revoked-root15.geotrust.com

- GeoTrust, Inc. -

Issued by GeoTrust EV SSL CA - G4

About this certificate

This digital certificate with serial number 3e:44:32:18:14:0a:d3:cb:ae:cd:c0:29:44:c5:9f:3c was issued on by GeoTrust Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

GeoTrust, Inc.

Company registration number: 3479750
Organization: GeoTrust, Inc.
Organization unit: Root 15 - REVOKED
State / Province: California
Locality: Mountain View
Country: US

GeoTrust Inc.

Organization: GeoTrust Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 3e:44:32:18:14:0a:d3:cb:ae:cd:c0:29:44:c5:9f:3c
Serial Number (int): 82766227953204024955877326236114329404
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: de:cf:5c:50:b7:ae:02:1f:15:17:aa:16:e8:0d:b5:28:9d:6a:5a:f3

Fingerprint (sha1): 0e:12:20:c5:8b:4e:ae:2c:76:dc:f4:54:bb:f3:fe:c4:0d:24:3f:31
Fingerprint (sha256): 1c:c5:5b:ca:21:e8:2a:a5:f5:7d:e0:c8:e6:b7:0e:1f:88:f5:61:c0:d4:bf:e2:1c:05:1a:24:8d:06:52:ce:d4

Issuing Certificate URL: http://gm.symcb.com/gm.crt

Revocation information

OCSP Server: http://gm.symcd.com
CRL Distribution Point: http://gm.symcb.com/gm.crl

Check the revocation status for certificate revoked-root15.geotrust.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for revoked-root15.geotrust.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

revoked-root15.geotrust.com

Other certificates including the domain name geotrust.com

(limited to 100 certificates)
dev-ops.geotrust.com
smarticon.geotrust.com
cryptoreport.geotrust.com
pilot-security-center.geotrust.com
verify.geotrust.com
pilot-docs.geotrust.com
test-tcadmin.geotrust.com
services.geotrust.com
valid-root13.geotrust.com
docs.geotrust.com
test-api.geotrust.com
test-api.geotrust.com
security-center.geotrust.com
knowledge.geotrust.com
pilot-security-center.geotrust.com
seal.geotrust.com
cc-admin.websecurity.symantec.com
pilot-docs.geotrust.com
expired-root11.geotrust.com
valid-root15.geotrust.com
knowledge.geotrust.com
services.geotrust.com
adobe-timestamp.geotrust.com
pilot-api-appsec-cws.ws.symantec.com
revoked-root14.geotrust.com
dcv.rapidssl.com
enterprise-security-center.geotrust.com
security-center.geotrust.com
test-api.geotrust.com
test-cc-admin.websecurity.symantec.com
enterprise-api.geotrust.com
cc-admin.geotrust.com
valid-root15.geotrust.com
test-cc-admin.geotrust.com
knowledge.geotrust.com
origin-seal.symauth.com
enterprise-api.geotrust.com
security-center.geotrust.com
timestamp.geotrust.com
query.geotrust.com
enterprise-api.geotrust.com
test-services.geotrust.com
valid-root13.geotrust.com
geotrust.com
smarticon.geotrust.com
revoked-root15.geotrust.com
www.geotrust.com
extended-validation-ssl.geotrust.com
test-tbidev.geotrust.com
blog.geotrust.com
website-security.geotrust.com
smarticon.geotrust.com
dev-smarticon.geotrust.com
seal.geotrust.com
getcert.geotrust.com
dev-products.geotrust.com
pilot-enterprise-api.geotrust.com
www.geotrust.com
pilot-enterprise-security-center.geotrust.com
pilot-enterprise-api.geotrust.com
dev-crl.geotrust.com
test-api.geotrust.com
extended-validation-ssl.geotrust.com
test-smarticon.geotrust.com
digicert.com
ecc-test-valid.geotrust.com
smarticon.geotrust.com
pilot-enterprise-security-center.geotrust.com
dev-ops.geotrust.com
cryptoreport.geotrust.com
test-api.geotrust.com
valid-root14.geotrust.com
pilot-enterprise-security-center.geotrust.com
test-api.geotrust.com
pilot-enterprise-security-center.geotrust.com
adobe-timestamp.geotrust.com
seal.geotrust.com
valid-root12.geotrust.com
test-tcadmin.geotrust.com
sealinfo.geotrust.com
adobe-timestamp.geotrust.com
DigiCert, Inc.
pilot-getcert.geotrust.com
security-center.geotrust.com
revoked-root12.geotrust.com
test-ops.geotrust.com
extended-validation-ssl.geotrust.com
website-security.geotrust.com
enterprise-api.geotrust.com
seal.geotrust.com
timestamp.geotrust.com
adobe-timestamp.geotrust.com
pilot-security-center.geotrust.com
docs.geotrust.com
?.?.symantec.com
seal.geotrust.com
ops.geotrust.com
pilot-enterprise-security-center.geotrust.com
pilot-verify.geotrust.com
docs.geotrust.com

Certificate

The complete raw certificate details for revoked-root15.geotrust.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIQPkQyGBQK08uuzcApRMWfPDANBgkqhkiG9w0BAQsFADBH
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMX
R2VvVHJ1c3QgRVYgU1NMIENBIC0gRzQwHhcNMTcwNTAzMDAwMDAwWhcNMTkwNTAz
MjM1OTU5WjCB9jETMBEGCysGAQQBgjc8AgEDEwJVUzEZMBcGCysGAQQBgjc8AgEC
DAhEZWxhd2FyZTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAU
BgNVBAcMDU1vdW50YWluIFZpZXcxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0
aW9uMRAwDgYDVQQFEwczNDc5NzUwMRcwFQYDVQQKDA5HZW9UcnVzdCwgSW5jLjEa
MBgGA1UECwwRUm9vdCAxNSAtIFJFVk9LRUQxJDAiBgNVBAMMG3Jldm9rZWQtcm9v
dDE1Lmdlb3RydXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALm3JyqjsOM6Qx3ta+UYrqTIpi+NwRtqLu30QwulSrJRdqeO8lsH0C2ur4YmA9RX
PmC18RlA2JPbOJeC+OCzF1eZf3/xLpJq0Tb+N5LVtlg6XTiv6XQMptoC8BddIC8g
FJBzWhI/L5XAfXFZKjh9SW761DReRmo2gpndumRHeCE+cRG1YbhV1MzTGXNnoaIv
e6sAP15I2N1kKG3VDnVF7/+G/N6pGTUfpqAvRISv2cKPim/JB4M+LhQWuUUOurT6
37EZ1Gx3ZDLGTjX5p9IK6h+qQanOTmUHtBgY3OZk8o8r5opijaqCb2xuBuXBLbzB
iL8DKI+ay/jhtG0YqEROGHkCAwEAAaOCAc4wggHKMCYGA1UdEQQfMB2CG3Jldm9r
ZWQtcm9vdDE1Lmdlb3RydXN0LmNvbTAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIF
oDArBgNVHR8EJDAiMCCgHqAchhpodHRwOi8vZ20uc3ltY2IuY29tL2dtLmNybDCB
qQYDVR0gBIGhMIGeMIGSBgkrBgEEAfAiAQYwgYQwPwYIKwYBBQUHAgEWM2h0dHBz
Oi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNvdXJjZXMvcmVwb3NpdG9yeS9sZWdhbDBB
BggrBgEFBQcCAjA1DDNodHRwczovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2Vz
L3JlcG9zaXRvcnkvbGVnYWwwBwYFZ4EMAQEwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
CCsGAQUFBwMCMB8GA1UdIwQYMBaAFN7PXFC3rgIfFReqFugNtSidalrzMFcGCCsG
AQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL2dtLnN5bWNkLmNvbTAmBggr
BgEFBQcwAoYaaHR0cDovL2dtLnN5bWNiLmNvbS9nbS5jcnQwEwYKKwYBBAHWeQIE
AwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBALxaLvajC+QEuAotaFmtbUIEO8Er
37u3o941GP5UQx6RGZTa+qKxQn1XOrOpIsY51FJhAv5sEEr0FPAKgf/oGRc/Hwi0
sQhvKgudSAo8hXgKAaNQJVvGXzXkNXR0S4O/eUeQp5076/IrLY0yWZvKHncmOTPz
Y2bWKe+IOVdo+fSlUpjV6NcosM42czqbndaoPzrU/Q1gCG2z8Bx5GmQA1OM0wpmd
4+ZzxLQ6ZwGzchaz3oirkwrQ+B/x/1mPvrmpsQYZGL7iLK+0g98W5SA2bOvuK5LF
wBB81nIEAtqudF1Sxy3cZJ3XtCP6yqL/V2zH7amOxjQtqdyWJvkqW4tmLSs=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubcnKqOw4zpDHe1r5Riu
pMimL43BG2ou7fRDC6VKslF2p47yWwfQLa6vhiYD1Fc+YLXxGUDYk9s4l4L44LMX
V5l/f/EukmrRNv43ktW2WDpdOK/pdAym2gLwF10gLyAUkHNaEj8vlcB9cVkqOH1J
bvrUNF5GajaCmd26ZEd4IT5xEbVhuFXUzNMZc2ehoi97qwA/XkjY3WQobdUOdUXv
/4b83qkZNR+moC9EhK/Zwo+Kb8kHgz4uFBa5RQ66tPrfsRnUbHdkMsZONfmn0grq
H6pBqc5OZQe0GBjc5mTyjyvmimKNqoJvbG4G5cEtvMGIvwMoj5rL+OG0bRioRE4Y
eQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 82766227953204024955877326236114329404
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust EV SSL CA - G4'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-05-03 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-03 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Delaware'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Mountain View'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '3479750'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'GeoTrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Root 15 - REVOKED'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'revoked-root15.geotrust.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23444402526375022794195866225708301283705220229269983175871785178163519733775020170042666964233174836861674087983318910490442203446203473393438621501544662244718772124168480085552242586870865999477944209379298235467719918772955720019107613751287722911472220077012442989875078929472288582811767607758405543827296533022174325187610617207973656817071643811984528814254988579599017563866408140564765882778699944518525888964660756106533443011951668637017344400680451211684416904509168699815118953259079077855130443277762021338588516894016009286332392723026249766761824708090318143505528044749515545582960513440167622482041
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (31 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'revoked-root15.geotrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gm.symcb.com/gm.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (161 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.14370.1.6 (GeoTrust EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName decf5c50b7ae021f1517aa16e80db5289d6a5af3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gm.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gm.symcb.com/gm.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00bc5a2ef6a30be404b80a2d6859ad6d42043bc12bdfbbb7a3de3518fe54431e911994dafaa2b1427d573ab3a922c639d4526102fe6c104af414f00a81ffe819173f1f08b4b1086f2a0b9d480a3c85780a01a350255bc65f35e43574744b83bf794790a79d3bebf22b2d8d32599bca1e77263933f36366d629ef88395768f9f4a55298d5e8d728b0ce36733a9b9dd6a83f3ad4fd0d60086db3f01c791a6400d4e334c2999de3e673c4b43a6701b37216b3de88ab930ad0f81ff1ff598fbeb9a9b1061918bee22cafb483df16e520366cebee2b92c5c0107cd6720402daae745d52c72ddc649dd7b423facaa2ff576cc7eda98ec6342da9dc9626f92a5b8b662d2b