aptistraining.britishcouncil.org

Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1

About this certificate

This digital certificate with serial number 0a:8f:d7:67:ac:59:f0:c4:a5:ac:7d:f3:8b:2b:ce:c6 was issued on by DigiCert, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=aptistraining.britishcouncil.org

DigiCert, Inc.

Organization: DigiCert, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:8f:d7:67:ac:59:f0:c4:a5:ac:7d:f3:8b:2b:ce:c6
Serial Number (int): 14039147340525316240958688548287663814
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 2e:3c:6a:4d:b4:6b:fe:52:c9:92:06:c3:35:66:72:ad:d1:a5:a8:21
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23

Fingerprint (sha1): b9:46:a6:8f:60:7d:f6:3a:f6:c1:ff:0d:db:56:51:d5:e5:60:7a:26
Fingerprint (sha256): 0a:2b:22:67:64:b7:e3:cf:51:b3:b2:4d:2e:29:bc:03:d4:d3:86:ac:80:21:07:89:cf:7d:31:02:cf:a3:e8:6b

Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl

Check the revocation status for certificate aptistraining.britishcouncil.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for aptistraining.britishcouncil.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

aptistraining.britishcouncil.org

Other certificates including the domain name britishcouncil.org

(limited to 100 certificates)
statuspage.io
survey.britishcouncil.org
primaryplus.britishcouncil.org
dns-vetting1-mims-pawel.map.fastly.net
taqaddam-tasters.britishcouncil.org
accreditation.lumanity.com
bcppx.fabs.britishcouncil.org
e2.shared.global.fastly.net
f.ssl.fastly.net
alumnicredentials.kcl.ac.uk
www.mylibrary.britishcouncil.org
e2.shared.global.fastly.net
a2.ssl.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
vst.britishcouncil.org
monitor.jumio.com
domains.clickmeter.com
monitor.jumio.com
achievements.launchyou.com
agent-training.britishcouncil.org
roam2.britishcouncil.org
dns-vetting1-mims-pawel.map.fastly.net
f.ssl.fastly.net
literature.britishcouncil.org
achievements.launchyou.com
distribution-status.rbb-online.de
e2.shared.global.fastly.net
*.BritishCouncil.org
examinertraining.britishcouncil.org
e2.shared.global.fastly.net
americas.portal.britishcouncil.org
literature.britishcouncil.org
e2.shared.global.fastly.net
e2.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
careers.britishcouncil.org
school-partner-finder.britishcouncil.org
school-partner-finder.britishcouncil.org
reportcp-uat.britishcouncil.org
dns-vetting1-mims-pawel.map.fastly.net
accreditation.lumanity.com
*.britishcouncil.org
centresupport.britishcouncil.org
monitor.jumio.com
statuspage.io
e2.shared.global.fastly.net
*.britishcouncil.org
statuspage.io
dns-vetting1-mims-pawel.map.fastly.net
*.professionalskills.britishcouncil.org
e2.shared.global.fastly.net
a2.ssl.fastly.net
statuspage.io
*.britishcouncil.org
achievements.launchyou.com
statuspage.io
brandhub.britishcouncil.org
*.sms.britishcouncil.org
a2.ssl.fastly.net
apply.gmt.britishcouncil.org
statuspage.io
spainportal.britishcouncil.org
malaysia.ielts.britishcouncil.org
edinburghshowcase.britishcouncil.org
taqaddam.britishcouncil.org
*.britishcouncil.org
*.britishcouncil.org
achievements.launchyou.com
statuspage.io
ssl514874.cloudflaressl.com
statuspage.io
statuspage.io
taqaddam-tasters.britishcouncil.org
1001ways.britishcouncil.org
f.ssl.fastly.net
accreditation.lumanity.com
statuspage.io
f.ssl.fastly.net
f.ssl.fastly.net
statuspage.io
dns-vetting1-mims-pawel.map.fastly.net
5694979263430656-fe3.pantheonsite.io
e2.shared.global.fastly.net
apply.gmt.britishcouncil.org
aptistraining.britishcouncil.org
e2.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
taqaddam.britishcouncil.org
statuspage.io
e2.shared.global.fastly.net
f.ssl.fastly.net
accreditation.lumanity.com
statuspage.io
dns-vetting1-mims-pawel.map.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
distribution-status.rbb-online.de
statuspage.io
statuspage.io
edinburghshowcase.britishcouncil.org
taqaddam.britishcouncil.org

Certificate

The complete raw certificate details for aptistraining.britishcouncil.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHqTCCBZGgAwIBAgIQCo/XZ6xZ8MSlrH3ziyvOxjANBgkqhkiG9w0BAQsFADBc
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT
K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN
MjMwNzMxMDAwMDAwWhcNMjQwMTMxMjM1OTU5WjArMSkwJwYDVQQDEyBhcHRpc3Ry
YWluaW5nLmJyaXRpc2hjb3VuY2lsLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKUf5TY8sOi7qvOgolFT698YrWy/JM6DriECyB03QetCi780PnqI
vxPcGVTD9mcLk8n5rtkM/3wm1yn4PU/qmFOBCddTJ3Y3NV+o8V6Lk3COUR1Q2hee
VlFGTAgecFvI1F07zszFjTgmVCoOdr5BUjfjF1upWSsrz+dXaqz9CW+gSUcnUb9U
/nx0lwIqPr7VDZ4oKmfEmY8z8We0rsn+JYooQzuHHHgVwsOj91+qmqQBW0qmLCKc
OZ95xUxhHo5oD1tbkHF1xymit1twfsEOE8O3ylBJ8IH93gGpPbIWmXzMLvQkZcii
baEpGW7jyV6oLxL4SjJ0Ra3PEM7pmDVV25kCAwEAAaOCA5YwggOSMB8GA1UdIwQY
MBaAFKW01us2xOdrpt/EZAsBKiAEuGYjMB0GA1UdDgQWBBQuPGpNtGv+UsmSBsM1
ZnKt0aWoITArBgNVHREEJDAigiBhcHRpc3RyYWluaW5nLmJyaXRpc2hjb3VuY2ls
Lm9yZzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
BwMCMIGfBgNVHR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNv
bS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNybDBIoEag
RIZCaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0dlb1RydXN0R2xvYmFsVExTUlNB
NDA5NlNIQTI1NjIwMjJDQTEuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQIBMCkwJwYI
KwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBhwYIKwYBBQUH
AQEEezB5MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUQYI
KwYBBQUHMAKGRWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEds
b2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNydDAJBgNVHRMEAjAAMIIBewYK
KwYBBAHWeQIEAgSCAWsEggFnAWUAdQDuzdBk1dsazsVct520zROiModGfLzs3sNR
SFlGcR+1mwAAAYmree0UAAAEAwBGMEQCICEW+/rBduMO/RZPBF/CFqdlSvoTe/rG
OFzcPSdohr9CAiBbDaVsPLfRqOcIAt+8dXtfZEcmY7LtysofwMg6hYobhgB1AEiw
42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABiat57S0AAAQDAEYwRAIg
ZojoJAYvZJJDCwY2rKJ7U5RjTLQ1upbBy3ga0iOsh3MCIHK2OlGjAyPX9pkJE94a
ZFOrvOhszkj4HK03jEkuizj+AHUA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9
MEjX+6sAAAGJq3ns3QAABAMARjBEAiBwOq6FSzv7Imowx+qsDMimzbm+DltW57c1
B1HsfJRrWwIgdOS/8TlaNO0VBOLt2pxFwN53W2l64MZT/IE89FUMA+8wDQYJKoZI
hvcNAQELBQADggIBABNnO3uQvqU2orqskU+Olbc+cD2vyg+/f5N0n+b76k8oX9U3
u3oj4uOEOf+w1fP9OoRgdN4IPPvqhn6LB8Li++hczX4haXkxhW5meTiXGikkeT33
NXzAAEmSirfeKaeHI5EwOnxL3NzBupgQUXiaPydzZLpgVppaB7eqQXn9XVYdKown
b3fa9SGK7gpV9D/YOe1McWQzzgxppOxDivO4KMWMApP5FxBfOC01kDzCCx6LEXjF
8XwxKFcbdDyOIy04TDNNXHTD/HE/kAw57chbHjDiynefnun3enFjLryXzO7wbX3Z
3/qgayGLugJwzULz7VFqful6fApvzwfk2YzA5f0PWQdX+ysWdaDkL1pE9B7494c5
nry5ijl/Oc78GhZBlIMPj/5lzaTRAcJQ02+/pj5SJoCRGYbfpg4XQwtI1ez1xYcR
v9zI36667Tue9yIKfa66ABTa1kxliSySx5igRwQPfkelYkR/qJ/QvS21Z9jDNAYD
hegGZEeTXt3OJQXDz02t5JH4lctZBPXzkGI9OfSkdgMacWefupmsdBSL7APog/wc
T/DoY+ZNHn1flqmXqDaZga02vafWpBpnCRMterYlFsO9ygUZQUsvKi8FE2+AtXmy
WyBJOBeoVnn3uuam3HFKALZJdBP0CZKxzl4Ysu2mepY3/4Resl0afparC2ga
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR/lNjyw6Luq86CiUVPr
3xitbL8kzoOuIQLIHTdB60KLvzQ+eoi/E9wZVMP2ZwuTyfmu2Qz/fCbXKfg9T+qY
U4EJ11Mndjc1X6jxXouTcI5RHVDaF55WUUZMCB5wW8jUXTvOzMWNOCZUKg52vkFS
N+MXW6lZKyvP51dqrP0Jb6BJRydRv1T+fHSXAio+vtUNnigqZ8SZjzPxZ7Suyf4l
iihDO4cceBXCw6P3X6qapAFbSqYsIpw5n3nFTGEejmgPW1uQcXXHKaK3W3B+wQ4T
w7fKUEnwgf3eAak9shaZfMwu9CRlyKJtoSkZbuPJXqgvEvhKMnRFrc8QzumYNVXb
mQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 14039147340525316240958688548287663814
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-31 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-31 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aptistraining.britishcouncil.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20845048507042282468898722337042939378387127974244328225531531447760098857066042367766403805667950546535347161835297280521545800910711871523550686552195224072277126555571040872533919835529113424948654751238075418901915915563933963302118276986475301527303153534293651290977168914537150520976820918868915638496212963531263477665464912918986003426455928169474814884134555723323631112934019991595450664311854386289704642671073249466407517019777685729281401125915877044094061943139863395338966512111887205066691862861202591083180933087277372877038373621072821248952681941238768805629522062330438432771561793871867026987929
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							2e3c6a4db46bfe52c99206c3356672add1a5a821
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aptistraining.britishcouncil.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (359 bytes)
							0165007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000189ab79ed14000004030046304402202116fbfac176e30efd164f045fc216a7654afa137bfac6385cdc3d276886bf4202205b0da56c3cb7d1a8e70802dfbc757b5f64472663b2edcaca1fc0c83a858a1b8600750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000189ab79ed2d000004030046304402206688e824062f6492430b0636aca27b5394634cb435ba96c1cb781ad223ac8773022072b63a51a30323d7f6990913de1a6453abbce86cce48f81cad378c492e8b38fe007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000189ab79ecdd00000403004630440220703aae854b3bfb226a30c7eaac0cc8a6cdb9be0e5b56e7b7350751ec7c946b5b022074e4bff1395a34ed1504e2edda9c45c0de775b697ae0c653fc813cf4550c03ef
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0013673b7b90bea536a2baac914f8e95b73e703dafca0fbf7f93749fe6fbea4f285fd537bb7a23e2e38439ffb0d5f3fd3a846074de083cfbea867e8b07c2e2fbe85ccd7e21697931856e667938971a2924793df7357cc00049928ab7de29a7872391303a7c4bdcdcc1ba981051789a3f277364ba60569a5a07b7aa4179fd5d561d2a8c276f77daf5218aee0a55f43fd839ed4c716433ce0c69a4ec438af3b828c58c0293f917105f382d35903cc20b1e8b1178c5f17c3128571b743c8e232d384c334d5c74c3fc713f900c39edc85b1e30e2ca779f9ee9f77a71632ebc97cceef06d7dd9dffaa06b218bba0270cd42f3ed516a7ee97a7c0a6fcf07e4d98cc0e5fd0f590757fb2b1675a0e42f5a44f41ef8f787399ebcb98a397f39cefc1a164194830f8ffe65cda4d101c250d36fbfa63e522680911986dfa60e17430b48d5ecf5c58711bfdcc8dfaebaed3b9ef7220a7daeba0014dad64c65892c92c798a047040f7e47a562447fa89fd0bd2db567d8c334060385e8066447935eddce2505c3cf4dade491f895cb5904f5f390623d39f4a476031a71679fba99ac74148bec03e883fc1c4ff0e863e64d1e7d5f96a997a8369981ad36bda7d6a41a6709132d7ab62516c3bdca0519414b2f2a2f05136f80b579b25b20493817a85679f7bae6a6dc714a00b6497413f40992b1ce5e18b2eda67a9637ff845eb25d1a7e96ab0b681a