www.usa.gov
- General Services Administration -
Issued by GeoTrust SSL CA - G3
About this certificate
This digital certificate with serial number 24:28:52:e4:c1:a8:d4:03:ba:50:af:8d:24:67:39:81 was issued on by GeoTrust Inc..
With 16 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
General Services Administration
Organization:
General Services Administration
State / Province:
District Of Columbia
Locality: Washington
Country: US
Locality: Washington
Country: US
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 24:28:52:e4:c1:a8:d4:03:ba:50:af:8d:24:67:39:81Serial Number (int): 48061581004141624862596889086962121089
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: d2:6f:f7:96:f4:85:3f:72:3c:30:7d:23:da:85:78:9b:a3:7c:5a:7c
Fingerprint (sha1): 7a:2c:3c:28:ad:bb:f2:28:fa:46:52:c8:48:61:b7:b9:b9:b4:e0:5b
Fingerprint (sha256): 0a:c1:01:1d:4c:80:a9:bc:c5:f4:61:cc:c4:92:b2:bd:ae:1d:46:b9:e5:50:e9:57:b0:73:ab:11:fb:8d:f1:99
Issuing Certificate URL: http://gn.symcb.com/gn.crt
Revocation information
OCSP Server: http://gn.symcd.comCRL Distribution Point: http://gn.symcb.com/gn.crl
Check the revocation status for certificate www.usa.gov
16
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.usa.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.manufacturing.gov
www.ussm.gov
www.christophercolumbusfoundation.gov
www.performance.gov
staging.vocab.data.gov
labs-staging.data.gov
vocab.data.gov
dec.dodea.edu
toy.dodea.edu
usa.gov
blog.usa.gov
presidentialtransition.usa.gov
www.feedback.usa.gov
rtv.usa.gov
feedback.usa.gov
www.usa.gov
www.ussm.gov
www.christophercolumbusfoundation.gov
www.performance.gov
staging.vocab.data.gov
labs-staging.data.gov
vocab.data.gov
dec.dodea.edu
toy.dodea.edu
usa.gov
blog.usa.gov
presidentialtransition.usa.gov
www.feedback.usa.gov
rtv.usa.gov
feedback.usa.gov
www.usa.gov
Other certificates including the domain name usa.gov
(limited to 100 certificates)
answers.usa.gov
1.usa.gov
kids.usa.gov
www.gobierno.usa.gov
analytics.usa.gov
cms.usa.gov
www.usa.gov
demo2.search.usa.gov
guineapig.staging.search.usa.gov
www.usa.gov
1.usa.gov
i14y.seagull.staging.search.usa.gov
answers.usa.gov
sa66gl.wpc.edgecastcdn.net
answers.usa.gov
kibana.search.usa.gov
i14y.bird.staging.search.usa.gov
answers.usa.gov
search.usa.gov
go.usa.gov
api.usa.gov
i14y.seagull.staging.search.usa.gov
seagull.staging.search.usa.gov
sandpiper.staging.search.usa.gov
promotions.usa.gov
answers.usa.gov
1.usa.gov
1.usa.gov
hogfish.staging.search.usa.gov
usa.gov
vote.usa.gov
labs.usa.gov
answers.usa.gov
www.usa.gov
www.usa.gov
i14y.vanilla.staging.search.usa.gov
i14y.ox.staging.search.usa.gov
dachshund.staging.search.usa.gov
components.standards.usa.gov
bear.staging.search.usa.gov
redir.gsa.ctacdev.com
answers.usa.gov
i14y.bear.staging.search.usa.gov
1.usa.gov
secure0051.hubspot.com
www.usa.gov
*.sites.usa.gov
answers.usa.gov
beta.usa.gov
pusheen.staging.search.usa.gov
warthog.staging.search.usa.gov
components.standards.usa.gov
*.usa.gov
answers.usa.gov
answers.usa.gov
epa-notice.usa.gov
open.usa.gov
answers.usa.gov
sa66gl.wpc.edgecastcdn.net
i14y.usa.gov
open.usa.gov
i14y.dachshund.staging.search.usa.gov
sa10gl.wpc.edgecastcdn.net
lemonade.staging.search.usa.gov
labs.usa.gov
answers.usa.gov
i14y.luke.staging.search.usa.gov
www.my.usa.gov
panda.staging.search.usa.gov
answers.usa.gov
business.usa.gov
cms.usa.gov
goldfinch.staging.search.usa.gov
answers.usa.gov
gobierno.usa.gov
www.usa.gov
open.usa.gov
i14y.chinchilla.staging.search.usa.gov
answers.usa.gov
search.usa.gov
toothpick.staging.search.usa.gov
answers.usa.gov
sa55gl.wpc.edgecastcdn.net
lemonade.staging.search.usa.gov
i14y.hogfish.staging.search.usa.gov
open-staging.usa.gov
redir.gsa.ctacdev.com
i14y.auk.staging.search.usa.gov
i14y.hedgehog.staging.search.usa.gov
vote.usa.gov
www.usa.gov
search.usa.gov
porcupine.staging.search.usa.gov
answers.usa.gov
epa-notice.usa.gov
lets-encrypt.infr.search.usa.gov
toothpick.staging.search.usa.gov
snowflake.staging.search.usa.gov
i14y.dachshund.staging.search.usa.gov
sa159gl.wpc.edgecastcdn.net
1.usa.gov
kids.usa.gov
www.gobierno.usa.gov
analytics.usa.gov
cms.usa.gov
www.usa.gov
demo2.search.usa.gov
guineapig.staging.search.usa.gov
www.usa.gov
1.usa.gov
i14y.seagull.staging.search.usa.gov
answers.usa.gov
sa66gl.wpc.edgecastcdn.net
answers.usa.gov
kibana.search.usa.gov
i14y.bird.staging.search.usa.gov
answers.usa.gov
search.usa.gov
go.usa.gov
api.usa.gov
i14y.seagull.staging.search.usa.gov
seagull.staging.search.usa.gov
sandpiper.staging.search.usa.gov
promotions.usa.gov
answers.usa.gov
1.usa.gov
1.usa.gov
hogfish.staging.search.usa.gov
usa.gov
vote.usa.gov
labs.usa.gov
answers.usa.gov
www.usa.gov
www.usa.gov
i14y.vanilla.staging.search.usa.gov
i14y.ox.staging.search.usa.gov
dachshund.staging.search.usa.gov
components.standards.usa.gov
bear.staging.search.usa.gov
redir.gsa.ctacdev.com
answers.usa.gov
i14y.bear.staging.search.usa.gov
1.usa.gov
secure0051.hubspot.com
www.usa.gov
*.sites.usa.gov
answers.usa.gov
beta.usa.gov
pusheen.staging.search.usa.gov
warthog.staging.search.usa.gov
components.standards.usa.gov
*.usa.gov
answers.usa.gov
answers.usa.gov
epa-notice.usa.gov
open.usa.gov
answers.usa.gov
sa66gl.wpc.edgecastcdn.net
i14y.usa.gov
open.usa.gov
i14y.dachshund.staging.search.usa.gov
sa10gl.wpc.edgecastcdn.net
lemonade.staging.search.usa.gov
labs.usa.gov
answers.usa.gov
i14y.luke.staging.search.usa.gov
www.my.usa.gov
panda.staging.search.usa.gov
answers.usa.gov
business.usa.gov
cms.usa.gov
goldfinch.staging.search.usa.gov
answers.usa.gov
gobierno.usa.gov
www.usa.gov
open.usa.gov
i14y.chinchilla.staging.search.usa.gov
answers.usa.gov
search.usa.gov
toothpick.staging.search.usa.gov
answers.usa.gov
sa55gl.wpc.edgecastcdn.net
lemonade.staging.search.usa.gov
i14y.hogfish.staging.search.usa.gov
open-staging.usa.gov
redir.gsa.ctacdev.com
i14y.auk.staging.search.usa.gov
i14y.hedgehog.staging.search.usa.gov
vote.usa.gov
www.usa.gov
search.usa.gov
porcupine.staging.search.usa.gov
answers.usa.gov
epa-notice.usa.gov
lets-encrypt.infr.search.usa.gov
toothpick.staging.search.usa.gov
snowflake.staging.search.usa.gov
i14y.dachshund.staging.search.usa.gov
sa159gl.wpc.edgecastcdn.net
Certificate
The complete raw certificate details for www.usa.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGNDCCBRygAwIBAgIQJChS5MGo1AO6UK+NJGc5gTANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTYwMzA3MDAwMDAwWhcNMTcwMzA3MjM1 OTU5WjCBgTELMAkGA1UEBhMCVVMxHTAbBgNVBAgTFERpc3RyaWN0IE9mIENvbHVt YmlhMRMwEQYDVQQHFApXYXNoaW5ndG9uMSgwJgYDVQQKFB9HZW5lcmFsIFNlcnZp Y2VzIEFkbWluaXN0cmF0aW9uMRQwEgYDVQQDFAt3d3cudXNhLmdvdjCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAK8p8Xo/ish65pV28De+B3SRQ2N/1W+i SHmRWlGvUq2dxTdXK1rwidDBqfFO/VDM0L6G1o5rXYK8sq0OAo2fM1E+w/oBL04a QZmKETeKBacos59M7p5XpIeqfEHzYgmQAoviDY2JIjhy+Wd2bA6QGjA5wUolDunX 6d4Zi6HzpNwHu0n2Vz5TK1uHr0vk4hMmKrrIx6AlUPBaRWZxcNnIBnstz8M/lGxV wzscR+uXdcjFE9ziEkXWbOYsZjL7FJ7zgaq7MvnqYqERxPFiMCK3rA5wFt14TD7w YtLXZyTIvhVNm54PqGi57Ab/tBP6fvXQm3vdfXVh4IHK3rxq31JQhGMCAwEAAaOC AuIwggLeMIIBRAYDVR0RBIIBOzCCATeCFXd3dy5tYW51ZmFjdHVyaW5nLmdvdoIM d3d3LnVzc20uZ292giV3d3cuY2hyaXN0b3BoZXJjb2x1bWJ1c2ZvdW5kYXRpb24u Z292ghN3d3cucGVyZm9ybWFuY2UuZ292ghZzdGFnaW5nLnZvY2FiLmRhdGEuZ292 ghVsYWJzLXN0YWdpbmcuZGF0YS5nb3aCDnZvY2FiLmRhdGEuZ292gg1kZWMuZG9k ZWEuZWR1gg10b3kuZG9kZWEuZWR1ggd1c2EuZ292ggxibG9nLnVzYS5nb3aCHnBy ZXNpZGVudGlhbHRyYW5zaXRpb24udXNhLmdvdoIUd3d3LmZlZWRiYWNrLnVzYS5n b3aCC3J0di51c2EuZ292ghBmZWVkYmFjay51c2EuZ292ggt3d3cudXNhLmdvdjAJ BgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDArBgNVHR8EJDAiMCCgHqAchhpodHRw Oi8vZ24uc3ltY2IuY29tL2duLmNybDCBnQYDVR0gBIGVMIGSMIGPBgZngQwBAgIw gYQwPwYIKwYBBQUHAgEWM2h0dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNvdXJj ZXMvcmVwb3NpdG9yeS9sZWdhbDBBBggrBgEFBQcCAjA1DDNodHRwczovL3d3dy5n ZW90cnVzdC5jb20vcmVzb3VyY2VzL3JlcG9zaXRvcnkvbGVnYWwwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMB8GA1UdIwQYMBaAFNJv95b0hT9yPDB9I9qF eJujfFp8MFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL2duLnN5 bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL2duLnN5bWNiLmNvbS9nbi5jcnQw EwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAKBfGuz4VMUz uCO7EM5pvNSpFz4f0u2IWTVsxXUE3lsknfje0xCkrwryulbvZy3YX2eY+lL2agfw 6E37mTYt4/M6MFIf/ORjRBHao7iXzSeZVHjHlIAbyRffNN2+1s2vk4SnQZIAU3Fp qMrakZlIuKiMkHvJt6CIZPQcOynnRjBkiIW4GwtrB+lIvVplzD7UAwf+VeFHfJNk oci4rjMUiXcYZAf8E6jUcCIKRvgy/LoI5oSOZdMgTabq7WsMjFRzIqAia9jFnKoW ec5ojakCnGt4P3Cal/e8DlAo1H+RA+ojiA/yfdtgE95mKNKrCouHa/a6qbvaNn3Z R+GSy/n/TrQ= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArynxej+KyHrmlXbwN74H dJFDY3/Vb6JIeZFaUa9SrZ3FN1crWvCJ0MGp8U79UMzQvobWjmtdgryyrQ4CjZ8z UT7D+gEvThpBmYoRN4oFpyizn0zunlekh6p8QfNiCZACi+INjYkiOHL5Z3ZsDpAa MDnBSiUO6dfp3hmLofOk3Ae7SfZXPlMrW4evS+TiEyYqusjHoCVQ8FpFZnFw2cgG ey3Pwz+UbFXDOxxH65d1yMUT3OISRdZs5ixmMvsUnvOBqrsy+epioRHE8WIwIres DnAW3XhMPvBi0tdnJMi+FU2bng+oaLnsBv+0E/p+9dCbe919dWHggcrevGrfUlCE YwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 48061581004141624862596889086962121089 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-03-07 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-07 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'District Of Columbia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Washington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'General Services Administration' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'www.usa.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22112386367156883517143599708023998148190762893385652166220585618263824054989860775011491473411934383683495663454654472723283988613768908853536639192549835661552469550255936904605302732618162038802834761294670241158448587829731844502037604309382947787639568721526335420753102514628179138096879061354950896042189867413334445045113888510300177575983519987083571700982912464897566355950947669354927425417665336065959885983174219134473163886194754410060388632753249336159294095882161296886306243743617232339759084126449440741143565032042186839181709370263250419701821246697380522608146007468965902066911704255942743852131 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (315 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manufacturing.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ussm.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.christophercolumbusfoundation.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.performance.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.vocab.data.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'labs-staging.data.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vocab.data.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dec.dodea.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'toy.dodea.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'presidentialtransition.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.feedback.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rtv.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'feedback.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.usa.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (149 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d26ff796f4853f723c307d23da85789ba37c5a7c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a05f1aecf854c533b823bb10ce69bcd4a9173e1fd2ed8859356cc57504de5b249df8ded310a4af0af2ba56ef672dd85f6798fa52f66a07f0e84dfb99362de3f33a30521ffce4634411daa3b897cd27995478c794801bc917df34ddbed6cdaf9384a7419200537169a8cada919948b8a88c907bc9b7a08864f41c3b29e74630648885b81b0b6b07e948bd5a65cc3ed40307fe55e1477c9364a1c8b8ae33148977186407fc13a8d470220a46f832fcba08e6848e65d3204da6eaed6b0c8c547322a0226bd8c59caa1679ce688da9029c6b783f709a97f7bc0e5028d47f9103ea23880ff27ddb6013de6628d2ab0a8b876bf6baa9bbda367dd947e192cbf9ff4eb4