instore.destinationxl.com

- DESTINATION XL GROUP INC. -

Issued by GeoTrust RSA CA 2018

About this certificate

This digital certificate with serial number 04:fe:5d:6b:f0:2f:e0:cf:32:78:72:f0:bb:30:7f:11 was issued on by DigiCert Inc.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

DESTINATION XL GROUP INC.

Organization: DESTINATION XL GROUP INC.
State / Province: Massachusetts
Locality: Canton
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:fe:5d:6b:f0:2f:e0:cf:32:78:72:f0:bb:30:7f:11
Serial Number (int): 6637650201048321843745197113239174929
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 65:29:ef:f2:d3:46:14:e9:0f:40:14:8a:ef:00:cf:48:81:14:2a:a8
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5

Fingerprint (sha1): c2:23:ec:1c:f8:1a:e8:18:f5:53:bb:7b:5b:f3:b1:4b:4f:fd:ab:f0
Fingerprint (sha256): 20:5d:e4:19:bd:fb:59:ca:63:b1:72:53:02:3d:4e:dd:92:7f:f5:7d:36:5a:ab:b3:8e:76:89:9b:cf:0f:31:9e

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl

Check the revocation status for certificate instore.destinationxl.com

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for instore.destinationxl.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

instore.destinationxl.com
beta.instore.destinationxl.com
instore.beta.destinationxl.com

Other certificates including the domain name destinationxl.com

(limited to 100 certificates)
preview-testl.destinationxl.com
leapfrog-ssl-15.gcs-web.com
landing.destinationxl.com
UAT.BETA.DESTINATIONXL.COM
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
careers.destinationxl.com
leapfrog-ssl-15.gcs-web.com
landing.destinationxl.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
careers.destinationxl.com
destinationxl.com
landing.destinationxl.com
leapfrog-ssl-15.gcs-web.com
careers.destinationxl.com
prodl.destinationxl.com
leapfrog-ssl-15.gcs-web.com
www.destinationxl.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
www.destinationxl.com
www.destinationxl.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
landing.destinationxl.com
preview-testl.destinationxl.com
vlgstb.destinationxl.com
landing.destinationxl.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
instore.destinationxl.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
instore.destinationxl.com
www.destinationxl.com
leapfrog-ssl-15.gcs-web.com
uat.crm.destinationxl.com
careers.destinationxl.com
destinationxl.com
mail.cmal.com
preview.destinationxl.com
leapfrog-ssl-15.gcs-web.com
careers.destinationxl.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
gifts.destinationxl.com
qa-gifts.dxl.com
instore.destinationxl.com
www.destinationxl.com
www.destinationxl.com
leapfrog-ssl-15.gcs-web.com
careers.destinationxl.com
careers.destinationxl.com
careers.destinationxl.com
landing.destinationxl.com
beta.destinationxl.com
leapfrog-ssl-15.gcs-web.com
destinationxl.com
careers.destinationxl.com
leapfrog-ssl-15.gcs-web.com
UAT.BETA.DESTINATIONXL.COM
landing.destinationxl.com
landing.destinationxl.com
leapfrog-ssl-15.gcs-web.com
www.destinationxl.com
leapfrog-ssl-15.gcs-web.com
*.destinationxl.com
www.destinationxl.com
landing.destinationxl.com
prodl.destinationxl.com
leapfrog-ssl-15.gcs-web.com
www.destinationxl.com
landing.destinationxl.com
UAT.BETA.DESTINATIONXL.COM
landing.destinationxl.com
www.destinationxl.com
instore.mtm.uat.gamma.destinationxl.com
leapfrog-ssl-15.gcs-web.com
careers.destinationxl.com
leapfrog-ssl-15.gcs-web.com
www.destinationxl.com
www.destinationxl.com
devl.beta.destinationxl.com
leapfrog-ssl-15.gcs-web.com
landing.destinationxl.com
careers.destinationxl.com
careers.destinationxl.com
landing.destinationxl.com
landing.destinationxl.com
vlgstb.destinationxl.com
help.dxl.com
leapfrog-ssl-15.gcs-web.com
careers.destinationxl.com
www.destinationxl.com
mail.cmal.com
www.destinationxl.com
destinationxl.com
leapfrog-ssl-15.gcs-web.com

Certificate

The complete raw certificate details for instore.destinationxl.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgIQBP5da/Av4M8yeHLwuzB/ETANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe
Fw0xOTAyMTMwMDAwMDBaFw0yMDA4MjIxMjAwMDBaMH4xCzAJBgNVBAYTAlVTMRYw
FAYDVQQIEw1NYXNzYWNodXNldHRzMQ8wDQYDVQQHEwZDYW50b24xIjAgBgNVBAoT
GURFU1RJTkFUSU9OIFhMIEdST1VQIElOQy4xIjAgBgNVBAMTGWluc3RvcmUuZGVz
dGluYXRpb254bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq
7+XlXsjXKqakUL/oHZ06GkzfJZRZ7oz2KXGRW8c63fQySir+/6Kewhb2qn1dXdWR
dGXQmHqyV/0qsvCxPlhhTik54HOBEHez5+fgmaoHXmyJEGmUBL1DFPIJG9rFToUS
6K8YGCEwrsojc9j8mC/uowi2csYnjGrro9OjU85duTF8ZA1bvZ+oLhwColjHFJIE
SLx/Dq3sQEgrroniKgZwc36JrdqodNtGHMe61tnLGhhvbRYVkKtwVe1YDa/eaGg8
rpyGDQ7spkdK8iAvMRpbjeXrDowzWdFokEV0mj8nd9/jtr1KXYdf/danaBKKGEQK
xX8Mzv898C7bylA7x5FdAgMBAAGjggH+MIIB+jAfBgNVHSMEGDAWgBSQWP+wnHWo
UVR3se3yo0MWOJ5sxTAdBgNVHQ4EFgQUZSnv8tNGFOkPQBSK7wDPSIEUKqgwZAYD
VR0RBF0wW4IZaW5zdG9yZS5kZXN0aW5hdGlvbnhsLmNvbYIeYmV0YS5pbnN0b3Jl
LmRlc3RpbmF0aW9ueGwuY29tgh5pbnN0b3JlLmJldGEuZGVzdGluYXRpb254bC5j
b20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY2RwLmdlb3RydXN0LmNvbS9HZW9U
cnVzdFJTQUNBMjAxOC5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggr
BgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIw
dQYIKwYBBQUHAQEEaTBnMCYGCCsGAQUFBzABhhpodHRwOi8vc3RhdHVzLmdlb3Ry
dXN0LmNvbTA9BggrBgEFBQcwAoYxaHR0cDovL2NhY2VydHMuZ2VvdHJ1c3QuY29t
L0dlb1RydXN0UlNBQ0EyMDE4LmNydDAJBgNVHRMEAjAAMBMGCisGAQQB1nkCBAMB
Af8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAgPmdJT4C9ikDVfHNN62SKXhev61v/
o/aCOeoa0fE1ID7coQKqHxFGAs8XpqyurmRAY3UIZxjC7IYRFXu3PisE/8NBGGjV
iAV8cb67tPXE8xmjmql1njXyCGTIT9io9WyD/wjfaX1JlYWuSUX+1HZP4ZzClD0D
NDRapXXf7Spl+MCKVfroIXM1dFIjgL4vmhYMXRZScC10D5x0Bj/OWuCRLPnVRmFQ
/43NwZp2FuvQjD75MJ6QC4ecvtF3l+sMGHQhKNKo/rESReUiwFtPTwRde+fa63Ad
yoJcNHt19zBYPJGCROT8Ex1LE5A49038yknXC5vclL6JTdFOx3nTizd7
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqu/l5V7I1yqmpFC/6B2d
OhpM3yWUWe6M9ilxkVvHOt30Mkoq/v+insIW9qp9XV3VkXRl0Jh6slf9KrLwsT5Y
YU4pOeBzgRB3s+fn4JmqB15siRBplAS9QxTyCRvaxU6FEuivGBghMK7KI3PY/Jgv
7qMItnLGJ4xq66PTo1POXbkxfGQNW72fqC4cAqJYxxSSBEi8fw6t7EBIK66J4ioG
cHN+ia3aqHTbRhzHutbZyxoYb20WFZCrcFXtWA2v3mhoPK6chg0O7KZHSvIgLzEa
W43l6w6MM1nRaJBFdJo/J3ff47a9Sl2HX/3Wp2gSihhECsV/DM7/PfAu28pQO8eR
XQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6637650201048321843745197113239174929
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-22 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Massachusetts'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Canton'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DESTINATION XL GROUP INC.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'instore.destinationxl.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21578809972427710599444685654381216766103263643818418795964148357274811968633568809884443840565914832469232553338905252696483601154518487907952446889280421591632149252495864172549201770389315531207016929510453508473784572031800363411241952759231710222555226745816929195869182494520332306137879942575576555240918166887931596966520561485417164999822790276896783489623328345274782303452671609792503411260484943389838662617647965068205401341755823425194160411584029088962904328551780605316995059061197553280435974108359396979568163035701260581018965987619167774906656610556280046022513803632818146532843084819240011141469
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6529eff2d34614e90f40148aef00cf4881142aa8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (93 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'instore.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beta.instore.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'instore.beta.destinationxl.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00203e67494f80bd8a40d57c734deb648a5e17afeb5bffa3f68239ea1ad1f135203edca102aa1f114602cf17a6acaeae64406375086718c2ec8611157bb73e2b04ffc3411868d588057c71bebbb4f5c4f319a39aa9759e35f20864c84fd8a8f56c83ff08df697d499585ae4945fed4764fe19cc2943d0334345aa575dfed2a65f8c08a55fae821733574522380be2f9a160c5d1652702d740f9c74063fce5ae0912cf9d5466150ff8dcdc19a7616ebd08c3ef9309e900b879cbed17797eb0c18742128d2a8feb11245e522c05b4f4f045d7be7daeb701dca825c347b75f730583c918244e4fc131d4b139038f74dfcca49d70b9bdc94be894dd14ec779d38b377b