www.destinationxl.com

- DESTINATION XL GROUP -

Issued by GeoTrust SSL CA - G4

About this certificate

This digital certificate with serial number 08:68 was issued on by GeoTrust Inc..

With 28 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

DESTINATION XL GROUP

Organization: DESTINATION XL GROUP
Organization unit: Akamai SAN SSL OV
State / Province: Massachusetts
Locality: Canton
Country: US

GeoTrust Inc.

Organization: GeoTrust Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 08:68
Serial Number (int): 2152
Serial Number lenght: 12 bits, 2 octets

SubjectKeyId:
AuthorityKeyId: ac:32:ed:5a:c9:e0:de:30:9c:90:58:55:26:63:f6:72:a6:54:5f:e3

Fingerprint (sha1): bf:59:d4:c5:66:e2:1a:91:7a:f5:58:2e:97:b4:30:57:dd:7f:4e:e0
Fingerprint (sha256): 20:d6:6b:64:f4:ab:ac:9a:cd:1b:00:84:a2:0b:77:fe:a5:e9:77:22:24:d5:d3:e2:e2:7b:d7:02:52:e1:4b:fd

Issuing Certificate URL: http://gw.symcb.com/gw.crt

Revocation information

OCSP Server: http://gw.symcd.com
CRL Distribution Point: http://gw.symcb.com/gw.crl

Check the revocation status for certificate www.destinationxl.com

28

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.destinationxl.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

testl.destinationxl.com
image.bigandtall.com
www.bigandtall.com
prodl.living-xl.destinationxl.com
prodl.shoes-xl.destinationxl.com
prodl.big-and-tall-direct.destinationxl.com
prodl.casual-male-big-and-tall.destinationxl.com
prodl.rochester-big-and-tall.destinationxl.com
prodl.m.destinationxl.com
prodl.destinationxl.com
www.shoesxl.com
www.rochesterclothing.com
www.m.destinationxl.com
www.livingxl.com
www.casualmalexl.ca
www.casualmale.com
www.casualmale.ca
www.btdirect.com
shoes-xl.destinationxl.com
rochester-big-and-tall.destinationxl.com
m.destinationxl.com
living-xl.destinationxl.com
images.destinationxl.com
failover.casualmale.com
casual-male-big-and-tall.destinationxl.com
big-and-tall-direct.destinationxl.com
www.destinationxl.com
destinationxl.com

Other certificates including the domain name destinationxl.com

(limited to 100 certificates)
preview-testl.destinationxl.com
leapfrog-ssl-15.gcs-web.com
landing.destinationxl.com
UAT.BETA.DESTINATIONXL.COM
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
careers.destinationxl.com
leapfrog-ssl-15.gcs-web.com
landing.destinationxl.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
careers.destinationxl.com
destinationxl.com
landing.destinationxl.com
leapfrog-ssl-15.gcs-web.com
careers.destinationxl.com
prodl.destinationxl.com
leapfrog-ssl-15.gcs-web.com
www.destinationxl.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
www.destinationxl.com
www.destinationxl.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
landing.destinationxl.com
preview-testl.destinationxl.com
vlgstb.destinationxl.com
landing.destinationxl.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
instore.destinationxl.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
instore.destinationxl.com
www.destinationxl.com
leapfrog-ssl-15.gcs-web.com
uat.crm.destinationxl.com
careers.destinationxl.com
destinationxl.com
mail.cmal.com
preview.destinationxl.com
leapfrog-ssl-15.gcs-web.com
careers.destinationxl.com
leapfrog-ssl-15.gcs-web.com
leapfrog-ssl-15.gcs-web.com
gifts.destinationxl.com
qa-gifts.dxl.com
instore.destinationxl.com
www.destinationxl.com
www.destinationxl.com
leapfrog-ssl-15.gcs-web.com
careers.destinationxl.com
careers.destinationxl.com
careers.destinationxl.com
landing.destinationxl.com
beta.destinationxl.com
leapfrog-ssl-15.gcs-web.com
destinationxl.com
careers.destinationxl.com
leapfrog-ssl-15.gcs-web.com
UAT.BETA.DESTINATIONXL.COM
landing.destinationxl.com
landing.destinationxl.com
leapfrog-ssl-15.gcs-web.com
www.destinationxl.com
leapfrog-ssl-15.gcs-web.com
*.destinationxl.com
www.destinationxl.com
landing.destinationxl.com
prodl.destinationxl.com
leapfrog-ssl-15.gcs-web.com
www.destinationxl.com
landing.destinationxl.com
UAT.BETA.DESTINATIONXL.COM
landing.destinationxl.com
www.destinationxl.com
instore.mtm.uat.gamma.destinationxl.com
leapfrog-ssl-15.gcs-web.com
careers.destinationxl.com
leapfrog-ssl-15.gcs-web.com
www.destinationxl.com
www.destinationxl.com
devl.beta.destinationxl.com
leapfrog-ssl-15.gcs-web.com
landing.destinationxl.com
careers.destinationxl.com
careers.destinationxl.com
landing.destinationxl.com
landing.destinationxl.com
vlgstb.destinationxl.com
help.dxl.com
leapfrog-ssl-15.gcs-web.com
careers.destinationxl.com
www.destinationxl.com
mail.cmal.com
www.destinationxl.com
destinationxl.com
leapfrog-ssl-15.gcs-web.com

Certificate

The complete raw certificate details for www.destinationxl.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHwTCCBqmgAwIBAgICCGgwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UEBhMCVVMx
FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHTAbBgNVBAMTFEdlb1RydXN0IFNTTCBD
QSAtIEc0MB4XDTE1MDQyMTE3MjUxNFoXDTE2MDYyMjEyNDE1OVowgZExCzAJBgNV
BAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMQ8wDQYDVQQHEwZDYW50b24x
HTAbBgNVBAoTFERFU1RJTkFUSU9OIFhMIEdST1VQMRowGAYDVQQLExFBa2FtYWkg
U0FOIFNTTCBPVjEeMBwGA1UEAxMVd3d3LmRlc3RpbmF0aW9ueGwuY29tMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6Nkez1xkghbX8F2TIf0/G5dZn6L
jOF6/5vItQO8woVN5r6Bo06AOmaWBLbrWUlSFiwKUdkokI5hXiJ1ani7g4WLkq6q
NMLUg/VVC6SPY6N7pqM9x3Sd0mUkaB2CcrZtebXg6U5G1wJCgFVbRRjXEmtPKyF+
4ASso45F+BTnLTi+VWw/Hdi6IIW5eKGbImhndchqsRTDf59NBrbtaz4vgYzFm12F
nT6x7BCEo39m8T4siEOVT+SeC9gyWsOXVGPy3P/am5aiil/UTXW0547UZYVP6r/V
7c6WSGiV5kCwuVJgsqDlLcTSbFltciytERJyuc2erTpdsZPzf8XkwsZVkwIDAQAB
o4IEbTCCBGkwHwYDVR0jBBgwFoAUrDLtWsng3jCckFhVJmP2cqZUX+MwVwYIKwYB
BQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vZ3cuc3ltY2QuY29tMCYGCCsG
AQUFBzAChhpodHRwOi8vZ3cuc3ltY2IuY29tL2d3LmNydDAOBgNVHQ8BAf8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIIDJQYDVR0RBIIDHDCC
AxiCF3Rlc3RsLmRlc3RpbmF0aW9ueGwuY29tghRpbWFnZS5iaWdhbmR0YWxsLmNv
bYISd3d3LmJpZ2FuZHRhbGwuY29tgiFwcm9kbC5saXZpbmcteGwuZGVzdGluYXRp
b254bC5jb22CIHByb2RsLnNob2VzLXhsLmRlc3RpbmF0aW9ueGwuY29tgitwcm9k
bC5iaWctYW5kLXRhbGwtZGlyZWN0LmRlc3RpbmF0aW9ueGwuY29tgjBwcm9kbC5j
YXN1YWwtbWFsZS1iaWctYW5kLXRhbGwuZGVzdGluYXRpb254bC5jb22CLnByb2Rs
LnJvY2hlc3Rlci1iaWctYW5kLXRhbGwuZGVzdGluYXRpb254bC5jb22CGXByb2Rs
Lm0uZGVzdGluYXRpb254bC5jb22CF3Byb2RsLmRlc3RpbmF0aW9ueGwuY29tgg93
d3cuc2hvZXN4bC5jb22CGXd3dy5yb2NoZXN0ZXJjbG90aGluZy5jb22CF3d3dy5t
LmRlc3RpbmF0aW9ueGwuY29tghB3d3cubGl2aW5neGwuY29tghN3d3cuY2FzdWFs
bWFsZXhsLmNhghJ3d3cuY2FzdWFsbWFsZS5jb22CEXd3dy5jYXN1YWxtYWxlLmNh
ghB3d3cuYnRkaXJlY3QuY29tghpzaG9lcy14bC5kZXN0aW5hdGlvbnhsLmNvbYIo
cm9jaGVzdGVyLWJpZy1hbmQtdGFsbC5kZXN0aW5hdGlvbnhsLmNvbYITbS5kZXN0
aW5hdGlvbnhsLmNvbYIbbGl2aW5nLXhsLmRlc3RpbmF0aW9ueGwuY29tghhpbWFn
ZXMuZGVzdGluYXRpb254bC5jb22CF2ZhaWxvdmVyLmNhc3VhbG1hbGUuY29tgipj
YXN1YWwtbWFsZS1iaWctYW5kLXRhbGwuZGVzdGluYXRpb254bC5jb22CJWJpZy1h
bmQtdGFsbC1kaXJlY3QuZGVzdGluYXRpb254bC5jb22CFXd3dy5kZXN0aW5hdGlv
bnhsLmNvbYIRZGVzdGluYXRpb254bC5jb20wKwYDVR0fBCQwIjAgoB6gHIYaaHR0
cDovL2d3LnN5bWNiLmNvbS9ndy5jcmwwDAYDVR0TAQH/BAIwADBaBgNVHSAEUzBR
ME8GCmCGSAGG+EUBBzYwQTA/BggrBgEFBQcCARYzaHR0cHM6Ly93d3cuZ2VvdHJ1
c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5L2xlZ2FsMA0GCSqGSIb3DQEBCwUA
A4IBAQBm61U+KNKe5XnH6KLSHLir9/eQC33t4gvPgm6+I11UaPHiyZ5RCoxYvXee
yMx1yOQCjJh4cN4/hGaNrzWvggQEkaYtfyPQ3jHOw1Td5xX/DgXFjt1jTgON7OH9
867aK+yyIRJ7ps6gsAfIpkEilFwPDJzNDBGJdxNd1q7RgVg/ikvZ1vBVIK8LMAXS
BtAuGAWt7pd4ANCoADQ8k06MFWzETVyrJcsLTKmBYZaK9SktpFxVj0kDiuv/gisF
j4WFjSBtVnq8WsogI/ang9hzA7aE4dS0yyRB6EH5KRcD5j1toaVTUx//U1aJLjQr
j4jtFZOSf9RDwBw7iTc3T7T1RWuy
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6Nkez1xkghbX8F2TIf0
/G5dZn6LjOF6/5vItQO8woVN5r6Bo06AOmaWBLbrWUlSFiwKUdkokI5hXiJ1ani7
g4WLkq6qNMLUg/VVC6SPY6N7pqM9x3Sd0mUkaB2CcrZtebXg6U5G1wJCgFVbRRjX
EmtPKyF+4ASso45F+BTnLTi+VWw/Hdi6IIW5eKGbImhndchqsRTDf59NBrbtaz4v
gYzFm12FnT6x7BCEo39m8T4siEOVT+SeC9gyWsOXVGPy3P/am5aiil/UTXW0547U
ZYVP6r/V7c6WSGiV5kCwuVJgsqDlLcTSbFltciytERJyuc2erTpdsZPzf8XkwsZV
kwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 2152
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA - G4'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-04-21 17:25:14 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-06-22 12:41:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Massachusetts'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Canton'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DESTINATION XL GROUP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Akamai SAN SSL OV'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.destinationxl.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21667321996608687693907542412762403169310216039886651615692670349974025844460970672665235151987295525853453869476078367940202581618025401306836256731748459899683298077331647235748177012138457943486067906104682396226872367124829172224779854831985094144548409447699151038140074472873929798983033515286890243285196289331851232095111772787184713162039745625846195496636739165922124350444705422973507806446113398588630835669604530526355447250565336047160453965960850626222275464919570578875767885365756414921906682229354662047176204155326716108140897694646303071988971250936595933708927876432245606685703078026663334139283
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ac32ed5ac9e0de309c9058552663f672a6545fe3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gw.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gw.symcb.com/gw.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (796 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testl.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'image.bigandtall.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bigandtall.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prodl.living-xl.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prodl.shoes-xl.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prodl.big-and-tall-direct.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prodl.casual-male-big-and-tall.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prodl.rochester-big-and-tall.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prodl.m.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prodl.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.shoesxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rochesterclothing.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.m.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.livingxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.casualmalexl.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.casualmale.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.casualmale.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.btdirect.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shoes-xl.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rochester-big-and-tall.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'living-xl.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'failover.casualmale.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'casual-male-big-and-tall.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'big-and-tall-direct.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.destinationxl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'destinationxl.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gw.symcb.com/gw.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0066eb553e28d29ee579c7e8a2d21cb8abf7f7900b7dede20bcf826ebe235d5468f1e2c99e510a8c58bd779ec8cc75c8e4028c987870de3f84668daf35af82040491a62d7f23d0de31cec354dde715ff0e05c58edd634e038dece1fdf3aeda2becb221127ba6cea0b007c8a64122945c0f0c9ccd0c118977135dd6aed181583f8a4bd9d6f05520af0b3005d206d02e1805adee977800d0a800343c934e8c156cc44d5cab25cb0b4ca98161968af5292da45c558f49038aebff822b058f85858d206d567abc5aca2023f6a783d87303b684e1d4b4cb2441e841f9291703e63d6da1a553531fff5356892e342b8f88ed1593927fd443c01c3b8937374fb4f5456bb2