cusa-hanoverportal.coachusa.com

- Coach USA Inc -

Issued by GeoTrust TLS RSA CA G1

About this certificate

This digital certificate with serial number 06:99:d3:82:7e:59:fa:dc:24:b8:6c:1b:8c:0e:9f:e3 was issued on by DigiCert Inc.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Coach USA Inc

Organization: Coach USA Inc
State / Province: New Jersey
Locality: PARAMUS
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 06:99:d3:82:7e:59:fa:dc:24:b8:6c:1b:8c:0e:9f:e3
Serial Number (int): 8774079321256711509396926260713529315
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 7c:d8:e5:dc:0b:fd:ad:1b:56:f9:7d:7e:b1:62:79:ae:d7:e3:b8:b1
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57

Fingerprint (sha1): bf:9d:9c:58:6c:04:61:88:c3:17:0d:da:b0:62:d4:8f:85:f0:06:0b
Fingerprint (sha256): 18:13:8c:f8:59:89:19:3a:65:fe:e1:77:5c:a9:3e:98:1d:0b:e7:97:3b:4e:ad:09:e5:8c:9a:12:bc:1c:dd:52

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl

Check the revocation status for certificate cusa-hanoverportal.coachusa.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cusa-hanoverportal.coachusa.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cusa-hanoverportal.coachusa.com

Other certificates including the domain name coachusa.com

(limited to 100 certificates)
adfs.coachusa.com
*.coachusa.com
www.coachusa.com
emcor.g6-global.com
5694209793196032-fe4.pantheonsite.io
*.coachusa.com
*.sales.coachusa.com
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
www.coachusa.com
5694209793196032-fe4.pantheonsite.io
mobile.coachusa.com
coachusa.com
5694209793196032-fe4.pantheonsite.io
web.coachusa.com
*.coachusa.com
www.coachusa.com
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
selfservice.coachusa.com
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
mobile.coachusa.com
cchdalacp.coachusa.com
webvpn.coachusa.com
5694209793196032-fe4.pantheonsite.io
helpdesk.cscfl.com
helpdesk.cscfl.com
frevvo.coachusa.com
5694209793196032-fe4.pantheonsite.io
cusa-hanoverportal.coachusa.com
support.conquestis.net
*.coachusa.com
5694209793196032-fe4.pantheonsite.io
5709875686408192-fe1.pantheonsite.io
tracs.coachusa.com
web.coachusa.com
*.coachusa.com
5694209793196032-fe4.pantheonsite.io
web.coachusa.com
vpndal.coachusa.com
*.coachusa.com
www.coachusa.com
www.coachusa.com
5694209793196032-fe4.pantheonsite.io
*.coachusa.com
*.coachusa.com
5694209793196032-fe4.pantheonsite.io
*.coachusa.com
sales.coachusa.com
helpdesk.cscfl.com
5694209793196032-fe4.pantheonsite.io
helpdesk.cscfl.com
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
viso.finosec.com
www.coachusa.com
*.coachusa.com
*.coachusa.com
api.prod.coachusa.com
helpdesk.cscfl.com
nable.coachusa.com
5694209793196032-fe4.pantheonsite.io
www.coachusa.com
5694209793196032-fe4.pantheonsite.io
sales.coachusa.com
*.coachusa.com
mail01.coachusa.com
vpndal.coachusa.com
www.coachusa.com
*.coachusa.com
web.coachusa.com
*.coachusa.com
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5709875686408192-fe1.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
mail02.coachusa.com
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
dre.coachusa.com
web.coachusa.com
coachusa.com
www.coachusa.com
helpdesk.nutramaxlabs.com
service.fibertel.ca
5694209793196032-fe4.pantheonsite.io
dre.coachusa.com
DRE.coachusa.com
customcommute.coachusa.com
dev.coachusa.com
*.coachusa.com
5694209793196032-fe4.pantheonsite.io

Certificate

The complete raw certificate details for cusa-hanoverportal.coachusa.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGizCCBXOgAwIBAgIQBpnTgn5Z+twkuGwbjA6f4zANBgkqhkiG9w0BAQsFADBg
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx
MB4XDTI0MDQwMzAwMDAwMFoXDTI1MDQxMDIzNTk1OVowdjELMAkGA1UEBhMCVVMx
EzARBgNVBAgTCk5ldyBKZXJzZXkxEDAOBgNVBAcTB1BBUkFNVVMxFjAUBgNVBAoT
DUNvYWNoIFVTQSBJbmMxKDAmBgNVBAMTH2N1c2EtaGFub3ZlcnBvcnRhbC5jb2Fj
aHVzYS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLArlKRLEQ
CQfYm6vzYmTkBC4ysXHwgn5yjO6DgI4MqzFUlCwdFNh9LUAOBc6CNm3/LyevmHi+
xYSzAJ+ExWmi0dY3XbaC+AKU0mwhIs3YU0MxLOBYhl7mylPRd1YaXzEn0mTTpc8i
U+yCvzdmmVk3Fqyw/eFVOJrXxjDsUKuM/4VhxyjwTP1kCX5kuCC9E4+CQwkjd5P/
ay9UkTexFJuN5NTZl1Wa5e5gGnAwE6CAyiyurgS9SrCDdijnlM2Hqv5UnSPVUs3O
BKPH7aq1kok5LqpHuiG5tgpRmTFHN1/GlfeL3b++XmZ5KyulNmLs5JpZ8ztR5p+Y
7KPst6o/mLRfAgMBAAGjggMpMIIDJTAfBgNVHSMEGDAWgBSUT9Rdi+Sk4qaA/v3Y
+QDvo74CVzAdBgNVHQ4EFgQUfNjl3Av9rRtW+X1+sWJ5rtfjuLEwKgYDVR0RBCMw
IYIfY3VzYS1oYW5vdmVycG9ydGFsLmNvYWNodXNhLmNvbTA+BgNVHSAENzA1MDMG
BmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D
UFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY2RwLmdlb3RydXN0LmNvbS9HZW9U
cnVzdFRMU1JTQUNBRzEuY3JsMHYGCCsGAQUFBwEBBGowaDAmBggrBgEFBQcwAYYa
aHR0cDovL3N0YXR1cy5nZW90cnVzdC5jb20wPgYIKwYBBQUHMAKGMmh0dHA6Ly9j
YWNlcnRzLmdlb3RydXN0LmNvbS9HZW9UcnVzdFRMU1JTQUNBRzEuY3J0MAwGA1Ud
EwEB/wQCMAAwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AE51oydcmhDDOFts
1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjqR0vqMAAAQDAEcwRQIgOt8wbMYIRA2a
E7PNcyIaMYa8YYJnZzoCGNPruXT7ymACIQC+5r6bgRkihhJYmUBBmNBbsoXxmkve
vg+dXXu7tlsvjAB3AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAAB
jqR0vukAAAQDAEgwRgIhANiTTzbCcqow+ElmESxzaVLq5AFQtAlghu5o/Mp3yC9r
AiEAwR3Eo8LdyFP9JGdPpIAfQJnWCxvzevyDKFYMAKMbMA4AdgDm0jFjQHeMwRBB
Btdxuc7B0kD2loSG+7qHMh39HjeOUAAAAY6kdL73AAAEAwBHMEUCIHMWXnu6Qb/W
wK5S3OfBiKz2N4ueeGX9SyUPl37uzSE7AiEA7+azICfpKbPtvbQh/dIKALk/Q9le
zG5hFSvUYR4a2wwwDQYJKoZIhvcNAQELBQADggEBAGjrVwkaa1SbaMsJS+S2mxaE
DIm29QdDKgfhajX2S4r3sePvjFYgKXG3DTZq1UMgVQOebGgDycGONn3Ig5FSnwyG
cBf2UOxPJzEYcoriA/7zcKugcwAUXdVIa0+GxDzxWKlnST7Td4g/rkLz1spVgH/R
IVYi0RsuSsyh+qv9nEZUm4XM8U3rIcuft0BHChUsVMYpg7y+S/CWpBHTJYN2ftjA
XqxGDNo4B8HSiDxePAeUADg7rMOnPvviAl39lxVlaVLyEBfdZZFRNHwsCMvdtThc
v6Ippngvdjry3ZUYgrPY0Y+Otji8iKlLTbNq/6POoMQ957qTxVaQ0rCj/GYqubg=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywK5SkSxEAkH2Jur82Jk
5AQuMrFx8IJ+cozug4CODKsxVJQsHRTYfS1ADgXOgjZt/y8nr5h4vsWEswCfhMVp
otHWN122gvgClNJsISLN2FNDMSzgWIZe5spT0XdWGl8xJ9Jk06XPIlPsgr83ZplZ
NxassP3hVTia18Yw7FCrjP+FYcco8Ez9ZAl+ZLggvROPgkMJI3eT/2svVJE3sRSb
jeTU2ZdVmuXuYBpwMBOggMosrq4EvUqwg3Yo55TNh6r+VJ0j1VLNzgSjx+2qtZKJ
OS6qR7ohubYKUZkxRzdfxpX3i92/vl5meSsrpTZi7OSaWfM7UeafmOyj7LeqP5i0
XwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8774079321256711509396926260713529315
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-03 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-10 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Jersey'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PARAMUS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Coach USA Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cusa-hanoverportal.coachusa.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25627719058769663346831695613149946900632394896051381263373705931314406803512207306508400256393904029113297759318155003529236160340048387412877362491196516200252603133561741498689474243394556010359551106902044632457491699582950795235698756179857034298309365465001600642165683124127883633362780627985882907695313453117497205233769296714573158989775534702390232045207511331875414390385155279892192912749368815641293093964576358016306350045718487123286527873259144289066575312662091032761731815638328836064342453317572387790337879113323473630318188207495408772246574971179869025861068294129164840886600612071486994822239
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7cd8e5dc0bfdad1b56f97d7eb16279aed7e3b8b1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (35 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cusa-hanoverportal.coachusa.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							01690076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018ea474bea3000004030047304502203adf306cc608440d9a13b3cd73221a3186bc618267673a0218d3ebb974fbca60022100bee6be9b81192286125899404198d05bb285f19a4bdebe0f9d5d7bbbb65b2f8c0077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018ea474bee90000040300483046022100d8934f36c272aa30f84966112c736952eae40150b4096086ee68fcca77c82f6b022100c11dc4a3c2ddc853fd24674fa4801f4099d60b1bf37afc8328560c00a31b300e007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018ea474bef70000040300473045022073165e7bba41bfd6c0ae52dce7c188acf6378b9e7865fd4b250f977eeecd213b022100efe6b32027e929b3edbdb421fdd20a00b93f43d95ecc6e61152bd4611e1adb0c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0068eb57091a6b549b68cb094be4b69b16840c89b6f507432a07e16a35f64b8af7b1e3ef8c56202971b70d366ad5432055039e6c6803c9c18e367dc88391529f0c867017f650ec4f273118728ae203fef370aba07300145dd5486b4f86c43cf158a967493ed377883fae42f3d6ca55807fd1215622d11b2e4acca1faabfd9c46549b85ccf14deb21cb9fb740470a152c54c62983bcbe4bf096a411d32583767ed8c05eac460cda3807c1d2883c5e3c079400383bacc3a73efbe2025dfd9715656952f21017dd659151347c2c08cbddb5385cbfa229a6782f763af2dd951882b3d8d18f8eb638bc88a94b4db36affa3cea0c43de7ba93c55690d2b0a3fc662ab9b8