ldap.exch580.serverdata.net

- SystemServer -

Issued by GeoTrust RSA CA 2018

About this certificate

This digital certificate with serial number 04:32:9c:14:64:f1:79:4b:86:d9:89:fa:2d:b2:25:a4 was issued on by DigiCert Inc.

With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

SystemServer

Organization: SystemServer
Organization unit: Internet Services
State / Province: New York
Locality: New York
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:32:9c:14:64:f1:79:4b:86:d9:89:fa:2d:b2:25:a4
Serial Number (int): 5579692497768249723143455337161565604
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 59:f0:87:bf:e7:27:80:45:1e:24:b0:60:5f:51:c1:d3:8a:d5:b8:50
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5

Fingerprint (sha1): c0:5e:b1:e4:f2:d0:96:57:03:a8:5d:e6:eb:57:45:c5:e3:b6:ae:0a
Fingerprint (sha256): 0d:f0:50:36:99:56:e0:89:eb:39:32:a1:a9:f8:41:84:b2:59:ff:dc:1b:d7:c1:e5:96:00:93:44:34:45:af:8d

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl

Check the revocation status for certificate ldap.exch580.serverdata.net

11

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ldap.exch580.serverdata.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ldap.exch580.serverdata.net
dc580-lo-1.exch580.serverpod.net
dc580-lo-3.exch580.serverpod.net
dc580-va-2.exch580.serverpod.net
dc580-lo-4.exch580.serverpod.net
dc580-ca-2.exch580.serverpod.net
dc580-ca-1.exch580.serverpod.net
dc580-lo-2.exch580.serverpod.net
dc580-va-1.exch580.serverpod.net
dc580-lo-5.exch580.serverpod.net
dc580-lo-6.exch580.serverpod.net

Other certificates including the domain name serverdata.net

(limited to 100 certificates)
exch031.serverdata.net
exch025.serverdata.net
mail026-1.exch026.serverdata.net
sharesync.serverdata.net
apps.exch126.serverdata.net
lyncpool1.exch153.serverdata.net
exch021.serverdata.net
ingram.serverdata.net
mail690-1.exch690.serverdata.net
exch099.serverdata.net
mail500-1.exch500.serverdata.net
lyncgcpool1.exch580.serverdata.net
upload580.serverdata.net
ldap.exch090.serverdata.net
pool1.exch129.serverdata.net
uploadsc9.serverdata.net
ingram.serverdata.net
mail020-1.exch020.serverdata.net
exch099.serverdata.net
lyncpool1.exch180.serverdata.net
lyncpool1.exch153.serverdata.net
pool1.exch126.serverdata.net
mail032-2.exch032.serverdata.net
mail580-1.exch580.serverdata.net
lyncpool1.exch180.serverdata.net
lyncpool1.exch082.serverdata.net
lyncpool1.exch082.serverdata.net
owa020.serverdata.net
exch083.serverdata.net
exch029.serverdata.net
ldap.exch123.serverdata.net
lyncsip.exch600.serverdata.net
ldap.exch156.serverdata.net
ldap.exch600.serverdata.net
usa2.akaz.io
exch081.serverdata.net
exch580.serverdata.net
lyncpool1.exch032.serverdata.net
lyncsip.exch500.serverdata.net
exch126.serverdata.net
mail080-1.exch080.serverdata.net
mail157-co-1.exch157.serverdata.net
exch024.serverdata.net
owa.serverdata.net
lyncsip.exch022.serverdata.net
ldap.pexch119.serverdata.net
ldap.pexch121.serverdata.net
lyncpool1.exch027.serverdata.net
lyncsip.exch027.serverdata.net
mail026-2.exch026.serverdata.net
lyncpool1.exch580.serverdata.net
mail690-1.exch690.serverdata.net
lyncpool1.exch026.serverdata.net
exch480.serverdata.net
mail580-2.exch580.serverdata.net
exch084.serverdata.net
lyncpool1.exch032.serverdata.net
lyncedgepool.exch029.serverdata.net
exch027.serverdata.net
nexus.serverdata.net
sy.smtp.mx.serverdata.net
outbound.smtp.o365.serverdata.net
smtp.exch027.serverdata.net
*.serverdata.net
mail029-2.exch029.serverdata.net
mail030-2.exch030.serverdata.net
va.smtp.mx.serverdata.net
lyncsip.exch032.serverdata.net
www.serverdata.net
mail023-1.exch023.serverdata.net
skypepool1.pexch118.serverdata.net
mail080-1.exch080.serverdata.net
exch122.serverdata.net
ldap.pexch118.serverdata.net
exch029.serverdata.net
exch080.serverdata.net
exch029.serverdata.net
au.serverdata.net
*.quarantine.serverdata.net
backup.serverdata.net
ldap.exch027.serverdata.net
ldap.exch580.serverdata.net
lyncpool1.exch025.serverdata.net
lyncpool1.exch082.serverdata.net
exch021.serverdata.net
lyncpool1.exch025.serverdata.net
mail080-1.exch080.serverdata.net
apps.exch090.serverdata.net
pexch120.serverdata.net
exch024.serverdata.net
mail151-1.exch151.serverdata.net
mail154-1.exch154.serverdata.net
mail022-1.exch022.serverdata.net
mail070-1.exch070.serverdata.net
ldap.exch130.serverdata.net
lyncpool1.exch021.serverdata.net
www.serverdata.net
hpbx017.serverdata.net
smtp.exch151.serverdata.net
lyncsip.exch024.serverdata.net

Certificate

The complete raw certificate details for ldap.exch580.serverdata.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGkTCCBXmgAwIBAgIQBDKcFGTxeUuG2Yn6LbIlpDANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe
Fw0xODA2MDYwMDAwMDBaFw0yMDA4MDQxMjAwMDBaMIGMMQswCQYDVQQGEwJVUzER
MA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRUwEwYDVQQKEwxT
eXN0ZW1TZXJ2ZXIxGjAYBgNVBAsTEUludGVybmV0IFNlcnZpY2VzMSQwIgYDVQQD
ExtsZGFwLmV4Y2g1ODAuc2VydmVyZGF0YS5uZXQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDi3qw586iObuAIHAYviQ0+e+iSgdB1NiDgiAL6LSrEtwJR
f52pycJOzomuaqZMwTPQAmxmgXVaRbqlBBRlFIBLVUplXngBFYo/MkSUKTsW2Zwv
kyaLyCCqKV56ghqaP76cFRKdk9WMhaNIzblkgdxx9U+Wovlp6XrYW4o0mmlvTWpj
V259YQamDPqcnOkMbj2FuYWCYKnL8heQP3TRDZ4eswJL77HUX6c5sj3mTum2UtIO
PP1CkvhE9vYysF/iNpEJ31x8kD23j2YlCFS2nhLg1MUzNtYGOO52DxHxgYLTSi9F
8wXw8xVNLcTR4qxhx6lRENjlYBmH9F9w8lYkqZcfAgMBAAGjggMaMIIDFjAfBgNV
HSMEGDAWgBSQWP+wnHWoUVR3se3yo0MWOJ5sxTAdBgNVHQ4EFgQUWfCHv+cngEUe
JLBgX1HB04rVuFAwggF+BgNVHREEggF1MIIBcYIbbGRhcC5leGNoNTgwLnNlcnZl
cmRhdGEubmV0giBkYzU4MC1sby0xLmV4Y2g1ODAuc2VydmVycG9kLm5ldIIgZGM1
ODAtbG8tMy5leGNoNTgwLnNlcnZlcnBvZC5uZXSCIGRjNTgwLXZhLTIuZXhjaDU4
MC5zZXJ2ZXJwb2QubmV0giBkYzU4MC1sby00LmV4Y2g1ODAuc2VydmVycG9kLm5l
dIIgZGM1ODAtY2EtMi5leGNoNTgwLnNlcnZlcnBvZC5uZXSCIGRjNTgwLWNhLTEu
ZXhjaDU4MC5zZXJ2ZXJwb2QubmV0giBkYzU4MC1sby0yLmV4Y2g1ODAuc2VydmVy
cG9kLm5ldIIgZGM1ODAtdmEtMS5leGNoNTgwLnNlcnZlcnBvZC5uZXSCIGRjNTgw
LWxvLTUuZXhjaDU4MC5zZXJ2ZXJwb2QubmV0giBkYzU4MC1sby02LmV4Y2g1ODAu
c2VydmVycG9kLm5ldDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCMD4GA1UdHwQ3MDUwM6AxoC+GLWh0dHA6Ly9jZHAuZ2VvdHJ1
c3QuY29tL0dlb1RydXN0UlNBQ0EyMDE4LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG
/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT
MAgGBmeBDAECAjB1BggrBgEFBQcBAQRpMGcwJgYIKwYBBQUHMAGGGmh0dHA6Ly9z
dGF0dXMuZ2VvdHJ1c3QuY29tMD0GCCsGAQUFBzAChjFodHRwOi8vY2FjZXJ0cy5n
ZW90cnVzdC5jb20vR2VvVHJ1c3RSU0FDQTIwMTguY3J0MAkGA1UdEwQCMAAwEwYK
KwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAA9KhYLWw7vN8YsP
4u/BIvD5BcdL6R1OpFgj2+lhbeQcnVOrRgG4fegfCtU7/p/l3QWKrSyPz8kxsJkQ
+Jf9HEj1/SFzPQlLKpbGNolcK2Z6kXgpKYGUIuLOlUVvuXx/C+aJsxF/zyiV5uN6
8+nSZYQdGbxth0lDauTt862dtVn1Rw3Icdcoh+GQxg1COeg42ho0zXR7LS1jUbvu
dYOfS+rEwQNUozIZOttbdXNS2dRziEMNLdRdKOMofjJ6eNyxdKbw8+pwMNvhgalp
J9hVIAIv57kibZ60sRXVAC3/N5ltT259b+IYs3l1rE549Dg7Xlb8dd823F7vWSL6
NezRrxE=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4t6sOfOojm7gCBwGL4kN
PnvokoHQdTYg4IgC+i0qxLcCUX+dqcnCTs6JrmqmTMEz0AJsZoF1WkW6pQQUZRSA
S1VKZV54ARWKPzJElCk7FtmcL5Mmi8ggqileeoIamj++nBUSnZPVjIWjSM25ZIHc
cfVPlqL5ael62FuKNJppb01qY1dufWEGpgz6nJzpDG49hbmFgmCpy/IXkD900Q2e
HrMCS++x1F+nObI95k7ptlLSDjz9QpL4RPb2MrBf4jaRCd9cfJA9t49mJQhUtp4S
4NTFMzbWBjjudg8R8YGC00ovRfMF8PMVTS3E0eKsYcepURDY5WAZh/RfcPJWJKmX
HwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5579692497768249723143455337161565604
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-06-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-04 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SystemServer'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet Services'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ldap.exch580.serverdata.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28639660952379576555109347162316964484326340379490316329555885226104108927415354142559274801810886667994936800079281884583564680652923995867164231948363226973381112658204203701647837540451694233877926879388373946824338302571335139982802227943030433893850672398904232856592159878127789794821105573550787815825557908815829207723439330518302824302485005080980193798466517331147047208948547912336141009319564152652698647350581373350922181921937802549915006611973533153189230430876626716467271394528043436515864622926199705789559207037500995382966188557578203977625190770023471485728918679980600810690892244059449356556063
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							59f087bfe72780451e24b0605f51c1d38ad5b850
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (373 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ldap.exch580.serverdata.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dc580-lo-1.exch580.serverpod.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dc580-lo-3.exch580.serverpod.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dc580-va-2.exch580.serverpod.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dc580-lo-4.exch580.serverpod.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dc580-ca-2.exch580.serverpod.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dc580-ca-1.exch580.serverpod.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dc580-lo-2.exch580.serverpod.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dc580-va-1.exch580.serverpod.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dc580-lo-5.exch580.serverpod.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dc580-lo-6.exch580.serverpod.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000f4a8582d6c3bbcdf18b0fe2efc122f0f905c74be91d4ea45823dbe9616de41c9d53ab4601b87de81f0ad53bfe9fe5dd058aad2c8fcfc931b09910f897fd1c48f5fd21733d094b2a96c636895c2b667a91782929819422e2ce95456fb97c7f0be689b3117fcf2895e6e37af3e9d265841d19bc6d8749436ae4edf3ad9db559f5470dc871d72887e190c60d4239e838da1a34cd747b2d2d6351bbee75839f4beac4c10354a332193adb5b757352d9d47388430d2dd45d28e3287e327a78dcb174a6f0f3ea7030dbe181a96927d85520022fe7b9226d9eb4b115d5002dff37996d4f6e7d6fe218b37975ac4e78f4383b5e56fc75df36dc5eef5922fa35ecd1af11