giving.juilliard.edu

- The Juilliard School -

Issued by GeoTrust TLS RSA CA G1

About this certificate

This digital certificate with serial number 04:54:2c:a0:2d:1f:32:3a:e1:67:65:05:49:a9:a3:b3 was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

The Juilliard School

Organization: The Juilliard School
Organization unit: Information Technology
State / Province: New York
Locality: New York
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:54:2c:a0:2d:1f:32:3a:e1:67:65:05:49:a9:a3:b3
Serial Number (int): 5753970035749691315050401587830301619
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 16:7f:5b:b6:23:aa:70:ce:62:a3:61:f0:d9:0c:1c:50:78:58:49:9d
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57

Fingerprint (sha1): e7:b6:ed:f3:99:83:49:5b:16:0b:47:e2:0f:88:0f:fe:63:32:b4:40
Fingerprint (sha256): 0a:cd:0f:13:0b:00:b4:c5:e2:a6:19:be:4b:c5:2c:e9:aa:52:55:91:99:3e:36:df:f4:75:55:6b:33:60:62:5d

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl

Check the revocation status for certificate giving.juilliard.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for giving.juilliard.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

giving.juilliard.edu

Other certificates including the domain name juilliard.edu

(limited to 100 certificates)
carpepm.almonds.com
tjs-dev.juilliard.edu
cluster3.technolutions.net
cluster3.technolutions.net
calendar.sdzsafaripark.org
apply.juilliard.edu
courses.juilliard.edu
cdn-test.battlefields.org
citeak.multidevcom.uaf.edu
securedns1.planmygift.org
securedns1.planmygift.org
servicedesk.cpgcorp.com.sg
cluster3.technolutions.net
ssl375697.cloudflaressl.com
tjs-dev.juilliard.edu
5754903989321728-fe2.pantheonsite.io
chns120.courseresource.yale.edu
itservicedesk.locknet.com
tianjin.juilliard.edu
5703417800425472-fe2.pantheonsite.io
guest.juilliard.edu
securedns1.planmygift.org
5694979263430656-fe3.pantheonsite.io
campus.juilliard.edu
guest2.juilliard.edu
cluster3.technolutions.net
5754903989321728-fe2.pantheonsite.io
cluster3.technolutions.net
ssl279362.cloudflaressl.com
ssl279360.cloudflaressl.com
chns168.courseresource.yale.edu
d7store.juilliard.edu
cluster3.technolutions.net
juilliard.edu
stage.juilliard.edu
5694979263430656-fe3.pantheonsite.io
5703417800425472-fe2.pantheonsite.io
club.kjzz.org
securedns1.planmygift.org
ssl375695.cloudflaressl.com
itservicedesk.locknet.com
ssl375695.cloudflaressl.com
securedns1.planmygift.org
cluster3.technolutions.net
ssl2789.cloudflare.com
ssl375695.cloudflaressl.com
oktassoagent.juilliard.edu
tjs-dev.juilliard.edu
securedns1.planmygift.org
cluster3.technolutions.net
5694979263430656-fe3.pantheonsite.io
courses.juilliard.edu
ssl375697.cloudflaressl.com
stage.juilliard.edu
courses.juilliard.edu
ssl375696.cloudflaressl.com
cluster3.technolutions.net
kovner.juilliard.edu
apply.juilliard.edu
securedns1.planmygift.org
remote.juilliard.edu
ssl375696.cloudflaressl.com
ssl375696.cloudflaressl.com
ssl375696.cloudflaressl.com
ssl279360.cloudflaressl.com
tjs-stage.juilliard.edu
ssl375696.cloudflaressl.com
giving.juilliard.edu
blog.juilliard.edu
cluster3.technolutions.net
truesupport.truerx.com
hermes.juilliard.edu
ssl375697.cloudflaressl.com
tjs-stage.juilliard.edu
5703417800425472-fe2.pantheonsite.io
sni.cloudflaressl.com
tjs-stage.juilliard.edu
5694979263430656-fe3.pantheonsite.io
tjs-dev.juilliard.edu
securedns1.planmygift.org
connect.iadb.org
campusint.juilliard.edu
csgsdev.juilliard.edu
tianjin.juilliard.edu
securedns1.planmygift.org
5703417800425472-fe2.pantheonsite.io
support.ata-services.net
tjs-dev.juilliard.edu
ssl375697.cloudflaressl.com
ssl375697.cloudflaressl.com
itservicedesk.locknet.com
5694979263430656-fe3.pantheonsite.io
ssl375695.cloudflaressl.com
cluster3.technolutions.net
cluster3.technolutions.net
csgsdev.juilliard.edu
cluster3.technolutions.net
cluster3.technolutions.net
ssl375695.cloudflaressl.com
cluster3.technolutions.net

Certificate

The complete raw certificate details for giving.juilliard.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGpjCCBY6gAwIBAgIQBFQsoC0fMjrhZ2UFSamjszANBgkqhkiG9w0BAQsFADBg
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx
MB4XDTE5MDMwODAwMDAwMFoXDTIxMDMwNzEyMDAwMFowgZIxCzAJBgNVBAYTAlVT
MREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxHTAbBgNVBAoT
FFRoZSBKdWlsbGlhcmQgU2Nob29sMR8wHQYDVQQLExZJbmZvcm1hdGlvbiBUZWNo
bm9sb2d5MR0wGwYDVQQDExRnaXZpbmcuanVpbGxpYXJkLmVkdTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAJi+xVTiFTYsJ2owGX359zsYdfM1p+3ZfNnw
BlbRjfy5Vv4Kt79cgzd1mmkPYawbDHSchJCxK/tWfzmI79bWBIWU3Ib2Q4TilDI2
ZU04mZdcensPLDTr1Dou8dkkMZsvxr2FRHcJJIabDHZsFMBPfuhxBh5GPsmcktfJ
/Y6NAq6hSHvs8UY8XBS5UXjQXt8r27099PD/7zjo0zuYoMqtxox0YBug4WWvOXOl
XfyT2jSZp2icOX4MGD8CEQhhD1nNAXK2Udstrg8TY5KUSyBvcKK45WnolY7p6ssh
d5uKpIq87VGUMKvAk+/UlDWeLSQBBqfwHpJd3g/wNWiGaeOiSYMCAwEAAaOCAycw
ggMjMB8GA1UdIwQYMBaAFJRP1F2L5KTipoD+/dj5AO+jvgJXMB0GA1UdDgQWBBQW
f1u2I6pwzmKjYfDZDBxQeFhJnTAfBgNVHREEGDAWghRnaXZpbmcuanVpbGxpYXJk
LmVkdTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
BwMCMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9jZHAuZ2VvdHJ1c3QuY29tL0dl
b1RydXN0VExTUlNBQ0FHMS5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAo
BggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwB
AgIwdgYIKwYBBQUHAQEEajBoMCYGCCsGAQUFBzABhhpodHRwOi8vc3RhdHVzLmdl
b3RydXN0LmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL2NhY2VydHMuZ2VvdHJ1c3Qu
Y29tL0dlb1RydXN0VExTUlNBQ0FHMS5jcnQwCQYDVR0TBAIwADCCAX0GCisGAQQB
1nkCBAIEggFtBIIBaQFnAHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e
0YUAAAFpXtvyeQAABAMARzBFAiB6Hmy0v+tyS1iPkCfN1eaRtktMJVyVTYIW25nw
6ZE/qAIhALxQIJhxcFsnrnhPREgqE9VVyBy+cgOoqnqFjf/H14wEAHUAh3W/51l8
+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFpXtvzuwAABAMARjBEAiBjkNsC
RZ13ZyyHEwipwlEhgp6tzgF7KAtaKN+WvA0ujgIgRKD9wMfgc0OwxtLwhFqkD62m
lgSjmNFQdbvJ0fx0IdAAdgBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/0zOWtbaB
qAAAAWle2/KUAAAEAwBHMEUCIQDNb73ctATplWzJyuqAcjS51OB4JUbBTkz3tvsA
WQe3gAIgSo7vAdsZ/OC88GRewdpEreWp2iuwIYvcWTxF0FmP2xAwDQYJKoZIhvcN
AQELBQADggEBAEV0XRZ4KdYNBnL7omGwkWjBv2bIwVXMdGq3YNlXPi1dFLPy+pak
wwhFCteMFAwUjTLa4dZuxfs9zRT631WHiGmqmAH96ynZz3GiWElNQco94K3CGGFF
49o079He0YI4VRAtrusm23Tr8C70GNH7k6Su08rkIGvNsaD2PIW2MWAWMlaW4Pbc
Udu7Unj+vARIPaFtygLMZ0NX2eZNgsVL0evIGZDn2glvqbKEJpYWbDusrTiAhwY7
8uE1rHa7BkFqGFTLewkwv7VQS3WEjXcyrSS/IBXh7eYt1cCos4J6lYCDBa8aGca5
czyPJxOrZOG0buTLRBXs76QtjhHAqfe8k/4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmL7FVOIVNiwnajAZffn3
Oxh18zWn7dl82fAGVtGN/LlW/gq3v1yDN3WaaQ9hrBsMdJyEkLEr+1Z/OYjv1tYE
hZTchvZDhOKUMjZlTTiZl1x6ew8sNOvUOi7x2SQxmy/GvYVEdwkkhpsMdmwUwE9+
6HEGHkY+yZyS18n9jo0CrqFIe+zxRjxcFLlReNBe3yvbvT308P/vOOjTO5igyq3G
jHRgG6DhZa85c6Vd/JPaNJmnaJw5fgwYPwIRCGEPWc0BcrZR2y2uDxNjkpRLIG9w
orjlaeiVjunqyyF3m4qkirztUZQwq8CT79SUNZ4tJAEGp/Aekl3eD/A1aIZp46JJ
gwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5753970035749691315050401587830301619
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-08 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-07 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Juilliard School'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Information Technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'giving.juilliard.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19282294955504086474478053241056201751205006897576903388296896150794666576013203767463922946153427320219300308548903366215123767267233280205403332189871827197847486654746879177043079683997485266676457441709664341683973496244259452274630725413400813975121770911636480495434075709065666124900758509161488105703245805279453622192100470972556194013146261385559118653896652461278529006502313028671958895074606435422173655865687856933939720066525386720135649332724094188317571108210375320252191403219577150088149063389834833272027016082872979263231551380433887332047735403335772094341395011781291957180058681307722686810499
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							167f5bb623aa70ce62a361f0d90c1c507858499d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giving.juilliard.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed185000001695edbf279000004030047304502207a1e6cb4bfeb724b588f9027cdd5e691b64b4c255c954d8216db99f0e9913fa8022100bc50209871705b27ae784f44482a13d555c81cbe7203a8aa7a858dffc7d78c040075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f000001695edbf3bb000004030046304402206390db02459d77672c871308a9c25121829eadce017b280b5a28df96bc0d2e8e022044a0fdc0c7e07343b0c6d2f0845aa40fada69604a398d15075bbc9d1fc7421d00076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a8000001695edbf2940000040300473045022100cd6fbddcb404e9956cc9caea807234b9d4e0782546c14e4cf7b6fb005907b78002204a8eef01db19fce0bcf0645ec1da44ade5a9da2bb0218bdc593c45d0598fdb10
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0045745d167829d60d0672fba261b09168c1bf66c8c155cc746ab760d9573e2d5d14b3f2fa96a4c308450ad78c140c148d32dae1d66ec5fb3dcd14fadf55878869aa9801fdeb29d9cf71a258494d41ca3de0adc2186145e3da34efd1ded1823855102daeeb26db74ebf02ef418d1fb93a4aed3cae4206bcdb1a0f63c85b6316016325696e0f6dc51dbbb5278febc04483da16dca02cc674357d9e64d82c54bd1ebc81990e7da096fa9b2842696166c3bacad388087063bf2e135ac76bb06416a1854cb7b0930bfb5504b75848d7732ad24bf2015e1ede62dd5c0a8b3827a95808305af1a19c6b9733c8f2713ab64e1b46ee4cb4415ecefa42d8e11c0a9f7bc93fe