mk.gov.cz
Issued by GeoTrust TLS RSA CA G1
About this certificate
This digital certificate with serial number 04:34:b6:56:5f:29:49:cc:da:46:92:7d:c9:83:95:06 was issued on by DigiCert Inc.
With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=mk.gov.cz
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:34:b6:56:5f:29:49:cc:da:46:92:7d:c9:83:95:06Serial Number (int): 5590609661404305762298447158208337158
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 71:ea:6b:b0:ab:ac:a5:ea:40:4d:7a:4b:18:f2:1d:48:de:0c:47:61
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57
Fingerprint (sha1): 52:7e:32:b6:74:b1:8c:0a:0b:3f:5c:1f:dd:97:09:05:a8:28:c7:7d
Fingerprint (sha256): 23:50:eb:03:f6:e9:f6:36:08:4f:13:bc:8f:53:7d:85:34:7e:06:36:da:d5:d6:bb:5d:46:2d:01:a0:8f:52:1c
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl
Check the revocation status for certificate mk.gov.cz
8
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mk.gov.cz
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
mk.gov.cz
data.mk.gov.cz
evropskefondy.mk.gov.cz
projektovakancelar.mk.gov.cz
projektoverizeni.mk.gov.cz
strategiekkp.mk.gov.cz
www.mk.gov.cz
www.mkcr.cz
data.mk.gov.cz
evropskefondy.mk.gov.cz
projektovakancelar.mk.gov.cz
projektoverizeni.mk.gov.cz
strategiekkp.mk.gov.cz
www.mk.gov.cz
www.mkcr.cz
Other certificates including the domain name gov.cz
(limited to 100 certificates)
copernicus.gov.cz
zony-idsjk.kraj-jihocesky.gov.cz
ctu.gov.cz
rpp-ais.egon.gov.cz
odok.cz
eru.gov.cz
ov.gov.cz
data.gov.cz
pruvodce.udh.gov.cz
cms.gov.cz
ov.gov.cz
data.mvcr.gov.cz
portal.gov.cz
smlouvy.gov.cz
rpp-aism-pub-test.egon.gov.cz
cert-externalauthapi.caais-test-int.gov.cz
irop.gov.cz
data.gov.cz
upv.gov.cz
frs.gov.cz
digitalnicesko.gov.cz
zakony.gov.cz
vzdelavani.gov.cz
data.mvcr.gov.cz
slovnik.gov.cz
voda.gov.cz
*.gov.cz
geoportal.gov.cz
xn--slovnk-7va.gov.cz
data.kraj-jihocesky.gov.cz
testrs.gov.cz
rpp-ais-test.egon.gov.cz
twist-gp.kraj-jihocesky.gov.cz
mids.gov.cz
zony.kraj-jihocesky.gov.cz
www.gov.cz
code.gov.cz
viap1p.ros-iais.egon.gov.cz
vea801.gov.cz
desu.gov.cz
viap1t.ros-iais.egon.gov.cz
biap1t.ros-iais.egon.gov.cz
opendata.gov.cz
ext-mattermost.nic.cz
ria.gov.cz
admin.gov.cz
rrtv.gov.cz
*.szpi.gov.cz
covid.gov.cz
www.gov.cz
vea801.gov.cz
zony.kraj-jihocesky.gov.cz
*.kraj-jihocesky.gov.cz
spektrum.ctu.gov.cz
vyzkum.gov.cz
razr-pub.egon.gov.cz
testrs.gov.cz
ra.gov.cz
mids.gov.cz
archi.gov.cz
zds.kraj-jihocesky.gov.cz
nap.gov.cz
rpp-opendata-test.egon.gov.cz
cms.gov.cz
opendata.gov.cz
rpp-aism.egon.gov.cz
museion.kraj-jihocesky.gov.cz
prod.frs.gov.cz
tsl.gov.cz
isnipi.gov.cz
testrs.gov.cz
vea801.gov.cz
rpp-ais.egon.gov.cz
www.snsu.cz
tsl.gov.cz
uohs.cz
registrace.udh.gov.cz
gov.cz
admin.pruvodcepripojenim.gov.cz
vyzkum.gov.cz
smlouvy.gov.cz
rpp-aism-pub.egon.gov.cz
brvpn.ros.egon.gov.cz
uzsvm.cz
scitani.gov.cz
eru.gov.cz
mids.gov.cz
obcan.portal.gov.cz
upv.gov.cz
voda.gov.cz
code.gov.cz
ares.gov.cz
chciidentitu.gov.cz
biap1t.ros-iais.egon.gov.cz
viap1p.ros-iais.egon.gov.cz
czechtourism.gov.cz
anonymizace.gov.cz
*.kraj-jihocesky.gov.cz
mk.gov.cz
isdv.upv.gov.cz
zony-idsjk.kraj-jihocesky.gov.cz
ctu.gov.cz
rpp-ais.egon.gov.cz
odok.cz
eru.gov.cz
ov.gov.cz
data.gov.cz
pruvodce.udh.gov.cz
cms.gov.cz
ov.gov.cz
data.mvcr.gov.cz
portal.gov.cz
smlouvy.gov.cz
rpp-aism-pub-test.egon.gov.cz
cert-externalauthapi.caais-test-int.gov.cz
irop.gov.cz
data.gov.cz
upv.gov.cz
frs.gov.cz
digitalnicesko.gov.cz
zakony.gov.cz
vzdelavani.gov.cz
data.mvcr.gov.cz
slovnik.gov.cz
voda.gov.cz
*.gov.cz
geoportal.gov.cz
xn--slovnk-7va.gov.cz
data.kraj-jihocesky.gov.cz
testrs.gov.cz
rpp-ais-test.egon.gov.cz
twist-gp.kraj-jihocesky.gov.cz
mids.gov.cz
zony.kraj-jihocesky.gov.cz
www.gov.cz
code.gov.cz
viap1p.ros-iais.egon.gov.cz
vea801.gov.cz
desu.gov.cz
viap1t.ros-iais.egon.gov.cz
biap1t.ros-iais.egon.gov.cz
opendata.gov.cz
ext-mattermost.nic.cz
ria.gov.cz
admin.gov.cz
rrtv.gov.cz
*.szpi.gov.cz
covid.gov.cz
www.gov.cz
vea801.gov.cz
zony.kraj-jihocesky.gov.cz
*.kraj-jihocesky.gov.cz
spektrum.ctu.gov.cz
vyzkum.gov.cz
razr-pub.egon.gov.cz
testrs.gov.cz
ra.gov.cz
mids.gov.cz
archi.gov.cz
zds.kraj-jihocesky.gov.cz
nap.gov.cz
rpp-opendata-test.egon.gov.cz
cms.gov.cz
opendata.gov.cz
rpp-aism.egon.gov.cz
museion.kraj-jihocesky.gov.cz
prod.frs.gov.cz
tsl.gov.cz
isnipi.gov.cz
testrs.gov.cz
vea801.gov.cz
rpp-ais.egon.gov.cz
www.snsu.cz
tsl.gov.cz
uohs.cz
registrace.udh.gov.cz
gov.cz
admin.pruvodcepripojenim.gov.cz
vyzkum.gov.cz
smlouvy.gov.cz
rpp-aism-pub.egon.gov.cz
brvpn.ros.egon.gov.cz
uzsvm.cz
scitani.gov.cz
eru.gov.cz
mids.gov.cz
obcan.portal.gov.cz
upv.gov.cz
voda.gov.cz
code.gov.cz
ares.gov.cz
chciidentitu.gov.cz
biap1t.ros-iais.egon.gov.cz
viap1p.ros-iais.egon.gov.cz
czechtourism.gov.cz
anonymizace.gov.cz
*.kraj-jihocesky.gov.cz
mk.gov.cz
isdv.upv.gov.cz
Certificate
The complete raw certificate details for mk.gov.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGrDCCBZSgAwIBAgIQBDS2Vl8pSczaRpJ9yYOVBjANBgkqhkiG9w0BAQsFADBg MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx MB4XDTI0MDIyNjAwMDAwMFoXDTI1MDMyODIzNTk1OVowFDESMBAGA1UEAxMJbWsu Z292LmN6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3OuDchrI9Yl LZtQedRA1O00flItk4FxYGvpugFDDgxmUUrk2YARBf3bBteqsHTynxJtScM5HS28 2aqQwLt8zdBBrHBuCOBeN+qEy7/6jDvDU4CGqSQ2A8x4HS2zBkAJtYelWz2hOvAj TMAOLN5+eZ+UGH7YgWui7tSk63d4YLbHSL3fz9aF7t2kmUqyndzr2K+5uuJaqaiq Hs9+JnFv6bkLxeBQqi/lN/qRgqHjWk8z7VoMxKCc4icA4NuLgJ1obvCuAhKZ9X0Q PAhWa3FfpcGgLQptF1MvlQOivEukOUVtLrOP6uUI0K+MV8MCQb1FjwMUoB8ua4Dm tOHqj0gurwIDAQABo4IDrDCCA6gwHwYDVR0jBBgwFoAUlE/UXYvkpOKmgP792PkA 76O+AlcwHQYDVR0OBBYEFHHqa7CrrKXqQE16SxjyHUjeDEdhMIGtBgNVHREEgaUw gaKCCW1rLmdvdi5jeoIOZGF0YS5tay5nb3YuY3qCF2V2cm9wc2tlZm9uZHkubWsu Z292LmN6ghxwcm9qZWt0b3Zha2FuY2VsYXIubWsuZ292LmN6ghpwcm9qZWt0b3Zl cml6ZW5pLm1rLmdvdi5jeoIWc3RyYXRlZ2lla2twLm1rLmdvdi5jeoINd3d3Lm1r Lmdvdi5jeoILd3d3Lm1rY3IuY3owPgYDVR0gBDcwNTAzBgZngQwBAgEwKTAnBggr BgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPwYDVR0fBDgwNjA0 oDKgMIYuaHR0cDovL2NkcC5nZW90cnVzdC5jb20vR2VvVHJ1c3RUTFNSU0FDQUcx LmNybDB2BggrBgEFBQcBAQRqMGgwJgYIKwYBBQUHMAGGGmh0dHA6Ly9zdGF0dXMu Z2VvdHJ1c3QuY29tMD4GCCsGAQUFBzAChjJodHRwOi8vY2FjZXJ0cy5nZW90cnVz dC5jb20vR2VvVHJ1c3RUTFNSU0FDQUcxLmNydDAMBgNVHRMBAf8EAjAAMIIBfgYK KwYBBAHWeQIEAgSCAW4EggFqAWgAdwBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx +mSxYpo53wAAAY3kpqi1AAAEAwBIMEYCIQDYm47+845/p7BiwjPDSxoic3vNIrsM WKazlxL1xm6LRAIhAP8QfhTwI8Tu2IIZWTARfXzlN+xxemWS44mBOYeOLXx3AHYA fVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGN5Kao8gAABAMARzBF AiEAhexb2zaNyYH+UFoFZDS9DQmKDVrqjrPYncCnIDiNhWICIHAl3bUIGXn+F6Ox mAoLTF1g2UmMCq99W1xei0mTTqkaAHUA5tIxY0B3jMEQQQbXcbnOwdJA9paEhvu6 hzId/R43jlAAAAGN5KapHAAABAMARjBEAiBvXttY+4jKuY/SY6qVUqSknzxsZ3gN YmSkAqNlS3hLdgIgTrdfF1FJsnPBMsK4m6doJD9duSl/SJMzvahJJAZZsTYwDQYJ KoZIhvcNAQELBQADggEBALsWKjDfPueDnpAg+8bnh8gEdNiDJCyYK91QxUctBA7W 49x/vKny0Q8tVYF5me8ZvApcs7JXRpcfJPSgg0VLyi+dStJQdJVdvxBEhO0916Mf 13JIkV4MloCfWMoBBjdtCT7+EF1cKv7Gyy1ty67Vq3g58GcegW0RYtZvV24X5RQ+ mXm7zqfIkgKptTdqvuvATDO6x/MrT17gZt9b88t2u/MQrq1AQt6IZH8w+FLFDo4H l1L4OYSIZ8hvhd8ghGohXommUgyz+poGeQp4IMHOZXIDan6bpBjbju3CayIUEkzn Spj1vNqwEGUkWiY0+qbzkp3f+c2zDFYKTRC0WMthU3g= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3OuDchrI9YlLZtQedRA 1O00flItk4FxYGvpugFDDgxmUUrk2YARBf3bBteqsHTynxJtScM5HS282aqQwLt8 zdBBrHBuCOBeN+qEy7/6jDvDU4CGqSQ2A8x4HS2zBkAJtYelWz2hOvAjTMAOLN5+ eZ+UGH7YgWui7tSk63d4YLbHSL3fz9aF7t2kmUqyndzr2K+5uuJaqaiqHs9+JnFv 6bkLxeBQqi/lN/qRgqHjWk8z7VoMxKCc4icA4NuLgJ1obvCuAhKZ9X0QPAhWa3Ff pcGgLQptF1MvlQOivEukOUVtLrOP6uUI0K+MV8MCQb1FjwMUoB8ua4DmtOHqj0gu rwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5590609661404305762298447158208337158 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-26 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-28 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mk.gov.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26188373011638970632376581140053448213429262425012880327545472955367719606279201182537515117745204212443428972403701607515795010532178120199129651273520029669175821073456001190380676497099601654188935437738475043275794631842776803929062398980451428951882400195025294325695439562326619943320219420478904402315074571535215810602042018299120598238708372325528799523634663254886025061157334144643556042920157987667646621888501315652236893975054789915683389193508860077157829493780313452390165124610951703018916524824373805716819658057447428607053484843349025247828302686924037074069857972158982995509057831462411522551471 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 71ea6bb0abaca5ea404d7a4b18f21d48de0c4761 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mk.gov.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data.mk.gov.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'evropskefondy.mk.gov.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projektovakancelar.mk.gov.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projektoverizeni.mk.gov.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'strategiekkp.mk.gov.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mk.gov.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mkcr.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 01680077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018de4a6a8b50000040300483046022100d89b8efef38e7fa7b062c233c34b1a22737bcd22bb0c58a6b39712f5c66e8b44022100ff107e14f023c4eed882195930117d7ce537ec717a6592e3898139878e2d7c770076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018de4a6a8f2000004030047304502210085ec5bdb368dc981fe505a056434bd0d098a0d5aea8eb3d89dc0a720388d856202207025ddb5081979fe17a3b1980a0b4c5d60d9498c0aaf7d5b5c5e8b49934ea91a007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018de4a6a91c000004030046304402206f5edb58fb88cab98fd263aa9552a4a49f3c6c67780d6264a402a3654b784b7602204eb75f175149b273c132c2b89ba768243f5db9297f489333bda849240659b136 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bb162a30df3ee7839e9020fbc6e787c80474d883242c982bdd50c5472d040ed6e3dc7fbca9f2d10f2d55817999ef19bc0a5cb3b25746971f24f4a083454bca2f9d4ad25074955dbf104484ed3dd7a31fd77248915e0c96809f58ca0106376d093efe105d5c2afec6cb2d6dcbaed5ab7839f0671e816d1162d66f576e17e5143e9979bbcea7c89202a9b5376abeebc04c33bac7f32b4f5ee066df5bf3cb76bbf310aead4042de88647f30f852c50e8e079752f839848867c86f85df20846a215e89a6520cb3fa9a06790a7820c1ce6572036a7e9ba418db8eedc26b2214124ce74a98f5bcdab01065245a2634faa6f3929ddff9cdb30c560a4d10b458cb615378