valid-root13.geotrust.com
- GeoTrust, Inc. -
Issued by GeoTrust Extended Validation SHA256 SSL CA
About this certificate
This digital certificate with serial number 4d:e6:37:b2:62:0d:9c:42:f3:81:2d:fb:42:b4:3e:3f was issued on by GeoTrust Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
GeoTrust, Inc.
Company registration number:
3479750
Organization: GeoTrust, Inc.
Organization unit: Root 13 - VALID
Organization: GeoTrust, Inc.
Organization unit: Root 13 - VALID
State / Province:
California
Locality: Mountain View
Country: US
Locality: Mountain View
Country: US
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 4d:e6:37:b2:62:0d:9c:42:f3:81:2d:fb:42:b4:3e:3fSerial Number (int): 103545913618388645871430166171125825087
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 17:b8:dc:aa:b1:53:22:19:41:95:7b:3c:81:ea:88:9b:49:c3:a2:8b
Fingerprint (sha1): bb:29:f1:b8:19:ac:e0:10:be:19:01:07:30:14:4c:66:79:c7:fa:14
Fingerprint (sha256): 19:e0:6f:e2:35:4a:e6:e5:49:11:24:27:12:27:e6:d4:3d:d5:ba:15:db:44:82:08:3e:c3:24:10:5b:94:64:89
Issuing Certificate URL: http://gk.symcb.com/gk.crt
Revocation information
OCSP Server: http://gk.symcd.comCRL Distribution Point: http://gk.symcb.com/gk.crl
Check the revocation status for certificate valid-root13.geotrust.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for valid-root13.geotrust.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
valid-root13.geotrust.com
Other certificates including the domain name geotrust.com
(limited to 100 certificates)
dev-ops.geotrust.com
smarticon.geotrust.com
cryptoreport.geotrust.com
pilot-security-center.geotrust.com
verify.geotrust.com
pilot-docs.geotrust.com
test-tcadmin.geotrust.com
services.geotrust.com
valid-root13.geotrust.com
docs.geotrust.com
test-api.geotrust.com
test-api.geotrust.com
security-center.geotrust.com
knowledge.geotrust.com
pilot-security-center.geotrust.com
seal.geotrust.com
cc-admin.websecurity.symantec.com
pilot-docs.geotrust.com
expired-root11.geotrust.com
valid-root15.geotrust.com
knowledge.geotrust.com
services.geotrust.com
adobe-timestamp.geotrust.com
pilot-api-appsec-cws.ws.symantec.com
revoked-root14.geotrust.com
dcv.rapidssl.com
enterprise-security-center.geotrust.com
security-center.geotrust.com
test-api.geotrust.com
test-cc-admin.websecurity.symantec.com
enterprise-api.geotrust.com
cc-admin.geotrust.com
valid-root15.geotrust.com
test-cc-admin.geotrust.com
knowledge.geotrust.com
origin-seal.symauth.com
enterprise-api.geotrust.com
security-center.geotrust.com
timestamp.geotrust.com
query.geotrust.com
enterprise-api.geotrust.com
test-services.geotrust.com
valid-root13.geotrust.com
geotrust.com
smarticon.geotrust.com
revoked-root15.geotrust.com
www.geotrust.com
extended-validation-ssl.geotrust.com
test-tbidev.geotrust.com
blog.geotrust.com
website-security.geotrust.com
smarticon.geotrust.com
dev-smarticon.geotrust.com
seal.geotrust.com
getcert.geotrust.com
dev-products.geotrust.com
pilot-enterprise-api.geotrust.com
www.geotrust.com
pilot-enterprise-security-center.geotrust.com
pilot-enterprise-api.geotrust.com
dev-crl.geotrust.com
test-api.geotrust.com
extended-validation-ssl.geotrust.com
test-smarticon.geotrust.com
digicert.com
ecc-test-valid.geotrust.com
smarticon.geotrust.com
pilot-enterprise-security-center.geotrust.com
dev-ops.geotrust.com
cryptoreport.geotrust.com
test-api.geotrust.com
valid-root14.geotrust.com
pilot-enterprise-security-center.geotrust.com
test-api.geotrust.com
pilot-enterprise-security-center.geotrust.com
adobe-timestamp.geotrust.com
seal.geotrust.com
valid-root12.geotrust.com
test-tcadmin.geotrust.com
sealinfo.geotrust.com
adobe-timestamp.geotrust.com
DigiCert, Inc.
pilot-getcert.geotrust.com
security-center.geotrust.com
revoked-root12.geotrust.com
test-ops.geotrust.com
extended-validation-ssl.geotrust.com
website-security.geotrust.com
enterprise-api.geotrust.com
seal.geotrust.com
timestamp.geotrust.com
adobe-timestamp.geotrust.com
pilot-security-center.geotrust.com
docs.geotrust.com
?.?.symantec.com
seal.geotrust.com
ops.geotrust.com
pilot-enterprise-security-center.geotrust.com
pilot-verify.geotrust.com
docs.geotrust.com
smarticon.geotrust.com
cryptoreport.geotrust.com
pilot-security-center.geotrust.com
verify.geotrust.com
pilot-docs.geotrust.com
test-tcadmin.geotrust.com
services.geotrust.com
valid-root13.geotrust.com
docs.geotrust.com
test-api.geotrust.com
test-api.geotrust.com
security-center.geotrust.com
knowledge.geotrust.com
pilot-security-center.geotrust.com
seal.geotrust.com
cc-admin.websecurity.symantec.com
pilot-docs.geotrust.com
expired-root11.geotrust.com
valid-root15.geotrust.com
knowledge.geotrust.com
services.geotrust.com
adobe-timestamp.geotrust.com
pilot-api-appsec-cws.ws.symantec.com
revoked-root14.geotrust.com
dcv.rapidssl.com
enterprise-security-center.geotrust.com
security-center.geotrust.com
test-api.geotrust.com
test-cc-admin.websecurity.symantec.com
enterprise-api.geotrust.com
cc-admin.geotrust.com
valid-root15.geotrust.com
test-cc-admin.geotrust.com
knowledge.geotrust.com
origin-seal.symauth.com
enterprise-api.geotrust.com
security-center.geotrust.com
timestamp.geotrust.com
query.geotrust.com
enterprise-api.geotrust.com
test-services.geotrust.com
valid-root13.geotrust.com
geotrust.com
smarticon.geotrust.com
revoked-root15.geotrust.com
www.geotrust.com
extended-validation-ssl.geotrust.com
test-tbidev.geotrust.com
blog.geotrust.com
website-security.geotrust.com
smarticon.geotrust.com
dev-smarticon.geotrust.com
seal.geotrust.com
getcert.geotrust.com
dev-products.geotrust.com
pilot-enterprise-api.geotrust.com
www.geotrust.com
pilot-enterprise-security-center.geotrust.com
pilot-enterprise-api.geotrust.com
dev-crl.geotrust.com
test-api.geotrust.com
extended-validation-ssl.geotrust.com
test-smarticon.geotrust.com
digicert.com
ecc-test-valid.geotrust.com
smarticon.geotrust.com
pilot-enterprise-security-center.geotrust.com
dev-ops.geotrust.com
cryptoreport.geotrust.com
test-api.geotrust.com
valid-root14.geotrust.com
pilot-enterprise-security-center.geotrust.com
test-api.geotrust.com
pilot-enterprise-security-center.geotrust.com
adobe-timestamp.geotrust.com
seal.geotrust.com
valid-root12.geotrust.com
test-tcadmin.geotrust.com
sealinfo.geotrust.com
adobe-timestamp.geotrust.com
DigiCert, Inc.
pilot-getcert.geotrust.com
security-center.geotrust.com
revoked-root12.geotrust.com
test-ops.geotrust.com
extended-validation-ssl.geotrust.com
website-security.geotrust.com
enterprise-api.geotrust.com
seal.geotrust.com
timestamp.geotrust.com
adobe-timestamp.geotrust.com
pilot-security-center.geotrust.com
docs.geotrust.com
?.?.symantec.com
seal.geotrust.com
ops.geotrust.com
pilot-enterprise-security-center.geotrust.com
pilot-verify.geotrust.com
docs.geotrust.com
Certificate
The complete raw certificate details for valid-root13.geotrust.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFpTCCBI2gAwIBAgIQTeY3smINnELzgS37QrQ+PzANBgkqhkiG9w0BAQsFADBa MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEzMDEGA1UEAxMq R2VvVHJ1c3QgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTSEEyNTYgU1NMIENBMB4XDTE3 MDUwMzAwMDAwMFoXDTE5MDUwMzIzNTk1OVowgfIxEzARBgsrBgEEAYI3PAIBAxMC VVMxGTAXBgsrBgEEAYI3PAIBAgwIRGVsYXdhcmUxCzAJBgNVBAYTAlVTMRMwEQYD VQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MR0wGwYDVQQP ExRQcml2YXRlIE9yZ2FuaXphdGlvbjEQMA4GA1UEBRMHMzQ3OTc1MDEXMBUGA1UE CgwOR2VvVHJ1c3QsIEluYy4xGDAWBgNVBAsMD1Jvb3QgMTMgLSBWQUxJRDEiMCAG A1UEAwwZdmFsaWQtcm9vdDEzLmdlb3RydXN0LmNvbTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAMsi0x+H5qjX3O/mlcxmGd5VADl7pDqRREDeXoKsaom7 gRAajy9YIsMO4xTk1TFy9424jG6kQ6a0zDxla/o7eAlpy65/iC2orwiJ1Oj4Ohfy RkYHcnzLXukuDq6MgHMfc2mPIkVi1y5vQAsw85h/1mmwbcqYJRTT+S0zyoSI/Oq3 SJjV6lUkVm4vWP1sdL8jWmX992FqJ/QHwOBZZfe64bxnAY0l0H5GJkhkoqJq0Cjq 52tAoC2uPOMIRl131o5PFM7Z9IxRWbBLT5Ja21Y0oEGYFJnSlbrYtp/8ryF5Z81X kswIg/LI2/4mJozXFMK7rXE4D70W0N7Ef42ZM97K0CcCAwEAAaOCAcwwggHIMCQG A1UdEQQdMBuCGXZhbGlkLXJvb3QxMy5nZW90cnVzdC5jb20wCQYDVR0TBAIwADAO BgNVHQ8BAf8EBAMCBaAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2drLnN5bWNi LmNvbS9nay5jcmwwgakGA1UdIASBoTCBnjCBkgYJKwYBBAHwIgEGMIGEMD8GCCsG AQUFBwIBFjNodHRwczovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL3JlcG9z aXRvcnkvbGVnYWwwQQYIKwYBBQUHAgIwNQwzaHR0cHM6Ly93d3cuZ2VvdHJ1c3Qu Y29tL3Jlc291cmNlcy9yZXBvc2l0b3J5L2xlZ2FsMAcGBWeBDAEBMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBQXuNyqsVMiGUGVezyB 6oibScOiizBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9nay5z eW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9nay5zeW1jYi5jb20vZ2suY3J0 MBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCs1bbmzuJh zotd4oZy2eth0Tvn4zqi1SJEEVft0w3+cODm3yZaAkoLMwjine3hKw/NVfBpRrrx SPfD+CtZJxoWlWFKAH3ly2bkZzym3KXy2RiGkJW3WYjf78LhSeEHv6ljHKpzh31O UgqoQlLFkSlGnX01xEm9PHE7l3SJ7J+/znVtjhmrmGJkkGn2pfq4/7by+ODGHW62 NOHMdwgQPz/JxL1gSRVjvNXpCU9blVwltRYH2D+xR7lsQN4Uk1l+natC8cR0IYDJ c36xN5Q/aVcMsX7QH5q6iOYxAmIHcrzXAlBYmciXNGJy6ztT6lrF4Q4OKsAB6Bsl ByRABmhd56vR -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyLTH4fmqNfc7+aVzGYZ 3lUAOXukOpFEQN5egqxqibuBEBqPL1giww7jFOTVMXL3jbiMbqRDprTMPGVr+jt4 CWnLrn+ILaivCInU6Pg6F/JGRgdyfMte6S4OroyAcx9zaY8iRWLXLm9ACzDzmH/W abBtypglFNP5LTPKhIj86rdImNXqVSRWbi9Y/Wx0vyNaZf33YWon9AfA4Fll97rh vGcBjSXQfkYmSGSiomrQKOrna0CgLa484whGXXfWjk8Uztn0jFFZsEtPklrbVjSg QZgUmdKVuti2n/yvIXlnzVeSzAiD8sjb/iYmjNcUwrutcTgPvRbQ3sR/jZkz3srQ JwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 103545913618388645871430166171125825087 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Extended Validation SHA256 SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-05-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Delaware' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Mountain View' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '3479750' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'GeoTrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Root 13 - VALID' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'valid-root13.geotrust.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25643548607652451313327010115296290140036075713533985924329235055657603920224914749726244490976266284982265686654735426586832730047933281589197123618377217265220334606277169201878510085843649066479235068354445478260636496817784092295699325725033342286801654382488896372969934948995577064500147597897696408818307317544368744668298498456907530992642351484922689329632203677523844576037270835739675432410272268225161052794658066800381358066983905882046217323088197465876873951854314602966701007564693660872671106829085795558230004426888591432872045180096815163909692602474482266070306974227290439145006812878336065982503 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'valid-root13.geotrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gk.symcb.com/gk.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (161 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.14370.1.6 (GeoTrust EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17b8dcaab153221941957b3c81ea889b49c3a28b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gk.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gk.symcb.com/gk.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00acd5b6e6cee261ce8b5de28672d9eb61d13be7e33aa2d522441157edd30dfe70e0e6df265a024a0b3308e29dede12b0fcd55f06946baf148f7c3f82b59271a1695614a007de5cb66e4673ca6dca5f2d918869095b75988dfefc2e149e107bfa9631caa73877d4e520aa84252c59129469d7d35c449bd3c713b977489ec9fbfce756d8e19ab9862649069f6a5fab8ffb6f2f8e0c61d6eb634e1cc7708103f3fc9c4bd60491563bcd5e9094f5b955c25b51607d83fb147b96c40de1493597e9dab42f1c4742180c9737eb137943f69570cb17ed01f9aba88e63102620772bcd702505899c897346272eb3b53ea5ac5e10e0e2ac001e81b2507244006685de7abd1