web.coachusa.com

- Coach USA, Inc. -

Issued by GeoTrust TLS RSA CA G1

About this certificate

This digital certificate with serial number 06:49:52:70:54:73:6d:53:6c:61:a6:b3:97:5c:23:d0 was issued on by DigiCert Inc.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Coach USA, Inc.

Organization: Coach USA, Inc.
State / Province: New Jersey
Locality: Paramus
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 06:49:52:70:54:73:6d:53:6c:61:a6:b3:97:5c:23:d0
Serial Number (int): 8356077702660522259970908301542826960
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 28:21:31:33:f1:e5:34:de:3e:c3:c8:de:0e:74:b5:49:d5:86:6a:08
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57

Fingerprint (sha1): 17:9f:6b:72:3e:e2:19:2b:b2:b7:b1:9a:b4:eb:34:67:06:4a:31:77
Fingerprint (sha256): 20:38:e9:74:f0:12:7f:74:40:37:ae:c2:2b:f8:c3:73:6e:ec:cb:c5:d0:82:1a:33:36:69:8f:e7:48:01:c2:aa

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl

Check the revocation status for certificate web.coachusa.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for web.coachusa.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

web.coachusa.com

Other certificates including the domain name coachusa.com

(limited to 100 certificates)
adfs.coachusa.com
*.coachusa.com
www.coachusa.com
emcor.g6-global.com
5694209793196032-fe4.pantheonsite.io
*.coachusa.com
*.sales.coachusa.com
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
www.coachusa.com
5694209793196032-fe4.pantheonsite.io
mobile.coachusa.com
coachusa.com
5694209793196032-fe4.pantheonsite.io
web.coachusa.com
*.coachusa.com
www.coachusa.com
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
selfservice.coachusa.com
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
mobile.coachusa.com
cchdalacp.coachusa.com
webvpn.coachusa.com
5694209793196032-fe4.pantheonsite.io
helpdesk.cscfl.com
helpdesk.cscfl.com
frevvo.coachusa.com
5694209793196032-fe4.pantheonsite.io
cusa-hanoverportal.coachusa.com
support.conquestis.net
*.coachusa.com
5694209793196032-fe4.pantheonsite.io
5709875686408192-fe1.pantheonsite.io
tracs.coachusa.com
web.coachusa.com
*.coachusa.com
5694209793196032-fe4.pantheonsite.io
web.coachusa.com
vpndal.coachusa.com
*.coachusa.com
www.coachusa.com
www.coachusa.com
5694209793196032-fe4.pantheonsite.io
*.coachusa.com
*.coachusa.com
5694209793196032-fe4.pantheonsite.io
*.coachusa.com
sales.coachusa.com
helpdesk.cscfl.com
5694209793196032-fe4.pantheonsite.io
helpdesk.cscfl.com
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
viso.finosec.com
www.coachusa.com
*.coachusa.com
*.coachusa.com
api.prod.coachusa.com
helpdesk.cscfl.com
nable.coachusa.com
5694209793196032-fe4.pantheonsite.io
www.coachusa.com
5694209793196032-fe4.pantheonsite.io
sales.coachusa.com
*.coachusa.com
mail01.coachusa.com
vpndal.coachusa.com
www.coachusa.com
*.coachusa.com
web.coachusa.com
*.coachusa.com
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5709875686408192-fe1.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
mail02.coachusa.com
5694209793196032-fe4.pantheonsite.io
5694209793196032-fe4.pantheonsite.io
dre.coachusa.com
web.coachusa.com
coachusa.com
www.coachusa.com
helpdesk.nutramaxlabs.com
service.fibertel.ca
5694209793196032-fe4.pantheonsite.io
dre.coachusa.com
DRE.coachusa.com
customcommute.coachusa.com
dev.coachusa.com
*.coachusa.com
5694209793196032-fe4.pantheonsite.io

Certificate

The complete raw certificate details for web.coachusa.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGbjCCBVagAwIBAgIQBklScFRzbVNsYaazl1wj0DANBgkqhkiG9w0BAQsFADBg
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx
MB4XDTIzMTAxMDAwMDAwMFoXDTI0MTAxMDIzNTk1OVowaTELMAkGA1UEBhMCVVMx
EzARBgNVBAgTCk5ldyBKZXJzZXkxEDAOBgNVBAcTB1BhcmFtdXMxGDAWBgNVBAoT
D0NvYWNoIFVTQSwgSW5jLjEZMBcGA1UEAxMQd2ViLmNvYWNodXNhLmNvbTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI8X/ZIp1XrVE1/1gDGCaGVqbv19
pYeMhAAd8eFy+m3EFSua1+pBfrYq9AaCgbpPwLcC5JXLBkdavgQAhDTOrWHXp+UM
osxxieJnp393eTb9TCrwwzSbrNdV9/CXUZIJCa9x4aYf3rEfwHDzi4Aepke7Z7lG
2C8gKEQ5oZBHGecIMrs/FoROSDgmwbL9b6xXSknrVY8zZ4pXqFdCPF1Vaduwqeao
ylZejY7jEd53gUA1acLCfm8UpQOEZVKXMm3U9tE73IQVwgpZudydc6t60Hq7jA+y
lcKPpeldbO9PubRRLzm2M18kYFamNbsXt/hCcPql42qMPkMT+ChPJK1maMMCAwEA
AaOCAxkwggMVMB8GA1UdIwQYMBaAFJRP1F2L5KTipoD+/dj5AO+jvgJXMB0GA1Ud
DgQWBBQoITEz8eU03j7DyN4OdLVJ1YZqCDAbBgNVHREEFDASghB3ZWIuY29hY2h1
c2EuY29tMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6
Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw
FAYIKwYBBQUHAwEGCCsGAQUFBwMCMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9j
ZHAuZ2VvdHJ1c3QuY29tL0dlb1RydXN0VExTUlNBQ0FHMS5jcmwwdgYIKwYBBQUH
AQEEajBoMCYGCCsGAQUFBzABhhpodHRwOi8vc3RhdHVzLmdlb3RydXN0LmNvbTA+
BggrBgEFBQcwAoYyaHR0cDovL2NhY2VydHMuZ2VvdHJ1c3QuY29tL0dlb1RydXN0
VExTUlNBQ0FHMS5jcnQwDAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFu
BIIBagFoAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGLGfB1
+AAABAMARzBFAiAfzNflr20P1KQAb58qETVKb3e6Jb4nUyUmQJulynv1JwIhAJHg
EArYCUSNICuqVNPhrvELnU3XYNOUcwaRarCVu1fRAHcASLDja9qmRzQP5WoC+p0w
6xxSActW3SyB2bu/qznYhHMAAAGLGfB1ygAABAMASDBGAiEArIuBV0oqU3oSG+vk
OSrNC8vFIgcyUjy58NOjMC/WDXwCIQDCoSlaPVZ4TyR9qUT4meoD5wQXIBaVyZtj
jMg/BikoOwB1AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABixnw
dg4AAAQDAEYwRAIgOdVN9StXDhDada2/33GZIeY/yl6vQus04w0FIYfqTTgCIECF
NBF6XDYpDGXlHIf1g81IZ35Yy9uy3yI/pAGtIZWbMA0GCSqGSIb3DQEBCwUAA4IB
AQCLWMAHyQ+GOOdJTMnW6hToSzO0Qs8G7jXdCKQlrJY+u64rqtmvhbTuWesuWAOL
R36OwL2/aJ2qvSLUGu6XLIy/n1HZEp4Y/5OfEbd4eGnQoynxiKZfrZ9Egb1UUwq1
WJzDlqqA/GIyHskNlNro/T/Bu+NnKPkdYuxwbJD1Q7bPRqSRLPfjXYcL1WAKGzCy
85Kmxz0ZlY/vMLNdk5xL4Ip7KZWoizLiShTrW/xzv4dIWcUT8fFpf953TW6h5Iht
nWCogbI6kJ5Vk/gU5B932LAM0jPuFZP2uYobSN0LD+Am/xJ4Qtc6XMS/ityUzuYb
bUdmkPotIM92bcMJ+kt3PzlH
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxf9kinVetUTX/WAMYJo
ZWpu/X2lh4yEAB3x4XL6bcQVK5rX6kF+tir0BoKBuk/AtwLklcsGR1q+BACENM6t
Yden5QyizHGJ4menf3d5Nv1MKvDDNJus11X38JdRkgkJr3Hhph/esR/AcPOLgB6m
R7tnuUbYLyAoRDmhkEcZ5wgyuz8WhE5IOCbBsv1vrFdKSetVjzNnileoV0I8XVVp
27Cp5qjKVl6NjuMR3neBQDVpwsJ+bxSlA4RlUpcybdT20TvchBXCClm53J1zq3rQ
eruMD7KVwo+l6V1s70+5tFEvObYzXyRgVqY1uxe3+EJw+qXjaow+QxP4KE8krWZo
wwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8356077702660522259970908301542826960
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-10 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-10 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Jersey'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Paramus'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Coach USA, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'web.coachusa.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18063907772296379360984623575182088909212199419321979477981378762635290458946544457560130177172719156795272350603253783039907169018272147275275454276785069576347111636757492939043252153307277429943512040846367094749442397029784243994123227244013956566930034790079038470388200254154525444731623972339073529140629367463532146919462338217049726474583847151894108534851290655564774758154260672137989754880813751992037420719405302026063673863424485279843213917005142724724226744102025078433665302832387847547387586919740757063710967200290998738049864888575152056704941758556853039246480052912646943378729837300991532624067
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							28213133f1e534de3ec3c8de0e74b549d5866a08
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'web.coachusa.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b19f075f8000004030047304502201fccd7e5af6d0fd4a4006f9f2a11354a6f77ba25be27532526409ba5ca7bf52702210091e0100ad809448d202baa54d3e1aef10b9d4dd760d3947306916ab095bb57d100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b19f075ca0000040300483046022100ac8b81574a2a537a121bebe4392acd0bcbc5220732523cb9f0d3a3302fd60d7c022100c2a1295a3d56784f247da944f899ea03e70417201695c99b638cc83f0629283b0075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018b19f0760e0000040300463044022039d54df52b570e10da75adbfdf719921e63fca5eaf42eb34e30d052187ea4d380220408534117a5c36290c65e51c87f583cd48677e58cbdbb2df223fa401ad21959b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008b58c007c90f8638e7494cc9d6ea14e84b33b442cf06ee35dd08a425ac963ebbae2baad9af85b4ee59eb2e58038b477e8ec0bdbf689daabd22d41aee972c8cbf9f51d9129e18ff939f11b7787869d0a329f188a65fad9f4481bd54530ab5589cc396aa80fc62321ec90d94dae8fd3fc1bbe36728f91d62ec706c90f543b6cf46a4912cf7e35d870bd5600a1b30b2f392a6c73d19958fef30b35d939c4be08a7b2995a88b32e24a14eb5bfc73bf874859c513f1f1697fde774d6ea1e4886d9d60a881b23a909e5593f814e41f77d8b00cd233ee1593f6b98a1b48dd0b0fe026ff127842d73a5cc4bf8adc94cee61b6d476690fa2d20cf766dc309fa4b773f3947