navient.com
- Navient Solutions, LLC -
Issued by Sectigo RSA Extended Validation Secure Server CA
About this certificate
This digital certificate with serial number dd:d0:8c:57:36:a8:93:d9:70:6d:c5:89:5f:cf:6a:8a was issued on by Sectigo Limited.
With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Navient Solutions, LLC
Company registration number:
2651098
Organization: Navient Solutions, LLC
Organization: Navient Solutions, LLC
State / Province:
Indiana
Country: US
Country: US
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): dd:d0:8c:57:36:a8:93:d9:70:6d:c5:89:5f:cf:6a:8aSerial Number (int): 294842231262152290300298112555763591818
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: c4:d1:84:18:99:99:cd:43:8b:29:ef:c1:ac:87:8d:ed:dc:50:0b:9a
AuthorityKeyId: 2c:69:ff:80:c9:87:90:ae:34:e1:b4:e7:4c:93:85:99:40:e9:a7:b2
Fingerprint (sha1): d8:72:87:81:42:10:b3:17:e0:19:17:35:80:9a:3f:95:b0:da:73:15
Fingerprint (sha256): 1a:37:08:32:fb:b3:36:5b:25:94:21:59:51:9b:1e:72:ce:f5:cc:27:00:50:f9:c0:b8:5c:76:75:3f:87:58:8e
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl
Check the revocation status for certificate navient.com
13
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for navient.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
navient.com
devnavient.com
gilacorp.com
manageyourloans.com
msbpay.com
muniserv.com
mynavientwellbeing.com
navientuniversity.com
navirefi.com
pamcollections.com
pioneer-credit.com
pioneercreditrecovery.com
usa-ed.net
devnavient.com
gilacorp.com
manageyourloans.com
msbpay.com
muniserv.com
mynavientwellbeing.com
navientuniversity.com
navirefi.com
pamcollections.com
pioneer-credit.com
pioneercreditrecovery.com
usa-ed.net
Other certificates including the domain name navient.com
(limited to 100 certificates)
images.navient.com
rrp.navient.com
mediaserver.navient.com
payments.navient.com
panifiise010.navient.com
access.navient.com
tcpaupdateqa.navient.com
staging.gateway.msbpay.navient.com
www.navient.com
textresponsedev.navient.com
survey.navient.com
LyncExt.navient.com
b2bproxy.navient.com
accesslync.navient.com
leapfrog-ssl-4.gcs-web.com
leapfrog-ssl-4.gcs-web.com
payments.navient.com
upload.navient.com
bdm.navient.com
message.navient.com
go.navient.com
leapfrog-ssl-4.gcs-web.com
gogreen.navient.com
meteortest.navient.com
myaccount.navient.com
PEVSGW.navient.com
wsmb2bproxy.navient.com
myaccount.navient.com
exedge.navient.com
payments.navient.com
chat2.navient.com
twwsdlr.navient.com
services.navient.com
rsa.citrixcloud.navient.com
leapfrog-ssl-4.gcs-web.com
idrhelp.navient.com
assist.navient.com
leapfrog-ssl-4.gcs-web.com
rrp.navient.com
jobs.navient.com
gogreenqa.navient.com
leapfrog-ssl-4.gcs-web.com
acqueonapi-test.navient.com
vpgw.navient.com
ilp.navient.com
mediaserver.navient.com
punrasrly010.navient.com
tcpaupdateqa.navient.com
leapfrog-ssl-4.gcs-web.com
services2.navient.com
myaccount.navient.com
accesslync.navient.com
mediaserver.navient.com
services2.navient.com
preview-xtend.navient.com
twwsgw.navient.com
ilp.navient.com
accesslync.navient.com
Preview-xtend.navient.com
amzn-connect.navient.com
staging.gateway.msbpay.navient.com
mediaserver.cm.navient.com
fms.navient.com
rsa.citrixcloud.navient.com
punrfirly080.navient.com
leapfrog-ssl-4.gcs-web.com
*.navient.com
login.navient.com
www.navient.com
concierge-qa.navient.com
wsmb2bresp.navient.com
jobs.navient.com
rrp.navient.com
exedge.navient.com
www.navient.com
leapfrog-ssl-4.gcs-web.com
den1.navient.com
fms.navient.com
leapfrog-ssl-4.gcs-web.com
rsa.citrix.navient.com
navient.com
twwsdlr.navient.com
ree.navient.com
meteor.navient.com
webadvisor.navient.com
extnavi.usa-ed.net
leapfrog-ssl-4.gcs-web.com
sdu.navient.com
ssp.navient.com
webmail.navient.com
paymentstest.navient.com
gogreen.navient.com
go.navient.com
access-dr.navient.com
leapfrog-ssl-4.gcs-web.com
meteor.navient.com
services2.navient.com
vdi2.navient.com
message.navient.com
myaccount.navient.com
rrp.navient.com
mediaserver.navient.com
payments.navient.com
panifiise010.navient.com
access.navient.com
tcpaupdateqa.navient.com
staging.gateway.msbpay.navient.com
www.navient.com
textresponsedev.navient.com
survey.navient.com
LyncExt.navient.com
b2bproxy.navient.com
accesslync.navient.com
leapfrog-ssl-4.gcs-web.com
leapfrog-ssl-4.gcs-web.com
payments.navient.com
upload.navient.com
bdm.navient.com
message.navient.com
go.navient.com
leapfrog-ssl-4.gcs-web.com
gogreen.navient.com
meteortest.navient.com
myaccount.navient.com
PEVSGW.navient.com
wsmb2bproxy.navient.com
myaccount.navient.com
exedge.navient.com
payments.navient.com
chat2.navient.com
twwsdlr.navient.com
services.navient.com
rsa.citrixcloud.navient.com
leapfrog-ssl-4.gcs-web.com
idrhelp.navient.com
assist.navient.com
leapfrog-ssl-4.gcs-web.com
rrp.navient.com
jobs.navient.com
gogreenqa.navient.com
leapfrog-ssl-4.gcs-web.com
acqueonapi-test.navient.com
vpgw.navient.com
ilp.navient.com
mediaserver.navient.com
punrasrly010.navient.com
tcpaupdateqa.navient.com
leapfrog-ssl-4.gcs-web.com
services2.navient.com
myaccount.navient.com
accesslync.navient.com
mediaserver.navient.com
services2.navient.com
preview-xtend.navient.com
twwsgw.navient.com
ilp.navient.com
accesslync.navient.com
Preview-xtend.navient.com
amzn-connect.navient.com
staging.gateway.msbpay.navient.com
mediaserver.cm.navient.com
fms.navient.com
rsa.citrixcloud.navient.com
punrfirly080.navient.com
leapfrog-ssl-4.gcs-web.com
*.navient.com
login.navient.com
www.navient.com
concierge-qa.navient.com
wsmb2bresp.navient.com
jobs.navient.com
rrp.navient.com
exedge.navient.com
www.navient.com
leapfrog-ssl-4.gcs-web.com
den1.navient.com
fms.navient.com
leapfrog-ssl-4.gcs-web.com
rsa.citrix.navient.com
navient.com
twwsdlr.navient.com
ree.navient.com
meteor.navient.com
webadvisor.navient.com
extnavi.usa-ed.net
leapfrog-ssl-4.gcs-web.com
sdu.navient.com
ssp.navient.com
webmail.navient.com
paymentstest.navient.com
gogreen.navient.com
go.navient.com
access-dr.navient.com
leapfrog-ssl-4.gcs-web.com
meteor.navient.com
services2.navient.com
vdi2.navient.com
message.navient.com
myaccount.navient.com
Certificate
The complete raw certificate details for navient.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIH+zCCBuOgAwIBAgIRAN3QjFc2qJPZcG3FiV/PaoowDQYJKoZIhvcNAQELBQAw gZExCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE5MDcGA1UE AxMwU2VjdGlnbyBSU0EgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVy IENBMB4XDTIzMDkyNjAwMDAwMFoXDTI0MTAyNTIzNTk1OVowgbcxEDAOBgNVBAUT BzI2NTEwOTgxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMI RGVsYXdhcmUxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMQswCQYDVQQG EwJVUzEQMA4GA1UECBMHSW5kaWFuYTEfMB0GA1UEChMWTmF2aWVudCBTb2x1dGlv bnMsIExMQzEUMBIGA1UEAxMLbmF2aWVudC5jb20wggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCIo3grZ9tiRovzf4efuTjZKIq2DRyrk7V2i5QFReOuU5QT wJaDCF2NdDu66mGEfBBr0OdXe9BwyjRHYh8O+KzH8x7U+6zy9+jzHYZ2T6uD8Oll OkHKX0BhbWZU9sShCIG5bUirb83NWwiKua0WtwLNTj0aObkAZVbgJbQ8EZ+DcQfL M+zysZaLV6pnDRMVuqi+Eq1SBkqq+QwK7Qgp0hXOD/Zp3TFGH2nH5OMCurxyRffb X7Xt8hc3kGmZRb2fW4+ZnA+GrM8/OkMifHWinxoFVatKtDSu7KQJSTSiCllD+xD8 2cuaeHolJ2x8NlUPqINlysVUALHYMd0J93q/5v7NAgMBAAGjggQkMIIEIDAfBgNV HSMEGDAWgBQsaf+AyYeQrjThtOdMk4WZQOmnsjAdBgNVHQ4EFgQUxNGEGJmZzUOL Ke/BrIeN7dxQC5owDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNQYMKwYBBAGyMQEC AQUBMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAcGBWeB DAEBMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwuc2VjdGlnby5jb20vU2Vj dGlnb1JTQUV4dGVuZGVkVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhgYI KwYBBQUHAQEEejB4MFEGCCsGAQUFBzAChkVodHRwOi8vY3J0LnNlY3RpZ28uY29t L1NlY3RpZ29SU0FFeHRlbmRlZFZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQw IwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMIIBfwYKKwYBBAHW eQIEAgSCAW8EggFrAWkAdQB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6 dAAAAYrStR04AAAEAwBGMEQCIGFLxoDsXSw/lprnmIwBzLtTHtxIPVhswtOZ/EN8 RDw6AiBVfBNx9vuDFsnqYDOZfUpRJMhkhs+JBwN2pK8ftUi1ewB3ANq2v2s/tbYi n5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABitK1HYwAAAQDAEgwRgIhAJkYt/lM Q1+GeFmpg6p/hJFEFypY0Sh2CHziOiFU6HLCAiEAnGGmAz78hPnOEOh87MDHJv8c KK03I1ohG7HeWqp2QcMAdwDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1 mwAAAYrStR1hAAAEAwBIMEYCIQDijCYWrGq9wO6JL/WWaR3TCT2uPhXExTmizwEm itjycAIhAOZgKGAWVKEVMdQBjfWUq+fYGzDM6KMhaedh6red8xLRMIHxBgNVHREE gekwgeaCC25hdmllbnQuY29tgg5kZXZuYXZpZW50LmNvbYIMZ2lsYWNvcnAuY29t ghNtYW5hZ2V5b3VybG9hbnMuY29tggptc2JwYXkuY29tggxtdW5pc2Vydi5jb22C Fm15bmF2aWVudHdlbGxiZWluZy5jb22CFW5hdmllbnR1bml2ZXJzaXR5LmNvbYIM bmF2aXJlZmkuY29tghJwYW1jb2xsZWN0aW9ucy5jb22CEnBpb25lZXItY3JlZGl0 LmNvbYIZcGlvbmVlcmNyZWRpdHJlY292ZXJ5LmNvbYIKdXNhLWVkLm5ldDANBgkq hkiG9w0BAQsFAAOCAQEAiRBgQy7gSla/E/GlT6RBPzfp+UVwCWF76dq/cGtU1UzZ 8wM5RVgFeSwMFR6+jSn6GTYFbLAnjSzL3Y9WbYxX5SHYvCxt2GKZPNtcF/QLWijR O7mTNNWtrfJTuw8nZEzn06RHBU8um1E5DjLVDiQveWteHNFOcxdKi7kHIhRCKvZl RkLAuXz5uZw5CtrV9NZyR3RS3WKYBTDQqO1IqzMQ9S3jqQsVzBRd1PhyXJniNlt+ ObnOyHXxBUFP2wYzZ2XzppCeslZ4cDZugJV4Fv/E3LrfdHN3eGNnSpnUpqwuN9Is i8Z6eRIFx3fmmDHQR3Q2GX9NjeIy7mfXp0Fel8XULA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKN4K2fbYkaL83+Hn7k4 2SiKtg0cq5O1douUBUXjrlOUE8CWgwhdjXQ7uuphhHwQa9DnV3vQcMo0R2IfDvis x/Me1Pus8vfo8x2Gdk+rg/DpZTpByl9AYW1mVPbEoQiBuW1Iq2/NzVsIirmtFrcC zU49Gjm5AGVW4CW0PBGfg3EHyzPs8rGWi1eqZw0TFbqovhKtUgZKqvkMCu0IKdIV zg/2ad0xRh9px+TjArq8ckX321+17fIXN5BpmUW9n1uPmZwPhqzPPzpDInx1op8a BVWrSrQ0ruykCUk0ogpZQ/sQ/NnLmnh6JSdsfDZVD6iDZcrFVACx2DHdCfd6v+b+ zQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 294842231262152290300298112555763591818 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Extended Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-26 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-25 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2651098' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Indiana' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Navient Solutions, LLC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'navient.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17249019246965450533688361267036299412394553132430066887152371774296017752229528656860082219107634476615815448783013283852090662717561623954770023682040917878072572233600746478974866159951988625397729909360489231336012008797053333292156463712657633709218352915383262315312995890646246883572273608267262887432766050096754395969847851693824998260499294057642381732191198037821779625718750414412018399773443849881738247693330189552928648533883629489822019761452894461465375598414835746876432720958424138572028947075728393921073531563767715486160738882680193520869353979342665170043854521607783507756573015254042113670861 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2c69ff80c98790ae34e1b4e74c93859940e9a7b2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c4d184189999cd438b29efc1ac878deddc500b9a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.5.1 (Comodo EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (122 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 016900750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ad2b51d3800000403004630440220614bc680ec5d2c3f969ae7988c01ccbb531edc483d586cc2d399fc437c443c3a0220557c1371f6fb8316c9ea6033997d4a5124c86486cf89070376a4af1fb548b57b007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018ad2b51d8c00000403004830460221009918b7f94c435f867859a983aa7f849144172a58d12876087ce23a2154e872c20221009c61a6033efc84f9ce10e87cecc0c726ff1c28ad37235a211bb1de5aaa7641c3007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018ad2b51d610000040300483046022100e28c2616ac6abdc0ee892ff596691dd3093dae3e15c4c539a2cf01268ad8f270022100e66028601654a11531d4018df594abe7d81b30cce8a32169e761eab79df312d1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (233 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'navient.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'devnavient.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gilacorp.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manageyourloans.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'msbpay.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'muniserv.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mynavientwellbeing.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'navientuniversity.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'navirefi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pamcollections.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pioneer-credit.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pioneercreditrecovery.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usa-ed.net' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00891060432ee04a56bf13f1a54fa4413f37e9f9457009617be9dabf706b54d54cd9f30339455805792c0c151ebe8d29fa1936056cb0278d2ccbdd8f566d8c57e521d8bc2c6dd862993cdb5c17f40b5a28d13bb99334d5adadf253bb0f27644ce7d3a447054f2e9b51390e32d50e242f796b5e1cd14e73174a8bb9072214422af6654642c0b97cf9b99c390adad5f4d672477452dd62980530d0a8ed48ab3310f52de3a90b15cc145dd4f8725c99e2365b7e39b9cec875f105414fdb06336765f3a6909eb2567870366e80957816ffc4dcbadf7473777863674a99d4a6ac2e37d22c8bc67a791205c777e69831d0477436197f4d8de232ee67d7a7415e97c5d42c