lyweb01.cma.gov.uk
Issued by GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
About this certificate
This digital certificate with serial number 02:1f:6f:2e:88:e7:ab:1f:15:9f:b6:bb:96:bc:cc:1d was issued on by DigiCert Inc.
With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=lyweb01.cma.gov.uk
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 02:1f:6f:2e:88:e7:ab:1f:15:9f:b6:bb:96:bc:cc:1dSerial Number (int): 2821672228515923691978357547833543709
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: 72:2e:79:5b:ee:f2:95:44:54:f0:be:8f:fb:0b:8d:a3:88:90:1e:36
AuthorityKeyId: 12:c9:88:9b:2f:c9:44:7a:7d:12:f1:df:40:03:42:98:92:c7:24:d6
Fingerprint (sha1): e4:e8:5d:3d:f7:d3:4b:62:e9:03:2a:f9:e3:0c:f4:ca:c3:23:ce:f8
Fingerprint (sha256): 09:75:4d:50:93:fc:b7:f5:7d:01:a5:a7:1e:75:1c:36:a5:97:a0:91:55:e7:76:19:5d:c4:fb:2b:6a:25:f7:e6
Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1-1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1-1.crl
Check the revocation status for certificate lyweb01.cma.gov.uk
7
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lyweb01.cma.gov.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
lyweb01.cma.gov.uk
lyweb02.cma.gov.uk
wac01.cma.gov.uk
wac02.cma.gov.uk
dialin.cma.gov.uk
meet.cma.gov.uk
lyncdiscover.cma.gov.uk
lyweb02.cma.gov.uk
wac01.cma.gov.uk
wac02.cma.gov.uk
dialin.cma.gov.uk
meet.cma.gov.uk
lyncdiscover.cma.gov.uk
Other certificates including the domain name cma.gov.uk
(limited to 100 certificates)
access01.cma.gov.uk
*.cma.gov.uk
sts.cma.gov.uk
lyweb01.cma.gov.uk
aovpn.cma.gov.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
vpn.cmaonline.org.uk
sftp-dfis.cma.gov.uk
mail.cma.gov.uk
access01.cma.gov.uk
access02.cma.gov.uk
access02.cma.gov.uk
mail.cma.gov.uk
sts.cma.gov.uk
*.cma.gov.uk
aovpn.cma.gov.uk
sts.cma.gov.uk
vpn.cmaonline.org.uk
*.cma.gov.uk
mail.cma.gov.uk
aovpn.cma.gov.uk
vpn.cmaonline.org.uk
*.cma.gov.uk
sts.cma.gov.uk
data.cma.gov.uk
lyweb01.cma.gov.uk
lyweb01.cma.gov.uk
vpn.cmaonline.org.uk
*.cma.gov.uk
sts.cma.gov.uk
lyweb01.cma.gov.uk
aovpn.cma.gov.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
vpn.cmaonline.org.uk
sftp-dfis.cma.gov.uk
mail.cma.gov.uk
access01.cma.gov.uk
access02.cma.gov.uk
access02.cma.gov.uk
mail.cma.gov.uk
sts.cma.gov.uk
*.cma.gov.uk
aovpn.cma.gov.uk
sts.cma.gov.uk
vpn.cmaonline.org.uk
*.cma.gov.uk
mail.cma.gov.uk
aovpn.cma.gov.uk
vpn.cmaonline.org.uk
*.cma.gov.uk
sts.cma.gov.uk
data.cma.gov.uk
lyweb01.cma.gov.uk
lyweb01.cma.gov.uk
vpn.cmaonline.org.uk
Certificate
The complete raw certificate details for lyweb01.cma.gov.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHAzCCBeugAwIBAgIQAh9vLojnqx8Vn7a7lrzMHTANBgkqhkiG9w0BAQsFADBZ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypH ZW9UcnVzdCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjIw NTE3MDAwMDAwWhcNMjMwNTMxMjM1OTU5WjAdMRswGQYDVQQDExJseXdlYjAxLmNt YS5nb3YudWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsZTwBzvtu Wp0T3PO3suAkkh40fZuUJnechz42cB7PaLQ6rZJUfYbFZGw/N3PRZJDkmVCY2r3+ EGgTCOE9HCA0xCRQdNHvGF62Fqe0tqUv6x1gjpq1JbiEBw0ouOz+Jo4S6lutEX7V nRV47Vz/9Y6kbsPvgSI8oVCOdFLBHXGcSgqbWXY6Yws/F97MkDKkEosT49rlWHcx VmxAo9pprX+7DG28nvt1tE0AcoIfjYBiDEJoBIdjbc3uhQOHClbqcSLUXvTwNiiT WovRVczSiBCCOMxtvrAlFKeq3qzhwEMGew473hzLg6umjB5F+ow5FzXELdhDSx7d NuUIl4XV/t/NAgMBAAGjggQBMIID/TAfBgNVHSMEGDAWgBQSyYibL8lEen0S8d9A A0KYksck1jAdBgNVHQ4EFgQUci55W+7ylURU8L6P+wuNo4iQHjYwgZQGA1UdEQSB jDCBiYISbHl3ZWIwMS5jbWEuZ292LnVrghJseXdlYjAyLmNtYS5nb3YudWuCEHdh YzAxLmNtYS5nb3YudWuCEHdhYzAyLmNtYS5nb3YudWuCEWRpYWxpbi5jbWEuZ292 LnVrgg9tZWV0LmNtYS5nb3YudWuCF2x5bmNkaXNjb3Zlci5jbWEuZ292LnVrMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgZ8G A1UdHwSBlzCBlDBIoEagRIZCaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0dlb1Ry dXN0VExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0xLTEuY3JsMEigRqBEhkJodHRw Oi8vY3JsNC5kaWdpY2VydC5jb20vR2VvVHJ1c3RUTFNEVlJTQU1peGVkU0hBMjU2 MjAyMENBLTEtMS5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgEwKTAnBggrBgEFBQcC ARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGFBggrBgEFBQcBAQR5MHcw JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBPBggrBgEFBQcw AoZDaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0dlb1RydXN0VExTRFZSU0FN aXhlZFNIQTI1NjIwMjBDQS0xLmNydDAJBgNVHRMEAjAAMIIBfgYKKwYBBAHWeQIE AgSCAW4EggFqAWgAdgDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAA AYDRpGIiAAAEAwBHMEUCIAgYSSdTsiyNnK2Mv/UWTaldQIqRwpw0bP0fk0h8yVz8 AiEAwY7mBTbb1c97UI0ZGPXUV1TP9W7TOFDRlmYB1svCwPEAdwA1zxkbv7FsV78P rUxtQsu7ticgJlHqP+Eq76gDwzvWTAAAAYDRpGI4AAAEAwBIMEYCIQChIoxDusGg 0K8bVLfJLXKV1a9S8roK6twP21khWRJ+5wIhAMdHjAd3duGFWC4MCjeL+LpSk2GQ Lk7/tnSw1Zp9oMS8AHUAtz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkA AAGA0aRiLwAABAMARjBEAiBY2HaDgwOe8AHKEJ7VOCcbXVbJuN3rYnmm39ZDq5xw aQIgacZgptzUQWCP44b/wM5dWgpgpc35/mADnfApMR0d1swwDQYJKoZIhvcNAQEL BQADggEBAGAoK91OHjGqNVzeXP4w0u8dOdb6c6CBnLs6R4oUMmuFYyPzrebtX6hE xrlUSpV6SxTDPixIAAT7+EtAxuLt3hDqkKhBqZl5ZMOFE3e/g1V0Afu8geYWVn/Q l3onIQWOSx1BRY24cp+b1IhPl2hF4vTskA3YOhn/K08bdXsjzPDoIMiqHZNseezG EKjMJXHU4MBmHgweqRrPt6dHV031aB0h2HniJ/0kmbSwjlScFlYCYEME/FtXfU+/ DTKH9uSgH33vn4hzgkiLWGgkzEiTgcYckgXUOiKsSRL4o4710lL3gWdZN4MHqGMJ HYcYa4NqdchYJSwNI7MHVFUjWVpnvzo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGU8Ac77blqdE9zzt7Lg JJIeNH2blCZ3nIc+NnAez2i0Oq2SVH2GxWRsPzdz0WSQ5JlQmNq9/hBoEwjhPRwg NMQkUHTR7xhethantLalL+sdYI6atSW4hAcNKLjs/iaOEupbrRF+1Z0VeO1c//WO pG7D74EiPKFQjnRSwR1xnEoKm1l2OmMLPxfezJAypBKLE+Pa5Vh3MVZsQKPaaa1/ uwxtvJ77dbRNAHKCH42AYgxCaASHY23N7oUDhwpW6nEi1F708DYok1qL0VXM0ogQ gjjMbb6wJRSnqt6s4cBDBnsOO94cy4OrpoweRfqMORc1xC3YQ0se3TblCJeF1f7f zQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2821672228515923691978357547833543709 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-05-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-31 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lyweb01.cma.gov.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21762908998646287356155556431814248600724692456106854733644468287883495701851698018690290711289221562011870479235076727374137837556975094483579985628959489283976139375146214868315565315107619950568122042534462921872628124746768105589554406891352145252037492842591785273643425510283516596583495820328580013113231455854383147869395928353913760797488880535170045774987254566267831236457526905876053079183699343451664294170139541764843528691538028288548037530593263950658289707283319442541484140433510570660967952467284815465460694953942194813571746364527545981094491677565467214285217420924569402995678837894014694252493 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 12c9889b2fc9447a7d12f1df4003429892c724d6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 722e795beef2954454f0be8ffb0b8da388901e36 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (140 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lyweb01.cma.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lyweb02.cma.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wac01.cma.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wac02.cma.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dialin.cma.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'meet.cma.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lyncdiscover.cma.gov.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1-1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000180d1a46222000004030047304502200818492753b22c8d9cad8cbff5164da95d408a91c29c346cfd1f93487cc95cfc022100c18ee60536dbd5cf7b508d1918f5d45754cff56ed33850d1966601d6cbc2c0f100770035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c00000180d1a462380000040300483046022100a1228c43bac1a0d0af1b54b7c92d7295d5af52f2ba0aeadc0fdb592159127ee7022100c7478c077776e185582e0c0a378bf8ba529361902e4effb674b0d59a7da0c4bc007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000180d1a4622f0000040300463044022058d8768383039ef001ca109ed538271b5d56c9b8ddeb6279a6dfd643ab9c7069022069c660a6dcd441608fe386ffc0ce5d5a0a60a5cdf9fe60039df029311d1dd6cc . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0060282bdd4e1e31aa355cde5cfe30d2ef1d39d6fa73a0819cbb3a478a14326b856323f3ade6ed5fa844c6b9544a957a4b14c33e2c480004fbf84b40c6e2edde10ea90a841a9997964c3851377bf83557401fbbc81e616567fd0977a2721058e4b1d41458db8729f9bd4884f976845e2f4ec900dd83a19ff2b4f1b757b23ccf0e820c8aa1d936c79ecc610a8cc2571d4e0c0661e0c1ea91acfb7a747574df5681d21d879e227fd2499b4b08e549c165602604304fc5b577d4fbf0d3287f6e4a01f7def9f887382488b586824cc489381c61c9205d43a22ac4912f8a38ef5d252f7816759378307a863091d87186b836a75c858252c0d23b307545523595a67bf3a