gk-c-email.srvs.usps.gov

- United States Postal Service -

Issued by COMODO RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number 14:86:b3:e7:cf:dc:fc:fe:68:4a:2d:fd:70:88:57:b3 was issued on by COMODO CA Limited.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

United States Postal Service

Organization: United States Postal Service
Organization unit: Telecom Services
Organization unit: Hosted by United States Postal Service
Organization unit: Unified Communications
Address: 2825 Lone Oak Parkway
Postal code: 55121
State / Province: MN
Locality: Eagan
Country: US

COMODO CA Limited

Organization: COMODO CA Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 14:86:b3:e7:cf:dc:fc:fe:68:4a:2d:fd:70:88:57:b3
Serial Number (int): 27283976612097134247042293392399161267
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: a7:0f:78:d8:a3:1d:aa:f3:52:00:79:a5:7d:fb:80:6d:a1:10:e0:48
AuthorityKeyId: 9a:f3:2b:da:cf:ad:4f:b6:2f:bb:2a:48:48:2a:12:b7:1b:42:c1:24

Fingerprint (sha1): c4:6d:39:46:4f:0c:b5:26:0b:4d:1c:e1:9c:38:1e:38:db:7c:5d:35
Fingerprint (sha256): 29:6f:2c:6c:9c:e6:3c:99:29:8a:f7:81:52:77:22:84:71:08:67:eb:dc:f9:51:e5:2c:d0:0d:41:ca:00:31:23

Issuing Certificate URL: http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.comodoca.com
CRL Distribution Point: http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate gk-c-email.srvs.usps.gov

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for gk-c-email.srvs.usps.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gk-c-email.srvs.usps.gov
gk-c-mail.srvs.usps.gov

Other certificates including the domain name usps.gov

(limited to 100 certificates)
SAMTCATWE106.usps.gov
policynet.usps.gov
apigee-hybrid.usps.gov
samsak.usps.gov
mimail365.usps.gov
crosswalk.usps.com
epf-dev.usps.gov
tpmtrans-cat.usps.gov
lecm-dev.usps.gov
webvpn.usps.gov
ws0-ext.usps.gov
*.usps.com
pidp-cat.usps.gov
ssp.usps.gov
hce-portal.usps.gov
flosum.usps.gov
inboundcrw.usps.gov
mienrollcat.usps.gov
ereassign.usps.com
samtcavcs118.usps.gov
crosswalk-cat.usps.com
usps.gov
ribbs-dev.usps.gov
wp0-ext.usps.gov

securemail.usps.gov
myusps.gov
crosswalk-cat.usps.com
vtc.usps.gov
crosswalk-dev.usps.com
usps-cmgeus01.usps.gov
aad-ecrms-fed-dev.usps.gov
aad-mra-fed-prod.usps.gov
okta-nofda-fed.prd.usps.gov
pgp.usps.gov

ereassign.usps.com
test.vpn.usps.gov
wc0-ext.usps.gov
ivs-sign.usps.com
meetingplace4-dmz.usps.gov
splunkdmz.usps.gov
cat-amd-int.usps.gov
qliteblue.usps.gov
dbcalc-cat.usps.com
miapp.usps.gov
aad-ecrms-fed-sit.usps.gov
misspcat.usps.gov
bpvpn.usps.gov
epayroll-dev.usps.gov
eopf.usps.gov
eagnmnvcs122.usps.gov
liteblue.usps.gov
samsak-cat.usps.gov
ssp.usps.gov
eaganras.usps.gov
ssp-cat-external.usps.gov
click.go.usps.gov
caps.usps.gov
samtca-ns-b2b.usps.gov
aad-ecrms-fed-sit.usps.gov
ssp-cat.usps.gov
xsp1.ipt-eaglab.usps.gov
crosswalk.usps.com
webpmt.usps.gov
sftraining.usps.gov
akamai-san192.exacttarget.com
usps-cmg-eus-01.usps.gov
eopf.usps.gov
anchor.usps.com
gk-w-email.srvs.usps.gov
wc0-ext.usps.gov
origin-apis-cat2-sm.usps.com
www.uspspostalone.com
uspsservicenowservices.usps.gov
okta-fmis-fed.cat.usps.gov

caps-cat.usps.gov

eopf.usps.gov
ribbs-cat.usps.gov

ipt-cfg.usps.gov

qamps.usps.gov
*.usps.gov
game.usps.gov
view.go.usps.gov
inboundcrw.usps.gov
UNITED STATES POSTAL SERVICE
qamps.usps.gov
meetingplace5-dmz2.usps.gov
game.usps.gov
sm-pci-ext-ns.usps.gov
crosswalk-cat.usps.com
hrkcm-kb.usps.gov
xsp1.ipt-eaglab.usps.gov
lgis-sit.usps.gov
sakcarrier.usps.gov
epf-cat.usps.gov

Certificate

The complete raw certificate details for gk-c-email.srvs.usps.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIQFIaz58/c/P5oSi39cIhXszANBgkqhkiG9w0BAQsFADCB
ljELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPDA6BgNV
BAMTM0NPTU9ETyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl
cnZlciBDQTAeFw0xNjExMjUwMDAwMDBaFw0xNzExMjUyMzU5NTlaMIIBETELMAkG
A1UEBhMCVVMxDjAMBgNVBBETBTU1MTIxMQswCQYDVQQIEwJNTjEOMAwGA1UEBxMF
RWFnYW4xHjAcBgNVBAkTFTI4MjUgTG9uZSBPYWsgUGFya3dheTElMCMGA1UEChMc
VW5pdGVkIFN0YXRlcyBQb3N0YWwgU2VydmljZTEZMBcGA1UECxMQVGVsZWNvbSBT
ZXJ2aWNlczEvMC0GA1UECxMmSG9zdGVkIGJ5IFVuaXRlZCBTdGF0ZXMgUG9zdGFs
IFNlcnZpY2UxHzAdBgNVBAsTFlVuaWZpZWQgQ29tbXVuaWNhdGlvbnMxITAfBgNV
BAMTGGdrLWMtZW1haWwuc3J2cy51c3BzLmdvdjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9/jWcTazop2jNC0pdzWe7ALOIH6PSk/ssC1Utl/N/4+7b6
BBthNVL8yXFi7bAjfp8VPPzVpFbEVIVCQUUY4dVSUrhStb6/KHRbyilVy/Sbsb2s
ydg70VjIYqEm2t/QAEOL0wWEA728QNWUEBM1vERCoC5aGtHGCOk1U+ldZDXNgCgh
67QVeABVc2zc5kdkUGtlx4zEE7/QdzYQwAwAXyDvP2e2JAqVLKCaUs7g1OMmf0Kv
iY4so4KKWZFM2/CYFnxhQY9JIh1jaTrgEZ/EY/v2pmU29vcljILRwaNRQ5xlr89d
5MoPjVe3EXlQfp+F6X/2UpNeCok4kNhN8ldJDXECAwEAAaOCAfswggH3MB8GA1Ud
IwQYMBaAFJrzK9rPrU+2L7sqSEgqErcbQsEkMB0GA1UdDgQWBBSnD3jYox2q81IA
eaV9+4BtoRDgSDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwUAYDVR0gBEkwRzA7BgwrBgEEAbIxAQIB
AwQwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMw
CAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuY29tb2RvY2Eu
Y29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJD
QS5jcmwwgYsGCCsGAQUFBwEBBH8wfTBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5j
b21vZG9jYS5jb20vQ09NT0RPUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3Vy
ZVNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2Eu
Y29tMDwGA1UdEQQ1MDOCGGdrLWMtZW1haWwuc3J2cy51c3BzLmdvdoIXZ2stYy1t
YWlsLnNydnMudXNwcy5nb3YwDQYJKoZIhvcNAQELBQADggEBACrCTRxD3Pv/ALWp
BKuDO/3KmhLb2MHXresPI8gbdw6KOIVndCTEGMRZEwsv8ruCZ5ED0kXm5Quywr2S
9QYCShIcKuvBsnNtkqz9mWAYVFuVvsEiF946Irz3HoaRRvLK/Z6ffNZzfqC09hbM
AKVrgr9GHB/qnbqtlcj87Y6xjLKgnCC5/LYBg18fBa/nWhTrVuM9bmEVov78yKHD
BS/6a/dQrEfOYfo4g2MDG2gXpG/u4gshBHTOxakRfowfssxiwquGzhBI+/jrdTJt
BUEszBR6KyRb7h6Os3PVUJYE9tImsanOQjJx5UFeP2vM76OpQHI4lhTlTwniEfqE
RBd+Xso=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3+NZxNrOinaM0LSl3NZ
7sAs4gfo9KT+ywLVS2X83/j7tvoEG2E1UvzJcWLtsCN+nxU8/NWkVsRUhUJBRRjh
1VJSuFK1vr8odFvKKVXL9JuxvazJ2DvRWMhioSba39AAQ4vTBYQDvbxA1ZQQEzW8
REKgLloa0cYI6TVT6V1kNc2AKCHrtBV4AFVzbNzmR2RQa2XHjMQTv9B3NhDADABf
IO8/Z7YkCpUsoJpSzuDU4yZ/Qq+JjiyjgopZkUzb8JgWfGFBj0kiHWNpOuARn8Rj
+/amZTb29yWMgtHBo1FDnGWvz13kyg+NV7cReVB+n4Xpf/ZSk14KiTiQ2E3yV0kN
cQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 27283976612097134247042293392399161267
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-11-25 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-25 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '55121'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MN'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Eagan'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2825 Lone Oak Parkway'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'United States Postal Service'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Telecom Services'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hosted by United States Postal Service'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Unified Communications'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gk-c-email.srvs.usps.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22154601779104435757974140306342744148372139650389995089729231038304880361863685837750143367116152596368227885571677949704363705194265489080374984256428997127302843124972558730767807791425966805796055197361439117163673737560848121635333555353039456053134677828978450468345446941967354901838486734555940880944298235340391447150005302570531956283543360893593342746052545834261629225964102530615345262472435888354937906060340283647231121358324833220832730130157048966392725909482090637468609574614988808555395651787082342210995427251923258182141797323861005586728826239601818045603841180976041274129956202916058820578673
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9af32bdacfad4fb62fbb2a48482a12b71b42c124
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a70f78d8a31daaf3520079a57dfb806da110e048
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (127 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gk-c-email.srvs.usps.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gk-c-mail.srvs.usps.gov'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002ac24d1c43dcfbff00b5a904ab833bfdca9a12dbd8c1d7adeb0f23c81b770e8a3885677424c418c459130b2ff2bb82679103d245e6e50bb2c2bd92f506024a121c2aebc1b2736d92acfd996018545b95bec12217de3a22bcf71e869146f2cafd9e9f7cd6737ea0b4f616cc00a56b82bf461c1fea9dbaad95c8fced8eb18cb2a09c20b9fcb601835f1f05afe75a14eb56e33d6e6115a2fefcc8a1c3052ffa6bf750ac47ce61fa388363031b6817a46feee20b210474cec5a9117e8c1fb2cc62c2ab86ce1048fbf8eb75326d05412ccc147a2b245bee1e8eb373d5509604f6d226b1a9ce423271e5415e3f6bccefa3a94072389614e54f09e211fa8444177e5eca