ouranos-int.sncf.fr

- SOCIÉTÉ NATIONALE SNCF SA -

Issued by GeoTrust TLS RSA CA G1

About this certificate

This digital certificate with serial number 07:e6:ae:f2:b2:b3:fb:13:63:f4:f0:f9:c9:96:b7:ae was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

SOCIÉTÉ NATIONALE SNCF SA

Organization: SOCIÉTÉ NATIONALE SNCF SA
State / Province: Île-de-France
Locality: Saint-Denis
Country: FR

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 07:e6:ae:f2:b2:b3:fb:13:63:f4:f0:f9:c9:96:b7:ae
Serial Number (int): 10502372615749700449100553233448220590
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: d8:61:2b:d2:55:c6:e1:bc:63:22:a4:13:48:cc:59:68:8f:34:45:27
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57

Fingerprint (sha1): dc:35:2a:24:b0:e0:d0:3e:23:bf:c5:41:28:76:42:d2:72:16:b9:2c
Fingerprint (sha256): 18:f8:af:ea:10:03:ae:de:d7:27:e6:fe:42:65:90:e3:40:51:ad:9a:be:31:7b:e2:21:78:a0:dd:aa:1c:4c:8a

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl

Check the revocation status for certificate ouranos-int.sncf.fr

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ouranos-int.sncf.fr

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ouranos-int.sncf.fr
ouranos-int.sf.sncf.fr

Other certificates including the domain name sncf.fr

(limited to 100 certificates)
pre-atlas-travaux.sso.reseau.sncf.fr
*.carmen.sncf.fr
octave-api-dev.sncf.fr
www.EME-portailSSO-sncf.com
*.apps.eul.sncf.fr
vdixenpilote.sncf.fr
cert00089-azurecdn.akamaized.net
formtractiontv.sncf.fr
*.sncfconnect.com
rhobs-archives-dev.sncf.fr
smartoffice.sncf.fr
seminaire-rh-2017.sncf.fr
seminaire-rh-2017.sncf.fr
postprod-pcs-reponse.reseau.sncf.fr
test-slan.sncf.fr
resultats-labo-paris.sncf.fr
cypres-api-int.sncf.fr
matomo.fd.sncf.fr
sncf.com
pmad.reseau.sncf.com
int.auth.sso.reseau.sncf.fr
sncf.com
mattv.sncf.fr
sts.commun.ad.sncf.fr
alerte-transilien.sncf.fr
dev-prospectus.sncf.fr
orion-connect-form.sncf.fr
accessibilite.sncf.com
sources.fd.sncf.fr
monacademie.sncf.fr
pdvf-rec.sncf.fr
cert00089-azurecdn.akamaized.net
robustest-cerbere.dgexsol.sncf.fr
postprod-fit.reseau.sncf.fr
s2if-gie.sncf.com
cert00089-azurecdn.akamaized.net
preprod-pcs-reponse.reseau.sncf.fr
mestrainsdhier.fd.sncf.fr
monacademie.sncf.fr
*.fret.sncf.com
localiter.sncf.fr
bonneannee.sncf.fr
test-slan.sncf.fr
catalogue-formation-fret.sncf.fr
resultats-labo-lyon.sncf.fr
preprod-apies-np.sncf.fr
netkin.eu
laboutiqueeco.sncf.fr
quizrh.sncf.fr
cashsolutions.sncf.fr
enquete-client.dgii.sncf.fr
form-papact.prevention.sncf.fr
*.ase-01-e2-pr.cloud.sncf.fr
poc.portail-citrix.reseau.sncf.fr
moter-recette.sncf.fr
netkin.eu
recette1.ticketing-sncf.vsct.fr
mon-assistant-visuel-int.sncf.fr
veillesst.prevention.sncf.fr
sncfcontact.sncf.fr
form.prevention.sncf.fr
www.srtpf.fr
siph.sso.reseau.sncf.fr
viveletrain-forumemploi.sncf.fr
www.tech.sncf.fr
declic-for.infra.sncf.fr
*.api-np.sncf.fr
*.accessly.divadigital.sncf.fr
int-auth.sso.reseau.sncf.fr
contact-contravention-integration.sncf.fr
recette1.ticketing-sncf.vsct.fr
diva.sncf.fr
dev-apies-np.sncf.fr
matomo.fd.sncf.fr
*.dashboardly.divadigital.sncf.fr
preprod-apies-np.sncf.fr
netkin.eu
hospitalite-france2019.sncf.fr
themis-regles-dev.sncf.fr
design-bootstrap.sncf.fr
mestrainsdhier.fd.sncf.fr
netkin.eu
g11-ref-optimum.sncf.fr
snr.infra.eva.sncf.fr
preprod-stockfds-webapi.prevention.sncf.fr
dev-salto-iamapp.sncf.fr
recette1.ticketing-sncf.vsct.fr
myuds.sncf.fr
*.staging.aks.eul.sncf.fr
ouranos-int.sncf.fr
laboutiqueeco.sncf.fr
oui.sncf
webstats.sncf.fr
cert00089-azurecdn.akamaized.net
e-logement.sncf.fr
rec-beb.basic-ng.exp.reseau.sncf.fr
*.sncfconnect.com
formation-dsdm.reseau.sncf.fr
banque-des-preuves-rse.sncf.fr
sources.fd.sncf.fr

Certificate

The complete raw certificate details for ouranos-int.sncf.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHnjCCBoagAwIBAgIQB+au8rKz+xNj9PD5yZa3rjANBgkqhkiG9w0BAQsFADBg
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx
MB4XDTIzMDQyNjAwMDAwMFoXDTI0MDQyNTIzNTk1OVowgYAxCzAJBgNVBAYTAkZS
MRcwFQYDVQQIDA7DjmxlLWRlLUZyYW5jZTEUMBIGA1UEBxMLU2FpbnQtRGVuaXMx
JDAiBgNVBAoMG1NPQ0nDiVTDiSBOQVRJT05BTEUgU05DRiBTQTEcMBoGA1UEAxMT
b3VyYW5vcy1pbnQuc25jZi5mcjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
ggIBALSYkhYLzq3yE4wPz0wZhQwNwTRuXI2tOGV2k1IYgQ8WBZ7exAoSsy//sve8
rty+NhDaadcYpbwdJj+oTA5V1g+pENDcnZN7Hg+c9XPER158wSZo8f9QdczRLNtW
5rYe0Gwjni/dvojYeQg/ComauikZPjqB+OYcu1xh9vILe+t0Z/AANs0swSQJhhwz
I4dvNWG1uO7ENWvSChlhI+RX4gjZWbtQNG98JHNfRwwkZEMjFM1yYpu+w5x09lNI
f2JYF2EN7dcU6ypvYajC0DZ2bgzKx18Hh8w8FOlI9errlBLBxCbhXHvtXYWWCiCR
D2udq1RMaXxa8nHFbnAN4Nko4bzcXCBDxCY4sdFTRJUnTHMbNWneqr+Z7pN3OSZn
u1g1sNSgFqZjo0gK0JZJAKPx8qj2ozGlyXE1wx7isnVekXrE5H7RHtkOmP/aWMZ4
pOxgezTyr7ni3mu0hNh+ucCdaSItPAKDnD24Iv4I0jEj/ue48nsbeCE46RUpTHKs
w8NiQmWWEZHJYqm0E3e5iYOsoSbZmquMsymTkMeS8TU8WbLeN74TF6EyYcwSflKt
Lm8RgoxR3O0Gc8NoUWvY3O/8/XrY47T9RINkBJmyjDrwRb1GvBziROJe5bRHipWQ
zI/DXg8vl9kzTQAn4nzNYraFFEADXCU/0/WZel9oAhm0TaXHAgMBAAGjggMxMIID
LTAfBgNVHSMEGDAWgBSUT9Rdi+Sk4qaA/v3Y+QDvo74CVzAdBgNVHQ4EFgQU2GEr
0lXG4bxjIqQTSMxZaI80RScwNgYDVR0RBC8wLYITb3VyYW5vcy1pbnQuc25jZi5m
coIWb3VyYW5vcy1pbnQuc2Yuc25jZi5mcjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6
Ly9jZHAuZ2VvdHJ1c3QuY29tL0dlb1RydXN0VExTUlNBQ0FHMS5jcmwwPgYDVR0g
BDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2Vy
dC5jb20vQ1BTMHYGCCsGAQUFBwEBBGowaDAmBggrBgEFBQcwAYYaaHR0cDovL3N0
YXR1cy5nZW90cnVzdC5jb20wPgYIKwYBBQUHMAKGMmh0dHA6Ly9jYWNlcnRzLmdl
b3RydXN0LmNvbS9HZW9UcnVzdFRMU1JTQUNBRzEuY3J0MAkGA1UdEwQCMAAwggF+
BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOze
w1FIWUZxH7WbAAABh7xe9yIAAAQDAEcwRQIhANzRvBrMusV1bTG7GwkuR1IVIWYP
D4usyoPgmvFQ68U5AiAuRFG+KGQrCoQzFDWdbI7EjhsavOkPD32jDy1zNo0fdQB2
AHPZnokbTJZ4oCB9R53mssYc0FFecRkqjGuAEHrBd3K1AAABh7xe91gAAAQDAEcw
RQIhAKVEIxM1ibULTn5VOqyCnL+jKVfmP3YktK9f6Eqxq2nyAiAb1SOT3MFDSbg9
tJwhaCk/jOeA32JyJSrtPbvtiwJM6QB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0s
gdm7v6s52IRzAAABh7xe90EAAAQDAEcwRQIhAIWU04bmaBp5DIWMYHgatgiOedQK
TUz/gxJJdir5Rsz6AiAlj1/jsxaVLoE1pfwFqdGEzQ2sm/S7rkuAQFsYuPQH0DAN
BgkqhkiG9w0BAQsFAAOCAQEATw1qsN+xIgYbfd0GU3ybBsAhsv+oa+0RlES2qEKl
2ugSWZvjh29Ge4/gQjvQGIeL3nJlXRmFPGuSQY4ik+a5/ByUZ1C3njsJpjSy+g4q
9dlLXDi6gS/5L8P0cAv6dJKPBA1eMooef1tbagl19fCfEiY8Bzx8Nx0NF6repc5T
sbczMl66/3zkMkESgp8jj0uPG2IwLgLK0r/oHjjvToZVvQAQhxZ5kQ1khhzJE8wI
TpRwhijgNEegeWf/ssESEcWcNCfeQ3aKDNb4WbS64VYtELSl4EchzM4pPE4a+jwv
C1lmL1lpU2JWmxklyL8dptokVZ2FM03+5mdTekypkl5YnQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtJiSFgvOrfITjA/PTBmF
DA3BNG5cja04ZXaTUhiBDxYFnt7EChKzL/+y97yu3L42ENpp1xilvB0mP6hMDlXW
D6kQ0Nydk3seD5z1c8RHXnzBJmjx/1B1zNEs21bmth7QbCOeL92+iNh5CD8KiZq6
KRk+OoH45hy7XGH28gt763Rn8AA2zSzBJAmGHDMjh281YbW47sQ1a9IKGWEj5Ffi
CNlZu1A0b3wkc19HDCRkQyMUzXJim77DnHT2U0h/YlgXYQ3t1xTrKm9hqMLQNnZu
DMrHXweHzDwU6Uj16uuUEsHEJuFce+1dhZYKIJEPa52rVExpfFryccVucA3g2Sjh
vNxcIEPEJjix0VNElSdMcxs1ad6qv5nuk3c5Jme7WDWw1KAWpmOjSArQlkkAo/Hy
qPajMaXJcTXDHuKydV6ResTkftEe2Q6Y/9pYxnik7GB7NPKvueLea7SE2H65wJ1p
Ii08AoOcPbgi/gjSMSP+57jyext4ITjpFSlMcqzDw2JCZZYRkcliqbQTd7mJg6yh
Jtmaq4yzKZOQx5LxNTxZst43vhMXoTJhzBJ+Uq0ubxGCjFHc7QZzw2hRa9jc7/z9
etjjtP1Eg2QEmbKMOvBFvUa8HOJE4l7ltEeKlZDMj8NeDy+X2TNNACfifM1itoUU
QANcJT/T9Zl6X2gCGbRNpccCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10502372615749700449100553233448220590
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-26 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-25 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Île-de-France'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Saint-Denis'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SOCIÉTÉ NATIONALE SNCF SA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ouranos-int.sncf.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 736767314832400845353299772261082427890435134349548083544144970417583404268334866106070702024949686582125629111963042964257933951126123275626126211309968097073134060951425994463227058760315320573255112125850892507720362722265124776068261213661438033005078205981574998685867602998398301998002489424866526132710422645243647854546738514815662038335548786400578747769761480739822970418307793104346544293157449055380464874892105934325542211959284693896719872398697986373785672890535877735152102797648967207357827763284174050321486801998514736511068318224529463284784430891865345716297961410629862547269919226153492677279597058949582848711913991776056267998952276508355022029489610875165640598635140122480707151652761875060921563535827426946967777241717619753584362133885527496453000246956340434125431951474747826219373347884615613631312196343101327665361566389121519307854365446281262682851326804981000914046893524544750529158044249421194583571225516307141517134573243356168920435523020961097558600463048212871542320781465553876702037211188976987758675001215199407539081539875875549066590804076967008923951041232497820207805198302302092057773328528768593787844452011943205208924107010292058672330615199219154091215361907969851648310617543
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d8612bd255c6e1bc6322a41348cc59688f344527
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ouranos-int.sncf.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ouranos-int.sf.sncf.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000187bc5ef7220000040300473045022100dcd1bc1accbac5756d31bb1b092e47521521660f0f8bacca83e09af150ebc53902202e4451be28642b0a843314359d6c8ec48e1b1abce90f0f7da30f2d73368d1f7500760073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b500000187bc5ef7580000040300473045022100a54423133589b50b4e7e553aac829cbfa32957e63f7624b4af5fe84ab1ab69f202201bd52393dcc14349b83db49c2168293f8ce780df6272252aed3dbbed8b024ce900760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000187bc5ef74100000403004730450221008594d386e6681a790c858c60781ab6088e79d40a4d4cff831249762af946ccfa0220258f5fe3b316952e8135a5fc05a9d184cd0dac9bf4bbae4b80405b18b8f407d0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004f0d6ab0dfb122061b7ddd06537c9b06c021b2ffa86bed119444b6a842a5dae812599be3876f467b8fe0423bd018878bde72655d19853c6b92418e2293e6b9fc1c946750b79e3b09a634b2fa0e2af5d94b5c38ba812ff92fc3f4700bfa74928f040d5e328a1e7f5b5b6a0975f5f09f12263c073c7c371d0d17aadea5ce53b1b733325ebaff7ce4324112829f238f4b8f1b62302e02cad2bfe81e38ef4e8655bd0010871679910d64861cc913cc084e94708628e03447a07967ffb2c11211c59c3427de43768a0cd6f859b4bae1562d10b4a5e04721ccce293c4e1afa3c2f0b59662f59695362569b1925c8bf1da6da24559d85334dfee667537a4ca9925e589d