d10transitdev.saskatoon.ca
Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1
About this certificate
This digital certificate with serial number 01:87:df:92:e2:68:bf:93:3c:85:1a:8a:d2:89:19:51 was issued on by DigiCert, Inc..
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=d10transitdev.saskatoon.ca
DigiCert, Inc.
Organization:
DigiCert, Inc.
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 01:87:df:92:e2:68:bf:93:3c:85:1a:8a:d2:89:19:51Serial Number (int): 2034722686410704200747687860406655313
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: 32:42:7d:57:c3:e6:29:5d:24:ce:26:c6:ff:c7:6e:4a:a1:51:8b:25
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23
Fingerprint (sha1): 0d:cb:c9:56:2e:30:0b:68:de:79:a5:4a:84:55:f9:68:09:6c:72:1f
Fingerprint (sha256): 18:48:bc:03:02:31:8d:79:67:69:08:65:af:36:a5:19:36:4d:c4:d6:27:7c:12:19:1a:11:f2:e3:49:65:09:71
Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
Check the revocation status for certificate d10transitdev.saskatoon.ca
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for d10transitdev.saskatoon.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
d10transitdev.saskatoon.ca
Other certificates including the domain name saskatoon.ca
(limited to 100 certificates)
*.saskatoon.ca
webmail.saskatoon.ca
sip.saskatoon.ca
websrvdirector.saskatoon.ca
leisure.saskatoon.ca
leisure.saskatoon.ca
saskatoon.ca
secure7.saskatoon.ca
webconnect.saskatoon.ca
leisureonline.saskatoon.ca
saskatoon.ca
d10transitdev.saskatoon.ca
saskatoon.ca
webdev.saskatoon.ca
webmail.saskatoon.ca
saskatoon.ca
webmail.saskatoon.ca
saskatoon.ca
login.saskatoon.ca
*.saskatoon.ca
*.saskatoon.ca
d10webdev.saskatoon.ca
saskatoon.ca
saskatoon.ca
amp.saskatoon.ca
websrvdirector.saskatoon.ca
sip.lynctest.saskatoon.ca
saskatoon.ca
saskatoon.ca
websrvdirector.saskatoon.ca
stgext4.saskatoon.ca
webmail.saskatoon.ca
federation3.saskatoon.ca
leisureonline.saskatoon.ca
postoffice.saskatoon.ca
new2.saskatoon.ca
*.saskatoon.ca
leisureonline.saskatoon.ca
websrvdirector.saskatoon.ca
fs.saskatoon.ca
webmail.saskatoon.ca
learning.saskatoon.ca
leisureonline.saskatoon.ca
login.saskatoon.ca
webmail.saskatoon.ca
*.saskatoon.ca
webconnect.saskatoon.ca
*.hec.fusion.saskatoon.ca
*.saskatoon.ca
saskatoon.ca
learning.saskatoon.ca
ww9.saskatoon.ca
saskatoon.ca
sip.saskatoon.ca
saskatoon.ca
transitdev.saskatoon.ca
federation2.saskatoon.ca
federation.saskatoon.ca
websrvdirector.saskatoon.ca
webconnect.saskatoon.ca
amp.saskatoon.ca
webmail.saskatoon.ca
websrvdirector.saskatoon.ca
saskatoon.ca
*.saskatoon.ca
saskatoon.ca
saskatoon.ca
amp.saskatoon.ca
ww9.saskatoon.ca
rpbackgis2.saskatoon.ca
saskatoon.ca
federation.saskatoon.ca
careers.saskatoon.ca
saskatoon.ca
leisure.saskatoon.ca
webmail.saskatoon.ca
webmail.saskatoon.ca
careers.saskatoon.ca
saskatoon.ca
leisure.saskatoon.ca
amp.saskatoon.ca
leisureonline.saskatoon.ca
*.saskatoon.ca
*.saskatoon.ca
ww9.saskatoon.ca
apps2.saskatoon.ca
websrvdirector.saskatoon.ca
port365.saskatoon.ca
federation.saskatoon.ca
webconnect.saskatoon.ca
*.saskatoon.ca
saskatoon.ca
federation3.saskatoon.ca
d10transitprd.saskatoon.ca
webmail.saskatoon.ca
sip.saskatoon.ca
websrvdirector.saskatoon.ca
leisure.saskatoon.ca
leisure.saskatoon.ca
saskatoon.ca
secure7.saskatoon.ca
webconnect.saskatoon.ca
leisureonline.saskatoon.ca
saskatoon.ca
d10transitdev.saskatoon.ca
saskatoon.ca
webdev.saskatoon.ca
webmail.saskatoon.ca
saskatoon.ca
webmail.saskatoon.ca
saskatoon.ca
login.saskatoon.ca
*.saskatoon.ca
*.saskatoon.ca
d10webdev.saskatoon.ca
saskatoon.ca
saskatoon.ca
amp.saskatoon.ca
websrvdirector.saskatoon.ca
sip.lynctest.saskatoon.ca
saskatoon.ca
saskatoon.ca
websrvdirector.saskatoon.ca
stgext4.saskatoon.ca
webmail.saskatoon.ca
federation3.saskatoon.ca
leisureonline.saskatoon.ca
postoffice.saskatoon.ca
new2.saskatoon.ca
*.saskatoon.ca
leisureonline.saskatoon.ca
websrvdirector.saskatoon.ca
fs.saskatoon.ca
webmail.saskatoon.ca
learning.saskatoon.ca
leisureonline.saskatoon.ca
login.saskatoon.ca
webmail.saskatoon.ca
*.saskatoon.ca
webconnect.saskatoon.ca
*.hec.fusion.saskatoon.ca
*.saskatoon.ca
saskatoon.ca
learning.saskatoon.ca
ww9.saskatoon.ca
saskatoon.ca
sip.saskatoon.ca
saskatoon.ca
transitdev.saskatoon.ca
federation2.saskatoon.ca
federation.saskatoon.ca
websrvdirector.saskatoon.ca
webconnect.saskatoon.ca
amp.saskatoon.ca
webmail.saskatoon.ca
websrvdirector.saskatoon.ca
saskatoon.ca
*.saskatoon.ca
saskatoon.ca
saskatoon.ca
amp.saskatoon.ca
ww9.saskatoon.ca
rpbackgis2.saskatoon.ca
saskatoon.ca
federation.saskatoon.ca
careers.saskatoon.ca
saskatoon.ca
leisure.saskatoon.ca
webmail.saskatoon.ca
webmail.saskatoon.ca
careers.saskatoon.ca
saskatoon.ca
leisure.saskatoon.ca
amp.saskatoon.ca
leisureonline.saskatoon.ca
*.saskatoon.ca
*.saskatoon.ca
ww9.saskatoon.ca
apps2.saskatoon.ca
websrvdirector.saskatoon.ca
port365.saskatoon.ca
federation.saskatoon.ca
webconnect.saskatoon.ca
*.saskatoon.ca
saskatoon.ca
federation3.saskatoon.ca
d10transitprd.saskatoon.ca
Certificate
The complete raw certificate details for d10transitdev.saskatoon.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHojCCBYqgAwIBAgIQAYffkuJov5M8hRqK0okZUTANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN MjQwNDAxMDAwMDAwWhcNMjQxMDAxMjM1OTU5WjAlMSMwIQYDVQQDExpkMTB0cmFu c2l0ZGV2LnNhc2thdG9vbi5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANXGHJxDo+2NCG2zImsnCsBpcZ1mkKULxC+bjwSjIjTzD+Ad5iSFSs47TJkw vTa7tBvrB0DX46SAxvlowBmbVwL2lr4wm/XHaXaEUab2N4Q+eT6uJWh3oxx7k/mJ SrXEho1OXHsbVXC8ya4jQzkQxFcpKCgFspKSfOoXQMV1Obc79xEv3UwuaK3efOzs GJ+UB288SnJ+LtzZG1GHYbHhO8JHuHJnPASjOm2QxwWGRVLgplx+Af/NvhcExBky tU+4KLO3uKGKkzyUM6QFGPBY6cM3aNMG6XhQl2nrz5cd64DstzE7druOVlpV1l4M 37FJMZ2PNp1d33uGAUF21a0drs0CAwEAAaOCA5UwggORMB8GA1UdIwQYMBaAFKW0 1us2xOdrpt/EZAsBKiAEuGYjMB0GA1UdDgQWBBQyQn1Xw+YpXSTOJsb/x25KoVGL JTAlBgNVHREEHjAcghpkMTB0cmFuc2l0ZGV2LnNhc2thdG9vbi5jYTA+BgNVHSAE NzA1MDMGBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0 LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr BgEFBQcDAjCBnwYDVR0fBIGXMIGUMEigRqBEhkJodHRwOi8vY3JsMy5kaWdpY2Vy dC5jb20vR2VvVHJ1c3RHbG9iYWxUTFNSU0E0MDk2U0hBMjU2MjAyMkNBMS5jcmww SKBGoESGQmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRM U1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNybDCBhwYIKwYBBQUHAQEEezB5MCQGCCsG AQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUQYIKwYBBQUHMAKGRWh0 dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQw OTZTSEEyNTYyMDIyQ0ExLmNydDAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIE AgSCAW0EggFpAWcAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAA AY6a+cziAAAEAwBHMEUCIQDUTwFpgRxX6imHTShOaQ97YGapzxd5RnK/u+X2FqZe ygIgBt/Zdyv03/J4zgSPsVKjlBQwOlRSg9efSScoCoe9yEoAdQBIsONr2qZHNA/l agL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAY6a+cz6AAAEAwBGMEQCIDxuP2dpYaJl tcK+j4iKCExNKy0cf6lmBVjyg5kb2y/+AiBWhllX7EVHFyp2Sz/h/74fitn4GMkg LQG/TqK7ddPbNgB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAAB jpr5zOcAAAQDAEcwRQIgWQ0JIYqsJo8drEI3TdjEf8E73Wb93ns7AKxC1jEnyVEC IQDxgMKRFOZPqkNg2isS/Ai1yxyb+dyLNDKAAPj+FTFh/DANBgkqhkiG9w0BAQsF AAOCAgEAkCKBFJ5z+mGIQ9yvdt6+fxfCMnJ6aJQoRMd4dOBFl651FyFQq6DTbJ1s UayV7iMQfNRVFiMQRxa9pydekkyMc0ryMniQ2t6ly+IEmMrjOGzWec03S+BLNPVL u80R0CScKomvDtZficli2r2pgtKV6pihnSUOrBpzplMzQaBQXKLmif6iuFQCfQun 8NG130gyCYEDFg3sZqQuB1PAWTU09LGkDAJ5rqmq1caaWxzHV4bMvYJfTRj51cgP LvW9C9iCjkNzUioqQhRl5K407DD5nyELI9REc2WuDH2fDKeirWNjwR+atgTx4jSB 5u/Ka8QDi6n1J6ixBh6d+K+thoiLPI/AmDgiX2G/WSUTUx1tueeT/e++0Z4t5EnZ Alno4pF5TATf03XudqvVYrTC1Lhay8+mHFoAPBbFUR1r2Z850GOWElxHQHC3xT68 4mtFXHitVpqvbVRFkPfY56H22nof/uZybbo1HIF3gbKK7sMua7xhMHQCXeBI8wCs 28kQ5rET14IRw3PgSltnY5OWzRTrB2/r9ClnjaMLu0gqG9+pO1NC3Oe+IYnO5pYk 3z2jyrTK6oC8zp/Lpz9K/LbxiITLLsK/Si/O+kC4RhoCkdvPYWpSUyJopl51v907 CgrWZP7xLYkTGhpgzz8yCXkJ1Y4b79+CfciHdlf7qn6R/Fv72Ns= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cYcnEOj7Y0IbbMiaycK wGlxnWaQpQvEL5uPBKMiNPMP4B3mJIVKzjtMmTC9Nru0G+sHQNfjpIDG+WjAGZtX AvaWvjCb9cdpdoRRpvY3hD55Pq4laHejHHuT+YlKtcSGjU5cextVcLzJriNDORDE VykoKAWykpJ86hdAxXU5tzv3ES/dTC5ord587OwYn5QHbzxKcn4u3NkbUYdhseE7 wke4cmc8BKM6bZDHBYZFUuCmXH4B/82+FwTEGTK1T7gos7e4oYqTPJQzpAUY8Fjp wzdo0wbpeFCXaevPlx3rgOy3MTt2u45WWlXWXgzfsUkxnY82nV3fe4YBQXbVrR2u zQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2034722686410704200747687860406655313 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-01 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-01 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'd10transitdev.saskatoon.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26986451507383180346036806306813870711310814034746855052386050553891405925894840508537773540394068960321084102269270859240721656259033142706487525447754699155859959538560364850778216902675068217600985171684878895452757692325326070388747245318163278321800849239796033580570772558804928419980342150630440247043030327546811449697736859822903476073489015403372276885483625102717769896640461176598597710973530662419062695412565360896480034216389088161098414273740792262927032367506549634937066262178384877848857613567346656752425948884622518079747092972324613944434696490625347845103148842719470663968009045300460337868493 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 32427d57c3e6295d24ce26c6ffc76e4aa1518b25 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'd10transitdev.saskatoon.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018e9af9cce20000040300473045022100d44f0169811c57ea29874d284e690f7b6066a9cf17794672bfbbe5f616a65eca022006dfd9772bf4dff278ce048fb152a39414303a545283d79f4927280a87bdc84a00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e9af9ccfa000004030046304402203c6e3f676961a265b5c2be8f888a084c4d2b2d1c7fa9660558f283991bdb2ffe022056865957ec4547172a764b3fe1ffbe1f8ad9f818c9202d01bf4ea2bb75d3db36007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018e9af9cce700000403004730450220590d09218aac268f1dac42374dd8c47fc13bdd66fdde7b3b00ac42d63127c951022100f180c29114e64faa4360da2b12fc08b5cb1c9bf9dc8b34328000f8fe153161fc . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00902281149e73fa618843dcaf76debe7f17c232727a68942844c77874e04597ae75172150aba0d36c9d6c51ac95ee23107cd4551623104716bda7275e924c8c734af2327890dadea5cbe20498cae3386cd679cd374be04b34f54bbbcd11d0249c2a89af0ed65f89c962dabda982d295ea98a19d250eac1a73a6533341a0505ca2e689fea2b854027d0ba7f0d1b5df4832098103160dec66a42e0753c0593534f4b1a40c0279aea9aad5c69a5b1cc75786ccbd825f4d18f9d5c80f2ef5bd0bd8828e4373522a2a421465e4ae34ec30f99f210b23d4447365ae0c7d9f0ca7a2ad6363c11f9ab604f1e23481e6efca6bc4038ba9f527a8b1061e9df8afad86888b3c8fc09838225f61bf592513531d6db9e793fdefbed19e2de449d90259e8e291794c04dfd375ee76abd562b4c2d4b85acbcfa61c5a003c16c5511d6bd99f39d06396125c474070b7c53ebce26b455c78ad569aaf6d544590f7d8e7a1f6da7a1ffee6726dba351c817781b28aeec32e6bbc613074025de048f300acdbc910e6b113d78211c373e04a5b67639396cd14eb076febf429678da30bbb482a1bdfa93b5342dce7be2189cee69624df3da3cab4caea80bcce9fcba73f4afcb6f18884cb2ec2bf4a2fcefa40b8461a0291dbcf616a52532268a65e75bfdd3b0a0ad664fef12d89131a1a60cf3f32097909d58e1befdf827dc8877657fbaa7e91fc5bfbd8db