dvds-thw.diageo.com

Issued by RapidSSL CA

About this certificate

This digital certificate with serial number 08:a8:68 was issued on by GeoTrust, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

SERIALNUMBER=qYHU9EKqPRTVJMrwVcwsKP3Lj0bfxFvg,CN=dvds-thw.diageo.com,OU=GT47061348+OU=See www.rapidssl.com/resources/cps (c)12+OU=Domain Control Validated - RapidSSL(R)

GeoTrust, Inc.

Organization: GeoTrust, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 08:a8:68
Serial Number (int): 567400
Serial Number lenght: 20 bits, 3 octets

SubjectKeyId: 4f:3b:d1:5c:af:8c:e2:44:97:f1:cf:88:cd:60:90:18:05:1f:40:f8
AuthorityKeyId: 6b:69:3d:6a:18:42:4a:dd:8f:02:65:39:fd:35:24:86:78:91:16:30

Fingerprint (sha1): 37:a6:a6:d6:93:6e:d2:81:67:c1:a5:1e:35:e9:cc:02:23:1d:4e:05
Fingerprint (sha256): 20:c7:81:4c:93:34:a1:28:4e:62:80:74:f7:f2:01:8c:e6:a9:f8:04:9c:fe:0b:60:66:ad:41:91:9d:47:ef:25

Issuing Certificate URL: http://rapidssl-aia.geotrust.com/rapidssl.crt

Revocation information

OCSP Server: http://rapidssl-ocsp.geotrust.com
CRL Distribution Point: http://rapidssl-crl.geotrust.com/crls/rapidssl.crl

Check the revocation status for certificate dvds-thw.diageo.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for dvds-thw.diageo.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

dvds-thw.diageo.com

Other certificates including the domain name diageo.com

(limited to 100 certificates)
www.diageohorizon.com
www.diageo.com
www.diageohorizon.com
okta-iwa.diageo.com
www.diageo.com
focalpoint.diageo.com
dvds-hkg.diageo.com
www.diageohorizon.com
dou01v01.diageo.com
www.diageo.com
www.diageo.com
www.diageohorizon.com
secure.neostaging.tagify.diageo.com
www.diageohorizon.com
remoteaccess-emea.diageo.com
portal.diageo.com
www.diageohorizon.com
diageo-expcluster-e01-sin1.diageo.com
sps-emea.diageo.com
san-12-s50.tlsprovisioning.exacttarget.com
www.diageohorizon.com
www.diageohorizon.com
www.diageo.com
dvds-bil.diageo.com
dvds-hkg.diageo.com
remoteaccess-emea.diageo.com
www.diageohorizon.com
san-12-s50.tlsprovisioning.exacttarget.com
www.diageohorizon.com
www.diageohorizon.com
*.diageo.com
diageo-expcluster-c01-ams1.diageo.net
www.diageohorizon.com
www.diageo.com
www.diageo.com
diageo-expcluster-e01-lon1.diageo.com
portal.diageo.com
www.diageo.com
www.diageohorizon.com
san-12-s50.tlsprovisioning.exacttarget.com
okta-iwa.diageo.com
san-12-s50.tlsprovisioning.exacttarget.com
san-12-s50.tlsprovisioning.exacttarget.com
portaltest.diageo.com
hipm.diageo.com
hipm.diageo.com
www.diageo.com
diageo-expcluster-c01-lon1.diageo.net
www.diageohorizon.com
www.diageo.com
hipm.diageo.com
mobilena.diageo.com
webmail.diageo.com
www.diageohorizon.com
dar01v01.diageo.com
diageo-expcluster-e01-hon1.diageo.com
www.diageo.com
www.diageohorizon.com
www.diageohorizon.com
cybercoe.diageo.com
www.diageohorizon.com
www.diageohorizon.com
*.diageo.com
dvds-thw.diageo.com
www.diageohorizon.com
www.diageohorizon.com
pingfed.diageo.com
dvds-bil.diageo.com
neostaging.rrsocial2.diageo.com
api.diageo.com
www.diageohorizon.com
vdi-emea.diageo.com
www.diageohorizon.com
mrasuat.wsnet.diageo.com
www.diageohorizon.com
*.delegows.diageo.com
www.diageohorizon.com
remoteaccess-emea.diageo.com
portaleppscm.diageo.com
focalpoint.diageo.com
www.diageohorizon.com
diageo-expcluster-c01-sin1.diageo.net
diageo-expcluster-e01-ams1.diageo.com
www.diageohorizon.com
www.diageo.com
www.diageohorizon.com
portal.diageo.com
diageo-expcluster-e01-ams1.diageo.com
diageoplatform.com
diageo-expcluster-e01-lon1.diageo.com
www.diageo.com
okta-iwa.diageo.com
www.diageohorizon.com
portaltech.diageo.com
portal.diageo.com
diageo-expcluster-e01-ams1.diageo.com
www.diageo.com
tus01v01.diageo.com
portaleppbwa.diageo.com
rsi.diageo.com

Certificate

The complete raw certificate details for dvds-thw.diageo.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIDCKhoMA0GCSqGSIb3DQEBBQUAMDwxCzAJBgNVBAYTAlVT
MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEUMBIGA1UEAxMLUmFwaWRTU0wgQ0Ew
HhcNMTIxMDA5MjE1NzIzWhcNMTQxMDEyMjAzNjQzWjCBwjEpMCcGA1UEBRMgcVlI
VTlFS3FQUlRWSk1yd1Zjd3NLUDNMajBiZnhGdmcxEzARBgNVBAsTCkdUNDcwNjEz
NDgxMTAvBgNVBAsTKFNlZSB3d3cucmFwaWRzc2wuY29tL3Jlc291cmNlcy9jcHMg
KGMpMTIxLzAtBgNVBAsTJkRvbWFpbiBDb250cm9sIFZhbGlkYXRlZCAtIFJhcGlk
U1NMKFIpMRwwGgYDVQQDExNkdmRzLXRody5kaWFnZW8uY29tMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFmBEC0BLOUCVwzn/3jBPL+QoHtYpSzPFWoX
82D0zMXoxJTFPrjpdacpOR8yro7TiGph6F+PRlTlLYM3LXReEr6QM5JJ15c21acL
Wwf6HALSIWtShgkgfMaYidduF8zN4gVqBwzGP1PRBnOsQ+p0SnFM+XEMCmY9ZuNH
ivcfh/bJOPgbTUGYbw3+WaKPgFD/ZwXWpw2a5Rd6tKaWrZLvOuIduk3dA1Hia9Qm
V+HDnFwp5Hpi5aNHn1yOxs7O6nWMwDBhoaoLhIOHwEBAyvgxDttP0z64d6olfk+6
Mj3N06Wkkrq0HkNQNfJ/GbvLK6NmCLGfuuUipN+K6KxAbWfmJQIDAQABo4IBrjCC
AaowHwYDVR0jBBgwFoAUa2k9ahhCSt2PAmU5/TUkhniRFjAwDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNk
dmRzLXRody5kaWFnZW8uY29tMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9yYXBp
ZHNzbC1jcmwuZ2VvdHJ1c3QuY29tL2NybHMvcmFwaWRzc2wuY3JsMB0GA1UdDgQW
BBRPO9Fcr4ziRJfxz4jNYJAYBR9A+DAMBgNVHRMBAf8EAjAAMHgGCCsGAQUFBwEB
BGwwajAtBggrBgEFBQcwAYYhaHR0cDovL3JhcGlkc3NsLW9jc3AuZ2VvdHJ1c3Qu
Y29tMDkGCCsGAQUFBzAChi1odHRwOi8vcmFwaWRzc2wtYWlhLmdlb3RydXN0LmNv
bS9yYXBpZHNzbC5jcnQwTAYDVR0gBEUwQzBBBgpghkgBhvhFAQc2MDMwMQYIKwYB
BQUHAgEWJWh0dHA6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9jcHMwDQYJ
KoZIhvcNAQEFBQADggEBAFLnm7S7ZPtYuaduZAyyJVnw1J0equ0vlbV8td4Gd5Ez
1w6Tzo1Jxh3p5XAZuTG7FrfYdgkU7rrxG9CQncIGdMz9cKJM0GEBH54tHLFTfZSo
CSjtD5CoBryxbwP2c909RM/LsUdqs0kIZn4/tqv/cxczubrqFxKiEelq5XwRFUIr
WA+uAOruCUep82qXrVY+GF29ElhJqZRgbPiXf2jYALIQ0ENvZ0sMH1T9RCd9jaYB
/GLpxIlP7kVHNMEEHByJx+n4B+Hq5W+NZ6xDNOM38brgmeS2z0YhIdwkD8iIUJZg
qDHCCEz1ya6I9aKVhxMaM1bevIINT47ZDXVIACKr8k4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFmBEC0BLOUCVwzn/3jB
PL+QoHtYpSzPFWoX82D0zMXoxJTFPrjpdacpOR8yro7TiGph6F+PRlTlLYM3LXRe
Er6QM5JJ15c21acLWwf6HALSIWtShgkgfMaYidduF8zN4gVqBwzGP1PRBnOsQ+p0
SnFM+XEMCmY9ZuNHivcfh/bJOPgbTUGYbw3+WaKPgFD/ZwXWpw2a5Rd6tKaWrZLv
OuIduk3dA1Hia9QmV+HDnFwp5Hpi5aNHn1yOxs7O6nWMwDBhoaoLhIOHwEBAyvgx
DttP0z64d6olfk+6Mj3N06Wkkrq0HkNQNfJ/GbvLK6NmCLGfuuUipN+K6KxAbWfm
JQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 567400
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-10-09 21:57:23 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-10-12 20:36:43 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'qYHU9EKqPRTVJMrwVcwsKP3Lj0bfxFvg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GT47061348'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.rapidssl.com/resources/cps (c)12'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated - RapidSSL(R)'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dvds-thw.diageo.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25796750355932879880051033548361516937965219766705531129237090741262826877122809611273051272584881233144740424533189733448510664108592662848818404623555042646455949733961336178089831373737612190517456862608315579774541046193195588113715431115646681589730083222172347210811157409024893405093526149246000409101433127489085433888255414002365235386990584035918931269916769822329900354334720774091655063538373288239257175393419759390468333272016425212295057202912066078825114823518529637000038130369662894140420040255421730371191973022531555615665262172101452531833745085472868470430855398639689158622873430592462371939877
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6b693d6a18424add8f026539fd35248678911630
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dvds-thw.diageo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://rapidssl-crl.geotrust.com/crls/rapidssl.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4f3bd15caf8ce24497f1cf88cd609018051f40f8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://rapidssl-ocsp.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://rapidssl-aia.geotrust.com/rapidssl.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.geotrust.com/resources/cps'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0052e79bb4bb64fb58b9a76e640cb22559f0d49d1eaaed2f95b57cb5de06779133d70e93ce8d49c61de9e57019b931bb16b7d8760914eebaf11bd0909dc20674ccfd70a24cd061011f9e2d1cb1537d94a80928ed0f90a806bcb16f03f673dd3d44cfcbb1476ab34908667e3fb6abff731733b9baea1712a211e96ae57c1115422b580fae00eaee0947a9f36a97ad563e185dbd125849a994606cf8977f68d800b210d0436f674b0c1f54fd44277d8da601fc62e9c4894fee454734c1041c1c89c7e9f807e1eae56f8d67ac4334e337f1bae099e4b6cf462121dc240fc888509660a831c2084cf5c9ae88f5a29587131a3356debc820d4f8ed90d75480022abf24e