qa-gifts.dxl.com

- DESTINATION XL GROUP INC. -

Issued by GeoTrust RSA CA 2018

About this certificate

This digital certificate with serial number 0f:6b:a7:ce:9e:72:41:b1:02:f5:61:99:67:1d:cf:9b was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

DESTINATION XL GROUP INC.

Organization: DESTINATION XL GROUP INC.
State / Province: Massachusetts
Locality: Canton
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0f:6b:a7:ce:9e:72:41:b1:02:f5:61:99:67:1d:cf:9b
Serial Number (int): 20497399233079011731541072499269554075
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: bd:e0:e4:92:3d:fc:a6:00:8c:d3:f4:95:1e:ec:e3:85:49:17:0a:9c
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5

Fingerprint (sha1): 79:d6:7d:f7:04:f2:15:a7:03:f4:69:37:eb:7a:b8:9d:53:f3:98:84
Fingerprint (sha256): 20:21:04:c5:43:1e:f9:7e:25:fe:db:cb:83:9e:1f:4e:7e:f0:5d:3f:83:1f:c8:31:15:95:0f:d2:7d:7c:d5:cb

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl

Check the revocation status for certificate qa-gifts.dxl.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for qa-gifts.dxl.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

qa-gifts.dxl.com
qa-gifts.destinationxl.com

Other certificates including the domain name dxl.com

(limited to 100 certificates)
agent-qa.travelers.com
stylist.dxl.com
leapfrog-ssl-15.gcs-web.com
click.em.dxl.com
careers.dxl.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
brhxtc.dxl.com
click.em.dxl.com
events.biggestfantour.com
click.em.dxl.com
stylist.dxl.com
secure5s.scene7.com
stylist.dxl.com
stylist.dxl.com
leapfrog-ssl-15.gcs-web.com
e.e.dxl.com
brhxtc.dxl.com
influencers.dxl.com
careers.dxl.com
click.em.dxl.com
leapfrog-ssl-15.gcs-web.com
events.biggestfantour.com
prm.dxl.com
leapfrog-ssl-15.gcs-web.com
dxl.com
e.e.dxl.com
destinationxl.com
leapfrog-ssl-15.gcs-web.com
sv.doheny.com
click.em.dxl.com
leapfrog-ssl-15.gcs-web.com
www.destinationxl.com
leapfrog-ssl-15.gcs-web.com
secure5s.scene7.com
secure5s.scene7.com
leapfrog-ssl-15.gcs-web.com
cloud.em.dxl.com
click.em.dxl.com
careers.dxl.com
leapfrog-ssl-15.gcs-web.com
secure5s.scene7.com
www.destinationxl.com
www.prm.dxl.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
cloud.em.dxl.com
sv.doheny.com
stores.dxl.com
sv.doheny.com
view.em.dxl.com
sv.doheny.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
www.destinationxl.com
cloud.em.dxl.com
leapfrog-ssl-15.gcs-web.com
careers.dxl.com
sv.doheny.com
mail.cmal.com
click.em.dxl.com
www.dxl.com
click.em.dxl.com
sv.doheny.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
qa-gifts.dxl.com
ideas.ngkf.com
click.em.dxl.com
influencers.dxl.com
www.destinationxl.com
leapfrog-ssl-15.gcs-web.com
careers.dxl.com
e.e.dxl.com
click.em.dxl.com
leapfrog-ssl-15.gcs-web.com
destinationxl.com
view.em.dxl.com
leapfrog-ssl-15.gcs-web.com
UAT.BETA.DESTINATIONXL.COM
careers.dxl.com
leapfrog-ssl-15.gcs-web.com
sv.doheny.com
www.destinationxl.com
sv.doheny.com
leapfrog-ssl-15.gcs-web.com
preferences.e.dxl.com
www.prm.dxl.com
sv.doheny.com
www.destinationxl.com
click.em.dxl.com
leapfrog-ssl-15.gcs-web.com
sv.doheny.com
UAT.BETA.DESTINATIONXL.COM
www.destinationxl.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com

Certificate

The complete raw certificate details for qa-gifts.dxl.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIQD2unzp5yQbEC9WGZZx3PmzANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe
Fw0xOTA2MTkwMDAwMDBaFw0yMTA2MTgxMjAwMDBaMHUxCzAJBgNVBAYTAlVTMRYw
FAYDVQQIEw1NYXNzYWNodXNldHRzMQ8wDQYDVQQHEwZDYW50b24xIjAgBgNVBAoT
GURFU1RJTkFUSU9OIFhMIEdST1VQIElOQy4xGTAXBgNVBAMTEHFhLWdpZnRzLmR4
bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu0X4L9Xq3eqLQ
UI1oUJNftVGMjKd0JpNcjkhAil0AFqzXngr+f6VBTBje5oCVKDobPb9b1+nUrh8+
u0okaQG59N1K+kihBFBwP6itgbjiN0j9xRdvgfjXmXlmGE081NPkeGNmermktxtY
ObwQpuRjUX9etrQidlVVHuoW92sP+M/lowjDUGWjLTU5wzywc+WreLeeoONY5eiq
PWoWN37vYU+o73tHeqDVa64HEqHZnr/Y0tJDtscsRXa4kqHZK2lNcfyi68CfO22u
aqC6JszSuGrAYHl7o5tvezq/siidhvupz3eVvK9c6TzbPx6sO6pB9Jvi1iI418Nr
iSaHGiEXAgMBAAGjggHRMIIBzTAfBgNVHSMEGDAWgBSQWP+wnHWoUVR3se3yo0MW
OJ5sxTAdBgNVHQ4EFgQUveDkkj38pgCM0/SVHuzjhUkXCpwwNwYDVR0RBDAwLoIQ
cWEtZ2lmdHMuZHhsLmNvbYIacWEtZ2lmdHMuZGVzdGluYXRpb254bC5jb20wDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA+BgNV
HR8ENzA1MDOgMaAvhi1odHRwOi8vY2RwLmdlb3RydXN0LmNvbS9HZW9UcnVzdFJT
QUNBMjAxOC5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcC
ARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwdQYIKwYB
BQUHAQEEaTBnMCYGCCsGAQUFBzABhhpodHRwOi8vc3RhdHVzLmdlb3RydXN0LmNv
bTA9BggrBgEFBQcwAoYxaHR0cDovL2NhY2VydHMuZ2VvdHJ1c3QuY29tL0dlb1Ry
dXN0UlNBQ0EyMDE4LmNydDAJBgNVHRMEAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUA
MA0GCSqGSIb3DQEBCwUAA4IBAQBctIaaH+od9xAIGoyz1nWESBmLeLtx2d9JWEQd
LVMdPRK8HMSvSho2stbxg4NwBcAdySrgHD+/1LuwOCtF9TUv08pa7F6LNpEYj2Mn
awz7WN43DbKj1QUQE2IsuxyokmURKkiSiofSK5bCVmssxVrK+ymC6/ZfbfHwB28v
cc3wetrn/LA6GHInA1EeyObvs4DvQXbpSf9blnoSIk+8Y21NrmCf94jJzErMq/l4
ulgbnrjj5/90RlRfDAQc2q/eZTcx2YzKuITjbWnf9eZ+PAKL+AN6oQ2Jo2mx6GU3
omOgfkUM/+mn0gsXo6O9B06rf6s0tRt2MHKu/TvriPYlFnyw
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtF+C/V6t3qi0FCNaFCT
X7VRjIyndCaTXI5IQIpdABas154K/n+lQUwY3uaAlSg6Gz2/W9fp1K4fPrtKJGkB
ufTdSvpIoQRQcD+orYG44jdI/cUXb4H415l5ZhhNPNTT5HhjZnq5pLcbWDm8EKbk
Y1F/Xra0InZVVR7qFvdrD/jP5aMIw1Bloy01OcM8sHPlq3i3nqDjWOXoqj1qFjd+
72FPqO97R3qg1WuuBxKh2Z6/2NLSQ7bHLEV2uJKh2StpTXH8ouvAnzttrmqguibM
0rhqwGB5e6Obb3s6v7IonYb7qc93lbyvXOk82z8erDuqQfSb4tYiONfDa4kmhxoh
FwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 20497399233079011731541072499269554075
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-19 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-06-18 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Massachusetts'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Canton'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DESTINATION XL GROUP INC.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'qa-gifts.dxl.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22068769601943397009305670958399108226358071082939965962645890289186445888869716360857470437302361812034175527352451984688483302362066621594260462045371046402697602266112098043148726129567325740637491991200782762130379630627553265659995005252146779975119878730213615600234283144466443151708513310338144244063200589337166919036109327230672820553081306669152740244598344885156389368303022207240415234553980019839466463605976716460647161597726578287358018891766778929011883982536429920977999339257270479847464430507394653675793872937541860394694656759526119258369541040858207600638527601300692898618431936085602720162071
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							bde0e4923dfca6008cd3f4951eece38549170a9c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa-gifts.dxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa-gifts.destinationxl.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005cb4869a1fea1df710081a8cb3d6758448198b78bb71d9df4958441d2d531d3d12bc1cc4af4a1a36b2d6f183837005c01dc92ae01c3fbfd4bbb0382b45f5352fd3ca5aec5e8b3691188f63276b0cfb58de370db2a3d5051013622cbb1ca89265112a48928a87d22b96c2566b2cc55acafb2982ebf65f6df1f0076f2f71cdf07adae7fcb03a18722703511ec8e6efb380ef4176e949ff5b967a12224fbc636d4dae609ff788c9cc4accabf978ba581b9eb8e3e7ff7446545f0c041cdaafde653731d98ccab884e36d69dff5e67e3c028bf8037aa10d89a369b1e86537a263a07e450cffe9a7d20b17a3a3bd074eab7fab34b51b763072aefd3beb88f625167cb0