planselector.aarpmedicareplans.com

- UnitedHealth Group Inc. -

Issued by COMODO RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number b0:c3:71:2f:d9:93:03:76:1a:b4:87:f3:bf:05:f5:f9 was issued on by COMODO CA Limited.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

UnitedHealth Group Inc.

Organization: UnitedHealth Group Inc.
Organization unit: medicare and retirement
Address: 9900 Bren Road East
Postal code: 55343
State / Province: Minnesota
Locality: Minnetonka
Country: US

COMODO CA Limited

Organization: COMODO CA Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): b0:c3:71:2f:d9:93:03:76:1a:b4:87:f3:bf:05:f5:f9
Serial Number (int): 234958920848904311400270054459867264505
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 0b:90:fe:20:e2:2f:df:e2:3d:1c:07:86:dc:54:47:f3:11:6b:ac:dd
AuthorityKeyId: 9a:f3:2b:da:cf:ad:4f:b6:2f:bb:2a:48:48:2a:12:b7:1b:42:c1:24

Fingerprint (sha1): ad:86:0c:c3:99:3f:b3:85:81:60:bb:b2:ca:48:8b:06:35:94:5b:5b
Fingerprint (sha256): 27:64:05:6e:59:b7:73:e0:f0:49:6e:eb:14:41:71:df:18:b6:b3:1b:27:85:84:db:ad:91:69:bc:1d:5b:e8:02

Issuing Certificate URL: http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.comodoca.com
CRL Distribution Point: http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate planselector.aarpmedicareplans.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for planselector.aarpmedicareplans.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

planselector.aarpmedicareplans.com

Other certificates including the domain name aarpmedicareplans.com

(limited to 100 certificates)
5767409591910400-fe4.pantheonsite.io
ma.aarpmedicareplans.com
offline-mnrgeneric.uhc.com
pdp.aarpmedicareplans.com
5638916786880512-fe1.pantheonsite.io
caid.uhccommunityplan.com
5767409591910400-fe4.pantheonsite.io
offline.uhcmedicaresolutions.com
gpd-acq-azure.optum.com
ma.aarpmedicareplans.com
dlm-mnrfed.uhcsouthflorida.com
www.uhcmedicaresolutions.com
mnrgeneric.uhc.com
5638916786880512-fe1.pantheonsite.io
www.uhcmedicaresolutions.com
5638916786880512-fe1.pantheonsite.io
info.aarpmedicareplans.com
caid.uhccommunityplan.com
5638916786880512-fe1.pantheonsite.io
5638916786880512-fe1.pantheonsite.io
mars.aarpmedicareplans.com
5638916786880512-fe1.pantheonsite.io
microsites-prod-externalprodv2.aemprod.optum.com
gpd-acq-azure.optum.com
renew.aarpmedicareplans.com
roadtripreunion.aarpmedicareplans.com
www.aarpmedicareplans.com
mnrgeneric2.uhc.com
ma.aarpmedicareplans.com
mnrgeneric.uhc.com
www.aarpmedicareplans.com
visualizeyou.member.aarpmedicareplans.com
www.aarpmedicareplans.com
renew.aarpmedicareplans.com
info.aarpmedicareplans.com
caid.uhccommunityplan.com
offline.aarpmedicareplans.com
caid.uhccommunityplan.com
5767409591910400-fe4.pantheonsite.io
www.aarpmedicareplans.com
mnrgeneric2.uhc.com
renew.aarpmedicareplans.com
www.uhcmedicaresolutions.com
5767409591910400-fe4.pantheonsite.io
mnrgeneric.uhc.com
5638916786880512-fe1.pantheonsite.io
offline.uhcmedicaresolutions.com
www.uhcmedicaresolutions.com
hl.member.aarpmedicareplans.com
offline.uhcmedicaresolutions.com
mnrgeneric2.uhc.com
5767409591910400-fe4.pantheonsite.io
planselector.aarpmedicareplans.com
microsites-prod-externalprodv5.aemprod.optum.com
offline.uhcmedicaresolutions.com
advisor.aarpmedicareplans.com
www.uhcmedicaresolutions.com
5638916786880512-fe1.pantheonsite.io
hl-shra.member.aarpmedicareplans.com
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
pdp.aarpmedicareplans.com
caid.uhccommunityplan.com
www.uhcmedicaresolutions.com
caid.uhccommunityplan.com
offline-mnrgeneric.uhc.com
5767409591910400-fe4.pantheonsite.io
offline.aarpmedicareplans.com
mnrgeneric.uhc.com

info.aarpmedicareplans.com
5638916786880512-fe1.pantheonsite.io
info.aarpmedicareplans.com
www.uhcmedicaresolutions.com
5767409591910400-fe4.pantheonsite.io
renew.aarpmedicareplans.com
mnrgeneric.uhc.com
5767409591910400-fe4.pantheonsite.io
microsites-prod-externalprodv3.aemprod.optum.com
mnrgeneric2.uhc.com
5638916786880512-fe1.pantheonsite.io
5638916786880512-fe1.pantheonsite.io
offline-mnrgeneric2.uhc.com
5767409591910400-fe4.pantheonsite.io
offline.uhcmedicaresolutions.com
hl.member.aarpmedicareplans.com
ma.aarpmedicareplans.com
5767409591910400-fe4.pantheonsite.io
renew.aarpmedicareplans.com
5638916786880512-fe1.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
mnrgeneric.uhc.com
www.uhcmedicaresolutions.com
5638916786880512-fe1.pantheonsite.io
offline.uhcmedicaresolutions.com
gpd-acq-azure.optum.com
5767409591910400-fe4.pantheonsite.io
5638916786880512-fe1.pantheonsite.io
offline-mnrgeneric2.uhc.com
5767409591910400-fe4.pantheonsite.io

Certificate

The complete raw certificate details for planselector.aarpmedicareplans.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG7zCCBdegAwIBAgIRALDDcS/ZkwN2GrSH878F9fkwDQYJKoZIhvcNAQELBQAw
gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYD
VQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBT
ZXJ2ZXIgQ0EwHhcNMTkwNTI3MDAwMDAwWhcNMjAwNTI2MjM1OTU5WjCB1TELMAkG
A1UEBhMCVVMxDjAMBgNVBBETBTU1MzQzMRIwEAYDVQQIEwlNaW5uZXNvdGExEzAR
BgNVBAcTCk1pbm5ldG9ua2ExHDAaBgNVBAkTEzk5MDAgQnJlbiBSb2FkIEVhc3Qx
IDAeBgNVBAoTF1VuaXRlZEhlYWx0aCBHcm91cCBJbmMuMSAwHgYDVQQLExdtZWRp
Y2FyZSBhbmQgcmV0aXJlbWVudDErMCkGA1UEAxMicGxhbnNlbGVjdG9yLmFhcnBt
ZWRpY2FyZXBsYW5zLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALzrP4spoe8qO3IqVvM7EpmJqaZV/GxpDhjK0i8bAyl5oZ5vIS26dYj2J5q9S+rl
u9vMfdrSU34LKoGI2f2dtVDjDvvclJcaPqPgCwlOjnJU1Zxo+FHxmBDfCXBSRqX4
SSEG9lq5xwjGOkrBUnss6xd2R7bxqOYtTWWo9PKdgPBIP4eNPcec7Za34cOLBpXC
2vn+26iSDG2d/U5kk8/1H8OOTuLPi+9ORWF6JOTtER2t0DGeK1L2GWsCxzZm+DDl
WvTXn8u/rDdB1l3BYXhO7OG+8dqxmp+1/9e4dIGK6tyC58yvU7//2ld+5phV4aa6
toPXzV9tkzSH3xBn7b9CqJ0CAwEAAaOCAvUwggLxMB8GA1UdIwQYMBaAFJrzK9rP
rU+2L7sqSEgqErcbQsEkMB0GA1UdDgQWBBQLkP4g4i/f4j0cB4bcVEfzEWus3TAO
BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwUAYDVR0gBEkwRzA7BgwrBgEEAbIxAQIBAwQwKzApBggrBgEF
BQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQICMFoG
A1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET1JT
QU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYsGCCsG
AQUFBwEBBH8wfTBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5jb21vZG9jYS5jb20v
Q09NT0RPUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNy
dDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMC0GA1UdEQQm
MCSCInBsYW5zZWxlY3Rvci5hYXJwbWVkaWNhcmVwbGFucy5jb20wggEFBgorBgEE
AdZ5AgQCBIH2BIHzAPEAdwC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7R
hQAAAWr3qYrHAAAEAwBIMEYCIQDMu5Y3Hs6g3JeyINBdpOgmLJXSW5IN3haDUSWz
j+t9yAIhAI6gO7R3zVeRtS8Tnxm6ikFMrldNOXmROGsgTG1kTR1CAHYAXqdz+d9W
wOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFq96mK8AAABAMARzBFAiAKB41z
5RL8WzshhNhmBfiezgZRPMCifoyXF6gcm5gt3wIhALCjw68QvKWxug98zotqfNS5
icbOdhySoSnPJRtdjh2kMA0GCSqGSIb3DQEBCwUAA4IBAQACCnl06jbLVTaRKs+x
2OBu3s1HTNka0cYJ2/GvhTSV4tzYNxmRu6XcLYhp8wp6HMMJENwZAGzXCb7dYuvl
zmcyKgfMIfp9q8Yi0qp8DxP5BtC0f+M5kGPo8JrTAQL1ginnC83tCNbTgeWk72op
a29Pqhp30J1japqrKgGQLydqZ+ETm+lyAPjzi96CUPl/eWHKKvudmrOhr2fmcyb/
hRIe4UL5kb5w5bDCMVWua1QC5EnZicP6Qs19V4dWw11j5osBnC1J09lPVcc05h81
xHHI0oLc1P8NIj95+sdfBWZjp7k7uQyXr0gDADx8hbuJjcKAw9bvYjxhrkvNbvES
JhsV
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOs/iymh7yo7cipW8zsS
mYmpplX8bGkOGMrSLxsDKXmhnm8hLbp1iPYnmr1L6uW728x92tJTfgsqgYjZ/Z21
UOMO+9yUlxo+o+ALCU6OclTVnGj4UfGYEN8JcFJGpfhJIQb2WrnHCMY6SsFSeyzr
F3ZHtvGo5i1NZaj08p2A8Eg/h409x5ztlrfhw4sGlcLa+f7bqJIMbZ39TmSTz/Uf
w45O4s+L705FYXok5O0RHa3QMZ4rUvYZawLHNmb4MOVa9Nefy7+sN0HWXcFheE7s
4b7x2rGan7X/17h0gYrq3ILnzK9Tv//aV37mmFXhprq2g9fNX22TNIffEGftv0Ko
nQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 234958920848904311400270054459867264505
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-27 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-26 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '55343'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Minnesota'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Minnetonka'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '9900 Bren Road East'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'UnitedHealth Group Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'medicare and retirement'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'planselector.aarpmedicareplans.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23848806553095645201426654660771617382638814056941806282655551050353426527918555072123555651724572397673050412531973124450930627443041720821604372181657883624412587732442276441916847495793258775828539956824966945588146355593057259586999409659418272888375549559250189773553545925876860676080548872258897425564626769582668278737687948758506752752904227361242642636786841891518192299703889710125450449474856599266577911447611409846511851696435790931587678105931929972632930676592138728072583274109996589103212955025542856907587635085465305621557231661271320471859484211720491089616406209077517354995989866769443266406557
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9af32bdacfad4fb62fbb2a48482a12b71b42c124
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0b90fe20e22fdfe23d1c0786dc5447f3116bacdd
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (127 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'planselector.aarpmedicareplans.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016af7a98ac70000040300483046022100ccbb96371ecea0dc97b220d05da4e8262c95d25b920dde16835125b38feb7dc80221008ea03bb477cd5791b52f139f19ba8a414cae574d397991386b204c6d644d1d420076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016af7a98af0000004030047304502200a078d73e512fc5b3b2184d86605f89ece06513cc0a27e8c9717a81c9b982ddf022100b0a3c3af10bca5b1ba0f7cce8b6a7cd4b989c6ce761c92a129cf251b5d8e1da4
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00020a7974ea36cb5536912acfb1d8e06edecd474cd91ad1c609dbf1af853495e2dcd8371991bba5dc2d8869f30a7a1cc30910dc19006cd709bedd62ebe5ce67322a07cc21fa7dabc622d2aa7c0f13f906d0b47fe3399063e8f09ad30102f58229e70bcded08d6d381e5a4ef6a296b6f4faa1a77d09d636a9aab2a01902f276a67e1139be97200f8f38bde8250f97f7961ca2afb9d9ab3a1af67e67326ff85121ee142f991be70e5b0c23155ae6b5402e449d989c3fa42cd7d578756c35d63e68b019c2d49d3d94f55c734e61f35c471c8d282dcd4ff0d223f79fac75f056663a7b93bb90c97af4803003c7c85bb898dc280c3d6ef623c61ae4bcd6ef112261b15