fms.navient.com
- Navient Solutions, LLC -
Issued by DigiCert SHA2 Extended Validation Server CA
About this certificate
This digital certificate with serial number 01:c3:d2:ab:96:3d:14:c4:17:2d:ec:e2:3d:64:96:a4 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Navient Solutions, LLC
Company registration number:
2651098
Organization: Navient Solutions, LLC
Organization unit: Infrastructure and Operations
Organization: Navient Solutions, LLC
Organization unit: Infrastructure and Operations
State / Province:
Indiana
Locality: Fishers
Country: US
Locality: Fishers
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:c3:d2:ab:96:3d:14:c4:17:2d:ec:e2:3d:64:96:a4Serial Number (int): 2345998783728358063218011284875548324
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: a2:ff:21:f0:97:53:44:48:78:b5:8d:9e:e9:1a:0d:94:19:10:7b:81
AuthorityKeyId: 3d:d3:50:a5:d6:a0:ad:ee:f3:4a:60:0a:65:d3:21:d4:f8:f8:d6:0f
Fingerprint (sha1): 29:74:00:f0:56:f1:69:38:35:51:02:bc:b6:0c:73:85:c6:44:12:91
Fingerprint (sha256): 19:14:23:53:cd:bb:4d:c6:d5:9f:cd:6f:0e:17:22:20:09:e8:af:93:05:09:31:18:ff:79:96:60:0b:a1:02:70
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ev-server-g2.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ev-server-g2.crl
Check the revocation status for certificate fms.navient.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for fms.navient.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
fms.navient.com
Other certificates including the domain name navient.com
(limited to 100 certificates)
images.navient.com
rrp.navient.com
mediaserver.navient.com
payments.navient.com
panifiise010.navient.com
access.navient.com
tcpaupdateqa.navient.com
staging.gateway.msbpay.navient.com
www.navient.com
textresponsedev.navient.com
survey.navient.com
LyncExt.navient.com
b2bproxy.navient.com
accesslync.navient.com
leapfrog-ssl-4.gcs-web.com
leapfrog-ssl-4.gcs-web.com
payments.navient.com
upload.navient.com
bdm.navient.com
message.navient.com
go.navient.com
leapfrog-ssl-4.gcs-web.com
filegateway.navient.com
gogreen.navient.com
meteortest.navient.com
myaccount.navient.com
PEVSGW.navient.com
wsmb2bproxy.navient.com
myaccount.navient.com
exedge.navient.com
payments.navient.com
chat2.navient.com
twwsdlr.navient.com
services.navient.com
rsa.citrixcloud.navient.com
leapfrog-ssl-4.gcs-web.com
idrhelp.navient.com
assist.navient.com
leapfrog-ssl-4.gcs-web.com
rrp.navient.com
jobs.navient.com
gogreenqa.navient.com
leapfrog-ssl-4.gcs-web.com
acqueonapi-test.navient.com
vpgw.navient.com
ilp.navient.com
mediaserver.navient.com
punrasrly010.navient.com
tcpaupdateqa.navient.com
leapfrog-ssl-4.gcs-web.com
services2.navient.com
myaccount.navient.com
accesslync.navient.com
mediaserver.navient.com
services2.navient.com
preview-xtend.navient.com
twwsgw.navient.com
ilp.navient.com
accesslync.navient.com
Preview-xtend.navient.com
amzn-connect.navient.com
staging.gateway.msbpay.navient.com
mediaserver.cm.navient.com
fms.navient.com
rsa.citrixcloud.navient.com
punrfirly080.navient.com
leapfrog-ssl-4.gcs-web.com
*.navient.com
login.navient.com
www.navient.com
concierge-qa.navient.com
wsmb2bresp.navient.com
jobs.navient.com
rrp.navient.com
exedge.navient.com
www.navient.com
leapfrog-ssl-4.gcs-web.com
den1.navient.com
fms.navient.com
leapfrog-ssl-4.gcs-web.com
rsa.citrix.navient.com
navient.com
twwsdlr.navient.com
ree.navient.com
meteor.navient.com
webadvisor.navient.com
extnavi.usa-ed.net
leapfrog-ssl-4.gcs-web.com
sdu.navient.com
ssp.navient.com
webmail.navient.com
paymentstest.navient.com
gogreen.navient.com
go.navient.com
access-dr.navient.com
leapfrog-ssl-4.gcs-web.com
meteor.navient.com
services2.navient.com
vdi2.navient.com
message.navient.com
rrp.navient.com
mediaserver.navient.com
payments.navient.com
panifiise010.navient.com
access.navient.com
tcpaupdateqa.navient.com
staging.gateway.msbpay.navient.com
www.navient.com
textresponsedev.navient.com
survey.navient.com
LyncExt.navient.com
b2bproxy.navient.com
accesslync.navient.com
leapfrog-ssl-4.gcs-web.com
leapfrog-ssl-4.gcs-web.com
payments.navient.com
upload.navient.com
bdm.navient.com
message.navient.com
go.navient.com
leapfrog-ssl-4.gcs-web.com
filegateway.navient.com
gogreen.navient.com
meteortest.navient.com
myaccount.navient.com
PEVSGW.navient.com
wsmb2bproxy.navient.com
myaccount.navient.com
exedge.navient.com
payments.navient.com
chat2.navient.com
twwsdlr.navient.com
services.navient.com
rsa.citrixcloud.navient.com
leapfrog-ssl-4.gcs-web.com
idrhelp.navient.com
assist.navient.com
leapfrog-ssl-4.gcs-web.com
rrp.navient.com
jobs.navient.com
gogreenqa.navient.com
leapfrog-ssl-4.gcs-web.com
acqueonapi-test.navient.com
vpgw.navient.com
ilp.navient.com
mediaserver.navient.com
punrasrly010.navient.com
tcpaupdateqa.navient.com
leapfrog-ssl-4.gcs-web.com
services2.navient.com
myaccount.navient.com
accesslync.navient.com
mediaserver.navient.com
services2.navient.com
preview-xtend.navient.com
twwsgw.navient.com
ilp.navient.com
accesslync.navient.com
Preview-xtend.navient.com
amzn-connect.navient.com
staging.gateway.msbpay.navient.com
mediaserver.cm.navient.com
fms.navient.com
rsa.citrixcloud.navient.com
punrfirly080.navient.com
leapfrog-ssl-4.gcs-web.com
*.navient.com
login.navient.com
www.navient.com
concierge-qa.navient.com
wsmb2bresp.navient.com
jobs.navient.com
rrp.navient.com
exedge.navient.com
www.navient.com
leapfrog-ssl-4.gcs-web.com
den1.navient.com
fms.navient.com
leapfrog-ssl-4.gcs-web.com
rsa.citrix.navient.com
navient.com
twwsdlr.navient.com
ree.navient.com
meteor.navient.com
webadvisor.navient.com
extnavi.usa-ed.net
leapfrog-ssl-4.gcs-web.com
sdu.navient.com
ssp.navient.com
webmail.navient.com
paymentstest.navient.com
gogreen.navient.com
go.navient.com
access-dr.navient.com
leapfrog-ssl-4.gcs-web.com
meteor.navient.com
services2.navient.com
vdi2.navient.com
message.navient.com
Certificate
The complete raw certificate details for fms.navient.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHYzCCBkugAwIBAgIQAcPSq5Y9FMQXLeziPWSWpDANBgkqhkiG9w0BAQsFADB1 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE4MDUwODAwMDAwMFoXDTIwMDUxMjEy MDAwMFowgfUxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB BAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQF EwcyNjUxMDk4MQswCQYDVQQGEwJVUzEQMA4GA1UECBMHSW5kaWFuYTEQMA4GA1UE BxMHRmlzaGVyczEfMB0GA1UEChMWTmF2aWVudCBTb2x1dGlvbnMsIExMQzEmMCQG A1UECxMdSW5mcmFzdHJ1Y3R1cmUgYW5kIE9wZXJhdGlvbnMxGDAWBgNVBAMTD2Zt cy5uYXZpZW50LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALHN ijR2HFrDkZGH7l7+MjmR54moddFO21AZbB0AP5mrU372z0r0au3OsfC5yb48FIxb fXXhwr759VPNm93mt8oAP6SR4WQbgytm6nn3tHvXOaQaZQW+taoiINBlxEw+mLvK j/gwHbV1Xg8FYz6jHu4yUz/n6I/CDHJm5ULScUJIht+WEiZJV9sVKKQjefKQXJ9d lOuQB8RhmJ6LBUFgEQ0BQAUoGTzdt4HtS7ddsp4oOH/+5U1YbUdafLxvNVLT5Waq 70sKNSa2V3ZDELt78c+dDqurKnJdujwljMitfsHov8+1pT9xYQcvG1S1YGJ/6Res q3WvcG5FXVU9TDfPI8UCAwEAAaOCA2wwggNoMB8GA1UdIwQYMBaAFD3TUKXWoK3u 80pgCmXTIdT4+NYPMB0GA1UdDgQWBBSi/yHwl1NESHi1jZ7pGg2UGRB7gTAaBgNV HREEEzARgg9mbXMubmF2aWVudC5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8v Y3JsMy5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMDSgMqAwhi5o dHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMEsG A1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3 LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwgYgGCCsGAQUFBwEBBHwwejAkBggr BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFIGCCsGAQUFBzAChkZo dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyRXh0ZW5kZWRW YWxpZGF0aW9uU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF8BgorBgEEAdZ5 AgQCBIIBbASCAWgBZgB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGF AAABY0GaGUIAAAQDAEcwRQIgUDIg/LCzIkBdR5v7E42Gat/+hSItSLR7uiWWj4ns CHsCIQCpDwlnUsIS2H7nGbn8Xuw2+P8JwtT9YOua5GtBCxkRAgB1AFYUBpov18Ls 0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAABY0GaGMsAAAQDAEYwRAIgQD0PyBc0 UlcHsnx09kG04cZ7uHK6JO+TvGsaisuvT38CIDKj37gUvyss+/2PnD9/rGibg93l J6USKzZ5zIdor20XAHUAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8A AAFjQZoaXwAABAMARjBEAiAlmeNxCiehU/uQ0IY2s/umFqqG2kndG/rxTaPusfJy 0wIgJqp04mlaNcm6+0ExzpW+mY56BdbkYRmBOsrYb5y1rM8wDQYJKoZIhvcNAQEL BQADggEBAL9B5yztU7CCpCZQH5GCzL5fsFHRnBfYlI20AHANhgsERVNRXBd+UWqH 4wP0OwfEw6Sq7BcX/qqszyzgqgeiZ+WaLccWyId3QSPdUYJajPlVN+t2d3ci5bJ2 bW/JovId/l5PEHld5QwRusEeY9OEh7eF/ZiKrsiaaSQCzPbOV3PN70guksjg1TD5 j3l8ItaOSvKspYY/ziMd4dVfPdcmnYHPRsNHasR9IY0RHI4RwvVdlqyTQfID1DsH Gl2dT4GVpX9wqktIMXEp/bjiDMi3EUD71GAnMw5lZrtcod627J8rxNBsgZTaYLv7 Cb0dnWY7MpN/PTyOAaoCT0IG9r+YiUs= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsc2KNHYcWsORkYfuXv4y OZHniah10U7bUBlsHQA/matTfvbPSvRq7c6x8LnJvjwUjFt9deHCvvn1U82b3ea3 ygA/pJHhZBuDK2bqefe0e9c5pBplBb61qiIg0GXETD6Yu8qP+DAdtXVeDwVjPqMe 7jJTP+foj8IMcmblQtJxQkiG35YSJklX2xUopCN58pBcn12U65AHxGGYnosFQWAR DQFABSgZPN23ge1Lt12ynig4f/7lTVhtR1p8vG81UtPlZqrvSwo1JrZXdkMQu3vx z50Oq6sqcl26PCWMyK1+wei/z7WlP3FhBy8bVLVgYn/pF6yrda9wbkVdVT1MN88j xQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2345998783728358063218011284875548324 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Extended Validation Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-08 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-12 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2651098' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Indiana' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Fishers' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Navient Solutions, LLC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Infrastructure and Operations' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'fms.navient.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22445535463006809005603031617983294321095669222036828026195874768158066469482902719290983731720516749414287843015437295890731406094199992553618509843801859479896013414066283301042760604959724333157180920928913795811783972269219415048113243974080755675266209312936489006122315705783583082339802833912467796273412202900014776900096055567299792546896104866603211358158328175332530263476833076814674486636212517888624388050338048510552254067511540776996667987093222765935797117662926842533665041327974618891749151573958528046089387536776303422639956991063510921925692507869322631447040466845577054484417577497314901042117 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3dd350a5d6a0adeef34a600a65d321d4f8f8d60f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a2ff21f09753444878b58d9ee91a0d9419107b81 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fms.navient.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 0166007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000163419a194200000403004730450220503220fcb0b322405d479bfb138d866adffe85222d48b47bba25968f89ec087b022100a90f096752c212d87ee719b9fc5eec36f8ff09c2d4fd60eb9ae46b410b1911020075005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd00000163419a18cb00000403004630440220403d0fc81734525707b27c74f641b4e1c67bb872ba24ef93bc6b1a8acbaf4f7f022032a3dfb814bf2b2cfbfd8f9c3f7fac689b83dde527a5122b3679cc8768af6d170075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f00000163419a1a5f000004030046304402202599e3710a27a153fb90d08636b3fba616aa86da49dd1bfaf14da3eeb1f272d3022026aa74e2695a35c9bafb4131ce95be998e7a05d6e46119813acad86f9cb5accf . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bf41e72ced53b082a426501f9182ccbe5fb051d19c17d8948db400700d860b044553515c177e516a87e303f43b07c4c3a4aaec1717feaaaccf2ce0aa07a267e59a2dc716c887774123dd51825a8cf95537eb76777722e5b2766d6fc9a2f21dfe5e4f10795de50c11bac11e63d38487b785fd988aaec89a692402ccf6ce5773cdef482e92c8e0d530f98f797c22d68e4af2aca5863fce231de1d55f3dd7269d81cf46c3476ac47d218d111c8e11c2f55d96ac9341f203d43b071a5d9d4f8195a57f70aa4b48317129fdb8e20cc8b71140fbd46027330e6566bb5ca1deb6ec9f2bc4d06c8194da60bbfb09bd1d9d663b32937f3d3c8e01aa024f4206f6bf98894b