citizens.sit2.cloud.digitalid.alberta.ca
Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1
About this certificate
This digital certificate with serial number 0d:b7:bd:3e:cf:7c:3d:37:43:a3:47:a6:bd:fb:9b:e5 was issued on by DigiCert, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=citizens.sit2.cloud.digitalid.alberta.ca
DigiCert, Inc.
Organization:
DigiCert, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:b7:bd:3e:cf:7c:3d:37:43:a3:47:a6:bd:fb:9b:e5Serial Number (int): 18233992622090538772320469791408888805
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: e2:5c:b6:d4:0e:cb:59:41:09:3f:b2:fc:62:e1:06:ae:e1:5a:82:0b
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23
Fingerprint (sha1): 9f:f9:13:60:7e:fe:b4:96:52:ec:9f:3a:df:6f:a1:65:3d:e7:fc:c3
Fingerprint (sha256): 0e:33:62:b9:23:95:e5:10:9e:63:63:0e:b6:b4:d9:75:3c:3f:f5:83:1c:54:a6:b1:ab:29:ae:4a:ed:47:fa:a1
Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
Check the revocation status for certificate citizens.sit2.cloud.digitalid.alberta.ca
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for citizens.sit2.cloud.digitalid.alberta.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
citizens.sit2.cloud.digitalid.alberta.ca
Other certificates including the domain name alberta.ca
(limited to 100 certificates)
platform-test.myhealth.alberta.ca
foip.alberta.ca
fs.alt.alberta.ca
sslvs07.igloosoftware.com
hermis.alberta.ca
sip.aimco.alberta.ca
data.environment.alberta.ca
*.ae.alberta.ca
qa.myhealth.alberta.ca
vpn.loshared.alberta.ca
commercialhearings-internal.alberta.ca
mypass.alberta.ca
aemagis.gov.ab.ca
geodiscover.alberta.ca
qa.myhealth.alberta.ca
*.aimco.alberta.ca
seniors.alberta.ca
getfile.alberta.ca
abdlan.gov.ab.ca
*.acstraining.alberta.ca
sslvs07.igloosoftware.com
albertaready.aema.alberta.ca
sslvs07.igloosoftware.com
ext.sp.tb.alberta.ca
*.aet.alberta.ca
justice-digital.alberta.ca
lyncaccess2.gov.ab.ca
otdr.health.alberta.ca
platform.healthvault.alberta.ca
transportal.alberta.ca
projects.transportation.alberta.ca
sslvs07.igloosoftware.com
mhaloginppe.alberta.ca
lufsp.alberta.ca
regionaldashboard.alberta.ca
surplusuat.alberta.ca
abdlan.gov.ab.ca
sslvs07.igloosoftware.com
exts2.aep.alberta.ca
ppe2.myhealth.alberta.ca
sni.cloudflaressl.com
sslvs07.igloosoftware.com
alberta.ca
www.maps.srd.alberta.ca
ddi.health.alberta.ca
sslvs07.igloosoftware.com
defecttracking.health.alberta.ca
spin.stg.alt.alberta.ca
acc-qa.myhealth.alberta.ca
wa8.sp.alberta.ca
sslvs07.igloosoftware.com
mhalogin.alberta.ca
pats.alberta.ca
aemagis.gov.ab.ca
wildfire.alberta.ca
work.alberta.ca
account.healthvault.alberta.ca
*.aimco.alberta.ca
support.alberta.ca
pabapps.alberta.ca
siamsfs.madi.alberta.ca
info.health.alberta.ca
connect.tbf.alberta.ca
sslvs07.igloosoftware.com
www.opra.alberta.ca
sslvs07.igloosoftware.com
work.alberta.ca
*.aimco.alberta.ca
tls.automattic.com
www.hrextcguat1.alberta.ca
alberta.ca
citizens.sit.cloud.digitalid.alberta.ca
lyncaccess2.gov.ab.ca
api.iam.alberta.ca
abdlan.gov.ab.ca
uat.questaplus.alberta.ca
sni.cloudflaressl.com
www.hrextcg.alberta.ca
wildfire.alberta.ca
stpgrants.alberta.ca
secure.myloan.studentaid.alberta.ca
*.aet.alberta.ca
citizens.sit2.cloud.digitalid.alberta.ca
sslvs07.igloosoftware.com
aish-apply.alberta.ca
open.alberta.ca
stage.ecommittee.alberta.ca
caqc.alberta.ca
qa.myhealth.alberta.ca
*.aimco.alberta.ca
sslvs07.igloosoftware.com
saml.public.uat.sadfs.alberta.ca
vision.alberta.ca
maps.srd.alberta.ca
personaldirectives.alberta.ca
*.aimco.alberta.ca
projects.alberta.ca
data.iae.alberta.ca
Contractornet.ocya.alberta.ca
portfolio-management2.health.alberta.ca
foip.alberta.ca
fs.alt.alberta.ca
sslvs07.igloosoftware.com
hermis.alberta.ca
sip.aimco.alberta.ca
data.environment.alberta.ca
*.ae.alberta.ca
qa.myhealth.alberta.ca
vpn.loshared.alberta.ca
commercialhearings-internal.alberta.ca
mypass.alberta.ca
aemagis.gov.ab.ca
geodiscover.alberta.ca
qa.myhealth.alberta.ca
*.aimco.alberta.ca
seniors.alberta.ca
getfile.alberta.ca
abdlan.gov.ab.ca
*.acstraining.alberta.ca
sslvs07.igloosoftware.com
albertaready.aema.alberta.ca
sslvs07.igloosoftware.com
ext.sp.tb.alberta.ca
*.aet.alberta.ca
justice-digital.alberta.ca
lyncaccess2.gov.ab.ca
otdr.health.alberta.ca
platform.healthvault.alberta.ca
transportal.alberta.ca
projects.transportation.alberta.ca
sslvs07.igloosoftware.com
mhaloginppe.alberta.ca
lufsp.alberta.ca
regionaldashboard.alberta.ca
surplusuat.alberta.ca
abdlan.gov.ab.ca
sslvs07.igloosoftware.com
exts2.aep.alberta.ca
ppe2.myhealth.alberta.ca
sni.cloudflaressl.com
sslvs07.igloosoftware.com
alberta.ca
www.maps.srd.alberta.ca
ddi.health.alberta.ca
sslvs07.igloosoftware.com
defecttracking.health.alberta.ca
spin.stg.alt.alberta.ca
acc-qa.myhealth.alberta.ca
wa8.sp.alberta.ca
sslvs07.igloosoftware.com
mhalogin.alberta.ca
pats.alberta.ca
aemagis.gov.ab.ca
wildfire.alberta.ca
work.alberta.ca
account.healthvault.alberta.ca
*.aimco.alberta.ca
support.alberta.ca
pabapps.alberta.ca
siamsfs.madi.alberta.ca
info.health.alberta.ca
connect.tbf.alberta.ca
sslvs07.igloosoftware.com
www.opra.alberta.ca
sslvs07.igloosoftware.com
work.alberta.ca
*.aimco.alberta.ca
tls.automattic.com
www.hrextcguat1.alberta.ca
alberta.ca
citizens.sit.cloud.digitalid.alberta.ca
lyncaccess2.gov.ab.ca
api.iam.alberta.ca
abdlan.gov.ab.ca
uat.questaplus.alberta.ca
sni.cloudflaressl.com
www.hrextcg.alberta.ca
wildfire.alberta.ca
stpgrants.alberta.ca
secure.myloan.studentaid.alberta.ca
*.aet.alberta.ca
citizens.sit2.cloud.digitalid.alberta.ca
sslvs07.igloosoftware.com
aish-apply.alberta.ca
open.alberta.ca
stage.ecommittee.alberta.ca
caqc.alberta.ca
qa.myhealth.alberta.ca
*.aimco.alberta.ca
sslvs07.igloosoftware.com
saml.public.uat.sadfs.alberta.ca
vision.alberta.ca
maps.srd.alberta.ca
personaldirectives.alberta.ca
*.aimco.alberta.ca
projects.alberta.ca
data.iae.alberta.ca
Contractornet.ocya.alberta.ca
portfolio-management2.health.alberta.ca
Certificate
The complete raw certificate details for citizens.sit2.cloud.digitalid.alberta.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHvjCCBaagAwIBAgIQDbe9Ps98PTdDo0emvfub5TANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN MjMwNDI1MDAwMDAwWhcNMjMxMDIwMjM1OTU5WjAzMTEwLwYDVQQDEyhjaXRpemVu cy5zaXQyLmNsb3VkLmRpZ2l0YWxpZC5hbGJlcnRhLmNhMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAoTK5omuNdowOunhcADRE+nmkhTevng99SOwHPmBk sBe3sTAPNgcYBF3MBIm958cfEL6k8lFrw2lgyb8dmmJllg9X2dJJCu8/Xn3l0NfV vo+4pWGrqjhYbZvyzCP7QfLZXrCBMpNkMTxDZsIxxeWF/LD/QZwY/tLuAOCyVbBM KVE4DpLsinw3zXLo1l7Yqd1GktV8r982SH/PEX14OV7QF09rA5OlekpOkn4G2ACa sIyEwyfYVhInUo64LCopVneNDFluEMPY8jqxK2f4S8ll+uzCLSNwGsZDNbCbNEmE WtlhbfDVEHv9nRqs+eeUXay2KTT57LE2BKlUGQYYKro8QQIDAQABo4IDozCCA58w HwYDVR0jBBgwFoAUpbTW6zbE52um38RkCwEqIAS4ZiMwHQYDVR0OBBYEFOJcttQO y1lBCT+y/GLhBq7hWoILMDMGA1UdEQQsMCqCKGNpdGl6ZW5zLnNpdDIuY2xvdWQu ZGlnaXRhbGlkLmFsYmVydGEuY2EwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjCBnwYDVR0fBIGXMIGUMEigRqBEhkJodHRwOi8v Y3JsMy5kaWdpY2VydC5jb20vR2VvVHJ1c3RHbG9iYWxUTFNSU0E0MDk2U0hBMjU2 MjAyMkNBMS5jcmwwSKBGoESGQmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9HZW9U cnVzdEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNybDA+BgNVHSAENzA1 MDMGBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNv bS9DUFMwgYcGCCsGAQUFBwEBBHsweTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au ZGlnaWNlcnQuY29tMFEGCCsGAQUFBzAChkVodHRwOi8vY2FjZXJ0cy5kaWdpY2Vy dC5jb20vR2VvVHJ1c3RHbG9iYWxUTFNSU0E0MDk2U0hBMjU2MjAyMkNBMS5jcnQw CQYDVR0TBAIwADCCAYAGCisGAQQB1nkCBAIEggFwBIIBbAFqAHcA6D7Q2j71BjUy 51covIlryQPTy9ERa+zraeF3fW0GvW4AAAGHtvT6agAABAMASDBGAiEAiZynnYb7 G9ND3hNkbJS1o3VavMqC6+czIcn3sB8PuwICIQCz8cf4NGSx2Qb28kJ3CiuLu1Jd uyDucMZ6u2hS5fskbgB2ALNzdwfhhFD4Y4bWBancEQlKeS2xZwwLh9zwAw55NqWa AAABh7b0+tYAAAQDAEcwRQIhAJLJJpSMPPwVJL1PHoQwF6HBBDNzt4JXtbyUnaT5 FUeoAiBVmXUHa+/EP5FtLibjB4ehm8O+LB4i+xOO14vj0gAGdgB3AHoyjFTYty22 IOo44FIe6YQWcDIThU070ivBOlejUutSAAABh7b0+mcAAAQDAEgwRgIhAPJynqsS p7TQfCAfaRZTEG2GDmG9crSB7li7jkK3e5/SAiEAop7JsLRdhFoMPHDfw+TRX3ua Hxt7rDrLh/0ttVt8BL0wDQYJKoZIhvcNAQELBQADggIBAMzuUVqtLxdycBZxUKnN S2HzRFwsFcucE9U8Bdu6olV3/UKT/sFHL3cgU39ot7qOtvDfCVpILgkP1PmSWwez H793xUx9hsTmhTk/h2WQ1MuM5emSM40bnbFE6Qwn7pOCwyNwdjfZ1kVn7PLfo8vU 47xGDOceJ5HI5pG4vwnyJ2NIY9MVksc4Y8dtN2rkKFpKp1YzZJ/4O/z1OL8kKKQH 8Wdiq0ztaEfNNkFiXai3sud3zyv/p90cIrzzAu9Lv/lsuxnB2a41qSEYCqCmyafZ qVNrut2HA35y1JtlUZHL4SL84LLv7O9hQVkM7nz65sysDOilVp9V1x2p8ZDIc86B TJVp5C0iBwIRNx5yxxE621FL+kcn3MXVSDOC+gjU5/UpemtfAUqn8tVtE7WBc144 GFPvdUz9Ex2HQur5kit1j1CWrzTpl2NyP27XqkfNt3LGp/SQDuvf14mEo0SiSorn AiMKDAsuby4mAd6ync5jVNPB0h7hlZL3VBWya13OR3iyrDpEIYgnedDeOczEm9Xp 7UHBiifku7I95rt4DLJOqoib4L5fF4hDvSP1WIltpzJQhn0HJeA/NK2Mf/l1ZQt5 +K5JTxU7EIHpJ9/8oGLST6LWu8Ghf/F/NCVlUk3VpEGfP8+mptWit24DhIMsW0bt 1UIL9VQWeenS29nBtj9I0J2X -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTK5omuNdowOunhcADRE +nmkhTevng99SOwHPmBksBe3sTAPNgcYBF3MBIm958cfEL6k8lFrw2lgyb8dmmJl lg9X2dJJCu8/Xn3l0NfVvo+4pWGrqjhYbZvyzCP7QfLZXrCBMpNkMTxDZsIxxeWF /LD/QZwY/tLuAOCyVbBMKVE4DpLsinw3zXLo1l7Yqd1GktV8r982SH/PEX14OV7Q F09rA5OlekpOkn4G2ACasIyEwyfYVhInUo64LCopVneNDFluEMPY8jqxK2f4S8ll +uzCLSNwGsZDNbCbNEmEWtlhbfDVEHv9nRqs+eeUXay2KTT57LE2BKlUGQYYKro8 QQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18233992622090538772320469791408888805 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-25 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-20 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'citizens.sit2.cloud.digitalid.alberta.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20349380595664804154614999018141301785965571204678424095016153193397199102610675450773116554824259447812069964699334108029105111619786739164592552483743354701016573237618106505945968173310126734893505226998556941842073805065884693575387952327234716331930943104781982436523209729222420627196058851756326592667965641852033262303595592841834959050395971648659869284223377964800151606972753243860592236285788093633262782221923891902139142504584326749109979970212557391368197479830760168257642797099876165517071816234641752216716040096137397953647675082242606736096864072925607423599054056191837620495239717023741388667969 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e25cb6d40ecb5941093fb2fc62e106aee15a820b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citizens.sit2.cloud.digitalid.alberta.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000187b6f4fa6a0000040300483046022100899ca79d86fb1bd343de13646c94b5a3755abcca82ebe73321c9f7b01f0fbb02022100b3f1c7f83464b1d906f6f242770a2b8bbb525dbb20ee70c67abb6852e5fb246e007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000187b6f4fad6000004030047304502210092c926948c3cfc1524bd4f1e843017a1c1043373b78257b5bc949da4f91547a80220559975076befc43f916d2e26e30787a19bc3be2c1e22fb138ed78be3d20006760077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000187b6f4fa670000040300483046022100f2729eab12a7b4d07c201f691653106d860e61bd72b481ee58bb8e42b77b9fd2022100a29ec9b0b45d845a0c3c70dfc3e4d15f7b9a1f1b7bac3acb87fd2db55b7c04bd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00ccee515aad2f177270167150a9cd4b61f3445c2c15cb9c13d53c05dbbaa25577fd4293fec1472f7720537f68b7ba8eb6f0df095a482e090fd4f9925b07b31fbf77c54c7d86c4e685393f876590d4cb8ce5e992338d1b9db144e90c27ee9382c323707637d9d64567ecf2dfa3cbd4e3bc460ce71e2791c8e691b8bf09f227634863d31592c73863c76d376ae4285a4aa75633649ff83bfcf538bf2428a407f16762ab4ced6847cd3641625da8b7b2e777cf2bffa7dd1c22bcf302ef4bbff96cbb19c1d9ae35a921180aa0a6c9a7d9a9536bbadd87037e72d49b655191cbe122fce0b2efecef6141590cee7cfae6ccac0ce8a5569f55d71da9f190c873ce814c9569e42d22070211371e72c7113adb514bfa4727dcc5d5483382fa08d4e7f5297a6b5f014aa7f2d56d13b581735e381853ef754cfd131d8742eaf9922b758f5096af34e99763723f6ed7aa47cdb772c6a7f4900eebdfd78984a344a24a8ae702230a0c0b2e6f2e2601deb29dce6354d3c1d21ee19592f75415b26b5dce4778b2ac3a4421882779d0de39ccc49bd5e9ed41c18a27e4bbb23de6bb780cb24eaa889be0be5f178843bd23f558896da73250867d0725e03f34ad8c7ff975650b79f8ae494f153b1081e927dffca062d24fa2d6bbc1a17ff17f342565524dd5a4419f3fcfa6a6d5a2b76e0384832c5b46edd5420bf5541679e9d2dbd9c1b63f48d09d97