apim-stage.tokenapi.lululemon.com
- Lululemon Athletica Canada inc. -
Issued by GeoTrust TLS RSA CA G1
About this certificate
This digital certificate with serial number 0d:a0:3b:5f:54:9c:6e:27:cf:84:09:3e:e7:e8:5d:e5 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Lululemon Athletica Canada inc.
Organization:
Lululemon Athletica Canada inc.
State / Province:
British Columbia
Locality: Vancouver
Country: CA
Locality: Vancouver
Country: CA
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:a0:3b:5f:54:9c:6e:27:cf:84:09:3e:e7:e8:5d:e5Serial Number (int): 18111935657597386519523544759162920421
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: f7:d6:2f:38:d2:4b:72:cb:f0:94:6d:5c:ac:11:4a:c6:18:5e:85:81
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57
Fingerprint (sha1): 55:1d:f8:df:ea:08:07:bd:38:11:a0:1c:d4:29:be:24:49:0f:c9:9e
Fingerprint (sha256): 14:a1:71:86:fb:5b:15:8b:e1:9e:4a:62:97:2c:40:f3:63:43:2b:6d:bc:7b:2b:7e:2d:ea:34:76:55:cc:d7:fe
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl
Check the revocation status for certificate apim-stage.tokenapi.lululemon.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for apim-stage.tokenapi.lululemon.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
apim-stage.tokenapi.lululemon.com
Other certificates including the domain name lululemon.com
(limited to 100 certificates)
vanity22.jiveon.com
*.strategicsales.lululemon.com
lululemon.com
stage.lululemon.com
lululemon.com
vanity22.jiveon.com
stage.lululemon.com
eu.lululemon.com
*.lululemon.com
leapfrog-ssl-28.gcs-web.com
whatwelove.lululemon.com
secure5s.scene7.com
*.lululemon.com
imperva.com
cdn.lululemon.com.au
test.preprod-apis.lululemon.com
smetrics.lululemon.com
vanity22.jiveon.com
cdn.lululemon.com.au
preview.apis.lululemon.com
grin.lululemon.com
sso-signing.lululemon.com
sni.cloudflaressl.com
lululemon.com.au
lululemon.com
stage.lululemon.com
sni.cloudflaressl.com
ehc-dev.lululemon.com
*.lululemon.com
imperva.com
akamai-san90.exacttarget.com
imperva.com
stage.lululemon.com
vanity22.jiveon.com
leapfrog-ssl-28.gcs-web.com
leapfrog-ssl-28.gcs-web.com
click.e.lululemon.com
stage.lululemon.com
whatwelove.lululemon.com
whatwelove.lululemon.com
akamai-san90.exacttarget.com
*.lllatg.com
vanity22.jiveon.com
investor.lululemon.com
lululemon.com
lululemon.ca
ehc-dev.lululemon.com
delivery.lululemon.com
lululemon.com
cdn.lululemon.com.au
eu.lululemon.com
vanity22.jiveon.com
smetrics.lululemon.com
secure5s.scene7.com
secure5s.scene7.com
ehc-dev.lululemon.com
akamai-san90.exacttarget.com
cloudflare-sandbox.lululemon.com
lll.flow.anaplan.qa.lululemon.com
sni.cloudflaressl.com
www.lululemon.com
repair.lululemon.com
secure5s.scene7.com
lululemon.com
ehc-dev.lululemon.com
test.preprod-apis.lululemon.com
vanity22.jiveon.com
leapfrog-ssl-28.gcs-web.com
*.atg.lululemon.com
leapfrog-ssl-28.gcs-web.com
*.lululemon.com
apim-stage.tokenapi.lululemon.com
cdn.lululemon.com.au
stage.lululemon.com
theghostrace.lululemon.com
grin.lululemon.com
vanity22.jiveon.com
prod.apis.lllext.com
lululemon.com
owa.lululemon.com
leapfrog-ssl-28.gcs-web.com
www.lululemon.com
ehc-dev.lululemon.com
cdn.lululemon.com.au
vanity22.jiveon.com
lululemon.ca
vanity22.jiveon.com
ehc-dev.lululemon.com
sso-encryption.lululemon.com
www.lululemon.com
eu.lululemon.com
lululemon.com
apim-stage.tokenapi.lululemon.com
prod.apis.lllext.com
vanity22.jiveon.com
www.lululemon.com
sni.cloudflaressl.com
www.lululemon.com
cloud.e.lululemon.com
view.e.lululemon.com
*.strategicsales.lululemon.com
lululemon.com
stage.lululemon.com
lululemon.com
vanity22.jiveon.com
stage.lululemon.com
eu.lululemon.com
*.lululemon.com
leapfrog-ssl-28.gcs-web.com
whatwelove.lululemon.com
secure5s.scene7.com
*.lululemon.com
imperva.com
cdn.lululemon.com.au
test.preprod-apis.lululemon.com
smetrics.lululemon.com
vanity22.jiveon.com
cdn.lululemon.com.au
preview.apis.lululemon.com
grin.lululemon.com
sso-signing.lululemon.com
sni.cloudflaressl.com
lululemon.com.au
lululemon.com
stage.lululemon.com
sni.cloudflaressl.com
ehc-dev.lululemon.com
*.lululemon.com
imperva.com
akamai-san90.exacttarget.com
imperva.com
stage.lululemon.com
vanity22.jiveon.com
leapfrog-ssl-28.gcs-web.com
leapfrog-ssl-28.gcs-web.com
click.e.lululemon.com
stage.lululemon.com
whatwelove.lululemon.com
whatwelove.lululemon.com
akamai-san90.exacttarget.com
*.lllatg.com
vanity22.jiveon.com
investor.lululemon.com
lululemon.com
lululemon.ca
ehc-dev.lululemon.com
delivery.lululemon.com
lululemon.com
cdn.lululemon.com.au
eu.lululemon.com
vanity22.jiveon.com
smetrics.lululemon.com
secure5s.scene7.com
secure5s.scene7.com
ehc-dev.lululemon.com
akamai-san90.exacttarget.com
cloudflare-sandbox.lululemon.com
lll.flow.anaplan.qa.lululemon.com
sni.cloudflaressl.com
www.lululemon.com
repair.lululemon.com
secure5s.scene7.com
lululemon.com
ehc-dev.lululemon.com
test.preprod-apis.lululemon.com
vanity22.jiveon.com
leapfrog-ssl-28.gcs-web.com
*.atg.lululemon.com
leapfrog-ssl-28.gcs-web.com
*.lululemon.com
apim-stage.tokenapi.lululemon.com
cdn.lululemon.com.au
stage.lululemon.com
theghostrace.lululemon.com
grin.lululemon.com
vanity22.jiveon.com
prod.apis.lllext.com
lululemon.com
owa.lululemon.com
leapfrog-ssl-28.gcs-web.com
www.lululemon.com
ehc-dev.lululemon.com
cdn.lululemon.com.au
vanity22.jiveon.com
lululemon.ca
vanity22.jiveon.com
ehc-dev.lululemon.com
sso-encryption.lululemon.com
www.lululemon.com
eu.lululemon.com
lululemon.com
apim-stage.tokenapi.lululemon.com
prod.apis.lllext.com
vanity22.jiveon.com
www.lululemon.com
sni.cloudflaressl.com
www.lululemon.com
cloud.e.lululemon.com
view.e.lululemon.com
Certificate
The complete raw certificate details for apim-stage.tokenapi.lululemon.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIQDaA7X1ScbifPhAk+5+hd5TANBgkqhkiG9w0BAQsFADBg MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx MB4XDTIxMDYzMDAwMDAwMFoXDTIyMDczMTIzNTk1OVowgZIxCzAJBgNVBAYTAkNB MRkwFwYDVQQIExBCcml0aXNoIENvbHVtYmlhMRIwEAYDVQQHEwlWYW5jb3V2ZXIx KDAmBgNVBAoTH0x1bHVsZW1vbiBBdGhsZXRpY2EgQ2FuYWRhIGluYy4xKjAoBgNV BAMTIWFwaW0tc3RhZ2UudG9rZW5hcGkubHVsdWxlbW9uLmNvbTCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBALkFCib0JJbooWnmF2oLK+jdxC4n+0ENQMVT R8hOqqRr3kXzCQ/BPajHrKX7vNS4ZSaosl7H+yzUAoSPvpD+rszZpshAWyBh9R3k XGj37HsTfeF/D/REzYJSUl/X6fR/AWoeX1AHP5MlyfRv/g3qflGEwFdXpz7Gf9t2 IIqIYhyce5Sfx2rZeMm91doumSt/qewsaF9Ypf/br4/kDO7fgPFIO2oOVq+9593Y XF89o+AeEXnQzR1Gk4zgtzrj5zF/ZalsAnQRRWLMRWU0fMXDcmLOqJSyovg6yVQ1 4zxH8aUygPmub60lGbf+zBl0yBZArMJafB7qlV0Ik95L+zgGNg0CAwEAAaOCAb0w ggG5MB8GA1UdIwQYMBaAFJRP1F2L5KTipoD+/dj5AO+jvgJXMB0GA1UdDgQWBBT3 1i840ktyy/CUbVysEUrGGF6FgTAsBgNVHREEJTAjgiFhcGltLXN0YWdlLnRva2Vu YXBpLmx1bHVsZW1vbi5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY2RwLmdl b3RydXN0LmNvbS9HZW9UcnVzdFRMU1JTQUNBRzEuY3JsMD4GA1UdIAQ3MDUwMwYG Z4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQ UzB2BggrBgEFBQcBAQRqMGgwJgYIKwYBBQUHMAGGGmh0dHA6Ly9zdGF0dXMuZ2Vv dHJ1c3QuY29tMD4GCCsGAQUFBzAChjJodHRwOi8vY2FjZXJ0cy5nZW90cnVzdC5j b20vR2VvVHJ1c3RUTFNSU0FDQUcxLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB 1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQABWJ1KHK+AyAQXwamugrjh Iig2MscXN/SJZH8aVvjdLWktazO0mFmJnwAyGOZOAUsHgCl25mg1wPoaR6MuZrQF l/oKU5rpmgrALn/TP3j62+qXO13KdgHgRE5urlNSoLLqh3WYzsjUmOpMDNoLZqrD yzEYkTkLZ7OrU/hsJjc7qBvKjMo22goA8ML7HZ/e+yWfV5RE2m4a/n+wqMWeuoCB +ksbnP5fGcfqByKKG9n9+rE06nswzIBriLQdsAylsx8NX/YPm/Je9E89IWUZQBjB fXRpmvEk8pG+AV4kcHrvSjuVISPPbvjvplkp+UFStZMq5ZLSj620tDzu1NK2K4Sx -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQUKJvQkluihaeYXagsr 6N3ELif7QQ1AxVNHyE6qpGveRfMJD8E9qMespfu81LhlJqiyXsf7LNQChI++kP6u zNmmyEBbIGH1HeRcaPfsexN94X8P9ETNglJSX9fp9H8Bah5fUAc/kyXJ9G/+Dep+ UYTAV1enPsZ/23YgiohiHJx7lJ/Hatl4yb3V2i6ZK3+p7CxoX1il/9uvj+QM7t+A 8Ug7ag5Wr73n3dhcXz2j4B4RedDNHUaTjOC3OuPnMX9lqWwCdBFFYsxFZTR8xcNy Ys6olLKi+DrJVDXjPEfxpTKA+a5vrSUZt/7MGXTIFkCswlp8HuqVXQiT3kv7OAY2 DQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18111935657597386519523544759162920421 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-06-30 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-31 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'British Columbia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Vancouver' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Lululemon Athletica Canada inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'apim-stage.tokenapi.lululemon.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23356571566154063157640661317816085195950538275868909236552564885484655752828851866912965095589353332386108655648349998461846488902058583764751359651689021710598424653450006063939622323619424380058598523176682205284164000766206229817419187637925196989357932551918051062995189433963476002163750198780528283384512659772598856440194308322864986749791055662151811942102025641666561764377205595922396856429811552945972024106674315324248717935915770597887986349018043290934659988700560183472506879490577921908656846745823026507444100559221429263513562441454450727639007149759941813317028408843173167374261620809557069936141 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f7d62f38d24b72cbf0946d5cac114ac6185e8581 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (37 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apim-stage.tokenapi.lululemon.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0001589d4a1caf80c80417c1a9ae82b8e122283632c71737f489647f1a56f8dd2d692d6b33b49859899f003218e64e014b07802976e66835c0fa1a47a32e66b40597fa0a539ae99a0ac02e7fd33f78fadbea973b5dca7601e0444e6eae5352a0b2ea877598cec8d498ea4c0cda0b66aac3cb311891390b67b3ab53f86c26373ba81bca8cca36da0a00f0c2fb1d9fdefb259f579444da6e1afe7fb0a8c59eba8081fa4b1b9cfe5f19c7ea07228a1bd9fdfab134ea7b30cc806b88b41db00ca5b31f0d5ff60f9bf25ef44f3d2165194018c17d74699af124f291be015e24707aef4a3b952123cf6ef8efa65929f94152b5932ae592d28fadb4b43ceed4d2b62b84b1