ais.americancouncils.org
Issued by USERTrust RSA Domain Validation Secure Server CA
About this certificate
This digital certificate with serial number 68:ae:65:e8:9a:60:3c:c3:a6:c0:95:62:5a:59:58:b9 was issued on by The USERTRUST Network.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=ais.americancouncils.org,OU=Domain Control Validated+OU=Hosted by Register.com+OU=EssentialSSL
The USERTRUST Network
Organization:
The USERTRUST Network
State / Province:
New Jersey
Locality: Jersey City
Country: US
Locality: Jersey City
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): 68:ae:65:e8:9a:60:3c:c3:a6:c0:95:62:5a:59:58:b9Serial Number (int): 139145238167097018259689360596959582393
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 7e:30:0a:f2:7d:f7:24:49:ba:f9:82:4c:3f:d3:a9:36:0c:a8:a0:2b
AuthorityKeyId: a6:c1:e7:e1:f4:f6:47:63:d7:2f:7d:8d:90:f8:ba:23:4f:60:ac:9e
Fingerprint (sha1): 36:1a:cb:fa:73:73:4e:0e:59:d8:d3:27:91:79:48:a6:f7:35:46:9f
Fingerprint (sha256): 21:05:53:51:63:de:8f:62:48:b3:cf:b7:29:48:32:9f:6f:50:66:de:82:b2:a4:bd:eb:51:81:6c:a0:08:fb:49
Issuing Certificate URL: http://crt.usertrust.com/USERTrustRSADomainValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.usertrust.comCRL Distribution Point: http://crl.usertrust.com/USERTrustRSADomainValidationSecureServerCA.crl
Check the revocation status for certificate ais.americancouncils.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ais.americancouncils.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ais.americancouncils.org
www.ais.americancouncils.org
www.ais.americancouncils.org
Other certificates including the domain name americancouncils.org
(limited to 100 certificates)
test-web-lws.edu.help
nartc.fcm.arizona.edu
calendar.sdzsafaripark.org
5672463165816832-fe3.pantheonsite.io
banking-business-review.com
5672463165816832-fe3.pantheonsite.io
act.americancouncils.org
webdev.colorado.edu
virtual2.unlv.edu
banking-business-review.com
upenn-it.asc.upenn.edu
5646239437684736-fe3.pantheonsite.io
yakamafish-star.net
161511-web1.vilcek.org
5672463165816832-fe3.pantheonsite.io
ubl.americancouncils.org
a.ns.christiancentury.org
m.ajc.org
5672463165816832-fe3.pantheonsite.io
act.americancouncils.org
5646239437684736-fe3.pantheonsite.io
5672463165816832-fe3.pantheonsite.io
a.ns.christiancentury.org
5672463165816832-fe3.pantheonsite.io
5672463165816832-fe3.pantheonsite.io
5646239437684736-fe3.pantheonsite.io
5646239437684736-fe3.pantheonsite.io
stage.courts.ca.gov
5672463165816832-fe3.pantheonsite.io
5646239437684736-fe3.pantheonsite.io
banking-business-review.com
161511-web1.vilcek.org
exams.americancouncils.org
161511-web1.vilcek.org
5646239437684736-fe3.pantheonsite.io
test.mae.cornell.edu
160.167.tmcapital.com
scilsresx.rutgers.edu
turfli.americancouncils.org
www.americancouncils.org
161511-web1.vilcek.org
brassunion.com
staging.freedomworks.org
5646239437684736-fe3.pantheonsite.io
updates.cjei.cornell.edu
161511-web1.vilcek.org
nartc.fcm.arizona.edu
5646239437684736-fe3.pantheonsite.io
5672463165816832-fe3.pantheonsite.io
160.167.tmcapital.com
5672463165816832-fe3.pantheonsite.io
5646239437684736-fe3.pantheonsite.io
unicen.americancouncils.org
5672463165816832-fe3.pantheonsite.io
buyersguide.aaps.org
afscme57.org
5646239437684736-fe3.pantheonsite.io
160.167.tmcapital.com
ucomm-sites-dev.stanford.edu
banking-business-review.com
acresearchabroad.org
161511-web1.vilcek.org
americancouncils.org
caldesignlab.berkeley.edu
americancouncils.org
yakamafish-star.net
alldata.com
banking-business-review.com
cloudapp-eu.appcelerator.com
stage.onlineeducation.psu.edu
5646239437684736-fe3.pantheonsite.io
alldata.com
wireless.unlv.edu
rof.americancouncils.org
inbound.americancouncils.org
americancouncils.org
5672463165816832-fe3.pantheonsite.io
5646239437684736-fe3.pantheonsite.io
5672463165816832-fe3.pantheonsite.io
banking-business-review.com
flagshipvideo.americancouncils.org
www.americancouncils.org
banking-business-review.com
161511-web1.vilcek.org
test.slp.gse.upenn.edu
5672463165816832-fe3.pantheonsite.io
ais.americancouncils.org
2.www.upenn.edu
banking-business-review.com
alldata.com
5646239437684736-fe3.pantheonsite.io
5672463165816832-fe3.pantheonsite.io
160.167.tmcapital.com
virtual2.unlv.edu
flagship.americancouncils.org
intranet.americancouncils.org
5672463165816832-fe3.pantheonsite.io
www.americancouncils.org
stanfordsummersession.stanford.edu
rstinstrumentsinfo.rstinstruments.com
nartc.fcm.arizona.edu
calendar.sdzsafaripark.org
5672463165816832-fe3.pantheonsite.io
banking-business-review.com
5672463165816832-fe3.pantheonsite.io
act.americancouncils.org
webdev.colorado.edu
virtual2.unlv.edu
banking-business-review.com
upenn-it.asc.upenn.edu
5646239437684736-fe3.pantheonsite.io
yakamafish-star.net
161511-web1.vilcek.org
5672463165816832-fe3.pantheonsite.io
ubl.americancouncils.org
a.ns.christiancentury.org
m.ajc.org
5672463165816832-fe3.pantheonsite.io
act.americancouncils.org
5646239437684736-fe3.pantheonsite.io
5672463165816832-fe3.pantheonsite.io
a.ns.christiancentury.org
5672463165816832-fe3.pantheonsite.io
5672463165816832-fe3.pantheonsite.io
5646239437684736-fe3.pantheonsite.io
5646239437684736-fe3.pantheonsite.io
stage.courts.ca.gov
5672463165816832-fe3.pantheonsite.io
5646239437684736-fe3.pantheonsite.io
banking-business-review.com
161511-web1.vilcek.org
exams.americancouncils.org
161511-web1.vilcek.org
5646239437684736-fe3.pantheonsite.io
test.mae.cornell.edu
160.167.tmcapital.com
scilsresx.rutgers.edu
turfli.americancouncils.org
www.americancouncils.org
161511-web1.vilcek.org
brassunion.com
staging.freedomworks.org
5646239437684736-fe3.pantheonsite.io
updates.cjei.cornell.edu
161511-web1.vilcek.org
nartc.fcm.arizona.edu
5646239437684736-fe3.pantheonsite.io
5672463165816832-fe3.pantheonsite.io
160.167.tmcapital.com
5672463165816832-fe3.pantheonsite.io
5646239437684736-fe3.pantheonsite.io
unicen.americancouncils.org
5672463165816832-fe3.pantheonsite.io
buyersguide.aaps.org
afscme57.org
5646239437684736-fe3.pantheonsite.io
160.167.tmcapital.com
ucomm-sites-dev.stanford.edu
banking-business-review.com
acresearchabroad.org
161511-web1.vilcek.org
americancouncils.org
caldesignlab.berkeley.edu
americancouncils.org
yakamafish-star.net
alldata.com
banking-business-review.com
cloudapp-eu.appcelerator.com
stage.onlineeducation.psu.edu
5646239437684736-fe3.pantheonsite.io
alldata.com
wireless.unlv.edu
rof.americancouncils.org
inbound.americancouncils.org
americancouncils.org
5672463165816832-fe3.pantheonsite.io
5646239437684736-fe3.pantheonsite.io
5672463165816832-fe3.pantheonsite.io
banking-business-review.com
flagshipvideo.americancouncils.org
www.americancouncils.org
banking-business-review.com
161511-web1.vilcek.org
test.slp.gse.upenn.edu
5672463165816832-fe3.pantheonsite.io
ais.americancouncils.org
2.www.upenn.edu
banking-business-review.com
alldata.com
5646239437684736-fe3.pantheonsite.io
5672463165816832-fe3.pantheonsite.io
160.167.tmcapital.com
virtual2.unlv.edu
flagship.americancouncils.org
intranet.americancouncils.org
5672463165816832-fe3.pantheonsite.io
www.americancouncils.org
stanfordsummersession.stanford.edu
rstinstrumentsinfo.rstinstruments.com
Certificate
The complete raw certificate details for ais.americancouncils.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFlzCCBH+gAwIBAgIQaK5l6JpgPMOmwJViWllYuTANBgkqhkiG9w0BAQsFADCB kzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxOTA3BgNV BAMTMFVTRVJUcnVzdCBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZl ciBDQTAeFw0xNDA4MjkwMDAwMDBaFw0xNzA5MTEyMzU5NTlaMH4xITAfBgNVBAsT GERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEfMB0GA1UECxMWSG9zdGVkIGJ5IFJl Z2lzdGVyLmNvbTEVMBMGA1UECxMMRXNzZW50aWFsU1NMMSEwHwYDVQQDExhhaXMu YW1lcmljYW5jb3VuY2lscy5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQCZeImP0SOtx98VGRgMLXT2BBVqg+uhTP5L6Dod9WmCgWBotNDg9Qa6SLs/ tFTeYNFw6H2GwZFjqS3Vl7GEp1L2sPCfnC/c4zfXgUIP9F5vW7Q334czuIdALI1r FYP8+YOLML3NeqIEb9gxMnXi0r9frBBw128PCMncmVN/IBxYPuOylEV7aEDxkKpC Wb56A1Z8t5SQ5PcPYBvOp10U1Ydz73asZP+Z0uybNZoL2g2PUQFOyar719nT+evM MwHaE/a5wraxYEnYnEOK/xdcoRV/rL8+WyXRYYv6f4wYPPqXdIYS8ni2NV7oQuNk NQpGUgoLX/y6edviDw6a88WqazwzAgMBAAGjggH5MIIB9TAfBgNVHSMEGDAWgBSm wefh9PZHY9cvfY2Q+LojT2CsnjAdBgNVHQ4EFgQUfjAK8n33JEm6+YJMP9OpNgyo oCswDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMEwGA1UdIARFMEMwNwYMKwYBBAGyMQECAQMEMCcwJQYI KwYBBQUHAgEWGWh0dHBzOi8vY3BzLnVzZXJ0cnVzdC5jb20wCAYGZ4EMAQIBMFgG A1UdHwRRME8wTaBLoEmGR2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1 c3RSU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGKBggrBgEF BQcBAQR+MHwwUwYIKwYBBQUHMAKGR2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9V U0VSVHJ1c3RSU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCUG CCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMEEGA1UdEQQ6MDiC GGFpcy5hbWVyaWNhbmNvdW5jaWxzLm9yZ4Icd3d3LmFpcy5hbWVyaWNhbmNvdW5j aWxzLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEATYn3k7x9LaXY8K2Asqx75omn5D6C Ry/Uqrz3P+PVgpqCsRfyyVUeGSRi2WHNfOqPe6suN0Evsfu5C8pm0iFoAc4w3Fbg 8yc8B1/7Z+Lm61RA+8V5zQzPfzNosWZZo2nagSUFFUjQ5mZ6MJtGDal8R3KF7ZKl 2ZxRTPXQnoHsAJMk2N0qqD5OIoX1oelrNhu3ZnAOL7GxaLl0YUxIZAAy7njhXhE7 KW0FUuFJgmCcthNqHIpfJAd4P0zq+t3iHSAUDT3VkHnodf+FgZ1r/YoGnYPLFQsD xpTl+RLhAiYk/ejtgln6BxCzQtGLRKxGn4nCbhsrl8ZKfA8AYtRTRxDyyA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXiJj9EjrcffFRkYDC10 9gQVaoProUz+S+g6HfVpgoFgaLTQ4PUGuki7P7RU3mDRcOh9hsGRY6kt1ZexhKdS 9rDwn5wv3OM314FCD/Reb1u0N9+HM7iHQCyNaxWD/PmDizC9zXqiBG/YMTJ14tK/ X6wQcNdvDwjJ3JlTfyAcWD7jspRFe2hA8ZCqQlm+egNWfLeUkOT3D2AbzqddFNWH c+92rGT/mdLsmzWaC9oNj1EBTsmq+9fZ0/nrzDMB2hP2ucK2sWBJ2JxDiv8XXKEV f6y/Plsl0WGL+n+MGDz6l3SGEvJ4tjVe6ELjZDUKRlIKC1/8unnb4g8OmvPFqms8 MwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 139145238167097018259689360596959582393 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Jersey' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Jersey City' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The USERTRUST Network' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'USERTrust RSA Domain Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-08-29 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-09-11 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hosted by Register.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'EssentialSSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ais.americancouncils.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19373899842776928059878040235172045905521043070600421971181586595481045722357495607910545029532529500643087275791566975983991031157264522868346651464559052196980030292143057397489366138031988668573573717910874052192213895594486790462756275673259962074527179339288961933158033401041110507841534476318966377932237813174320999579572399397816988440394796875993181151703512449376427843913079526863142399083010221667825920082086863646137964883374133534021709791129996338396293080663570387714267760931485070894450598824715942066513668184441587624234401445236806767802976927637641998802651450324462044843664951132224540589107 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a6c1e7e1f4f64763d72f7d8d90f8ba234f60ac9e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7e300af27df72449baf9824c3fd3a9360ca8a02b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (81 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/USERTrustRSADomainValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/USERTrustRSADomainValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ais.americancouncils.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ais.americancouncils.org' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004d89f793bc7d2da5d8f0ad80b2ac7be689a7e43e82472fd4aabcf73fe3d5829a82b117f2c9551e192462d961cd7cea8f7bab2e37412fb1fbb90bca66d2216801ce30dc56e0f3273c075ffb67e2e6eb5440fbc579cd0ccf7f3368b16659a369da8125051548d0e6667a309b460da97c477285ed92a5d99c514cf5d09e81ec009324d8dd2aa83e4e2285f5a1e96b361bb766700e2fb1b168b974614c48640032ee78e15e113b296d0552e14982609cb6136a1c8a5f2407783f4ceafadde21d20140d3dd59079e875ff85819d6bfd8a069d83cb150b03c694e5f912e1022624fde8ed8259fa0710b342d18b44ac469f89c26e1b2b97c64a7c0f0062d4534710f2c8