gisstage.dot.ri.gov

Issued by GeoTrust RSA CA 2018

About this certificate

This digital certificate with serial number 06:f3:a2:5c:6f:fd:6f:0e:ea:78:e8:13:54:b9:dc:c4 was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=gisstage.dot.ri.gov

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 06:f3:a2:5c:6f:fd:6f:0e:ea:78:e8:13:54:b9:dc:c4
Serial Number (int): 9240389185339420014444819574442024132
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: ef:3d:9e:7b:8f:ab:4d:ca:19:de:17:26:90:48:a1:d3:48:03:15:16
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5

Fingerprint (sha1): b3:ed:2d:01:b2:28:c6:7e:3b:40:3c:07:fe:60:7d:29:2f:24:39:9b
Fingerprint (sha256): 11:09:f9:40:07:8d:b4:76:f1:6d:4a:78:a8:07:ac:9e:3e:d3:c7:9a:42:ad:60:dd:2c:4b:ce:6e:4d:fb:a8:a1

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl

Check the revocation status for certificate gisstage.dot.ri.gov

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for gisstage.dot.ri.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gisstage.dot.ri.gov

Other certificates including the domain name ri.gov

(limited to 100 certificates)
caringcareers.ri.gov
gwb.ri.gov
healthyrhode.ri.gov
sni.cloudflaressl.com
climatechange.ri.gov
lirs.health.ri.gov
tls.automattic.com
sim.ribridges.ri.gov
innovate.ri.gov
prod.16.slot.cdn.salesforce-communities.com
dwq.health.ri.gov
prod.16.slot.cdn.salesforce-communities.com
prod.16.slot.cdn.salesforce-communities.com
www.ricert.ride.ri.gov
prod.16.slot.cdn.salesforce-communities.com
ridmvtestservices-dev.ri.gov
prod.16.slot.cdn.salesforce-communities.com
conversions.vetdata.com
*.sos.ri.gov
sni.cloudflaressl.com
sim.ribridges.ri.gov
prod.16.slot.cdn.salesforce-communities.com
www.abcp.riag.ri.gov
sos.ri.gov
data.ri.gov
prod.16.slot.cdn.salesforce-communities.com
welltesting.health.ri.gov
results.ri.gov
dbr.ri.gov
sni.cloudflaressl.com
ridop.ri.gov
prod.16.slot.cdn.salesforce-communities.com
dorexpressjge.courts.ri.gov
wcompsys.dlt.ri.gov
www.rieermc.ri.gov
www.seow.ri.gov
healthyrhode.ri.gov
sni.cloudflaressl.com
eec.ri.gov
www.barrington.ri.gov
dhs-db-vhsql01.enterprise.ri.gov
prod.16.slot.cdn.salesforce-communities.com
prod.16.slot.cdn.salesforce-communities.com
prod.16.slot.cdn.salesforce-communities.com
www.policy.dhs.ri.gov
ridmvreservations.ri.gov
cvcapp.treasury.ri.gov
portal2.courts.ri.gov
gwb.ri.gov
tls.automattic.com
vote.ri.gov
fsc.ri.gov
ecert.ride.ri.gov
ssl415607.cloudflaressl.com
prod.16.slot.cdn.salesforce-communities.com
gwb.ri.gov
prod.16.slot.cdn.salesforce-communities.com
sheriffs.ri.gov
debtwatch.treasury.ri.gov
taxportalcsr.ri.gov
www.ri.gov
teleserve.dlt.ri.gov
ffxnonprod.tax.ri.gov
dltweb.dlt.ri.gov
www.earr.dhs.ri.gov
prod.16.slot.cdn.salesforce-communities.com
healthyrhode.ri.gov
prod.16.slot.cdn.salesforce-communities.com
prod.16.slot.cdn.salesforce-communities.com
prod.16.slot.cdn.salesforce-communities.com
dcamm.ri.gov
www.rieermc.ri.gov
*.rims.dmv.ri.gov
rifansportal.ri.gov
sni.cloudflaressl.com
dev.api.crushcovid.ri.gov
prod.16.slot.cdn.salesforce-communities.com
support.exceed.ri.gov
www.policy.dhs.ri.gov
*.rims.dmv.ri.gov
dot-ap-gis06.dot.ri.gov
prod.16.slot.cdn.salesforce-communities.com
dwq.health.ri.gov
kidsnet.health.ri.gov
ssl415606.cloudflaressl.com
bhddh.ri.gov
*.dcyf.ri.gov
sni.cloudflaressl.com
test.uiicon.dlt.ri.gov
adfs.ri.gov
www.vapadmin.doc.ri.gov
*.prod.oneoutdoor.egov.com
vueworksprod.dot.ri.gov
ssl860942.cloudflaressl.com
mail.courts.ri.gov
innovate.ri.gov
cmars.doc.ri.gov
voice.riag.ri.gov
prod.16.slot.cdn.salesforce-communities.com
fdus-33.freshdesk.com

Certificate

The complete raw certificate details for gisstage.dot.ri.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGLDCCBRSgAwIBAgIQBvOiXG/9bw7qeOgTVLncxDANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe
Fw0xODA4MjMwMDAwMDBaFw0yMDA4MjIxMjAwMDBaMB4xHDAaBgNVBAMTE2dpc3N0
YWdlLmRvdC5yaS5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY
icW2mWB9hRjP+IIQLK564tvYOncDQjV2DpCAKUr1bdA8rGBE2FwqqVmIyJWE4ae6
HS/laIFGF6Ye9cWBVO7z/466GMxiQnxSY/aSkUHOH4GBYqxtzLrZ9UQ0J/ep82n8
Ho+6s3jOO9y5rFO0UVoI5vF79wcuLZ8ysQehbNx5oL4xzkzu1EYyk4gmhJvDZvM3
ja9e6gXqK7dea3Nae2WGdOR+CP3IO6fAycdmGHk4z9vlEuXct6GcP9IfnA0oQjfi
qyUKKeCxzbZ5eiZHkjGyeew31Tp4JPvx5YA3iOWXpILztXmKrR1ba9466GDsOv2R
TuMnYa6bB0vr8UKAuvSXAgMBAAGjggMkMIIDIDAfBgNVHSMEGDAWgBSQWP+wnHWo
UVR3se3yo0MWOJ5sxTAdBgNVHQ4EFgQU7z2ee4+rTcoZ3hcmkEih00gDFRYwHgYD
VR0RBBcwFYITZ2lzc3RhZ2UuZG90LnJpLmdvdjAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD4GA1UdHwQ3MDUwM6AxoC+GLWh0
dHA6Ly9jZHAuZ2VvdHJ1c3QuY29tL0dlb1RydXN0UlNBQ0EyMDE4LmNybDBMBgNV
HSAERTBDMDcGCWCGSAGG/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5k
aWdpY2VydC5jb20vQ1BTMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwJgYIKwYB
BQUHMAGGGmh0dHA6Ly9zdGF0dXMuZ2VvdHJ1c3QuY29tMD0GCCsGAQUFBzAChjFo
dHRwOi8vY2FjZXJ0cy5nZW90cnVzdC5jb20vR2VvVHJ1c3RSU0FDQTIwMTguY3J0
MAkGA1UdEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AKS5CZC0GFgU
h7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZWeWPOUAAAQDAEcwRQIgYm3gNgkk
DYp4ThFuQ+HebgVsp89/GdBQv1KnpjTyj3QCIQDSYYSnZ4euPrjLprY7sqn+BJcS
4/oOUR6DhGYmqkzv/QB1AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMP
AAABZWeWPaYAAAQDAEYwRAIgXYRLbZd+ZHGBpzLE/rRzxaH25zit1nhrMmyXERcV
87cCIHoFlkiQWK4o/uro4I1Mj3ZDMhnGobLJ8+0mFISTJyJRAHYAu9nfvB+KcbWT
lCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFlZ5Y9yQAABAMARzBFAiEAiOTFUQp4
iLlj1PEn33z9qSUB/RZ/nTu2ydTxwGr7IFQCIFO1MoVpKCHVx6KnUWWgqDTDNN6q
0hNsOEk7s5VQnyP0MA0GCSqGSIb3DQEBCwUAA4IBAQANLI+c1wy8fZRXSm7VSeeM
0RgOUxcs1DLNyP811okVCLmpkZyLG8QUTsg8YeGNiuDNiPvrd+qMP4XLv8s1kbLF
1jpcbqomVstSO5oU4LYNcEcCkXnIGPm3QiowHgRlcM6ISOx/iv5SLHRJR8d2p2Ro
0MZzeEaRPmYLnfKnpYYEKB0DXODsiid5Ak6d1kVnP8Q4OJmxnxneq+pLl6HtDnA9
2apR4O6CHlNg72TSxgazVo3DWBJpg7fgPevHUjP7eSr0hFRdjL2thC0X7Sfi4OhN
ZJoP55sQstg2/TGYUFifxaWB7QYnBCOaFSBXIMIIF5HJHNDsip2CxQ05Vj/VZdrx
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmInFtplgfYUYz/iCECyu
euLb2Dp3A0I1dg6QgClK9W3QPKxgRNhcKqlZiMiVhOGnuh0v5WiBRhemHvXFgVTu
8/+OuhjMYkJ8UmP2kpFBzh+BgWKsbcy62fVENCf3qfNp/B6PurN4zjvcuaxTtFFa
CObxe/cHLi2fMrEHoWzceaC+Mc5M7tRGMpOIJoSbw2bzN42vXuoF6iu3XmtzWntl
hnTkfgj9yDunwMnHZhh5OM/b5RLl3LehnD/SH5wNKEI34qslCingsc22eXomR5Ix
snnsN9U6eCT78eWAN4jll6SC87V5iq0dW2veOuhg7Dr9kU7jJ2GumwdL6/FCgLr0
lwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 9240389185339420014444819574442024132
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-23 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-22 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gisstage.dot.ri.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19256160416682252291566481259892557344752764340042556958466195582443429406784306862515506134150224795903651777939682112928177995059012417033239488651305947783248021337558978927146923301626037839579862227022191375977033607204717330636348423828547832120369022045711616848309466689719619436981195470707947724628463286767099267797005449138807238985677561096442027727460663194264363363788150960461871095447702165492447525477330199870819364242202961365960855416313681333289940321206479957662917852409996673073802491478688205796128742717422039647276182088024865216285723877384167954675862973455316883443251271732387515135127
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ef3d9e7b8fab4dca19de17269048a1d348031516
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gisstage.dot.ri.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016567963ce500000403004730450220626de03609240d8a784e116e43e1de6e056ca7cf7f19d050bf52a7a634f28f74022100d26184a76787ae3eb8cba6b63bb2a9fe049712e3fa0e511e83846626aa4ceffd0075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016567963da6000004030046304402205d844b6d977e647181a732c4feb473c5a1f6e738add6786b326c97111715f3b702207a0596489058ae28feeae8e08d4c8f76433219c6a1b2c9f3ed26148493272251007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016567963dc9000004030047304502210088e4c5510a7888b963d4f127df7cfda92501fd167f9d3bb6c9d4f1c06afb2054022053b53285692821d5c7a2a75165a0a834c334deaad2136c38493bb395509f23f4
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000d2c8f9cd70cbc7d94574a6ed549e78cd1180e53172cd432cdc8ff35d6891508b9a9919c8b1bc4144ec83c61e18d8ae0cd88fbeb77ea8c3f85cbbfcb3591b2c5d63a5c6eaa2656cb523b9a14e0b60d7047029179c818f9b7422a301e046570ce8848ec7f8afe522c744947c776a76468d0c6737846913e660b9df2a7a58604281d035ce0ec8a2779024e9dd645673fc4383899b19f19deabea4b97a1ed0e703dd9aa51e0ee821e5360ef64d2c606b3568dc358126983b7e03debc75233fb792af484545d8cbdad842d17ed27e2e0e84d649a0fe79b10b2d836fd319850589fc5a581ed062704239a15205720c2081791c91cd0ec8a9d82c50d39563fd565daf1