myaccount.navient.com
- Navient Solutions, LLC -
Issued by Sectigo RSA Extended Validation Secure Server CA
About this certificate
This digital certificate with serial number 62:26:91:df:18:92:d7:2b:2d:77:09:9a:ca:43:34:fa was issued on by Sectigo Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Navient Solutions, LLC
Company registration number:
2651098
Organization: Navient Solutions, LLC
Organization: Navient Solutions, LLC
State / Province:
Indiana
Country: US
Country: US
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): 62:26:91:df:18:92:d7:2b:2d:77:09:9a:ca:43:34:faSerial Number (int): 130464609492424008678271933946213381370
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: fb:6c:48:a5:de:86:18:f2:92:b5:de:b2:6f:69:76:74:47:a8:40:a0
AuthorityKeyId: 2c:69:ff:80:c9:87:90:ae:34:e1:b4:e7:4c:93:85:99:40:e9:a7:b2
Fingerprint (sha1): 69:39:c9:83:cd:a4:b2:1f:ff:8a:40:71:62:e1:29:a6:63:25:1a:b0
Fingerprint (sha256): 20:4a:a1:18:22:02:aa:f2:59:50:ac:73:38:8d:9d:39:47:1c:d4:b3:65:4a:6c:5f:d1:e0:8f:b9:eb:f9:38:13
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl
Check the revocation status for certificate myaccount.navient.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for myaccount.navient.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
myaccount.navient.com
www.myaccount.navient.com
www.myaccount.navient.com
Other certificates including the domain name navient.com
(limited to 100 certificates)
images.navient.com
rrp.navient.com
mediaserver.navient.com
payments.navient.com
panifiise010.navient.com
access.navient.com
tcpaupdateqa.navient.com
staging.gateway.msbpay.navient.com
www.navient.com
textresponsedev.navient.com
survey.navient.com
LyncExt.navient.com
b2bproxy.navient.com
accesslync.navient.com
leapfrog-ssl-4.gcs-web.com
leapfrog-ssl-4.gcs-web.com
payments.navient.com
upload.navient.com
bdm.navient.com
message.navient.com
go.navient.com
leapfrog-ssl-4.gcs-web.com
filegateway.navient.com
gogreen.navient.com
meteortest.navient.com
myaccount.navient.com
PEVSGW.navient.com
wsmb2bproxy.navient.com
myaccount.navient.com
exedge.navient.com
payments.navient.com
chat2.navient.com
twwsdlr.navient.com
services.navient.com
rsa.citrixcloud.navient.com
leapfrog-ssl-4.gcs-web.com
idrhelp.navient.com
assist.navient.com
leapfrog-ssl-4.gcs-web.com
rrp.navient.com
jobs.navient.com
gogreenqa.navient.com
leapfrog-ssl-4.gcs-web.com
acqueonapi-test.navient.com
vpgw.navient.com
ilp.navient.com
mediaserver.navient.com
punrasrly010.navient.com
tcpaupdateqa.navient.com
leapfrog-ssl-4.gcs-web.com
services2.navient.com
myaccount.navient.com
accesslync.navient.com
mediaserver.navient.com
services2.navient.com
preview-xtend.navient.com
twwsgw.navient.com
ilp.navient.com
accesslync.navient.com
Preview-xtend.navient.com
amzn-connect.navient.com
staging.gateway.msbpay.navient.com
mediaserver.cm.navient.com
fms.navient.com
rsa.citrixcloud.navient.com
punrfirly080.navient.com
leapfrog-ssl-4.gcs-web.com
*.navient.com
login.navient.com
www.navient.com
concierge-qa.navient.com
wsmb2bresp.navient.com
jobs.navient.com
rrp.navient.com
exedge.navient.com
www.navient.com
leapfrog-ssl-4.gcs-web.com
den1.navient.com
fms.navient.com
leapfrog-ssl-4.gcs-web.com
rsa.citrix.navient.com
navient.com
twwsdlr.navient.com
ree.navient.com
meteor.navient.com
webadvisor.navient.com
extnavi.usa-ed.net
leapfrog-ssl-4.gcs-web.com
sdu.navient.com
ssp.navient.com
webmail.navient.com
paymentstest.navient.com
gogreen.navient.com
go.navient.com
access-dr.navient.com
leapfrog-ssl-4.gcs-web.com
meteor.navient.com
services2.navient.com
vdi2.navient.com
message.navient.com
rrp.navient.com
mediaserver.navient.com
payments.navient.com
panifiise010.navient.com
access.navient.com
tcpaupdateqa.navient.com
staging.gateway.msbpay.navient.com
www.navient.com
textresponsedev.navient.com
survey.navient.com
LyncExt.navient.com
b2bproxy.navient.com
accesslync.navient.com
leapfrog-ssl-4.gcs-web.com
leapfrog-ssl-4.gcs-web.com
payments.navient.com
upload.navient.com
bdm.navient.com
message.navient.com
go.navient.com
leapfrog-ssl-4.gcs-web.com
filegateway.navient.com
gogreen.navient.com
meteortest.navient.com
myaccount.navient.com
PEVSGW.navient.com
wsmb2bproxy.navient.com
myaccount.navient.com
exedge.navient.com
payments.navient.com
chat2.navient.com
twwsdlr.navient.com
services.navient.com
rsa.citrixcloud.navient.com
leapfrog-ssl-4.gcs-web.com
idrhelp.navient.com
assist.navient.com
leapfrog-ssl-4.gcs-web.com
rrp.navient.com
jobs.navient.com
gogreenqa.navient.com
leapfrog-ssl-4.gcs-web.com
acqueonapi-test.navient.com
vpgw.navient.com
ilp.navient.com
mediaserver.navient.com
punrasrly010.navient.com
tcpaupdateqa.navient.com
leapfrog-ssl-4.gcs-web.com
services2.navient.com
myaccount.navient.com
accesslync.navient.com
mediaserver.navient.com
services2.navient.com
preview-xtend.navient.com
twwsgw.navient.com
ilp.navient.com
accesslync.navient.com
Preview-xtend.navient.com
amzn-connect.navient.com
staging.gateway.msbpay.navient.com
mediaserver.cm.navient.com
fms.navient.com
rsa.citrixcloud.navient.com
punrfirly080.navient.com
leapfrog-ssl-4.gcs-web.com
*.navient.com
login.navient.com
www.navient.com
concierge-qa.navient.com
wsmb2bresp.navient.com
jobs.navient.com
rrp.navient.com
exedge.navient.com
www.navient.com
leapfrog-ssl-4.gcs-web.com
den1.navient.com
fms.navient.com
leapfrog-ssl-4.gcs-web.com
rsa.citrix.navient.com
navient.com
twwsdlr.navient.com
ree.navient.com
meteor.navient.com
webadvisor.navient.com
extnavi.usa-ed.net
leapfrog-ssl-4.gcs-web.com
sdu.navient.com
ssp.navient.com
webmail.navient.com
paymentstest.navient.com
gogreen.navient.com
go.navient.com
access-dr.navient.com
leapfrog-ssl-4.gcs-web.com
meteor.navient.com
services2.navient.com
vdi2.navient.com
message.navient.com
Certificate
The complete raw certificate details for myaccount.navient.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIITDCCBzSgAwIBAgIQYiaR3xiS1ystdwmaykM0+jANBgkqhkiG9w0BAQsFADCB kTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTkwNwYDVQQD EzBTZWN0aWdvIFJTQSBFeHRlbmRlZCBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg Q0EwHhcNMjQwNDE5MDAwMDAwWhcNMjUwNTE5MjM1OTU5WjCBwTEQMA4GA1UEBRMH MjY1MTA5ODETMBEGCysGAQQBgjc8AgEDEwJVUzEZMBcGCysGAQQBgjc8AgECEwhE ZWxhd2FyZTEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xCzAJBgNVBAYT AlVTMRAwDgYDVQQIEwdJbmRpYW5hMR8wHQYDVQQKExZOYXZpZW50IFNvbHV0aW9u cywgTExDMR4wHAYDVQQDExVteWFjY291bnQubmF2aWVudC5jb20wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDVY//ttfLjc2obXSxqRa5TgjLyzs5my7WO 9Y3m+SZRZbVaVVzr+H5ekd3SjdbqDvnfmR2bRk0LoEf6Cdq0zDWB5ebp+5YiLCFA 2V4itHfkzjCw8SPnidmOs0oEafGItHRH5KVKcqgcFK3aal+6JybiGuNOgH6BVdbs Vras7nxmesohaJkL7bW2DLeEXcLK0dPfddil1EhMdK95FTQ4Y4IBIPUF1Ymr/FNh GicGjIPmfmq8IAObJFd1849kTyl9ly5Fc6oUvubhtNLja3o2WNVWIJlnlJO8MBlF lRtCtuDBh3uvHZw+dWJMHgvCBQNGtYHmZmduzWxkGjbaifgleAn2caYX4qTj/I3m odvXoWlEPZ3s+AKjhppiockILjQcyG7TAUBPDPkuo4PnfHRxdZD58/Cje0ihkwqv CNAdbHKrzA13UPrcga3MNc0Dv/wyfr4TLRrKThcEGL+tNms21ZyMGpGoirFqH6Gn qrRXdmFdcg9iJ9mnZEKULUFhs81iNjnnoLu5aQ9psYJn1pEn7iDg+NAEEhThxw9p uNWLIYTkJGDwRwSQvPUBOaqlHL3ktALdDgQcbV4TH3F6IthV2MYhjw7XrD0pHO4f SP+umQhkPIdwVWLVLhtV8M6zzsinF6Y3Gntsep+D3fnbhLyhH9fMqDiiZicygRyl pzSU4Nu79wIDAQABo4IDbDCCA2gwHwYDVR0jBBgwFoAULGn/gMmHkK404bTnTJOF mUDpp7IwHQYDVR0OBBYEFPtsSKXehhjykrXesm9pdnRHqECgMA4GA1UdDwEB/wQE AwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjBJBgNVHSAEQjBAMDUGDCsGAQQBsjEBAgEFATAlMCMGCCsGAQUFBwIBFhdodHRw czovL3NlY3RpZ28uY29tL0NQUzAHBgVngQwBATBWBgNVHR8ETzBNMEugSaBHhkVo dHRwOi8vY3JsLnNlY3RpZ28uY29tL1NlY3RpZ29SU0FFeHRlbmRlZFZhbGlkYXRp b25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYYGCCsGAQUFBwEBBHoweDBRBggrBgEFBQcw AoZFaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBRXh0ZW5kZWRWYWxp ZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz cC5zZWN0aWdvLmNvbTA7BgNVHREENDAyghVteWFjY291bnQubmF2aWVudC5jb22C GXd3dy5teWFjY291bnQubmF2aWVudC5jb20wggF+BgorBgEEAdZ5AgQCBIIBbgSC AWoBaAB2AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAABjvcMa8cA AAQDAEcwRQIgAhh8694M/hzCyBMkANqY/WlKZwDNIVggH4H0C3aYn5sCIQCR/ZcE XfkmXlrNgVuisQfgOSHT00NpFelR5Zam3djY8QB3AKLjCuRF772tm3447Udnd1PX gluElNcrXhssxLlQpEfnAAABjvcMaz8AAAQDAEgwRgIhALrdL/J8tp0kkM+K9w7d f6q5xOkRcl3DxXR6XYzogGftAiEAyoo1BU47ROZdcv+mIMHNXptPSngdUvuva8FV l7my2kMAdQBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY73DGs8 AAAEAwBGMEQCIAFKvKrR99+gU601rGqyIetcxKUDk2lLYJWc6KVsqNCXAiADLSXa 2wN1fmBO3Vkk7SURsD7MRSrX3cjFWx2vYgMBTDANBgkqhkiG9w0BAQsFAAOCAQEA mlVvuuFsPUsHRiwaxnI9xkJnThTwW2j6i+LxBamkUOnYI63PpoG5KU84Q7F5eOPa cUEBdZ2i4oZ5oL0YGYTFwsfvRq0eAW4O60wBinuFoi1yAEld2F082AUEQ7HPDEIB O+kYJ7siOHY9B2IHSIy7J2MSjhXR+l6XQHWIrEAvhb+E1IT8A7npSmef6Y/lBwCB +X5/y3AAx3EFkTxeNmcFvptOj3+sC+pU6/Eah1Tydto4/aSVj4tpP2g5a/rbysR9 U1tn3nP6phCS+NRgv+VVEQa5ixRPR9i8hNhClSrpplOEYdH5C288cKt8ktkpCYdL xrvozKss1O39I9y0gnf8KQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1WP/7bXy43NqG10sakWu U4Iy8s7OZsu1jvWN5vkmUWW1WlVc6/h+XpHd0o3W6g7535kdm0ZNC6BH+gnatMw1 geXm6fuWIiwhQNleIrR35M4wsPEj54nZjrNKBGnxiLR0R+SlSnKoHBSt2mpfuicm 4hrjToB+gVXW7Fa2rO58ZnrKIWiZC+21tgy3hF3CytHT33XYpdRITHSveRU0OGOC ASD1BdWJq/xTYRonBoyD5n5qvCADmyRXdfOPZE8pfZcuRXOqFL7m4bTS42t6NljV ViCZZ5STvDAZRZUbQrbgwYd7rx2cPnViTB4LwgUDRrWB5mZnbs1sZBo22on4JXgJ 9nGmF+Kk4/yN5qHb16FpRD2d7PgCo4aaYqHJCC40HMhu0wFATwz5LqOD53x0cXWQ +fPwo3tIoZMKrwjQHWxyq8wNd1D63IGtzDXNA7/8Mn6+Ey0ayk4XBBi/rTZrNtWc jBqRqIqxah+hp6q0V3ZhXXIPYifZp2RClC1BYbPNYjY556C7uWkPabGCZ9aRJ+4g 4PjQBBIU4ccPabjViyGE5CRg8EcEkLz1ATmqpRy95LQC3Q4EHG1eEx9xeiLYVdjG IY8O16w9KRzuH0j/rpkIZDyHcFVi1S4bVfDOs87IpxemNxp7bHqfg93524S8oR/X zKg4omYnMoEcpac0lODbu/cCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 130464609492424008678271933946213381370 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Extended Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-19 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-19 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2651098' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Indiana' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Navient Solutions, LLC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'myaccount.navient.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 870557793005035425375851563401749033700437408856999238502513618838787351224910412907159319842421661601177914221940981970907258017214694598258824056054593305261303246730912353748074830160916242059566625578470529124475888538987206268962519891228225229670370897569400286336657401850302354151788610573250216782201169848079908466875588518924078003477154768750785062618315471199140554632518493504687329019380808140043319699915983022088026085073847387249410721485811025551633071269261783038354604161597255012270820901874081686854977482181261131458129183357732823826575765867393386393532520360172046545515049233444515807607039607620889416568317487314758992480965377392967793545707639543772511014768371752551167309497347171726149916674191021311891748671228169625500325823383062453796317682711606739520954413641699428145430453102640688295814109002521432702527330991538852335263726400169701881037419460429813161581564469887231406351197415157359224242916276409885008112131706582331868112124805817233810395408382927868328092977785297945145565269208771866846097052908252582369559516583744659194375320097690673538440522301976547657500678097591446794520404431488893519096187911433671369479359179455488340845514859439763795195995295528392671685753847 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2c69ff80c98790ae34e1b4e74c93859940e9a7b2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fb6c48a5de8618f292b5deb26f69767447a840a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.5.1 (Comodo EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (122 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'myaccount.navient.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.myaccount.navient.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018ef70c6bc70000040300473045022002187cebde0cfe1cc2c8132400da98fd694a6700cd2158201f81f40b76989f9b02210091fd97045df9265e5acd815ba2b107e03921d3d3436915e951e596a6ddd8d8f1007700a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018ef70c6b3f0000040300483046022100badd2ff27cb69d2490cf8af70edd7faab9c4e911725dc3c5747a5d8ce88067ed022100ca8a35054e3b44e65d72ffa620c1cd5e9b4f4a781d52fbaf6bc15597b9b2da430075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018ef70c6b3c00000403004630440220014abcaad1f7dfa053ad35ac6ab221eb5cc4a50393694b60959ce8a56ca8d0970220032d25dadb03757e604edd5924ed2511b03ecc452ad7ddc8c55b1daf6203014c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009a556fbae16c3d4b07462c1ac6723dc642674e14f05b68fa8be2f105a9a450e9d823adcfa681b9294f3843b17978e3da714101759da2e28679a0bd181984c5c2c7ef46ad1e016e0eeb4c018a7b85a22d7200495dd85d3cd8050443b1cf0c42013be91827bb2238763d076207488cbb2763128e15d1fa5e97407588ac402f85bf84d484fc03b9e94a679fe98fe5070081f97e7fcb7000c77105913c5e366705be9b4e8f7fac0bea54ebf11a8754f276da38fda4958f8b693f68396bfadbcac47d535b67de73faa61092f8d460bfe5551106b98b144f47d8bc84d842952ae9a6538461d1f90b6f3c70ab7c92d92909874bc6bbe8ccab2cd4edfd23dcb48277fc29