plm.fanatics.com

- Fanatics, Inc. -

Issued by GeoTrust TLS RSA CA G1

About this certificate

This digital certificate with serial number 0f:f3:8a:54:af:53:4e:21:be:4c:0a:c7:59:8e:3d:5a was issued on by DigiCert Inc.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Fanatics, Inc.

Organization: Fanatics, Inc.
State / Province: Florida
Locality: Jacksonville
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0f:f3:8a:54:af:53:4e:21:be:4c:0a:c7:59:8e:3d:5a
Serial Number (int): 21202953755349242864816845420407700826
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: d4:e1:22:ae:f6:cd:56:92:bc:4d:df:3d:6d:fe:80:2f:11:64:76:95
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57

Fingerprint (sha1): ac:41:d1:ac:6b:5b:8b:e0:cc:ab:4d:ed:94:54:6e:0d:2e:00:df:d7
Fingerprint (sha256): 24:07:66:b1:8c:4a:6b:8c:9f:d8:9c:a0:07:e4:23:cd:4f:59:80:f8:97:c3:29:4d:de:9e:fd:aa:50:33:5a:6b

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl

Check the revocation status for certificate plm.fanatics.com

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for plm.fanatics.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

plm.fanatics.com
internal.plm.fanatics.com
3dspace.plm.fanatics.com
3dpassport.plm.fanatics.com
federated.plm.fanatics.com
3ddashboard.plm.fanatics.com

Other certificates including the domain name fanatics.com

(limited to 100 certificates)
secure03.fanaticsretailgroup.com
secure02.fanaticsretailgroup.com
jira.fanatics.com
secure01.fanaticsretailgroup.com
secure03.fanaticsretailgroup.com
domains.returnly.com
cisco-expc02.fanatics.com
secure01.fanaticsretailgroup.com
secure01.fanaticsretailgroup.com
cisco-expe04.fanatics.com
na85-1.cdn.salesforce-communities.com
secure02.fanaticsretailgroup.com
smcq-edge-cluster.fanatics.com
adfs.fanatics.com
secure01.fanaticsretailgroup.com
na85-1.cdn.salesforce-communities.com
image.email-aaanational.com
okta-iwa.fanatics.com
secure02.fanaticsretailgroup.com
www.nflshop.com
gag.fanatics.com
na85-1.cdn.salesforce-communities.com
imp04.fanatics.com
image.email-aaanational.com
image.email-aaanational.com
secure01.fanaticsretailgroup.com
na85-1.cdn.salesforce-communities.com
na85-1.cdn.salesforce-communities.com
domains.returnly.com
secure02.fanaticsretailgroup.com
image.email-aaanational.com
na85-1.cdn.salesforce-communities.com
secure01.fanaticsretailgroup.com
imp01.fanatics.com
secure01.fanaticsretailgroup.com
domains.returnly.com
secure01.fanaticsretailgroup.com
secure03.fanaticsretailgroup.com
secure02.teamfanshop.com
secure01.fanaticsretailgroup.com
image.email-aaanational.com
plm.fanatics.com
secure01.fanaticsretailgroup.com
secure01.fanaticsretailgroup.com
www.nflshop.com
secure01.fanaticsretailgroup.com
secure02.fanaticsretailgroup.com
secure02.fanaticsretailgroup.com
secure02.fanaticsretailgroup.com
secure02.fanaticsretailgroup.com
na85-1.cdn.salesforce-communities.com
cucm04.fanatics.com
secure02.teamfanshop.com
secure02.fanaticsretailgroup.com
returns.fanatics.com
san-2-s1.tlsprovisioning.exacttarget.com
cucm03.fanatics.com
image.email-aaanational.com
cisco-expc02.fanatics.com
domains.returnly.com
owa.fanatics.com
domains.returnly.com
secure01.fanaticsretailgroup.com
secure01.fanaticsretailgroup.com
secure02.teamfanshop.com
cisco-expe02.fanatics.com
secure01.fanaticsretailgroup.com
secure02.teamfanshop.com
returns.fanatics.com
asrfanaticsmgr.fanatics.com
secure02.fanaticsretailgroup.com
image.email-aaanational.com
www.nflshop.com
san-2-s1.tlsprovisioning.exacttarget.com
secure01.fanaticsretailgroup.com
image.email-aaanational.com
domains.returnly.com
www.footballfanatics.com
www.nflshop.com
plm.fanatics.com
image.email-aaanational.com
cisco-expe03.fanatics.com
secure01.fanaticsretailgroup.com
secure02.teamfanshop.com
image.email-aaanational.com
secure02.fanaticsretailgroup.com
secure01.fanaticsretailgroup.com
cisco-expe04.fanatics.com
cucm03.fanatics.com
secure01.fanaticsretailgroup.com
www.nflshop.com
*.fanatics.com
secure01.fanaticsretailgroup.com
portal.wifi.fanatics.com
secure01.fanaticsretailgroup.com
plm.fanatics.com
image.email-aaanational.com
secure02.fanaticsretailgroup.com
jira.fanatics.com
image.email-aaanational.com

Certificate

The complete raw certificate details for plm.fanatics.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIQD/OKVK9TTiG+TArHWY49WjANBgkqhkiG9w0BAQsFADBg
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx
MB4XDTE4MDkyNTAwMDAwMFoXDTE5MDkyNTEyMDAwMFowajELMAkGA1UEBhMCVVMx
EDAOBgNVBAgTB0Zsb3JpZGExFTATBgNVBAcTDEphY2tzb252aWxsZTEXMBUGA1UE
ChMORmFuYXRpY3MsIEluYy4xGTAXBgNVBAMTEHBsbS5mYW5hdGljcy5jb20wggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3VnnVc6ZVD2d8wHFfxRoi02Kd
Ux2Zb+C3GaEi4V87IwjVmj7ttzNN6PORLk3L3tiGiKo8s33F4Ix5wpFbjFb9b9XU
OxfO15oD6xq6qWs6hOjWcZBCN1KnRRdmgGmSYvjGAgb+CXOCzS0qLEiUVbjeZLIk
++Qkz2syaB59i0NI9H4kQ0ROflTQKUx4mWM+3/90XsL5Sf5iMAmtYtsBZkVmO9Aq
4JSbwM1S3XgO6qXspq0NHsz/XN2TKbLUJ+5RGTvcr+8mFVrMWk9eUe+VsmaB9mXn
VQQdqzBdLusCug/mXaFKQKW1hMdZ4GCuaAo9dUTHaPcmuxgPU1q+SPb0i9g7AgMB
AAGjggJGMIICQjAfBgNVHSMEGDAWgBSUT9Rdi+Sk4qaA/v3Y+QDvo74CVzAdBgNV
HQ4EFgQU1OEirvbNVpK8Td89bf6ALxFkdpUwgakGA1UdEQSBoTCBnoIQcGxtLmZh
bmF0aWNzLmNvbYIZaW50ZXJuYWwucGxtLmZhbmF0aWNzLmNvbYIYM2RzcGFjZS5w
bG0uZmFuYXRpY3MuY29tghszZHBhc3Nwb3J0LnBsbS5mYW5hdGljcy5jb22CGmZl
ZGVyYXRlZC5wbG0uZmFuYXRpY3MuY29tghwzZGRhc2hib2FyZC5wbG0uZmFuYXRp
Y3MuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2NkcC5nZW90cnVzdC5jb20v
R2VvVHJ1c3RUTFNSU0FDQUcxLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAq
MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeB
DAECAjB2BggrBgEFBQcBAQRqMGgwJgYIKwYBBQUHMAGGGmh0dHA6Ly9zdGF0dXMu
Z2VvdHJ1c3QuY29tMD4GCCsGAQUFBzAChjJodHRwOi8vY2FjZXJ0cy5nZW90cnVz
dC5jb20vR2VvVHJ1c3RUTFNSU0FDQUcxLmNydDAJBgNVHRMEAjAAMBMGCisGAQQB
1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQC8tqR8F12LDfpctYrh3UKL
OD4Mz9nrKIXIx5FKBUTXzxxLNPZCuVVnREgnk3/8ZlFpr4os1lpM7EyeaNsm2ZDw
rUKM+qE7Nz+cGkqx/HkRn254BKNCKWt/UU+Vn7ZPCD+ocIhXby47SWZEf0IwIjqR
fnEWDylJ8gb+htf/CqR2rU8yziGZY5+iaWklBAGrwwYh5FHnbsmnE/se6L3pRwFj
4NRHm0RTa90AtvaaCfrwLIX+f8ZyVSAmd/rHd+9cDL9Aqp3s3jY44DEEYr3nJYe7
RDSvCMDCigEBW5JuzVu8T6Vi1Jc3ywVuyoP0K7YzZ0ZXo5Jm7ao3BI5njeagERAB
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1Z51XOmVQ9nfMBxX8Ua
ItNinVMdmW/gtxmhIuFfOyMI1Zo+7bczTejzkS5Ny97YhoiqPLN9xeCMecKRW4xW
/W/V1DsXzteaA+sauqlrOoTo1nGQQjdSp0UXZoBpkmL4xgIG/glzgs0tKixIlFW4
3mSyJPvkJM9rMmgefYtDSPR+JENETn5U0ClMeJljPt//dF7C+Un+YjAJrWLbAWZF
ZjvQKuCUm8DNUt14Duql7KatDR7M/1zdkymy1CfuURk73K/vJhVazFpPXlHvlbJm
gfZl51UEHaswXS7rAroP5l2hSkCltYTHWeBgrmgKPXVEx2j3JrsYD1Navkj29IvY
OwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 21202953755349242864816845420407700826
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-25 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-25 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Florida'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Jacksonville'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Fanatics, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'plm.fanatics.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23144252670941100448297417943954157232195623910821119703656073955850141913586254280140931707517647784552203655604830803721551675714575882062981311020071854807345392360423680766291575057431376472866186310581045819639681417712072765064691378011377061122866832042489846961641211961029137000650622727848608462996236993949035772842128080120377396605820846749835524733781245649156546345729762471995200616474116027996658228512347710647155090914488164382356058450572073500099943915633587865969837379513373413342881782752526625378501475624204119559860638015859361205297565601056760253451838469031280648426294852957910126549051
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d4e122aef6cd5692bc4ddf3d6dfe802f11647695
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (161 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plm.fanatics.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'internal.plm.fanatics.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '3dspace.plm.fanatics.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '3dpassport.plm.fanatics.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'federated.plm.fanatics.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '3ddashboard.plm.fanatics.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00bcb6a47c175d8b0dfa5cb58ae1dd428b383e0ccfd9eb2885c8c7914a0544d7cf1c4b34f642b95567444827937ffc665169af8a2cd65a4cec4c9e68db26d990f0ad428cfaa13b373f9c1a4ab1fc79119f6e7804a342296b7f514f959fb64f083fa87088576f2e3b4966447f4230223a917e71160f2949f206fe86d7ff0aa476ad4f32ce2199639fa26969250401abc30621e451e76ec9a713fb1ee8bde9470163e0d4479b44536bdd00b6f69a09faf02c85fe7fc67255202677fac777ef5c0cbf40aa9decde3638e0310462bde72587bb4434af08c0c28a01015b926ecd5bbc4fa562d49737cb056eca83f42bb633674657a39266edaa37048e678de6a0111001