svt01exe001.hcs.vermont.gov

- State of Vermont -

Issued by GlobalSign RSA OV SSL CA 2018

About this certificate

This digital certificate with serial number 18:8f:b5:8d:ca:c5:7e:5e:48:42:45:d0 was issued on by GlobalSign nv-sa.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

State of Vermont

Organization: State of Vermont
State / Province: Vermont
Locality: Montpelier
Country: US

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate will expire on

Certificate Details

Serial Number (hex): 18:8f:b5:8d:ca:c5:7e:5e:48:42:45:d0
Serial Number (int): 7601373991852710929685956048
Serial Number lenght: 93 bits, 12 octets

SubjectKeyId: 39:46:22:f3:6c:ff:69:d7:e6:31:01:a0:db:05:a2:87:47:cd:c3:ff
AuthorityKeyId: f8:ef:7f:f2:cd:78:67:a8:de:6f:8f:24:8d:88:f1:87:03:02:b3:eb

Fingerprint (sha1): 42:ce:a5:f2:87:eb:5d:72:01:b0:c2:55:fd:91:cd:56:27:89:37:3e
Fingerprint (sha256): 14:46:82:16:08:c0:76:0a:c4:da:ff:41:c8:54:22:53:2b:47:eb:63:ac:01:53:66:cc:9a:a4:d5:d2:01:71:a7

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt

Revocation information

OCSP Server: http://ocsp.globalsign.com/gsrsaovsslca2018
CRL Distribution Point: http://crl.globalsign.com/gsrsaovsslca2018.crl

Check the revocation status for certificate svt01exe001.hcs.vermont.gov

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for svt01exe001.hcs.vermont.gov

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

svt01exe001.hcs.vermont.gov
hcs.vermont.gov

Other certificates including the domain name vermont.gov

(limited to 100 certificates)
dhriu.vermont.gov
www.myvtax.vermont.gov
inside.vermont.gov
www.vermont.gov
ssl7.revizesites.com
anrmaps.vermont.gov
ismstg.apps.vermont.gov
*.healthconnect.vermont.gov
list.vermont.gov
ljfo.vermont.gov
e911ags.vermont.gov
usaherds.vermont.gov
matsdev.vtrans.vermont.gov
maps.vcgi.vermont.gov
1moreconversation.com
inside.vermont.gov
dev.maps.vcgi.vermont.gov
employerreporting.vermont.gov
gpnh.ngesi.vermont.gov
selfserve.education.state.vt.us
cloud.agriculture.vermont.gov
railtrails.vermont.gov
gs.tax.vermont.gov
*.professionals.vermont.gov
anrgeodata.vermont.gov
secure.vermont.gov
cloud.agriculture.vermont.gov
eoc.vermont.gov
1moreconversation.com
bedboard.vermont.gov
slds.education.vermont.gov
staging.mydmv.vermont.gov
geodata.vermont.gov
rms.vermont.gov
cloud.agriculture.vermont.gov
*.hsep.vermont.gov
ssl7.revizesites.com
anrgeodata.vermont.gov
legislature.vermont.gov
apps.health.vermont.gov
uipublic01.labor.vermont.gov
ACCDMaps.Vermont.gov
anrmaps.vermont.gov
list.vermont.gov
www.vermont.gov
Inside.Vermont.Gov
*.id.vermont.gov
peacham.vermont.gov
grants.vermont.gov
www.staging.vtpics.vermont.gov
edwa.vermont.gov
cloud.agriculture.vermont.gov
agriculturegrants.vermont.gov
maps.vermont.gov
secure.accd.vermont.gov
WebDBMS.ngesi.vermont.gov
preprod.slds.vermont.gov
anrmaps.vermont.gov
gs.vtrans.vermont.gov
*.healthconnect.vermont.gov
vtlottery.com
my.vermont.gov
retire.vermont.gov
ljfo.vermont.gov
apps.health.vermont.gov
bedboard.vermont.gov
dev.maps.vcgi.vermont.gov
legislature.vermont.gov
ssl7.revizesites.com
uipublic.labor.vermont.gov
maps.vermont.gov
1moreconversation.com
*.id.vermont.gov
sos.vermont.gov
*.hsep.vermont.gov
ssl7.revizesites.com
roadsidemarkers.vermont.gov
design.education.vermont.gov
*.ngesi.vermont.gov
childcareproviders.vermont.gov
160.166.tmcapital.com
*.apps.vermont.gov
vitws.labor.vermont.gov
www.usaplants.vermont.gov
test.slds.vermont.gov
www.rms.vermont.gov
cloud.agriculture.vermont.gov
ssl7.revizesites.com
*.professionals.vermont.gov
svt01exe001.hcs.vermont.gov
*.hsep.in.vermont.gov
maps.vcgi.vermont.gov
infotest.my.vermont.gov
www.vermont.gov
uipublic.labor.vermont.gov
apps.health.vermont.gov
dualenrollment.vermont.gov
ljfo.vermont.gov
lobbying.vermont.gov
orc.vermont.gov

Certificate

The complete raw certificate details for svt01exe001.hcs.vermont.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIMGI+1jcrFfl5IQkXQMA0GCSqGSIb3DQEBCwUAMFAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSYwJAYDVQQDEx1H
bG9iYWxTaWduIFJTQSBPViBTU0wgQ0EgMjAxODAeFw0yNDA1MTUxOTA2MDFaFw0y
NTA2MTYxOTA2MDBaMHUxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdWZXJtb250MRMw
EQYDVQQHEwpNb250cGVsaWVyMRkwFwYDVQQKExBTdGF0ZSBvZiBWZXJtb250MSQw
IgYDVQQDExtzdnQwMWV4ZTAwMS5oY3MudmVybW9udC5nb3YwggIiMA0GCSqGSIb3
DQEBAQUAA4ICDwAwggIKAoICAQDH4jsYbCUtBYucEqpa4gq5nHN7RkROJzpOMz3H
GNRwcCakDeTHHdfg9ppeJJ/LVGgBK3nVtvrgmUmiuRtJaG92HCOShxym4CBndbme
WFFLFN0P+T2No5zJJ0rKchIxr1B02i8rLMRiydZXz1VNYvnaez7Y9dpX7MKv1UY3
NOuJ/W2zcGLU4cc/tfV7sUuBIfilG8Kw8YteO0S4gyxYU1GYVCUOBCi2QY/mdKjm
FpeNhyRKPSYzfiB7fkJxr98tanf/37qjayvyF7z3YHkpUdU9N+Lhn4YeSTi/j+nu
Hf4gYeDBvg/lCaP4XAJ8eCM/VJi6eibf44wheQLGrdG7Nxdm4jATd+gEU3LrByFT
XT28umbk7Fn+qtVWyEAoSFy77ThqqSLBmwl0WieM6X73WWbZjov8HF+Vrnueog3P
p+U8rGMJhQCZSMGPFu+F9yINCQzb0oQgzVpaulT3mVMXjxtpdcC3gT70sRZl6pNj
mJD4vxto3WCVqnTwC0j32A9i5Q0hMBAen7BU6Edg0VZSrqkmg1FJfml0cuf5FuIs
NNdLht0o2rTtQ67I2mLGrnb+ZmDFYhnZ+5hBQeVTZHNgVBZ4Kx1fSoaorW/5jKzy
bvTH4VNTmnEbh4yehdJAbCmRuXZ90UvoacSHvErpR42pfBHz9OixRO39p29vMc6W
jqlLhQIDAQABo4IB+TCCAfUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
gY4GCCsGAQUFBwEBBIGBMH8wRAYIKwYBBQUHMAKGOGh0dHA6Ly9zZWN1cmUuZ2xv
YmFsc2lnbi5jb20vY2FjZXJ0L2dzcnNhb3Zzc2xjYTIwMTguY3J0MDcGCCsGAQUF
BzABhitodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9nc3JzYW92c3NsY2EyMDE4
MFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v
d3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjA/BgNVHR8E
ODA2MDSgMqAwhi5odHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzcnNhb3Zzc2xj
YTIwMTguY3JsMDcGA1UdEQQwMC6CG3N2dDAxZXhlMDAxLmhjcy52ZXJtb250Lmdv
doIPaGNzLnZlcm1vbnQuZ292MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjAfBgNVHSMEGDAWgBT473/yzXhnqN5vjySNiPGHAwKz6zAdBgNVHQ4EFgQUOUYi
82z/adfmMQGg2wWih0fNw/8wEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcN
AQELBQADggEBAGqP9YZNIshq+gcnIcmGWd8lnotePmvy7X3SI+7baHmXWTHmNv2E
upfp3WZeA9mHqekeZwaNp0QZ6F/K51JAwH2reejwEKqveSuCwy/et0UkDXiDgQTa
9TMx3oU78MuIQFlqvjcA6mJwh+TEYdn51MRCoMoLy/Z8PhW9RtI9IO39n2bc8em7
n/vEKw+1nnHTVhlXEBk1cqC14CO+OmXyrKNDdc2pDE6UbjnDhXBgKgoqcQ4ur248
WfWAu9JPAUkPraxEXxx9w+Zn9H4Yq15a+fVAxJI2uBoXlXBJuVf3aq2/hZF3Wpzz
coBL/5UHPffc47yNecaQ8WaX4dDACHB4EC0=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAx+I7GGwlLQWLnBKqWuIK
uZxze0ZETic6TjM9xxjUcHAmpA3kxx3X4PaaXiSfy1RoASt51bb64JlJorkbSWhv
dhwjkoccpuAgZ3W5nlhRSxTdD/k9jaOcySdKynISMa9QdNovKyzEYsnWV89VTWL5
2ns+2PXaV+zCr9VGNzTrif1ts3Bi1OHHP7X1e7FLgSH4pRvCsPGLXjtEuIMsWFNR
mFQlDgQotkGP5nSo5haXjYckSj0mM34ge35Cca/fLWp3/9+6o2sr8he892B5KVHV
PTfi4Z+GHkk4v4/p7h3+IGHgwb4P5Qmj+FwCfHgjP1SYunom3+OMIXkCxq3RuzcX
ZuIwE3foBFNy6wchU109vLpm5OxZ/qrVVshAKEhcu+04aqkiwZsJdFonjOl+91lm
2Y6L/Bxfla57nqINz6flPKxjCYUAmUjBjxbvhfciDQkM29KEIM1aWrpU95lTF48b
aXXAt4E+9LEWZeqTY5iQ+L8baN1glap08AtI99gPYuUNITAQHp+wVOhHYNFWUq6p
JoNRSX5pdHLn+RbiLDTXS4bdKNq07UOuyNpixq52/mZgxWIZ2fuYQUHlU2RzYFQW
eCsdX0qGqK1v+Yys8m70x+FTU5pxG4eMnoXSQGwpkbl2fdFL6GnEh7xK6UeNqXwR
8/TosUTt/advbzHOlo6pS4UCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7601373991852710929685956048
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign RSA OV SSL CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-15 19:06:01 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-16 19:06:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Vermont'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Montpelier'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'State of Vermont'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'svt01exe001.hcs.vermont.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 815454409028774177295424169086480797084337787843941624641087102433845141352927245461238468353871312060722102926020340326899121677468692874956472658294024580078465265151059869332287666819493286197822925292129918717206564744178760209327052930836588785520214709916990350281096909873220185522134971616285015215421183520404519734354744977163904165562979938861451306442312415323420663138693091097287152988357352342913639515959444948608867056434494134435787602464892803889558982162250197271859203088226876480895381024525936029254802893490587549146718970307733466176172775820558056924095061428637723560196097021838971101406037179677670345929596744921334877971509025402053071349415978056195901142009931194036462677673630089734897281568004850188364500706174134996975886718736466157712398050637476409279495441266655527863698439574630822389730904303514997233182726884978711616064036907440290952352865399236906879874335575541507135169964837980807827923637161721871118532670321521317581256884768505398660340538464506770515374639439097441313350971657665457366901848257066310370838784129670694449728546415261013926608345763531546529749715719950835316021235434244264715969354228524151241172252683258350620702616547946453725635631103403729691079166853
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.globalsign.com/gsrsaovsslca2018'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gsrsaovsslca2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'svt01exe001.hcs.vermont.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hcs.vermont.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f8ef7ff2cd7867a8de6f8f248d88f1870302b3eb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							394622f36cff69d7e63101a0db05a28747cdc3ff
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006a8ff5864d22c86afa072721c98659df259e8b5e3e6bf2ed7dd223eedb6879975931e636fd84ba97e9dd665e03d987a9e91e67068da74419e85fcae75240c07dab79e8f010aaaf792b82c32fdeb745240d78838104daf53331de853bf0cb8840596abe3700ea627087e4c461d9f9d4c442a0ca0bcbf67c3e15bd46d23d20edfd9f66dcf1e9bb9ffbc42b0fb59e71d356195710193572a0b5e023be3a65f2aca34375cda90c4e946e39c38570602a0a2a710e2eaf6e3c59f580bbd24f01490fadac445f1c7dc3e667f47e18ab5e5af9f540c49236b81a17957049b957f76aadbf8591775a9cf372804bff95073df7dce3bc8d79c690f16697e1d0c0087078102d