denix.osd.mil

- Department of Defense -

Issued by GeoTrust EV RSA CA G2

About this certificate

This digital certificate with serial number 05:6b:c7:75:0c:be:0c:1e:6b:cc:ad:07:76:80:6b:c0 was issued on by DigiCert Inc.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Department of Defense

Company registration number: Government Entity
Organization: Department of Defense
State / Province: District of Columbia
Locality: Washington
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 05:6b:c7:75:0c:be:0c:1e:6b:cc:ad:07:76:80:6b:c0
Serial Number (int): 7205761215937520025264473076068805568
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: ee:e8:fd:2e:86:b4:c5:92:ae:03:7b:44:5a:3c:3d:05:ce:60:2e:2a
AuthorityKeyId: 28:d2:cf:ee:09:84:75:dd:b5:b2:b5:bf:3c:d5:a0:c6:73:88:5d:1f

Fingerprint (sha1): ae:30:92:b0:34:75:93:36:09:70:03:b0:f2:fa:e4:40:f4:f3:32:c6
Fingerprint (sha256): 0a:b4:bf:83:7e:20:80:2e:c7:35:1c:75:02:5f:a1:6e:cd:fe:67:8a:85:df:af:da:b0:c0:54:7c:f0:38:8f:7f

Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustEVRSACAG2.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/GeoTrustEVRSACAG2.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustEVRSACAG2.crl

Check the revocation status for certificate denix.osd.mil

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for denix.osd.mil

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

denix.osd.mil
3rs.mil
legacytracker.denix.osd.mil
www.denix.osd.mil
www.3rs.mil

Other certificates including the domain name osd.mil

(limited to 100 certificates)
myafn.dodmedia.osd.mil
secureapps.osd.mil
eRoom.tma.osd.mil
stg.service.cade.osd.mil
kbs.nsoc.health.mil
nmcp-root.med.osd.mil
www.dma.mil
bea.osd.mil
repi.osd.mil
nmcsd-root.med.osd.mil
www.dma.mil
afnconnect.myafn.dodmedia.osd.mil
mhse2e.med.osd.mil
cade.osd.mil
titus.cpms.osd.mil
opmverify.dmdc.osd.mil
dtsproweb.defensetravel.osd.mil
compos.dcpds.cpms.osd.mil
www.dma.mil
www.defense.gov
www.dma.mil
repi.osd.mil
www.pentagon.mil
www.dma.mil
afnconnect.myafn.dodmedia.osd.mil
dodmerb.tricare.osd.mil
webct2.dmdc.osd.mil
CAPE eRoom
cade.osd.mil
citrixsg.osd.mil
www.pentagon.mil
web-06-r-p.fhppub.dhhq.local
repi.osd.mil
jacks.jpeocbd.army.mil
jds.cape.osd.mil
repi.osd.mil
dach-era.med.osd.mil
guidanceweb.ousdc.osd.mil
afnconnect.myafn.dodmedia.osd.mil
pentagontours.osd.mil
dmdc.osd.mil
rcc.osd.mil
www.usace.army.mil
myafn.dodmedia.osd.mil
repi.osd.mil
www.pentagon.mil
systemarchitect.tma.osd.mil
*.jacks.jpeocbrnd.army.mil
secureapps.osd.mil
dtscdcvpn02.defensetravel.osd.mil
snap.cape.osd.mil
fermion.dmea.osd.mil
*.jacks.jpeocbrnd.army.mil
myafn.dodmedia.osd.mil
www.usace.army.mil
lms.dcpas.osd.mil
denix.osd.mil
fermion.dmea.osd.mil
SNAP.CAPE.OSD.MIL
bach-era.med.osd.mil
denix.osd.mil
lrmc-root.med.osd.mil
listserver.tma.osd.mil
godefense.dcpas.osd.mil
service.cade.osd.mil
guidanceweb.ousdc.osd.mil
fcom.cape.osd.mil
macstg.ousdc.osd.mil
login.myafn.dodmedia.osd.mil
hrnetapps.cpms.osd.mil
kbs.nsoc.health.mil
jsp-ipm.osd.mil
sepsii.tricare.osd.mil
DORWARD.jte.osd.mil
jcoc.osd.mil
uranus.cpms.osd.mil
itbudget.osd.mil
dod-executiveagent.osd.mil
cerebro-ct.dmdc.osd.mil
denix.osd.mil
dodcioext.osd.mil
www.public.navy.mil
mhse2erecv.med.osd.mil
www.dma.mil
afnconnect.myafn.dodmedia.osd.mil
www.pentagon.mil
ircmstrn.cpms.osd.mil
bolly.cpms.osd.mil
repi.osd.mil
wasp-ad.dmdc.osd.mil
art.tma.osd.mil
webst.dmdc.osd.mil
fmonline.ousdc.osd.mil
fsm.cape.osd.mi
repi.osd.mil
dmdc.mil
dmdc.mil
dmdc.mil
www.dma.mil
learning1.dmdc.osd.mil

Certificate

The complete raw certificate details for denix.osd.mil in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHMjCCBhqgAwIBAgIQBWvHdQy+DB5rzK0HdoBrwDANBgkqhkiG9w0BAQsFADBE
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVH
ZW9UcnVzdCBFViBSU0EgQ0EgRzIwHhcNMjQwMzA2MDAwMDAwWhcNMjUwMzEzMjM1
OTU5WjCBxjETMBEGCysGAQQBgjc8AgEDEwJVUzEaMBgGA1UEDwwRR292ZXJubWVu
dCBFbnRpdHkxGjAYBgNVBAUTEUdvdmVybm1lbnQgRW50aXR5MQswCQYDVQQGEwJV
UzEdMBsGA1UECBMURGlzdHJpY3Qgb2YgQ29sdW1iaWExEzARBgNVBAcTCldhc2hp
bmd0b24xHjAcBgNVBAoTFURlcGFydG1lbnQgb2YgRGVmZW5zZTEWMBQGA1UEAxMN
ZGVuaXgub3NkLm1pbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKwb
5rX5+V1heL6uTfQCU15hQEEqF6s7mN9VQyq57tB9YUT5u/TAK3I2vsLHP9g9VU68
UOhKUwuiZsUMQ/j9s35UZpAc+6gqOC8eU6SVdLivlOK/9xoNIjhKJNJzjPvJWToi
i6uX+zms7mnSmGvZ9A9XRe1RXqI4YtrHB5Q7MoXT25tkVlpon8HJd4wnMOm3HEO8
C5Cuvq8zMGNGYOO9tJAOKPd8ZOGgN+9P0KdD+OmKtjjcueIUfD74G8SU7Tl4Fh4N
tD+Tmlxaf1MzgGlEGYM16j3cpl85S45ZjNaQKLmFU7r4CGTMb/WyUURyi7hlj6mS
NEmwsa9Ery8uYH+KC2MCAwEAAaOCA5swggOXMB8GA1UdIwQYMBaAFCjSz+4JhHXd
tbK1vzzVoMZziF0fMB0GA1UdDgQWBBTu6P0uhrTFkq4De0RaPD0FzmAuKjBeBgNV
HREEVzBVgg1kZW5peC5vc2QubWlsggczcnMubWlsghtsZWdhY3l0cmFja2VyLmRl
bml4Lm9zZC5taWyCEXd3dy5kZW5peC5vc2QubWlsggt3d3cuM3JzLm1pbDBKBgNV
HSAEQzBBMAsGCWCGSAGG/WwCATAyBgVngQwBATApMCcGCCsGAQUFBwIBFhtodHRw
Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8v
Y3JsMy5kaWdpY2VydC5jb20vR2VvVHJ1c3RFVlJTQUNBRzIuY3JsMDSgMqAwhi5o
dHRwOi8vY3JsNC5kaWdpY2VydC5jb20vR2VvVHJ1c3RFVlJTQUNBRzIuY3JsMHMG
CCsGAQUFBwEBBGcwZTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQu
Y29tMD0GCCsGAQUFBzAChjFodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vR2Vv
VHJ1c3RFVlJTQUNBRzIuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQC
BIIBbgSCAWoBaAB1AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAAB
jhV3K5oAAAQDAEYwRAIgR5v2+SK9XpD7kDNw+JExOYoty7D0kC6z1whhOk8LyoEC
ICga11O2DhHXQBe42dHdyVwosc4NPZJPYW4dezzrdkRAAHcAfVkeEuF4KnscYWd8
Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGOFXcrngAABAMASDBGAiEA+yfaIEgIGwWs
SLgLjcWmyXaG9BCCNB8YrdfjuD2f1c4CIQC9uoVhBr4KwAg5s8KmYiozdvfmhj//
h1+0WhXxW0OYtQB2AObSMWNAd4zBEEEG13G5zsHSQPaWhIb7uocyHf0eN45QAAAB
jhV3K8cAAAQDAEcwRQIgPao7jiZax1HmnlwIlbe09C5r6nIsc3u9wSYrhGcAprkC
IQD/ICGRwm/9Z+r0QoNET42rW9VK7/iH4YZoHA9i00qblzANBgkqhkiG9w0BAQsF
AAOCAQEAGzKvu2Mer1FnFp9dZU2ztbQ1BFXus9w8LtLrjK7CLZWuSDeO731veNAy
3tJupALA5C3lkzBGaS3WWtRfHT3pJER/0nLRz1O4xnABYD69pijfOQt093tYomLQ
8P/McvrxHF+odCUg1FriHXfnSZklLxGoOLnJN24ZzSb7kxopNjkGIS+VjbhJm3tk
IQj/T8DMK1QHmH2Ih1k7/UmDczq2GapbfvpPMqlaADfL7KXKj3F2qutCuInRd02+
cpA1Dg7Hz2oLDYbf8HOlUVJb9ADTwMpen4AUE7O8SP+PxO1Rw1Ji5v2f7Etvr4Ad
yCQ06GGUuXghvoB2iBapqF1pjbaeWw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBvmtfn5XWF4vq5N9AJT
XmFAQSoXqzuY31VDKrnu0H1hRPm79MArcja+wsc/2D1VTrxQ6EpTC6JmxQxD+P2z
flRmkBz7qCo4Lx5TpJV0uK+U4r/3Gg0iOEok0nOM+8lZOiKLq5f7OazuadKYa9n0
D1dF7VFeojhi2scHlDsyhdPbm2RWWmifwcl3jCcw6bccQ7wLkK6+rzMwY0Zg4720
kA4o93xk4aA370/Qp0P46Yq2ONy54hR8PvgbxJTtOXgWHg20P5OaXFp/UzOAaUQZ
gzXqPdymXzlLjlmM1pAouYVTuvgIZMxv9bJRRHKLuGWPqZI0SbCxr0SvLy5gf4oL
YwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7205761215937520025264473076068805568
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust EV RSA CA G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-13 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'District of Columbia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Department of Defense'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'denix.osd.mil'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21726747055694143873373723418627114940182640945507950671189497947492028746880973192284098937517581805007226098352235182996349941807672582260879658508509003228567321752407813244012088411884535664209138976431984819693995063983362495150005503774435355229311992194517799733130553052619237850977926099549114781367072699422722171695748909924062030797162404297838922049157170229584711391397428428297679316569777716828039224162265241077708412924417227455454626493800067262949309037426966443073609300596824299453246132398556942512757913150682022067440397584565659323240387466800497005268371714418112263620726305970267051658083
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 28d2cfee098475ddb5b2b5bf3cd5a0c673885d1f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							eee8fd2e86b4c592ae037b445a3c3d05ce602e2a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'denix.osd.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '3rs.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legacytracker.denix.osd.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.denix.osd.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.3rs.mil'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustEVRSACAG2.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustEVRSACAG2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustEVRSACAG2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007500cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018e15772b9a00000403004630440220479bf6f922bd5e90fb903370f89131398a2dcbb0f4902eb3d708613a4f0bca810220281ad753b60e11d74017b8d9d1ddc95c28b1ce0d3d924f616e1d7b3ceb7644400077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018e15772b9e0000040300483046022100fb27da2048081b05ac48b80b8dc5a6c97686f41082341f18add7e3b83d9fd5ce022100bdba856106be0ac00839b3c2a6622a3376f7e6863fff875fb45a15f15b4398b5007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018e15772bc7000004030047304502203daa3b8e265ac751e69e5c0895b7b4f42e6bea722c737bbdc1262b846700a6b9022100ff202191c26ffd67eaf44283444f8dab5bd54aeff887e186681c0f62d34a9b97
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001b32afbb631eaf5167169f5d654db3b5b4350455eeb3dc3c2ed2eb8caec22d95ae48378eef7d6f78d032ded26ea402c0e42de5933046692dd65ad45f1d3de924447fd272d1cf53b8c67001603ebda628df390b74f77b58a262d0f0ffcc72faf11c5fa8742520d45ae21d77e74999252f11a838b9c9376e19cd26fb931a29363906212f958db8499b7b642108ff4fc0cc2b5407987d8887593bfd4983733ab619aa5b7efa4f32a95a0037cbeca5ca8f7176aaeb42b889d1774dbe7290350e0ec7cf6a0b0d86dff073a551525bf400d3c0ca5e9f801413b3bc48ff8fc4ed51c35262e6fd9fec4b6faf801dc82434e86194b97821be80768816a9a85d698db69e5b