query.geotrust.com

- GeoTrust, Inc. -

Issued by GeoTrust Extended Validation SHA256 SSL CA

About this certificate

This digital certificate with serial number 27:58:ef:9f:7c:33:7e:61:59:f3:63:eb:bd:25:db:44 was issued on by GeoTrust Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

GeoTrust, Inc.

Company registration number: 3479750
Organization: GeoTrust, Inc.
Organization unit: Infrastructure Operations
State / Province: California
Locality: Mountain View
Country: US

GeoTrust Inc.

Organization: GeoTrust Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 27:58:ef:9f:7c:33:7e:61:59:f3:63:eb:bd:25:db:44
Serial Number (int): 52301674090774289640459945282214681412
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: 17:b8:dc:aa:b1:53:22:19:41:95:7b:3c:81:ea:88:9b:49:c3:a2:8b

Fingerprint (sha1): 5d:5f:8d:ab:18:3d:19:14:91:c8:8f:85:2d:a5:64:36:37:87:20:f5
Fingerprint (sha256): 19:43:bb:06:dd:ad:9f:e7:21:f7:c2:22:e2:9f:49:97:e9:93:6f:f3:3f:0b:6e:61:cc:0b:46:61:39:28:03:1c

Issuing Certificate URL: http://gk.symcb.com/gk.crt

Revocation information

OCSP Server: http://gk.symcd.com
CRL Distribution Point: http://gk.symcb.com/gk.crl

Check the revocation status for certificate query.geotrust.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for query.geotrust.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

query.geotrust.com

Other certificates including the domain name geotrust.com

(limited to 100 certificates)
dev-ops.geotrust.com
smarticon.geotrust.com
cryptoreport.geotrust.com
pilot-security-center.geotrust.com
verify.geotrust.com
pilot-docs.geotrust.com
test-tcadmin.geotrust.com
services.geotrust.com
valid-root13.geotrust.com
docs.geotrust.com
test-api.geotrust.com
test-api.geotrust.com
security-center.geotrust.com
knowledge.geotrust.com
pilot-security-center.geotrust.com
seal.geotrust.com
cc-admin.websecurity.symantec.com
pilot-docs.geotrust.com
expired-root11.geotrust.com
valid-root15.geotrust.com
knowledge.geotrust.com
services.geotrust.com
adobe-timestamp.geotrust.com
pilot-api-appsec-cws.ws.symantec.com
revoked-root14.geotrust.com
dcv.rapidssl.com
enterprise-security-center.geotrust.com
security-center.geotrust.com
test-api.geotrust.com
test-cc-admin.websecurity.symantec.com
enterprise-api.geotrust.com
cc-admin.geotrust.com
valid-root15.geotrust.com
test-cc-admin.geotrust.com
knowledge.geotrust.com
origin-seal.symauth.com
enterprise-api.geotrust.com
security-center.geotrust.com
timestamp.geotrust.com
query.geotrust.com
enterprise-api.geotrust.com
test-services.geotrust.com
valid-root13.geotrust.com
geotrust.com
smarticon.geotrust.com
revoked-root15.geotrust.com
www.geotrust.com
extended-validation-ssl.geotrust.com
test-tbidev.geotrust.com
blog.geotrust.com
website-security.geotrust.com
smarticon.geotrust.com
dev-smarticon.geotrust.com
seal.geotrust.com
getcert.geotrust.com
dev-products.geotrust.com
pilot-enterprise-api.geotrust.com
www.geotrust.com
pilot-enterprise-security-center.geotrust.com
pilot-enterprise-api.geotrust.com
dev-crl.geotrust.com
test-api.geotrust.com
extended-validation-ssl.geotrust.com
test-smarticon.geotrust.com
digicert.com
ecc-test-valid.geotrust.com
smarticon.geotrust.com
pilot-enterprise-security-center.geotrust.com
dev-ops.geotrust.com
cryptoreport.geotrust.com
test-api.geotrust.com
valid-root14.geotrust.com
pilot-enterprise-security-center.geotrust.com
test-api.geotrust.com
pilot-enterprise-security-center.geotrust.com
adobe-timestamp.geotrust.com
seal.geotrust.com
valid-root12.geotrust.com
test-tcadmin.geotrust.com
sealinfo.geotrust.com
adobe-timestamp.geotrust.com
DigiCert, Inc.
pilot-getcert.geotrust.com
security-center.geotrust.com
revoked-root12.geotrust.com
test-ops.geotrust.com
extended-validation-ssl.geotrust.com
website-security.geotrust.com
enterprise-api.geotrust.com
seal.geotrust.com
timestamp.geotrust.com
adobe-timestamp.geotrust.com
pilot-security-center.geotrust.com
docs.geotrust.com
?.?.symantec.com
seal.geotrust.com
ops.geotrust.com
pilot-enterprise-security-center.geotrust.com
pilot-verify.geotrust.com
docs.geotrust.com

Certificate

The complete raw certificate details for query.geotrust.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHBTCCBe2gAwIBAgIQJ1jvn3wzfmFZ82PrvSXbRDANBgkqhkiG9w0BAQsFADBa
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEzMDEGA1UEAxMq
R2VvVHJ1c3QgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTSEEyNTYgU1NMIENBMB4XDTE1
MDQxMzAwMDAwMFoXDTE3MDQxMjIzNTk1OVowgfUxEzARBgsrBgEEAYI3PAIBAxMC
VVMxGTAXBgsrBgEEAYI3PAIBAgwIRGVsYXdhcmUxCzAJBgNVBAYTAlVTMRMwEQYD
VQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MR0wGwYDVQQP
ExRQcml2YXRlIE9yZ2FuaXphdGlvbjEQMA4GA1UEBRMHMzQ3OTc1MDEXMBUGA1UE
CgwOR2VvVHJ1c3QsIEluYy4xIjAgBgNVBAsMGUluZnJhc3RydWN0dXJlIE9wZXJh
dGlvbnMxGzAZBgNVBAMMEnF1ZXJ5Lmdlb3RydXN0LmNvbTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMiDNMB2+e57wiCp0RlQ9GC1oU/dAzjUEO1J4twt
Sp1GrmbVFXefKilFEcsYZLyI7rRSN9kYwbuXbpTYgXpSchGSB1rNTxtwK7/sgGZk
Ug0cYhoHDcBBkMFCDcLINcGFXbAmrwOVfMdhmEIN2Zryrr2vPQpmzUEzLVczWCbD
jDsnIFSjjMy0Rz+Vf3R2DffswcYu4uoLoIZNQ8CrjGO/HwWxBinz2SKYbcnzqqbz
1dzCY2ZyxOPmbhGSy6ia4XD4TxI5Bf5PNkEuZGR8XhGyn3bEcYJL2tH0vPnLs9Ho
VTwRWqmF1g5Z8C2UL63W0HPlK3z2AJufy1s+5R4tBQA3EecCAwEAAaOCAykwggMl
MB0GA1UdEQQWMBSCEnF1ZXJ5Lmdlb3RydXN0LmNvbTAJBgNVHRMEAjAAMA4GA1Ud
DwEB/wQEAwIFoDArBgNVHR8EJDAiMCCgHqAchhpodHRwOi8vZ2suc3ltY2IuY29t
L2drLmNybDCBoAYDVR0gBIGYMIGVMIGSBgkrBgEEAfAiAQYwgYQwPwYIKwYBBQUH
AgEWM2h0dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNvdXJjZXMvcmVwb3NpdG9y
eS9sZWdhbDBBBggrBgEFBQcCAjA1DDNodHRwczovL3d3dy5nZW90cnVzdC5jb20v
cmVzb3VyY2VzL3JlcG9zaXRvcnkvbGVnYWwwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
CCsGAQUFBwMCMB8GA1UdIwQYMBaAFBe43KqxUyIZQZV7PIHqiJtJw6KLMFcGCCsG
AQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL2drLnN5bWNkLmNvbTAmBggr
BgEFBQcwAoYaaHR0cDovL2drLnN5bWNiLmNvbS9nay5jcnQwggF+BgorBgEEAdZ5
AgQCBIIBbgSCAWoBaAB1AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQ
AAABTLBYCCQAAAQDAEYwRAIgcCjkoF2I4xqY2uMOWfBdykcEQPKP85b5rlrynrH9
dwACIAuByu3/bi5BUOMn0DrIXUmVFjAyPEp5pDhiAWkt18mQAHcAVhQGmi/XwuzT
9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFMsFgJMAAABAMASDBGAiEAn2JPnl8x
9pHRbksXFM0fAXX6ebL9H4B0rmMpIKrdYDACIQC4ffFAXuCaCZX0Mf7rCcqmPE9s
KOlpwahrwt3zR5Z8xgB2AGj2mPgfZIK+OozuuSgdTPxxUV1nk9RE0QpnrLtPT/vE
AAABTLBYCDsAAAQDAEcwRQIgeTxX9ZKOGR6SAuL8DgyiczeEwCnQeL2055HqTW+B
ncgCIQDCzTC37Kr0978RMR5GgCbayLsixyyhSJEg25l0pP/7fTANBgkqhkiG9w0B
AQsFAAOCAQEAtwdhOGYdokYpmSdOOD/3ZTGPj1EkTAUJJ7sDb22sBCMYbcuz/hy6
6d7pISzs7rVWAfWD8hwIGBK4c9qo711u6lqWO6hw6iVbSrl8iIbHIABowji7m3+y
eaGC/8qQeSGLWi72Fhdn2i62x0cccRXrSv38plvQtkRYPmbT15dk9I2p+l59Gqlj
WYYIzABA5YDm0ZAwIXx2vGT7EmC9AE5okegCBGQOcvyv9qAUAND7ZALbj9Owd51V
FThj5/anB7IhXbXHVeqBSUmre8IXP9HF5dF/+N11nUTYzk0XViAZJWafbgqKIB38
5iJIaTu76wnACtS10T6GMDtpuvRnyFvCeA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIM0wHb57nvCIKnRGVD0
YLWhT90DONQQ7Uni3C1KnUauZtUVd58qKUURyxhkvIjutFI32RjBu5dulNiBelJy
EZIHWs1PG3Arv+yAZmRSDRxiGgcNwEGQwUINwsg1wYVdsCavA5V8x2GYQg3ZmvKu
va89CmbNQTMtVzNYJsOMOycgVKOMzLRHP5V/dHYN9+zBxi7i6gughk1DwKuMY78f
BbEGKfPZIphtyfOqpvPV3MJjZnLE4+ZuEZLLqJrhcPhPEjkF/k82QS5kZHxeEbKf
dsRxgkva0fS8+cuz0ehVPBFaqYXWDlnwLZQvrdbQc+UrfPYAm5/LWz7lHi0FADcR
5wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 52301674090774289640459945282214681412
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Extended Validation SHA256 SSL CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-04-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-04-12 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Delaware'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Mountain View'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '3479750'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'GeoTrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Infrastructure Operations'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'query.geotrust.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25312361113681482094465506044115530335226038815376463019805523752768017719495705259031530674644214709632337364286726098665750437062634961905523620097974823880433492698634802025052940075466060960232250328609812006976924378790220899054296957372202277799263361754674965311017519326515303682524276428016774235135214460182888043497335950936505222678906560386026624094215498086056896164848465065311328212354328598382567940698832816386694366988084559269870311382699795667770621441452050520252834912310396052461516060823002880301010403322371452539001052773840894395754832228617317195961053509834756765122900987816994686833127
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'query.geotrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gk.symcb.com/gk.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (152 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.14370.1.6 (GeoTrust EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17b8dcaab153221941957b3c81ea889b49c3a28b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gk.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gk.symcb.com/gk.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000014cb0580824000004030046304402207028e4a05d88e31a98dae30e59f05dca470440f28ff396f9ae5af29eb1fd770002200b81caedff6e2e4150e327d03ac85d49951630323c4a79a4386201692dd7c9900077005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd0000014cb058093000000403004830460221009f624f9e5f31f691d16e4b1714cd1f0175fa79b2fd1f8074ae632920aadd6030022100b87df1405ee09a0995f431feeb09caa63c4f6c28e969c1a86bc2ddf347967cc600760068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc40000014cb058083b00000403004730450220793c57f5928e191e9202e2fc0e0ca2733784c029d078bdb4e791ea4d6f819dc8022100c2cd30b7ecaaf4f7bf11311e468026dac8bb22c72ca1489120db9974a4fffb7d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b7076138661da2462999274e383ff765318f8f51244c050927bb036f6dac0423186dcbb3fe1cbae9dee9212ceceeb55601f583f21c081812b873daa8ef5d6eea5a963ba870ea255b4ab97c8886c7200068c238bb9b7fb279a182ffca9079218b5a2ef6161767da2eb6c7471c7115eb4afdfca65bd0b644583e66d3d79764f48da9fa5e7d1aa963598608cc0040e580e6d19030217c76bc64fb1260bd004e6891e80204640e72fcaff6a01400d0fb6402db8fd3b0779d55153863e7f6a707b2215db5c755ea814949ab7bc2173fd1c5e5d17ff8dd759d44d8ce4d1756201925669f6e0a8a201dfce62248693bbbeb09c00ad4b5d13e86303b69baf467c85bc278