*.ibo.nyc.ny.us
- Independent Budget Office -
Issued by GeoTrust RSA CA 2018
About this certificate
This digital certificate with serial number 01:b5:09:4a:9d:16:57:79:ee:69:31:33:4d:2a:80:e6 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Independent Budget Office
Organization:
Independent Budget Office
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:b5:09:4a:9d:16:57:79:ee:69:31:33:4d:2a:80:e6Serial Number (int): 2269222180366334599364680902995771622
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: b9:0b:d9:22:42:99:7b:17:2f:df:23:48:5f:66:7b:a9:b8:14:da:20
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5
Fingerprint (sha1): 76:53:25:c8:eb:e0:20:fe:50:03:5c:aa:e6:44:95:18:09:2f:6b:95
Fingerprint (sha256): 27:75:2a:8c:48:b2:0b:f5:9e:05:cf:f7:47:99:ef:14:12:b3:d1:86:c8:ae:92:6c:b2:48:00:2e:ec:86:af:61
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl
Check the revocation status for certificate *.ibo.nyc.ny.us
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.ibo.nyc.ny.us
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.ibo.nyc.ny.us
Other certificates including the domain name nyc.ny.us
(limited to 100 certificates)
iboremote2.ibo.nyc.ny.us
iboremote2.ibo.nyc.ny.us
www.tac.nyc.ny.us
42fw.boe.nyc.ny.us
*.ibo.nyc.ny.us
owa.trs.nyc.ny.us
ibo.nyc.ny.us
*.trs.nyc.ny.us
ctxdr.council.nyc.ny.us
qns.boe.nyc.ny.us
42fw.boe.nyc.ny.us
ctx.council.nyc.ny.us
hope.nyc.ny.us
*.trs.nyc.ny.us
*.trs.nyc.ny.us
*.ibo.nyc.ny.us
mail.trinityschoolnyc.org
mail.council.nyc.gov
*.ibo.nyc.ny.us
vote.nyc.ny.us
wm.ibo.nyc.ny.us
*.hope.nyc.ny.us
iboremote.ibo.nyc.ny.us
*.trs.nyc.ny.us
*.ibo.nyc.ny.us
ctx.council.nyc.ny.us
home.nyc.ny.us
ibo.nyc.ny.us
owa.trs.nyc.ny.us
*.council.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.gov
wm.ibo.nyc.ny.us
*.trs.nyc.ny.us
hope.nyc.ny.us
42fw.boe.nyc.ny.us
*.ibo.nyc.ny.us
ibo.nyc.ny.us
ibomail.ibo.nyc.ny.us
*.vote.nyc
vote.nyc.ny.us
*.trs.nyc.ny.us
www.trs.nyc.ny.us
owa.trs.nyc.ny.us
*.ibo.nyc.ny.us
*.hope.nyc.ny.us
owa.trs.nyc.ny.us
mail.council.nyc.gov
owa.boe.nyc
www.trs.nyc.ny.us
www.tac.nyc.ny.us
owa.trs.nyc.ny.us
ibomail.ibo.nyc.ny.us
hope.nyc.ny.us
42fw.boe.nyc.ny.us
www.hope.nyc.ny.us
hope.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
vote.nyc.ny.us
queens.boe.nyc.ny.us
ibo.nyc.ny.us
hope.nyc.ny.us
*.ibo.nyc.ny.us
vote.nyc.ny.us
ctx.council.nyc.ny.us
pullrequest.hope.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
hope.nyc.ny.us
*.council.nyc.ny.us
webmail.ibo.nyc.ny.us
queens.boe.nyc.ny.us
ibomail.ibo.nyc.ny.us
*.ibo.nyc.ny.us
iboremote2.ibo.nyc.ny.us
ibo.nyc.ny.us
*.ibo.nyc.ny.us
ibo.nyc.ny.us
vote.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
hope.nyc.ny.us
ibo.nyc.ny.us
www.trs.nyc.ny.us
42fw.boe.nyc.ny.us
*.ibo.nyc.ny.us
www.tac.nyc.ny.us
mail.council.nyc.gov
owa.trs.nyc.ny.us
*.hope.nyc.ny.us
*.ibo.nyc.ny.us
ctxdr.council.nyc.ny.us
webmail.ibo.nyc.ny.us
42fw.boe.nyc.ny.us
www.tac.nyc.ny.us
vote.nyc.ny.us
tailor.home.nyc.ny.us
iboremote2.ibo.nyc.ny.us
www.tac.nyc.ny.us
42fw.boe.nyc.ny.us
*.ibo.nyc.ny.us
owa.trs.nyc.ny.us
ibo.nyc.ny.us
*.trs.nyc.ny.us
ctxdr.council.nyc.ny.us
qns.boe.nyc.ny.us
42fw.boe.nyc.ny.us
ctx.council.nyc.ny.us
hope.nyc.ny.us
*.trs.nyc.ny.us
*.trs.nyc.ny.us
*.ibo.nyc.ny.us
mail.trinityschoolnyc.org
mail.council.nyc.gov
*.ibo.nyc.ny.us
vote.nyc.ny.us
wm.ibo.nyc.ny.us
*.hope.nyc.ny.us
iboremote.ibo.nyc.ny.us
*.trs.nyc.ny.us
*.ibo.nyc.ny.us
ctx.council.nyc.ny.us
home.nyc.ny.us
ibo.nyc.ny.us
owa.trs.nyc.ny.us
*.council.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.gov
wm.ibo.nyc.ny.us
*.trs.nyc.ny.us
hope.nyc.ny.us
42fw.boe.nyc.ny.us
*.ibo.nyc.ny.us
ibo.nyc.ny.us
ibomail.ibo.nyc.ny.us
*.vote.nyc
vote.nyc.ny.us
*.trs.nyc.ny.us
www.trs.nyc.ny.us
owa.trs.nyc.ny.us
*.ibo.nyc.ny.us
*.hope.nyc.ny.us
owa.trs.nyc.ny.us
mail.council.nyc.gov
owa.boe.nyc
www.trs.nyc.ny.us
www.tac.nyc.ny.us
owa.trs.nyc.ny.us
ibomail.ibo.nyc.ny.us
hope.nyc.ny.us
42fw.boe.nyc.ny.us
www.hope.nyc.ny.us
hope.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
vote.nyc.ny.us
queens.boe.nyc.ny.us
ibo.nyc.ny.us
hope.nyc.ny.us
*.ibo.nyc.ny.us
vote.nyc.ny.us
ctx.council.nyc.ny.us
pullrequest.hope.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
hope.nyc.ny.us
*.council.nyc.ny.us
webmail.ibo.nyc.ny.us
queens.boe.nyc.ny.us
ibomail.ibo.nyc.ny.us
*.ibo.nyc.ny.us
iboremote2.ibo.nyc.ny.us
ibo.nyc.ny.us
*.ibo.nyc.ny.us
ibo.nyc.ny.us
vote.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
hope.nyc.ny.us
ibo.nyc.ny.us
www.trs.nyc.ny.us
42fw.boe.nyc.ny.us
*.ibo.nyc.ny.us
www.tac.nyc.ny.us
mail.council.nyc.gov
owa.trs.nyc.ny.us
*.hope.nyc.ny.us
*.ibo.nyc.ny.us
ctxdr.council.nyc.ny.us
webmail.ibo.nyc.ny.us
42fw.boe.nyc.ny.us
www.tac.nyc.ny.us
vote.nyc.ny.us
tailor.home.nyc.ny.us
Certificate
The complete raw certificate details for *.ibo.nyc.ny.us in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGbTCCBVWgAwIBAgIQAbUJSp0WV3nuaTEzTSqA5jANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe Fw0yMzAyMDIwMDAwMDBaFw0yNDAxMDYyMzU5NTlaMHExCzAJBgNVBAYTAlVTMREw DwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxIjAgBgNVBAoTGUlu ZGVwZW5kZW50IEJ1ZGdldCBPZmZpY2UxGDAWBgNVBAMMDyouaWJvLm55Yy5ueS51 czCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOPOZLUhpjHAKEpyFh8I LjU3RXIVf6mwdYVHXGElmUIIx95+EcMZFaOsfZZVug9yJ+j1WZvBsszm1SmhvzdW CveKNKobINHoF/hiQJORoz30JVbyMVYgalITamajgZDGZc7B22NMulJNXaSQ904o 8/X131y1q5hj4TqIXWKqGBdgxk96Ul53IpsbmvhRIVvqNtJtYIBcpyx6LBco4KsD pI1ez+kznOfbqmAhmV32RmWL7VpLEY/LVi3S6fJgi9h3mJMDCsYuXIcjS/TndQxO 5LE/OKFFXlho+1EY0vCYQqRpqfL0bE3/IPsbT7lhwe8qYRFaIoKBdodIwTwB8g8R wlsCAwEAAaOCAxIwggMOMB8GA1UdIwQYMBaAFJBY/7CcdahRVHex7fKjQxY4nmzF MB0GA1UdDgQWBBS5C9kiQpl7Fy/fI0hfZnupuBTaIDAaBgNVHREEEzARgg8qLmli by5ueWMubnkudXMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY2RwLmdlb3RydXN0 LmNvbS9HZW9UcnVzdFJTQUNBMjAxOC5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgIw KTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMHUGCCsG AQUFBwEBBGkwZzAmBggrBgEFBQcwAYYaaHR0cDovL3N0YXR1cy5nZW90cnVzdC5j b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9jYWNlcnRzLmdlb3RydXN0LmNvbS9HZW9U cnVzdFJTQUNBMjAxOC5jcnQwCQYDVR0TBAIwADCCAX0GCisGAQQB1nkCBAIEggFt BIIBaQFnAHUA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGGFBEj ewAABAMARjBEAiApg8NR1HNP8U/Cbh6LLNvVbSqwarLKQTCMbMLFB0daGwIgM9xA wNyg3VlZa4fv375bAk/+OCmHXgk2Y2EbUfMs0Y0AdgBz2Z6JG0yWeKAgfUed5rLG HNBRXnEZKoxrgBB6wXdytQAAAYYUESOnAAAEAwBHMEUCIQCLiI4qNbC6RavNfrhD uar/dxO6QDKtJCwQqC822cdxTAIgFsHMNjR2C29iogBaAXjZtnFAvWMGPD7hV6J2 XTUOMocAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYYUESNa AAAEAwBHMEUCIQCoszBoHEy6lUndOrMzxe7vqszsG64R5jSOeQ5DDYUCAwIgPn6p eQ1r9DgsLx/fLaV1nn/Tp/Wa01uyYmKVi3RPBjQwDQYJKoZIhvcNAQELBQADggEB AEUiTJr7S5WS4qHtbbs3XlnDS9DwIv446O6njxlUubUM4iCOvO/HTlubmBjl/Lxz xkr7tJptANu/MBuMWmtkudtDjPd/vbiBrNQV/Aoh/g/ZpI/AWWpPsmupiPj40GdQ 0Zco8DeuJbxh+jkznyIYU7L44yP8KROp4os6yS3R+SQhfVOIW0ALPlWBnNPdimSs BDui1oH6Bj7MqaKh/ke3byt7B+MEc3bZWkk9JxfZZd/WvJDExYcnJ2SA5QMwxJLO nWPLwh+TwGeUDIq8IgYRANGiXplUd5oKjisoL7/PYpHO2rzCfGuUIWcuIFvYgIAK wYyblv7hZpiuLp0tXptnlLI= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA485ktSGmMcAoSnIWHwgu NTdFchV/qbB1hUdcYSWZQgjH3n4RwxkVo6x9llW6D3In6PVZm8GyzObVKaG/N1YK 94o0qhsg0egX+GJAk5GjPfQlVvIxViBqUhNqZqOBkMZlzsHbY0y6Uk1dpJD3Tijz 9fXfXLWrmGPhOohdYqoYF2DGT3pSXncimxua+FEhW+o20m1ggFynLHosFyjgqwOk jV7P6TOc59uqYCGZXfZGZYvtWksRj8tWLdLp8mCL2HeYkwMKxi5chyNL9Od1DE7k sT84oUVeWGj7URjS8JhCpGmp8vRsTf8g+xtPuWHB7yphEVoigoF2h0jBPAHyDxHC WwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2269222180366334599364680902995771622 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-02 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-06 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Independent Budget Office' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.ibo.nyc.ny.us' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28757871600592880852934935009652773750085928900609631817812384840398952459162908220682627209634098321532430985634913025712365473359091586918704056369357608930398992447359930897753172951185690475543325791029296903534727836780016571314827839010098529029081022909624247142866420612237922024718751880039715021179664895968116720805533402989246049444651823340723772775875695683145113471055735144518619834357343446704296210208677127675191356270967108698651890143325681952836397338203626905441175533881921772544929126606277167010025546992360202023813399411954447356071927447430950029134676164858049362668071333261274950779483 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b90bd92242997b172fdf23485f667ba9b814da20 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ibo.nyc.ny.us' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001861411237b000004030046304402202983c351d4734ff14fc26e1e8b2cdbd56d2ab06ab2ca41308c6cc2c507475a1b022033dc40c0dca0dd59596b87efdfbe5b024ffe3829875e093663611b51f32cd18d00760073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b500000186141123a700000403004730450221008b888e2a35b0ba45abcd7eb843b9aaff7713ba4032ad242c10a82f36d9c7714c022016c1cc3634760b6f62a2005a0178d9b67140bd63063c3ee157a2765d350e328700760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001861411235a0000040300473045022100a8b330681c4cba9549dd3ab333c5eeefaaccec1bae11e6348e790e430d85020302203e7ea9790d6bf4382c2f1fdf2da5759e7fd3a7f59ad35bb26262958b744f0634 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0045224c9afb4b9592e2a1ed6dbb375e59c34bd0f022fe38e8eea78f1954b9b50ce2208ebcefc74e5b9b9818e5fcbc73c64afbb49a6d00dbbf301b8c5a6b64b9db438cf77fbdb881acd415fc0a21fe0fd9a48fc0596a4fb26ba988f8f8d06750d19728f037ae25bc61fa39339f221853b2f8e323fc2913a9e28b3ac92dd1f924217d53885b400b3e55819cd3dd8a64ac043ba2d681fa063ecca9a2a1fe47b76f2b7b07e3047376d95a493d2717d965dfd6bc90c4c58727276480e50330c492ce9d63cbc21f93c067940c8abc22061100d1a25e9954779a0a8e2b282fbfcf6291cedabcc27c6b9421672e205bd880800ac18c9b96fee16698ae2e9d2d5e9b6794b2