pa.gov
*.cor.beta.pa.gov
greenport.dev.pa.gov
staffalert.pa.gov
SMProxySANCertProd.dot.pa.gov
www.pcssmuat.dot.pa.gov
www.boardofappeals.state.pa.us
mysites.pa.gov
www.pgc.pa.gov
www.erstest.health.pa.gov
www.mypdeapps.pa.gov
osfc.sfa.pa.gov
edwin.dcnr.pa.gov
forms.dced.pa.gov
www.iwacs.phmc.pa.gov
ESECSanCertProd128.dot.pa.gov
apps.pwp.pa.gov
www.dominoextsyst.pa.gov
boe.ebr.uat.pa.gov
dynxrm.pa.gov
www.corporations.pa.gov
www.pawatersupplyservicearea.pa.gov
goals.governor.pa.gov
ndxs-dev.dhs.pa.gov
www.dot16.pa.gov
mysites.pa.gov
forms.dced.pa.gov
WWW.HHSLOGIN.DHS.PA.GOV
uat.esms.pa.gov
ppd.brokerportal.SWIF.pa.gov
ESECagSANCertSyst.dot.pa.gov
sureaddress.dev.pa.gov
Certificate
The complete raw certificate details for goals.governor.pa.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHlzCCBX+gAwIBAgIQBkfKJaHQTt8Fa7pCIXPliTANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN MjMwOTMwMDAwMDAwWhcNMjQwMzMwMjM1OTU5WjAgMR4wHAYDVQQDExVnb2Fscy5n b3Zlcm5vci5wYS5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD bX9sJio2u2bbNQa9c5q8xXgTYV3+++EVbLChHFxr5SYLmG94nUwV+E32kvHFVgg/ LUMA3rXrnOUhG0plLLDSGkXi1wSoV51Vz3KGCp/aecMFC43V0hwvfOfU6gLiOnhp qCCRgZ+D23IhNelPxZN9fqAgGE4rTyjOJVb3VHb/ibGJzRLl0utgqojgVxfrWUyM +9sUz23DV9B7Cf2TIcM1XzdHj/wK5T7fJfhGylxSeopM2Xs+uf5tHkpuMTn6Ktyf +/f8iPB8vBlNP9V9gpfzkZl7idfgU73Q6n1snWy8RAzpWoNDo7129ZNb2itL/Tqc Fenlbva9Nq23D5cAj9jdAgMBAAGjggOPMIIDizAfBgNVHSMEGDAWgBSltNbrNsTn a6bfxGQLASogBLhmIzAdBgNVHQ4EFgQUjbv6R2kWOW8e9yXNXxqtttLZ3JYwIAYD VR0RBBkwF4IVZ29hbHMuZ292ZXJub3IucGEuZ292MD4GA1UdIAQ3MDUwMwYGZ4EM AQIBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGf BgNVHR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9HZW9U cnVzdEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNybDBIoEagRIZCaHR0 cDovL2NybDQuZGlnaWNlcnQuY29tL0dlb1RydXN0R2xvYmFsVExTUlNBNDA5NlNI QTI1NjIwMjJDQTEuY3JsMIGHBggrBgEFBQcBAQR7MHkwJAYIKwYBBQUHMAGGGGh0 dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBRBggrBgEFBQcwAoZFaHR0cDovL2NhY2Vy dHMuZGlnaWNlcnQuY29tL0dlb1RydXN0R2xvYmFsVExTUlNBNDA5NlNIQTI1NjIw MjJDQTEuY3J0MAwGA1UdEwEB/wQCMAAwggF8BgorBgEEAdZ5AgQCBIIBbASCAWgB ZgB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABiuV/UPYAAAQD AEcwRQIhANtNeOAwhvH7bhQjrItHSbp3h0cQIDBQ1HjFqs5em/HWAiBbOqoEODB/ ZO7JNoSGoMoUMdpHK2mYJ1XfiwgDWcAVMAB1AEiw42vapkc0D+VqAvqdMOscUgHL Vt0sgdm7v6s52IRzAAABiuV/UNgAAAQDAEYwRAIgRTGCSh99WsXzRJyDu445jDPP q44k7+bNH8ayhSXaGisCIHFVtEjAH4XksFmHhnMj9vZ6GpG/h4Zwlt+d2Zfw/Uol AHUA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGK5X9QlgAABAMA RjBEAiA5knqPOJCy/krUY9MSTPg4zsRSOHMPPkkm0plbMax4VAIgJbz/w0PAWwEQ lM7clr2cH9ROmeorKWNIf2hQ0E15pM0wDQYJKoZIhvcNAQELBQADggIBAJgUKS/W fUIbLRtP2aQvtwbZGYCGm5oFxZqut27I9tR3LhziDjIe6YqpUEZmwxBP1L8wMs/F 5cr8ZYEatcxsqXD3lSich19mrZxgkH/H5G/SO71yQ9jK3w2HLohFSwns0p66kZWt EfqE7GI64BKh1/8Ytm/4DWGbBSCVbSw8/WWR/AeqFA1/vuFbSRJnqslrrKl3+aDB aotW7bXmeuMtbsajb8Y3l6FoWUrRnCNKc5ghpl8pJ8S7KanmSA2kQ8ibDh1ggFHn pEqvK8O4OZtbWFnbRKC56e/qUOAIdkJAGwFmDjDqpeoruXpOZdAMNduHVwRuefx9 a6DpJQiEmS7EUNgv29qBSY0pISj3RX6IU/5+3h3net4qAKug8pILszW/P+kRKpmc QP9JfSCwPoVa2UK9T2O3cR4HVnBxTGl/nvTXTExMclLe2lwdq3Vc8hNN8CslLMSV dG/RGm4WNandNxE9r8U4wmeYrbGSQmE/3g9WEkqWbT4as0e4jwUMENqhdUHQp3xi ihYGbPRJR+nrBnZOYmpSwGrnmPk0zVZbLOBtuqrAZbfg3TDhlzpF0O+Ahsa8slKH 49QYqzJSbY51t5/rD0wVNu5bFhJd3Ihy3RQ8dI13ygFDK3cWPknbY6IWzATHFkHw jbqSJe0Ty9QVA1KuWtS2LpNACS3B24Ri3OBF -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw21/bCYqNrtm2zUGvXOa vMV4E2Fd/vvhFWywoRxca+UmC5hveJ1MFfhN9pLxxVYIPy1DAN6165zlIRtKZSyw 0hpF4tcEqFedVc9yhgqf2nnDBQuN1dIcL3zn1OoC4jp4aaggkYGfg9tyITXpT8WT fX6gIBhOK08oziVW91R2/4mxic0S5dLrYKqI4FcX61lMjPvbFM9tw1fQewn9kyHD NV83R4/8CuU+3yX4RspcUnqKTNl7Prn+bR5KbjE5+ircn/v3/IjwfLwZTT/VfYKX 85GZe4nX4FO90Op9bJ1svEQM6VqDQ6O9dvWTW9orS/06nBXp5W72vTattw+XAI/Y 3QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 8348121079926334274571237695417476489 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-30 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-30 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'goals.governor.pa.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24670464818369276026021852559098399367892369007840070014599959559580951040691132648404665885232306026114042519495511510114037717905336903876217692150146355259163261946109711554243572222548508149948277144499640718839293960868295602795022405309138721354763333555474414459225678194703663388777208674217074462392596709045103978383927532981323338300214255181066696820130103789757946223023282448453819656675458368290169123379226817463138209129501168969548412396665759893757446555530637350021928280130464632292423114398182082348309764576747089188227577123079126613444186659319179423201086494300926213017337013567143355078877 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8dbbfa476916396f1ef725cd5f1aadb6d2d9dc96 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'goals.governor.pa.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 0166007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018ae57f50f60000040300473045022100db4d78e03086f1fb6e1423ac8b4749ba77874710203050d478c5aace5e9bf1d602205b3aaa0438307f64eec9368486a0ca1431da472b69982755df8b080359c0153000750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ae57f50d8000004030046304402204531824a1f7d5ac5f3449c83bb8e398c33cfab8e24efe6cd1fc6b28525da1a2b02207155b448c01f85e4b05987867323f6f67a1a91bf87867096df9dd997f0fd4a25007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018ae57f50960000040300463044022039927a8f3890b2fe4ad463d3124cf838cec45238730f3e4926d2995b31ac7854022025bcffc343c05b011094cedc96bd9c1fd44e99ea2b2963487f6850d04d79a4cd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 009814292fd67d421b2d1b4fd9a42fb706d91980869b9a05c59aaeb76ec8f6d4772e1ce20e321ee98aa9504666c3104fd4bf3032cfc5e5cafc65811ab5cc6ca970f795289c875f66ad9c60907fc7e46fd23bbd7243d8cadf0d872e88454b09ecd29eba9195ad11fa84ec623ae012a1d7ff18b66ff80d619b0520956d2c3cfd6591fc07aa140d7fbee15b491267aac96baca977f9a0c16a8b56edb5e67ae32d6ec6a36fc63797a168594ad19c234a739821a65f2927c4bb29a9e6480da443c89b0e1d608051e7a44aaf2bc3b8399b5b5859db44a0b9e9efea50e0087642401b01660e30eaa5ea2bb97a4e65d00c35db8757046e79fc7d6ba0e9250884992ec450d82fdbda81498d292128f7457e8853fe7ede1de77ade2a00aba0f2920bb335bf3fe9112a999c40ff497d20b03e855ad942bd4f63b7711e075670714c697f9ef4d74c4c4c7252deda5c1dab755cf2134df02b252cc495746fd11a6e1635a9dd37113dafc538c26798adb19242613fde0f56124a966d3e1ab347b88f050c10daa17541d0a77c628a16066cf44947e9eb06764e626a52c06ae798f934cd565b2ce06dbaaac065b7e0dd30e1973a45d0ef8086c6bcb25287e3d418ab32526d8e75b79feb0f4c1536ee5b16125ddc8872dd143c748d77ca01432b77163e49db63a216cc04c71641f08dba9225ed13cbd4150352ae5ad4b62e9340092dc1db8462dce045