modalforms.controlant.com

Issued by GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1

About this certificate

This digital certificate with serial number 03:4e:45:10:0a:30:03:86:35:1f:c9:2b:ff:27:92:92 was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=modalforms.controlant.com

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:4e:45:10:0a:30:03:86:35:1f:c9:2b:ff:27:92:92
Serial Number (int): 4394083899386611547571560524301177490
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 9c:5a:f8:2d:27:5c:17:2b:a9:80:fb:c9:a9:05:55:4a:79:94:e3:41
AuthorityKeyId: 12:c9:88:9b:2f:c9:44:7a:7d:12:f1:df:40:03:42:98:92:c7:24:d6

Fingerprint (sha1): 80:8a:a0:e7:97:a1:ec:21:56:3b:84:ef:4c:64:76:40:16:8f:bc:57
Fingerprint (sha256): 0e:22:b7:f2:db:31:2c:62:66:7a:02:54:a5:db:ee:74:a1:ce:ef:dd:47:21:fd:ba:61:9a:0b:9d:b7:09:f2:4f

Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1.crl

Check the revocation status for certificate modalforms.controlant.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for modalforms.controlant.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

modalforms.controlant.com

Other certificates including the domain name controlant.com

(limited to 100 certificates)
ult-mfe-stub-mr-mr-451.ult-sandbox.controlant.com
ult-host-mr-dg.ult-sandbox.controlant.com
private.zacharyhill.dev
ui-api-mr-mr-307.ult-sandbox.controlant.com
ult-host-mr-mr-302.ult-sandbox.controlant.com
ult-host-mr-mr-307.ult-sandbox.controlant.com
ult-mfe-stub-mr-mr-303.ult-sandbox.controlant.com
ult-mfe-mr-tz.ult-sandbox.controlant.com
ult-mfe-mr-mr-306.ult-sandbox.controlant.com
private.zacharyhill.dev
controlant.com
www.feriaganaderachile.cl
private.zacharyhill.dev
ult-host-mr-mr-284.ult-sandbox.controlant.com
sharing.controlant.com
private.zacharyhill.dev
status-pre.cardiff.ac.uk
private.zacharyhill.dev
private.zacharyhill.dev
private.zacharyhill.dev
api-mr-mr-303.ult-sandbox.controlant.com
ult-mfe-mr-mr-387.ult-sandbox.controlant.com
bob.controlant.com
sharing.controlant.com
*.audit-trail-mfe.sandbox.controlant.com
www.controlant.com
in.controlant.com
freebirdfindings.com
api-mr-mr-301.ult-sandbox.controlant.com
api-mr-mr-304.ult-sandbox.controlant.com
merck.bi.controlant.com
private.zacharyhill.dev
bi.test.controlant.com
modalforms.controlant.com
private.zacharyhill.dev
bi.live.controlant.com
ult-mfe-mr-dg.ult-sandbox.controlant.com
status-pre.cardiff.ac.uk
*.bi.dev.controlant.com
am-users.sandbox.controlant.com
api-mr-tz.ult-sandbox.controlant.com
private.zacharyhill.dev
testrail.controlant.com
private.zacharyhill.dev
testrail.controlant.com
api-mr-mr-296.ult-sandbox.controlant.com
private.zacharyhill.dev
private.zacharyhill.dev
ult-mfe-mr-dg.ult-sandbox.controlant.com
ult-mfe-mr-dg.ult-sandbox.controlant.com
private.zacharyhill.dev
ult-host-mr-mr-304.ult-sandbox.controlant.com
private.zacharyhill.dev
ult-mfe-mr-mr-311.ult-sandbox.controlant.com
ui-api-mr-mr-310.ult-sandbox.controlant.com
uat.controlant.com
confluence.controlant.com
ult-mfe-stub-mr-mr-311.ult-sandbox.controlant.com
registry-staging.tools.controlant.com
*.audit-trail-mfe.sandbox.controlant.com
private.zacharyhill.dev
private.zacharyhill.dev
dev.controlant.com
private.zacharyhill.dev
www.controlant.com
ult-mfe-stub-mr-tz.ult-sandbox.controlant.com
in.controlant.com
*.audit-trail-mfe.sandbox.controlant.com
ult-mfe-stub-mr-mr-301.ult-sandbox.controlant.com
ult-mfe-stub-mr-mr-310.ult-sandbox.controlant.com
in.controlant.com
flyingpaperclips.com
private.zacharyhill.dev
private.zacharyhill.dev
private.zacharyhill.dev
test.controlant.com
ult-mfe-mr-mr-310.ult-sandbox.controlant.com
private.zacharyhill.dev
private.zacharyhill.dev
testrail.controlant.com
pamacloud.auxswot.com
audit-trail-mfe.uat.controlant.com
staffmeeting.controlant.com
api-mr-mr-284.ult-sandbox.controlant.com
ult-mfe-mr-mr-385.ult-sandbox.controlant.com
test.controlant.com
private.zacharyhill.dev
search.gitlab.tools.controlant.com
ult-mfe-stub-mr-mr-389.ult-sandbox.controlant.com
confluence.controlant.com
private.zacharyhill.dev
private.zacharyhill.dev
ui-api-mr-mr-450.ult-sandbox.controlant.com
ult-mfe-mr-mr-389.ult-sandbox.controlant.com
controlant.com
private.zacharyhill.dev
ult-host-mr-mr-296.ult-sandbox.controlant.com
ult-mfe-mr-mr-450.ult-sandbox.controlant.com
ult-mfe-stub-mr-mr-390.ult-sandbox.controlant.com
ui-api-mr-mr-451.ult-sandbox.controlant.com

Certificate

The complete raw certificate details for modalforms.controlant.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGlDCCBXygAwIBAgIQA05FEAowA4Y1H8kr/yeSkjANBgkqhkiG9w0BAQsFADBZ
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypH
ZW9UcnVzdCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEw
NDI5MDAwMDAwWhcNMjExMDI4MjM1OTU5WjAkMSIwIAYDVQQDExltb2RhbGZvcm1z
LmNvbnRyb2xhbnQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
yCivtmvW85coqa5+Jp4YXCzpIz7lMVC2PPEAwdiwCdQtoCAob56Et9HJqg5Ftfbr
dxC5cM2u1v4/OATd/djHVR108T0HG9Ak1eaR+qPRTX8SSmEOPMtnhiqF1SZ9GIQC
c0E3MRHH/kjw0SlOZeTz6d1BZGxuaQMv1PDlUi0SVtrDFFirtxNXaUvRjeo2ZFy/
pCGEA7udh5hSP/1yibi7fKpVtPLx6AI+M9HbeLh20P6KPCaj8QSNV7eUkPog1ZQw
lXoy4XZYxP98Al+VB10/qeVdvzwFnr7hq9JzGIfB19yxIzR/l+UllCrXHUSVDzZO
qQbJs5oPaoKgXkVB2+OO5QIDAQABo4IDizCCA4cwHwYDVR0jBBgwFoAUEsmImy/J
RHp9EvHfQANCmJLHJNYwHQYDVR0OBBYEFJxa+C0nXBcrqYD7yakFVUp5lONBMCQG
A1UdEQQdMBuCGW1vZGFsZm9ybXMuY29udHJvbGFudC5jb20wDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBmwYDVR0fBIGTMIGQ
MEagRKBChkBodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vR2VvVHJ1c3RUTFNEVlJT
QU1peGVkU0hBMjU2MjAyMENBLTEuY3JsMEagRKBChkBodHRwOi8vY3JsNC5kaWdp
Y2VydC5jb20vR2VvVHJ1c3RUTFNEVlJTQU1peGVkU0hBMjU2MjAyMENBLTEuY3Js
MD4GA1UdIAQ3MDUwMwYGZ4EMAQIBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cu
ZGlnaWNlcnQuY29tL0NQUzCBhQYIKwYBBQUHAQEEeTB3MCQGCCsGAQUFBzABhhho
dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTwYIKwYBBQUHMAKGQ2h0dHA6Ly9jYWNl
cnRzLmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdFRMU0RWUlNBTWl4ZWRTSEEyNTYyMDIw
Q0EtMS5jcnQwCQYDVR0TBAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHYA
9lyUL9F3MCIUVBgIMJRWjuNNExkzv98MLyALzE7xZOMAAAF5HmbtiAAABAMARzBF
AiEAoDL6bnGhWvY9q7wEMrX0BiktUiOGx4/XvUduDtE0hl0CIGoRajGQ0TibMWbo
pQZ0mfZb/yfLnwq8wID17fdovpF8AHYAXNxDkv7mq0VEsV6a1FbmEDf71fpH3KFz
lLJe5vbHDsoAAAF5HmbrWQAABAMARzBFAiEA/mJeY7EDuku5ofZj/T46aIGAquao
yJGmShoGbmzdkN4CIFw96aFtHnbsZghbr9jtnBFOhsFVtfsr+rSIKomiEwDJAHUA
7sCV7o1yZA+S48O5G8cSo2lqCXtLahoUOOZHssvtxfkAAAF5HmbuWQAABAMARjBE
AiBF4W2g+P5tmJx9bxRkmBV/++rNDQYCLPe7zrXRPOXFhwIgDTAOFA+p3VfQ18G1
ttOZcdOXhYkjRYaY1PwpTjoIAaYwDQYJKoZIhvcNAQELBQADggEBAA1Wes2GQNRI
oJKDgua3Y/dlBSGVWcScYHijtGBCZnOZyOW8I04B2E3hVqDldZjDrUBSEpBDaJ9b
pHEE0cSDnO3cAwsnt84+73So1auhLx1O6qC1AiN9oyJMQaGFZILFPWGhQIM/lOfr
Yt6OHeLx3vEAFYJbVwCHPVQ063BUCvP4PiorZ9dwxto3CBedw+8LRIFbQ9fYI8DT
b2VXBOfuWbgfGIHVfaD0YbGxzCDZyTRZi/J8RgsWuwc5DuxsT2HxwcqpNsYqsV5k
ocNwNwaIQ4OP8u6ASSayJtrIx1aoVDQ2A8wDh/pD5ZYMbkcqVw4IiP0HCUCMvoFD
JWwBTUmFkVU=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCivtmvW85coqa5+Jp4Y
XCzpIz7lMVC2PPEAwdiwCdQtoCAob56Et9HJqg5FtfbrdxC5cM2u1v4/OATd/djH
VR108T0HG9Ak1eaR+qPRTX8SSmEOPMtnhiqF1SZ9GIQCc0E3MRHH/kjw0SlOZeTz
6d1BZGxuaQMv1PDlUi0SVtrDFFirtxNXaUvRjeo2ZFy/pCGEA7udh5hSP/1yibi7
fKpVtPLx6AI+M9HbeLh20P6KPCaj8QSNV7eUkPog1ZQwlXoy4XZYxP98Al+VB10/
qeVdvzwFnr7hq9JzGIfB19yxIzR/l+UllCrXHUSVDzZOqQbJs5oPaoKgXkVB2+OO
5QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 4394083899386611547571560524301177490
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-29 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-10-28 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'modalforms.controlant.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25267724193612906837383697082045788271071853530220955266011427126072474693511399635115017775613962492504516672426224597182848333830209553631594742269737821372476915205017227310081873302513646793061314187150672741223651667034838151430161081980589785272607589345995377712201216763833746632044186330082778690216612490472327199599622197979334546313349569608245208907499644386919416024648412186192545753303688480241221970139956537943610220754975482759468725261400655530593724190183801055401336061170233514533248530079690206448263717438527772586959335179044883993296415723525645364872204675410858222210394294208377632558821
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 12c9889b2fc9447a7d12f1df4003429892c724d6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9c5af82d275c172ba980fbc9a905554a7994e341
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'modalforms.controlant.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (147 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600f65c942fd1773022145418083094568ee34d131933bfdf0c2f200bcc4ef164e3000001791e66ed880000040300473045022100a032fa6e71a15af63dabbc0432b5f406292d522386c78fd7bd476e0ed134865d02206a116a3190d1389b3166e8a5067499f65bff27cb9f0abcc080f5edf768be917c0076005cdc4392fee6ab4544b15e9ad456e61037fbd5fa47dca17394b25ee6f6c70eca000001791e66eb590000040300473045022100fe625e63b103ba4bb9a1f663fd3e3a688180aae6a8c891a64a1a066e6cdd90de02205c3de9a16d1e76ec66085bafd8ed9c114e86c155b5fb2bfab4882a89a21300c9007500eec095ee8d72640f92e3c3b91bc712a3696a097b4b6a1a1438e647b2cbedc5f9000001791e66ee590000040300463044022045e16da0f8fe6d989c7d6f146498157ffbeacd0d06022cf7bbceb5d13ce5c58702200d300e140fa9dd57d0d7c1b5b6d39971d397858923458698d4fc294e3a0801a6
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000d567acd8640d448a0928382e6b763f76505219559c49c6078a3b46042667399c8e5bc234e01d84de156a0e57598c3ad4052129043689f5ba47104d1c4839ceddc030b27b7ce3eef74a8d5aba12f1d4eeaa0b502237da3224c41a1856482c53d61a140833f94e7eb62de8e1de2f1def10015825b5700873d5434eb70540af3f83e2a2b67d770c6da3708179dc3ef0b44815b43d7d823c0d36f655704e7ee59b81f1881d57da0f461b1b1cc20d9c934598bf27c460b16bb07390eec6c4f61f1c1caa936c62ab15e64a1c37037068843838ff2ee804926b226dac8c756a854343603cc0387fa43e5960c6e472a570e0888fd0709408cbe8143256c014d49859155