service62.trenitalia.it

- Trenitalia S.p.A. -

Issued by GeoTrust RSA CA 2018

About this certificate

This digital certificate with serial number 02:5f:9e:33:8b:69:39:15:40:7f:b6:68:23:0a:d6:96 was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Trenitalia S.p.A.

Organization: Trenitalia S.p.A.
State / Province: Lazio
Locality: Roma
Country: IT

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 02:5f:9e:33:8b:69:39:15:40:7f:b6:68:23:0a:d6:96
Serial Number (int): 3154932897629928705071495840898143894
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: e3:08:8a:ef:56:0e:e9:f6:4d:a5:56:1e:af:da:2c:01:14:5a:6b:fc
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5

Fingerprint (sha1): fe:98:d9:77:78:9d:ee:f6:06:8e:70:52:ef:f9:f5:52:a9:1f:92:5e
Fingerprint (sha256): 12:0e:53:c7:a5:c0:0d:e9:7f:a1:50:75:42:3b:42:c9:ef:e4:56:81:0f:61:93:a8:14:80:93:34:d7:c0:bb:12

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl

Check the revocation status for certificate service62.trenitalia.it

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for service62.trenitalia.it

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

service62.trenitalia.it

Other certificates including the domain name trenitalia.it

(limited to 100 certificates)
service62.trenitalia.it
s3rbackoffice.trenitalia.it
sso.trenitalia.it
ccsc-tper.cert.trenitalia.it
monitoraggio.mir.trenitalia.it
eap.fs.eu
www.lefrecce.it
areariservata.cargo.trenitalia.it
t4p-wd.trenitalia.it
super2016.trenitalia.it
fnidv.trenitalia.it
gw71.mplat.trenitalia.it
trenitaliaforagents.trenitalia.it
gestionemail.cert.trenitalia.it
oeng.trenitalia.it
smp.trenitalia.it
voc.trenitalia.it
infobi.trenitalia.it
ramagency.trenitalia.it
www.lefrecce.it
epmbi.trenitalia.it
cert.extendedexperience.trenitalia.it
pmt.trenitalia.it
pmt.trenitalia.it
gw71.mplat.trenitalia.it
consolecriticita.trenitalia.it
super2016.trenitalia.it
reporting.sirev2.trenitalia.it
sirinterface.mir.trenitalia.it
monitoraggio.mir.trenitalia.it
www.webcrew.trenitalia.it
areariservata.cargo.trenitalia.it
www.lefrecce.it
ramagency.trenitalia.it
service62.trenitalia.it
*.trenitalia.it
reporting.sirev2.trenitalia.it
pisa.trenitalia.it
www.acquistionline.trenitalia.it
rambackofficexml.trenitalia.it
gw71.mplat.trenitalia.it
documentale.trenitalia.it
reporting.sirev2.trenitalia.it
epmbi-test.trenitalia.it
sibo.trenitalia.it
sirev2.trenitalia.it
super2016.trenitalia.it
oiminternal.trenitalia.it
oiminternal.trenitalia.it
rbm.trenitalia.it
sirinterface.mir.trenitalia.it
areariservata.cargo.trenitalia.it
cert.extendedexperience.cc.trenitalia.it
sirev2.trenitalia.it
mastersts.trenitalia.it
ramamadeus.trenitalia.it
pmt.trenitalia.it
sbpax.trenitalia.it
pmt.trenitalia.it
www.webcrew.trenitalia.it
monitoraggio.mir.trenitalia.it
sso.trenitalia.it
reporting.sirev2.trenitalia.it
rambackofficexml.trenitalia.it
rbm.trenitalia.it
smp.form.trenitalia.it
voc.trenitalia.it
ramamadeus.trenitalia.it
sginet.trenitalia.it
ramagency.trenitalia.it
ccsc-tper.trenitalia.it
oeng.trenitalia.it
rambackofficexml.trenitalia.it
cxi.social-monitoring.trenitalia.it
ramagency.trenitalia.it
sirinterface.mir.trenitalia.it
gwcert71.mplat.trenitalia.it
www.webcrew.trenitalia.it
infobi.trenitalia.it
fp.trenitalia.it
reporting.sirev2.trenitalia.it
sginet.trenitalia.it
gwcert71.mplat.trenitalia.it
sirev2.trenitalia.it
LSWebext.fs.eu
infoboard.trenitalia.it
www.lefrecce.it
fnidv.trenitalia.it
infoboard.trenitalia.it
cxi.social-monitoring.trenitalia.it
sirev2.trenitalia.it
gw71.mplat.trenitalia.it
areariservata.cargo.trenitalia.it
rambackofficexml.trenitalia.it
www.webcrew.trenitalia.it
www.rfi.it
ramamadeus.trenitalia.it
super2016.trenitalia.it
pmt.trenitalia.it
gw71.mplat.trenitalia.it

Certificate

The complete raw certificate details for service62.trenitalia.it in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgIQAl+eM4tpORVAf7ZoIwrWljANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe
Fw0yMDExMTIwMDAwMDBaFw0yMTExMTYyMzU5NTlaMGoxCzAJBgNVBAYTAklUMQ4w
DAYDVQQIEwVMYXppbzENMAsGA1UEBxMEUm9tYTEaMBgGA1UEChMRVHJlbml0YWxp
YSBTLnAuQS4xIDAeBgNVBAMTF3NlcnZpY2U2Mi50cmVuaXRhbGlhLml0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvYcVN8pujvpoOIG9JTbyU3J3gEz
4XmhE/Ye0e8NvEb0TYSSlgtFlfnjpMbxdiSa1yz9SFtygYzJMWdNxFv5FjNa7VT1
RNx2OlI+ZuHNV2m94jSp+en0f0QxwA0RseufYOxBx5kqX+UGzZdPfZWkc8EblIYV
P+DoENfzwgfaLHGd+wa1meKww4jlzqS1ij8WOpdURyu/qG5oIGqyuxMnQi+HYm6y
Zd8FmfSbgdHHXIqD/BR/mMpq4H7nwGpvXmtr23uuOc6xAA2Bi44+f80AjNWJrniY
9wQW4RlfYXbCbJhdhsISEZcL934GHpeWzrzH0qYpC4lLD1fAXuQn0Xq2GwIDAQAB
o4ICszCCAq8wHwYDVR0jBBgwFoAUkFj/sJx1qFFUd7Ht8qNDFjiebMUwHQYDVR0O
BBYEFOMIiu9WDun2TaVWHq/aLAEUWmv8MCIGA1UdEQQbMBmCF3NlcnZpY2U2Mi50
cmVuaXRhbGlhLml0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwPgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2NkcC5nZW90cnVz
dC5jb20vR2VvVHJ1c3RSU0FDQTIwMTguY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9
bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMw
CAYGZ4EMAQICMHUGCCsGAQUFBwEBBGkwZzAmBggrBgEFBQcwAYYaaHR0cDovL3N0
YXR1cy5nZW90cnVzdC5jb20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9jYWNlcnRzLmdl
b3RydXN0LmNvbS9HZW9UcnVzdFJTQUNBMjAxOC5jcnQwDAYDVR0TAQH/BAIwADCC
AQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3APZclC/RdzAiFFQYCDCUVo7jTRMZM7/f
DC8gC8xO8WTjAAABdbuk304AAAQDAEgwRgIhAJKcTl+xA2iXddQMmdrEF4VIh16M
x0mF/kKiOyWMI1D4AiEAoemxfnW37pjR5L5vo0uYH+obrRpLnPdr2BkoCUr3qakA
dgBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/0zOWtbaBqAAAAXW7pN9NAAAEAwBH
MEUCIAYm+r7RBeweiVP/Hh91Vmzf5GutGGj6Dal3XNYn9e56AiEAunSzfd9TG0dd
AN95B0X1lp5Dr5TQp7NO/AxDZ4afnNQwDQYJKoZIhvcNAQELBQADggEBAGekDwxV
A4LL6lW+VluJ5AfyQ28it8myut9L+0gbw5cI/R/9wRdLciPET9QPO9DCVihbAw4Q
Pj8DbCyu7SHb+jm/KolCqlpp/WuxCjvrW27eDbu0Z6UcJOfePUr1HNBfDoP0b3CO
bhJ+gUbq8eq3iTWV4KnNGpkSOzOJ4JRNcY9DTIeaEKy5F14vG2+TOGb+zxsVjgIM
o+14PeTg3fB94aXXy63AeQNeAus1FwIWA2JsCMWDouvtXocKjfG7Bqaon+bPd0Cg
bCQk7ktqKkS8os3t7Qk/0a9KJU8Z3V84yE0ONyKqNVomce8/PJz9qlvFJr7deYDr
wq/EI+ia4S38cKI=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvYcVN8pujvpoOIG9JTb
yU3J3gEz4XmhE/Ye0e8NvEb0TYSSlgtFlfnjpMbxdiSa1yz9SFtygYzJMWdNxFv5
FjNa7VT1RNx2OlI+ZuHNV2m94jSp+en0f0QxwA0RseufYOxBx5kqX+UGzZdPfZWk
c8EblIYVP+DoENfzwgfaLHGd+wa1meKww4jlzqS1ij8WOpdURyu/qG5oIGqyuxMn
Qi+HYm6yZd8FmfSbgdHHXIqD/BR/mMpq4H7nwGpvXmtr23uuOc6xAA2Bi44+f80A
jNWJrniY9wQW4RlfYXbCbJhdhsISEZcL934GHpeWzrzH0qYpC4lLD1fAXuQn0Xq2
GwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 3154932897629928705071495840898143894
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-11-12 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-11-16 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Lazio'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Roma'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trenitalia S.p.A.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'service62.trenitalia.it'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24611592858024315682192045873703170902191904202454723752908316670857934800508727105521590919025800396571925610609959318658066141855100771624565153355917497364343822306500240758796780420611824433715580359897574525019819526375407658348775617585738069267243812011854844033996340250801402873784553055837029465756342423913694256041640377813061105649039132067368285327749883028075698786495418698441113988168218823950303012931549146205625115338682689606557558626977847805432296572307921067158465701232762089389394474643716610547458033299862363185702045423030427221695816779203528755543873903647867799503513670666977269167643
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e3088aef560ee9f64da5561eafda2c01145a6bfc
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'service62.trenitalia.it'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700f65c942fd1773022145418083094568ee34d131933bfdf0c2f200bcc4ef164e300000175bba4df4e0000040300483046022100929c4e5fb103689775d40c99dac4178548875e8cc74985fe42a23b258c2350f8022100a1e9b17e75b7ee98d1e4be6fa34b981fea1bad1a4b9cf76bd81928094af7a9a90076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a800000175bba4df4d000004030047304502200626fabed105ec1e8953ff1e1f75566cdfe46bad1868fa0da9775cd627f5ee7a022100ba74b37ddf531b475d00df790745f5969e43af94d0a7b34efc0c4367869f9cd4
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0067a40f0c550382cbea55be565b89e407f2436f22b7c9b2badf4bfb481bc39708fd1ffdc1174b7223c44fd40f3bd0c256285b030e103e3f036c2caeed21dbfa39bf2a8942aa5a69fd6bb10a3beb5b6ede0dbbb467a51c24e7de3d4af51cd05f0e83f46f708e6e127e8146eaf1eab7893595e0a9cd1a99123b3389e0944d718f434c879a10acb9175e2f1b6f933866fecf1b158e020ca3ed783de4e0ddf07de1a5d7cbadc079035e02eb3517021603626c08c583a2ebed5e870a8df1bb06a6a89fe6cf7740a06c2424ee4b6a2a44bca2cdeded093fd1af4a254f19dd5f38c84d0e3722aa355a2671ef3f3c9cfdaa5bc526bedd7980ebc2afc423e89ae12dfc70a2