info.aarpmedicareplans.com

Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1

About this certificate

This digital certificate with serial number 0f:f0:66:95:3b:33:a6:a6:23:10:c6:0e:96:b5:8b:55 was issued on by DigiCert, Inc..

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=info.aarpmedicareplans.com

DigiCert, Inc.

Organization: DigiCert, Inc.
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0f:f0:66:95:3b:33:a6:a6:23:10:c6:0e:96:b5:8b:55
Serial Number (int): 21186651811919941593956083977376074581
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: a9:7d:73:f5:e4:c3:3c:f5:1e:fe:2f:49:aa:62:f7:7f:16:b3:0e:0d
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23

Fingerprint (sha1): b7:27:06:9b:a6:18:1c:a0:20:a4:df:c6:8e:91:a6:64:c2:a7:4e:ed
Fingerprint (sha256): 19:80:a9:b4:52:a3:ac:a5:f3:b8:2d:da:e9:e8:91:e6:63:d6:4d:56:23:fe:09:d5:8e:f0:2f:a9:42:ca:40:49

Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl

Check the revocation status for certificate info.aarpmedicareplans.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for info.aarpmedicareplans.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

info.aarpmedicareplans.com

Other certificates including the domain name aarpmedicareplans.com

(limited to 100 certificates)
5767409591910400-fe4.pantheonsite.io
ma.aarpmedicareplans.com
offline-mnrgeneric.uhc.com
pdp.aarpmedicareplans.com
5638916786880512-fe1.pantheonsite.io
caid.uhccommunityplan.com
5767409591910400-fe4.pantheonsite.io
offline.uhcmedicaresolutions.com
gpd-acq-azure.optum.com
ma.aarpmedicareplans.com
dlm-mnrfed.uhcsouthflorida.com
www.uhcmedicaresolutions.com
mnrgeneric.uhc.com
5638916786880512-fe1.pantheonsite.io
www.uhcmedicaresolutions.com
5638916786880512-fe1.pantheonsite.io
info.aarpmedicareplans.com
caid.uhccommunityplan.com
5638916786880512-fe1.pantheonsite.io
5638916786880512-fe1.pantheonsite.io
mars.aarpmedicareplans.com
5638916786880512-fe1.pantheonsite.io
microsites-prod-externalprodv2.aemprod.optum.com
gpd-acq-azure.optum.com
renew.aarpmedicareplans.com
roadtripreunion.aarpmedicareplans.com
www.aarpmedicareplans.com
mnrgeneric2.uhc.com
ma.aarpmedicareplans.com
mnrgeneric.uhc.com
www.aarpmedicareplans.com
visualizeyou.member.aarpmedicareplans.com
www.aarpmedicareplans.com
renew.aarpmedicareplans.com
info.aarpmedicareplans.com
caid.uhccommunityplan.com
offline.aarpmedicareplans.com
caid.uhccommunityplan.com
5767409591910400-fe4.pantheonsite.io
www.aarpmedicareplans.com
mnrgeneric2.uhc.com
renew.aarpmedicareplans.com
www.uhcmedicaresolutions.com
5767409591910400-fe4.pantheonsite.io
mnrgeneric.uhc.com
5638916786880512-fe1.pantheonsite.io
offline.uhcmedicaresolutions.com
www.uhcmedicaresolutions.com
hl.member.aarpmedicareplans.com
offline.uhcmedicaresolutions.com
mnrgeneric2.uhc.com
5767409591910400-fe4.pantheonsite.io
planselector.aarpmedicareplans.com
microsites-prod-externalprodv5.aemprod.optum.com
offline.uhcmedicaresolutions.com
advisor.aarpmedicareplans.com
www.uhcmedicaresolutions.com
5638916786880512-fe1.pantheonsite.io
hl-shra.member.aarpmedicareplans.com
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
pdp.aarpmedicareplans.com
caid.uhccommunityplan.com
www.uhcmedicaresolutions.com
caid.uhccommunityplan.com
offline-mnrgeneric.uhc.com
5767409591910400-fe4.pantheonsite.io
offline.aarpmedicareplans.com
mnrgeneric.uhc.com

info.aarpmedicareplans.com
5638916786880512-fe1.pantheonsite.io
info.aarpmedicareplans.com
www.uhcmedicaresolutions.com
5767409591910400-fe4.pantheonsite.io
renew.aarpmedicareplans.com
mnrgeneric.uhc.com
5767409591910400-fe4.pantheonsite.io
microsites-prod-externalprodv3.aemprod.optum.com
mnrgeneric2.uhc.com
5638916786880512-fe1.pantheonsite.io
5638916786880512-fe1.pantheonsite.io
offline-mnrgeneric2.uhc.com
5767409591910400-fe4.pantheonsite.io
offline.uhcmedicaresolutions.com
hl.member.aarpmedicareplans.com
ma.aarpmedicareplans.com
5767409591910400-fe4.pantheonsite.io
renew.aarpmedicareplans.com
5638916786880512-fe1.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
mnrgeneric.uhc.com
www.uhcmedicaresolutions.com
5638916786880512-fe1.pantheonsite.io
offline.uhcmedicaresolutions.com
gpd-acq-azure.optum.com
5767409591910400-fe4.pantheonsite.io
5638916786880512-fe1.pantheonsite.io
offline-mnrgeneric2.uhc.com
5767409591910400-fe4.pantheonsite.io

Certificate

The complete raw certificate details for info.aarpmedicareplans.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHpDCCBYygAwIBAgIQD/BmlTszpqYjEMYOlrWLVTANBgkqhkiG9w0BAQsFADBc
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT
K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN
MjMxMjA1MDAwMDAwWhcNMjQwNjA1MjM1OTU5WjAlMSMwIQYDVQQDExppbmZvLmFh
cnBtZWRpY2FyZXBsYW5zLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANEjoRs1FtYae3U3W49vyI5oUwb/WC7GgT7XkMyUgVvm5m5marAv0j1xyrPT
tTtO3dDaGYisVQwlZTPukbzIqN7KvZFFdXRcuFV7MhLZBpnKqWF928UtqM4cAtx5
xjCcrGum127xjziVr0p1iDdZHzZLqrB8e4vw53Zmn04vuVSlIpr+GaFvR4KY0om7
gTDfzR0RgDzleTy9oX6WbqcMmhA37iS57HL4+NCyxCdkn5+UbQ9WHUJrv6PtjeJg
HU21vtD5PY5/ZaKNsbcAVQWqybWs+DNHFfGvSlkDLnZ8EY7G69PCRxtfFI+ZhC4k
75LD+jDY6Pp46SQSgY9OtJSxy5kCAwEAAaOCA5cwggOTMB8GA1UdIwQYMBaAFKW0
1us2xOdrpt/EZAsBKiAEuGYjMB0GA1UdDgQWBBSpfXP15MM89R7+L0mqYvd/FrMO
DTAlBgNVHREEHjAcghppbmZvLmFhcnBtZWRpY2FyZXBsYW5zLmNvbTA+BgNVHSAE
NzA1MDMGBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0
LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjCBnwYDVR0fBIGXMIGUMEigRqBEhkJodHRwOi8vY3JsMy5kaWdpY2Vy
dC5jb20vR2VvVHJ1c3RHbG9iYWxUTFNSU0E0MDk2U0hBMjU2MjAyMkNBMS5jcmww
SKBGoESGQmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRM
U1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNybDCBhwYIKwYBBQUHAQEEezB5MCQGCCsG
AQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUQYIKwYBBQUHMAKGRWh0
dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQw
OTZTSEEyNTYyMDIyQ0ExLmNydDAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIE
AgSCAW8EggFrAWkAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAA
AYw8FTEDAAAEAwBHMEUCIAXc46TpFoEqKKQhmaMwv+h9Qe0AaCujM+ZAQBJt2S5t
AiEAwUyNapBC6hPKAg2FSRu6iTLPz5Cyw/zS+wW/b0dWz2IAdgBIsONr2qZHNA/l
agL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYw8FTDzAAAEAwBHMEUCIEKMpMOP+ZNc
5dEpd05iMx1DEbBv9bdItGH8FPNLdUPjAiEAvpG3EmYZdXvsSbEL8qFt4xo9anQY
GrzTEa7O+XcebSgAdwDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAA
AYw8FTDAAAAEAwBIMEYCIQDBxtIy1ISlpyXJKR4GK14/NgqXJxl4v28Jkg4FMXV/
YQIhANAeMvBch+0x3R/AP7cDaVsJOtnvmE0KtakzwQN9c0AfMA0GCSqGSIb3DQEB
CwUAA4ICAQBAPAGcHXgNHHM1Em/2VuIrpcamBzChsq6Gq8hq1XnP3gfN9U7iDsfc
t1TP9M9gwGJI+0woqQEDi088JZ+ec+VqgF+CARc0ehoDBxkHjUFtRWHAq6WecOj/
CxmBuGN1FbmM/PTWfr+bTkGuBa97NTTL08DcrIw43oHvtULrZWwSGYUchg++9v8Q
mzNsHuNvF4VQ5FDzr71AUCE9XxpbLzWO1HZVSjQUtxIROLpRyzNh5bVlD45JQhJZ
QzwwOjOk82H8BGpRRW6H5rdRigG8kaMr8t6I40HH2zlx+ZB9xiI7KZxFYN8fcFCB
21Ky8rFIi7vv6o6m0xFeoTQm4zGXZlYhqPaceSp+X88C0fz4jlIUMqPbmySsESTy
jlD5NtbMGzGbXRfNAiKO7reSf3twMDrygWJ1vAu8/FRXxn0QqcGwMCg062ULemMB
gmPQTJiV98TP2W94eNEQOYmAZMYjOu5Wh6T/2uy80BjXQnIUsEQyNy1UZNoVAGn/
JuyNAeHh3N3xjzKs5tIHxOVqYUkkj/UmC0++RGkVDXpfT06cYsmeGFaR9RQVNk8D
DX4HUkZH+LnizQb3HS7LFp2z4bc8yt2eeqZsvXLIgbdRwvnE7/j0ozRb0JP4sJ6/
vk2dVCY5Xgfialx4/Lfh78HhhYQ2YhIeI2rsMhuSIxGf2wmxrGdkZA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SOhGzUW1hp7dTdbj2/I
jmhTBv9YLsaBPteQzJSBW+bmbmZqsC/SPXHKs9O1O07d0NoZiKxVDCVlM+6RvMio
3sq9kUV1dFy4VXsyEtkGmcqpYX3bxS2ozhwC3HnGMJysa6bXbvGPOJWvSnWIN1kf
NkuqsHx7i/DndmafTi+5VKUimv4ZoW9HgpjSibuBMN/NHRGAPOV5PL2hfpZupwya
EDfuJLnscvj40LLEJ2Sfn5RtD1YdQmu/o+2N4mAdTbW+0Pk9jn9loo2xtwBVBarJ
taz4M0cV8a9KWQMudnwRjsbr08JHG18Uj5mELiTvksP6MNjo+njpJBKBj060lLHL
mQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 21186651811919941593956083977376074581
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-05 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-05 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'info.aarpmedicareplans.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26401375211112648408210606153939402885266415264629960993949685208899006935931812787863114297820176716996269418535909782722060496135514870646035917858004683260817714159642083578979456397846029637364210793776188321868325992754710566669917098966152880683063005662904899118909201052504697258593382589646012725911090325446344143486288647872873200386901245413085902000099474120411337285589948764657401622044785088417382100146063891626390745351000000230007276518356776003433715609894785176979255709556688450092149474440148068174805969554809340593809128873599041198919395217924049536113954386807032058342556621692557809798041
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a97d73f5e4c33cf51efe2f49aa62f77f16b30e0d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'info.aarpmedicareplans.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c3c1531030000040300473045022005dce3a4e916812a28a42199a330bfe87d41ed00682ba333e64040126dd92e6d022100c14c8d6a9042ea13ca020d85491bba8932cfcf90b2c3fcd2fb05bf6f4756cf6200760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c3c1530f300000403004730450220428ca4c38ff9935ce5d129774e62331d4311b06ff5b748b461fc14f34b7543e3022100be91b7126619757bec49b10bf2a16de31a3d6a74181abcd311aecef9771e6d28007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018c3c1530c00000040300483046022100c1c6d232d484a5a725c9291e062b5e3f360a97271978bf6f09920e0531757f61022100d01e32f05c87ed31dd1fc03fb703695b093ad9ef984d0ab5a933c1037d73401f
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00403c019c1d780d1c7335126ff656e22ba5c6a60730a1b2ae86abc86ad579cfde07cdf54ee20ec7dcb754cff4cf60c06248fb4c28a901038b4f3c259f9e73e56a805f820117347a1a030719078d416d4561c0aba59e70e8ff0b1981b8637515b98cfcf4d67ebf9b4e41ae05af7b3534cbd3c0dcac8c38de81efb542eb656c1219851c860fbef6ff109b336c1ee36f178550e450f3afbd4050213d5f1a5b2f358ed476554a3414b7121138ba51cb3361e5b5650f8e49421259433c303a33a4f361fc046a51456e87e6b7518a01bc91a32bf2de88e341c7db3971f9907dc6223b299c4560df1f705081db52b2f2b1488bbbefea8ea6d3115ea13426e33197665621a8f69c792a7e5fcf02d1fcf88e521432a3db9b24ac1124f28e50f936d6cc1b319b5d17cd02228eeeb7927f7b70303af2816275bc0bbcfc5457c67d10a9c1b0302834eb650b7a63018263d04c9895f7c4cfd96f7878d11039898064c6233aee5687a4ffdaecbcd018d7427214b04432372d5464da150069ff26ec8d01e1e1dcddf18f32ace6d207c4e56a6149248ff5260b4fbe4469150d7a5f4f4e9c62c99e185691f51415364f030d7e07524647f8b9e2cd06f71d2ecb169db3e1b73ccadd9e7aa66cbd72c881b751c2f9c4eff8f4a3345bd093f8b09ebfbe4d9d5426395e07e26a5c78fcb7e1efc1e185843662121e236aec321b9223119fdb09b1ac676464