comms.ricoh-usa.com

Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1

About this certificate

This digital certificate with serial number 02:70:69:42:1b:99:09:38:31:ec:6b:cd:c1:0c:1b:d6 was issued on by DigiCert, Inc..

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=comms.ricoh-usa.com

DigiCert, Inc.

Organization: DigiCert, Inc.
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 02:70:69:42:1b:99:09:38:31:ec:6b:cd:c1:0c:1b:d6
Serial Number (int): 3242128130333946260534563152373488598
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: b1:07:e8:9b:1d:be:fd:20:2c:64:bf:1f:97:85:74:8e:3b:21:b1:b7
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23

Fingerprint (sha1): 1c:3d:51:b2:37:a9:c7:70:24:01:5c:bb:78:6a:cc:fa:93:b6:55:76
Fingerprint (sha256): 28:4a:51:c6:05:ed:38:e4:8a:5b:4a:3e:d6:c0:d9:0b:1f:19:23:2d:ab:68:2e:03:c8:c8:65:a3:65:70:5b:6e

Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl

Check the revocation status for certificate comms.ricoh-usa.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for comms.ricoh-usa.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

comms.ricoh-usa.com

Other certificates including the domain name ricoh-usa.com

(limited to 100 certificates)
*.ricoh-usa.com
ssl1.ricoh-usa.com
adaptiveformstest.ricoh-usa.com
boulder-ssl1.ricoh-usa.com
*.returnmailservices.ricoh-usa.com
support.rpp.ricoh-usa.com
*.ricoh-usa.com
storefront.ricoh-usa.com
cs2.ricoh-usa.com
mdm.ricoh-usa.com
xen.ricoh-usa.com
*.ricoh-usa.com
*.ricoh-usa.com
events.ricoh-usa.com
rworld-test.ricoh-usa.com
portal.ricoh-usa.com
UCAAS2-CTPC1-01.ricoh-usa.com
UCAAS11-CTPC1-01.dev.ricoh-usa.com
mdm.ricoh-usa.com
rworld-test.ricoh-usa.com
mobileha.ricoh-usa.com
support.rpp.ricoh-usa.com
sts.ricoh-usa.com
UCAAS11-CUCPUB2-01.dev.ricoh-usa.com
newsroom.ricoh-usa.com
pb1.ricoh-usa.com
sts.dev.ricoh-usa.com
ucaas11-cup1-01.dev.ricoh-usa.com
*.ricoh-usa.com
ricohaps.ricoh-usa.com
boulder-ssl2.ricoh-usa.com
sts.ricoh-usa.com
sts.preprod.ricoh-usa.com
newsroom.ricoh-usa.com
*.awsdev.ricoh-usa.com
UCAAS2-UCMPUB2-01-ms.ricoh-usa.com
*.Ricoh-usa.com
jobs.ricoh-usa.com
*.ricoh-usa.com
UCAAS1-CTPC1-01.ricoh-usa.com
*.ricoh-usa.com
cs3.ricoh-usa.com
tec.ricoh-usa.com
cs3.ricoh-usa.com
rworld-test.ricoh-usa.com
*.ricoh-usa.com
rscc.ricoh-usa.com
thedocshop.ricoh-usa.com
events.ricoh-usa.com
sts.dev.ricoh-usa.com
iapoc.intelligentdelivery.ricoh-usa.com
*.ricoh-usa.com
ricohspha.ricoh-usa.com
ctpat.ricoh-usa.com
rworld-test.ricoh-usa.com
mobile3.ricoh-usa.com
*.Ricoh-usa.com
sts.ricoh-usa.com
PhishReporter.ricoh-usa.com
solutionfinder.ricoh-usa.com
*.ricoh-usa.com
ddpe.ricoh-usa.com
*.ricoh-usa.com
asklola.ricoh-usa.com
GA16ARTDEV01.ricoh-usa.com
*.ricoh-usa.com
lpo.ricoh-usa.com
mobile.ricoh-usa.com
comms.ricoh-usa.com
my.ricoh-usa.com
ssl1.ricoh-usa.com
sts.ricoh-usa.com
UCAAS2-CUCPUB2-01-ms.ricoh-usa.com
adaptiveformsdev.ricoh-usa.com
UCAAS11-VCSE-01B.dev.ricoh-usa.com
newsroom.ricoh-usa.com
ssl2.ricoh-usa.com
images.learn.ricoh-usa.com
sts.ricoh-usa.com
UCAAS2-UCMPUB2-01.ricoh-usa.com
ddpe.ricoh-usa.com
sts.preprod.ricoh-usa.com
portal.ricoh-usa.com
ssl2.ricoh-usa.com
UCAAS2-CUP2-01-ms.ricoh-usa.com
mobileha.ricoh-usa.com
UCAAS11-VCSE1-01A.dev.ricoh-usa.com
ucaas11-cucpub1-01-ms.dev.ricoh-usa.com
*.ricoh-usa.com
portal.ricoh-usa.com
gitcloud.awsdev.ricoh-usa.com
*.ricoh-usa.com
rworld.ricoh-usa.com
mobilepoc.ricoh-usa.com
my.ricoh-usa.com
rworld-test.ricoh-usa.com
xenapp.ricoh-usa.com
rworld.ricoh-usa.com
ssl2.ricoh-usa.com
*.ricoh-usa.com

Certificate

The complete raw certificate details for comms.ricoh-usa.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHljCCBX6gAwIBAgIQAnBpQhuZCTgx7GvNwQwb1jANBgkqhkiG9w0BAQsFADBc
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT
K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN
MjQwMTA1MDAwMDAwWhcNMjQwNzA1MjM1OTU5WjAeMRwwGgYDVQQDExNjb21tcy5y
aWNvaC11c2EuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsb2F
IrzBhDBsobC5amxljlcGgtI5XdP6lm3Y0unzGu1QiZ1IbCip+Ip1PDhaCcxHI2y/
RqJRS/xswpRXZANb2f+5o2dSpu/Rgt0rlGyI0QovhB1hSuk0SEvapcGCjCT+4wIX
7P90uAAkL29UdeKrKuUF8w38NR2yTk/YtRuqXnX+2wvkoxzJtyKcuiKc62sahP2O
rc1OtN+j+CDo5ADSuTyFJxNd1wqH7qXcxcL+ryCfW9DUwlxKMIdlnisc/76L++7G
KOtCJMcUt0pDMzv/ixKRu8aAuZTt29I2kBIrVtnQe+UkzGF7tHizky2PGSwbJSLI
WKSTQRzXLU8SFPIeNQIDAQABo4IDkDCCA4wwHwYDVR0jBBgwFoAUpbTW6zbE52um
38RkCwEqIAS4ZiMwHQYDVR0OBBYEFLEH6Jsdvv0gLGS/H5eFdI47IbG3MB4GA1Ud
EQQXMBWCE2NvbW1zLnJpY29oLXVzYS5jb20wPgYDVR0gBDcwNTAzBgZngQwBAgEw
KTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgZ8GA1Ud
HwSBlzCBlDBIoEagRIZCaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0dlb1RydXN0
R2xvYmFsVExTUlNBNDA5NlNIQTI1NjIwMjJDQTEuY3JsMEigRqBEhkJodHRwOi8v
Y3JsNC5kaWdpY2VydC5jb20vR2VvVHJ1c3RHbG9iYWxUTFNSU0E0MDk2U0hBMjU2
MjAyMkNBMS5jcmwwgYcGCCsGAQUFBwEBBHsweTAkBggrBgEFBQcwAYYYaHR0cDov
L29jc3AuZGlnaWNlcnQuY29tMFEGCCsGAQUFBzAChkVodHRwOi8vY2FjZXJ0cy5k
aWdpY2VydC5jb20vR2VvVHJ1c3RHbG9iYWxUTFNSU0E0MDk2U0hBMjU2MjAyMkNB
MS5jcnQwDAYDVR0TAQH/BAIwADCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHcA
7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGM2P9bkAAABAMASDBG
AiEAu92gwml9c4rK5d5ep8ukfP4ojbHdvV2pPok+ZReu6CACIQCz278iQL20MUtz
8ct+wUhSpBhXfe7HZKn4EgWVBiE/CwB3AEiw42vapkc0D+VqAvqdMOscUgHLVt0s
gdm7v6s52IRzAAABjNj/W7kAAAQDAEgwRgIhAL8Oz29mhB/KhQenhl00NNRROk8l
iocfbp/5HndeciKCAiEAv3IH+dDdeDap/yPzr5aCUhVG7asB5mXr4OHRYYGAh/EA
dQDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYzY/1uoAAAEAwBG
MEQCIG5tfbUEikxuk8huA/Rfo86tiS4G/SQHqIpJld9YrMXzAiAT9uNSNn3oPtkL
hn24abxn3n4VV5mlS8Kpzlj14P1haDANBgkqhkiG9w0BAQsFAAOCAgEAFuRkt8/N
DrX5a9bnIB9lggiQlGnt4Rpmegxi1JT7wABAGpC3Xfk7g7ZtvFtGLMqfv3PPu9OC
PwNN6bwSbPT/ycml+/azKmVWKlmmStVS6XDpbw8dlWHwIwMM4IvEEpN6CNa30uFX
batKnS4oFyHM6PWI729yPj0mnsZ48LsCt2LPaoy8cU6bobciGDfeHIbqaac4AVFp
cVtcIyEYSXvoGjeIjQ1vh3wbTAbNDjrHvGASXHQpAQw+rNwad0jt1xgc5QlqmMgk
/YPQX8Plk5BQHhXlLnoFgH4I0qwqZ7d0ZzfyVQE3Glh4ffEslMU6o3pxeatMbW8k
93DeQ1sSfne95nvyKDl1EL9/SvzXcpae7X6RlmNfZ3mXBWZtrGfqf8XygZ3AeXGH
w8tZZiYMBC3isYt1IvhwFnwHh1JZdUSZVikUz5OQGB+fQz/InIG5X3lxl9BIDKNr
tKLRAb0yDDa3zghbCLxrpNvAL33I5qAm7Wk4SXiqVWVV7jRc3DLeNEa3gFkrPygy
4fbgAQmzGZ2xMDqCLAmmYiYaE6jkLc0jDwm5l+qVgSeNTavMF8b3DaoegW/lXd/e
XD4qABU8nAHKc0qPG54BPFd1WBbem4L6EdGWmTGIPyMHWeGoPomMAdxjS7O7c+5D
yjm3wb3p8ofVSKIz8OO9z9RHGI3KF83WMks=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsb2FIrzBhDBsobC5amxl
jlcGgtI5XdP6lm3Y0unzGu1QiZ1IbCip+Ip1PDhaCcxHI2y/RqJRS/xswpRXZANb
2f+5o2dSpu/Rgt0rlGyI0QovhB1hSuk0SEvapcGCjCT+4wIX7P90uAAkL29UdeKr
KuUF8w38NR2yTk/YtRuqXnX+2wvkoxzJtyKcuiKc62sahP2Orc1OtN+j+CDo5ADS
uTyFJxNd1wqH7qXcxcL+ryCfW9DUwlxKMIdlnisc/76L++7GKOtCJMcUt0pDMzv/
ixKRu8aAuZTt29I2kBIrVtnQe+UkzGF7tHizky2PGSwbJSLIWKSTQRzXLU8SFPIe
NQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 3242128130333946260534563152373488598
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-05 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-05 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'comms.ricoh-usa.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22437635804365500017788578316831749457057994631902768035253041924059320192436345300983228811285673325600981966359872353649228261151442975871188391998364197622488575084598383725749166876883964384927847472842921777161049371011451412826972918978192684109881144164993617541355195548202051814702088447629344187945213222790657564708888721355167709417208336994628017406277762317784577417329846088238053290827713115281227382677526646929913945832777878269167491098939469703439167102360399522734100572418561049369539955295984193475360755456886680089601822185377580891849131793922596931792906749976427946887735942058282237173301
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b107e89b1dbefd202c64bf1f9785748e3b21b1b7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'comms.ricoh-usa.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018cd8ff5b900000040300483046022100bbdda0c2697d738acae5de5ea7cba47cfe288db1ddbd5da93e893e6517aee820022100b3dbbf2240bdb4314b73f1cb7ec14852a418577deec764a9f812059506213f0b00770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cd8ff5bb90000040300483046022100bf0ecf6f66841fca8507a7865d3434d4513a4f258a871f6e9ff91e775e722282022100bf7207f9d0dd7836a9ff23f3af9682521546edab01e665ebe0e1d161818087f1007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018cd8ff5ba8000004030046304402206e6d7db5048a4c6e93c86e03f45fa3cead892e06fd2407a88a4995df58acc5f3022013f6e352367de83ed90b867db869bc67de7e155799a54bc2a9ce58f5e0fd6168
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0016e464b7cfcd0eb5f96bd6e7201f658208909469ede11a667a0c62d494fbc000401a90b75df93b83b66dbc5b462cca9fbf73cfbbd3823f034de9bc126cf4ffc9c9a5fbf6b32a65562a59a64ad552e970e96f0f1d9561f023030ce08bc412937a08d6b7d2e1576dab4a9d2e281721cce8f588ef6f723e3d269ec678f0bb02b762cf6a8cbc714e9ba1b7221837de1c86ea69a738015169715b5c232118497be81a37888d0d6f877c1b4c06cd0e3ac7bc60125c7429010c3eacdc1a7748edd7181ce5096a98c824fd83d05fc3e59390501e15e52e7a05807e08d2ac2a67b7746737f25501371a58787df12c94c53aa37a7179ab4c6d6f24f770de435b127e77bde67bf228397510bf7f4afcd772969eed7e9196635f67799705666dac67ea7fc5f2819dc0797187c3cb5966260c042de2b18b7522f870167c07875259754499562914cf9390181f9f433fc89c81b95f797197d0480ca36bb4a2d101bd320c36b7ce085b08bc6ba4dbc02f7dc8e6a026ed69384978aa556555ee345cdc32de3446b780592b3f2832e1f6e00109b3199db1303a822c09a662261a13a8e42dcd230f09b997ea9581278d4dabcc17c6f70daa1e816fe55ddfde5c3e2a00153c9c01ca734a8f1b9e013c57755816de9b82fa11d1969931883f230759e1a83e898c01dc634bb3bb73ee43ca39b7c1bde9f287d548a233f0e3bdcfd447188dca17cdd6324b