www2.healthcare.gov

- Centers for Medicare & Medicaid Services -

Issued by GeoTrust SSL CA - G3

About this certificate

This digital certificate with serial number 4e:62:84:35:71:2c:16:1a:d8:ee:b9:73:55:18:7f:8d was issued on by GeoTrust Inc..

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Centers for Medicare & Medicaid Services

Organization: Centers for Medicare & Medicaid Services
Organization unit: OIS
State / Province: Maryland
Locality: Baltimore
Country: US

GeoTrust Inc.

Organization: GeoTrust Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 4e:62:84:35:71:2c:16:1a:d8:ee:b9:73:55:18:7f:8d
Serial Number (int): 104191310275545249703783433597009559437
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: d2:6f:f7:96:f4:85:3f:72:3c:30:7d:23:da:85:78:9b:a3:7c:5a:7c

Fingerprint (sha1): 83:b7:e4:ac:79:19:22:a1:2c:4b:73:0c:a9:c9:47:6b:bd:71:8a:4e
Fingerprint (sha256): 0b:bc:cc:d8:97:78:71:7e:ce:31:4d:e4:60:9f:9b:28:1d:1b:af:43:da:b1:3d:f7:5f:71:51:62:c6:33:5b:a0

Issuing Certificate URL: http://gn.symcb.com/gn.crt

Revocation information

OCSP Server: http://gn.symcd.com
CRL Distribution Point: http://gn.symcb.com/gn.crl

Check the revocation status for certificate www2.healthcare.gov

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www2.healthcare.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

address.api.healthcare.gov
ses.api.healthcare.gov
mcr.api.healthcare.gov
www2.healthcare.gov

Other certificates including the domain name healthcare.gov

(limited to 100 certificates)
splunk.aws.healthcare.gov
test3.healthcare.gov
test3.healthcare.gov
www.healthcare.gov
test2.healthcare.gov
www2.cms.gov
orig.impl1a.ses.api.healthcare.gov
www.healthcare.gov
pet-elb.imp1b.healthcare.gov
test-t.healthcare.gov
shop.prod.healthcare.gov
www.healthcare.gov
www.healthcare.gov
adobe-ep.healthcare.gov
www2.healthcare.gov
tmdsm.aws.healthcare.gov
www2.cms.gov
www2.cms.gov
app-dc01.prod.healthcare.gov
app-dc01.prod.healthcare.gov
test3.healthcare.gov
www2.healthcare.gov
tmdsmdr.aws.healthcare.gov
net.prod.healthcare.gov
test2.healthcare.gov
api.healthcare.gov
www.healthcare.gov
impl.mcr.dsh.healthcare.gov
search.test.healthcare.gov
www2.cms.gov
www2.cms.gov
test.healthcare.gov
dsrs.api.healthcare.gov
test4.healthcare.gov
test4.healthcare.gov
net-dc01.prod.healthcare.gov
test3.healthcare.gov
prod.pc2-elb.healthcare.gov
vpneast.aws.cms.gov
www.healthcare.gov
test3.healthcare.gov
orig.ses.api.healthcare.gov
www2.cms.gov
www2.cms.gov
test2.healthcare.gov
sls-elb.imp.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
test2.healthcare.gov
search1.healthcare.gov
test.healthcare.gov
api.healthcare.gov
tmdsmdr.aws.healthcare.gov
test3.healthcare.gov
chat.healthcare.gov
nagiosdr.aws.healthcare.gov
test2.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
www2.cms.gov
test3.healthcare.gov
prod-t.healthcare.gov
www2.cms.gov
test2.healthcare.gov
origin-es-app.prod.healthcare.gov
test0.mcr.gw.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
test.healthcare.gov
test.healthcare.gov
b.dev.healthcare.gov
www.healthcare.gov
www2.healthcare.gov
test2.healthcare.gov
mcr.api.healthcare.gov
api-manager-elb.dev.healthcare.gov
www2.cms.gov
imp1b-marketplace-elb.api.healthcare.gov
origin-es-app.prod.healthcare.gov
test2.healthcare.gov
test.healthcare.gov
www2.cms.gov
www2.healthcare.gov
app1a.imp.healthcare.gov
test3.healthcare.gov
test0.shop.healthcare.gov
test2.healthcare.gov
chat.healthcare.gov
api-manager-elb.imp.healthcare.gov
www.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www2.cms.gov
api.healthcare.gov
www2.cms.gov
test2.healthcare.gov
imp-elb.flh.healthcare.gov

Certificate

The complete raw certificate details for www2.healthcare.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGXjCCBUagAwIBAgIQTmKENXEsFhrY7rlzVRh/jTANBgkqhkiG9w0BAQsFADBE
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU
R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTcwMzI4MDAwMDAwWhcNMTcwNjIzMjM1
OTU5WjCBkzELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE1hcnlsYW5kMRIwEAYDVQQH
DAlCYWx0aW1vcmUxMTAvBgNVBAoMKENlbnRlcnMgZm9yIE1lZGljYXJlICYgTWVk
aWNhaWQgU2VydmljZXMxDDAKBgNVBAsMA09JUzEcMBoGA1UEAwwTd3d3Mi5oZWFs
dGhjYXJlLmdvdjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANPt3jEK
sLLQ/V3N7zzJnXHYLt3kUc5KIAejY0baVcsJ+HEG58LhZof1Wjnh+1DO3UsErKUg
1AyLm/f/wTLURP0AsCwYKfKlxzIpf5MtDXVTBttner0eb7v6pVNGQcvVYzGpc8vW
fCd1cjfdPb/6f+WtKeD8Fyz8O4Hdzl4KIwnL5fGLpqtFQvABq1L+7t9jK8vr3h5X
WS6YeszhlHFzfI5nbFK/DgftP5hEE6i4qIIwBb5+A1G2n0MMX4ELxi6dsh5GdWmj
szcoQ45ZoNY35n+z0bwDdUG1jfTfygpAb9/bxaMI38HKJaQX0I6VQ6rl5JiWpujj
cZm2TwZuDj0QcTsCAwEAAaOCAvowggL2MGoGA1UdEQRjMGGCGmFkZHJlc3MuYXBp
LmhlYWx0aGNhcmUuZ292ghZzZXMuYXBpLmhlYWx0aGNhcmUuZ292ghZtY3IuYXBp
LmhlYWx0aGNhcmUuZ292ghN3d3cyLmhlYWx0aGNhcmUuZ292MAkGA1UdEwQCMAAw
DgYDVR0PAQH/BAQDAgWgMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9nbi5zeW1j
Yi5jb20vZ24uY3JsMIGdBgNVHSAEgZUwgZIwgY8GBmeBDAECAjCBhDA/BggrBgEF
BQcCARYzaHR0cHM6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0
b3J5L2xlZ2FsMEEGCCsGAQUFBwICMDUMM2h0dHBzOi8vd3d3Lmdlb3RydXN0LmNv
bS9yZXNvdXJjZXMvcmVwb3NpdG9yeS9sZWdhbDAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAU0m/3lvSFP3I8MH0j2oV4m6N8WnwwVwYI
KwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vZ24uc3ltY2QuY29tMCYG
CCsGAQUFBzAChhpodHRwOi8vZ24uc3ltY2IuY29tL2duLmNydDCCAQUGCisGAQQB
1nkCBAIEgfYEgfMA8QB2AN3rHSt6DU+mIIuBrYFocH4ujp0B1VyIjT0RxM227L7M
AAABWxbBD4kAAAQDAEcwRQIgG8uqWyi6FE5ZjJrgZbVXz15KCsor2Lwlogi0EsZU
084CIQCrB/EJLhuLWnWHdQKI39DgHHOaBCnLcmq5cFaVWEjnaAB3AKS5CZC0GFgU
h7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABWxbBD6QAAAQDAEgwRgIhAPmK3QII
G06Yofu9VrpnfMdeB3RZTLiuVURVAYkkEP5gAiEAzL/X2DHZvh+9pDI3tF4xuyRh
4WQln8gAAclTwu7+IMQwDQYJKoZIhvcNAQELBQADggEBAJ6KiuhznIadvg56Wcec
89jR66IrGr8CsmO2rUHuqzH3m+VRD5FgRPJacmyTpo19QeQ3iDyzKr8JSUvuZi9T
GyA0NEt52whOgdo+TWqpEFd71Z03XVuIQstGfOMaZs0jcvlBnus+o12oWuiax3RW
H5VsRenf3o5ZE0P/fr1iAYnDnWLx7rcGaiY4RdOzKBTiE+CpmUVzYpHNVVxnqQ9G
fQlWPpayWhq400ToXR/fp107DeUFfprVIOTesxR1WpdmB323NXKshwxJ8w7bmzPC
JHQK6DGLbhIfO+HZ+OJiOl+5L7ilYpnNSDJhQTJDOd7UIQWhe/f6LeEUyx7PPU7O
4P4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+3eMQqwstD9Xc3vPMmd
cdgu3eRRzkogB6NjRtpVywn4cQbnwuFmh/VaOeH7UM7dSwSspSDUDIub9//BMtRE
/QCwLBgp8qXHMil/ky0NdVMG22d6vR5vu/qlU0ZBy9VjMalzy9Z8J3VyN909v/p/
5a0p4PwXLPw7gd3OXgojCcvl8Yumq0VC8AGrUv7u32Mry+veHldZLph6zOGUcXN8
jmdsUr8OB+0/mEQTqLiogjAFvn4DUbafQwxfgQvGLp2yHkZ1aaOzNyhDjlmg1jfm
f7PRvAN1QbWN9N/KCkBv39vFowjfwcolpBfQjpVDquXkmJam6ONxmbZPBm4OPRBx
OwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 104191310275545249703783433597009559437
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA - G3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-28 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-06-23 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Maryland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Baltimore'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Centers for Medicare & Medicaid Services'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'OIS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www2.healthcare.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26753579398711106704683771119403953347570932144913243999798446222694082411014404399174577904746721829793069033243977300748255626853906002239581751259489223511441256247848037909356144407815554580763668104371249602212725952059655811460194372091864862100623973256232529679644852154187825479528172628464093790370833255558151729682313610118347094389080142961197900094639919636358798439605448650493954660389998972804606165974722490196683663206451482599080070667637640769285661491816395365598599011277856022967832920505911360334183177721401161507136010618162363919457581516158125223023860457892812339536339977047680715092283
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'address.api.healthcare.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ses.api.healthcare.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mcr.api.healthcare.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.healthcare.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (149 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d26ff796f4853f723c307d23da85789ba37c5a7c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015b16c10f89000004030047304502201bcbaa5b28ba144e598c9ae065b557cf5e4a0aca2bd8bc25a208b412c654d3ce022100ab07f1092e1b8b5a7587750288dfd0e01c739a0429cb726ab97056955848e768007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015b16c10fa40000040300483046022100f98add02081b4e98a1fbbd56ba677cc75e0774594cb8ae55445501892410fe60022100ccbfd7d831d9be1fbda43237b45e31bb2461e164259fc80001c953c2eefe20c4
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009e8a8ae8739c869dbe0e7a59c79cf3d8d1eba22b1abf02b263b6ad41eeab31f79be5510f916044f25a726c93a68d7d41e437883cb32abf09494bee662f531b2034344b79db084e81da3e4d6aa910577bd59d375d5b8842cb467ce31a66cd2372f9419eeb3ea35da85ae89ac774561f956c45e9dfde8e591343ff7ebd620189c39d62f1eeb7066a263845d3b32814e213e0a99945736291cd555c67a90f467d09563e96b25a1ab8d344e85d1fdfa75d3b0de5057e9ad520e4deb314755a9766077db73572ac870c49f30edb9b33c224740ae8318b6e121f3be1d9f8e2623a5fb92fb8a56299cd48326141324339ded42105a17bf7fa2de114cb1ecf3d4ecee0fe