hl-shra.member.aarpmedicareplans.com

- UnitedHealth Group Inc. -

Issued by COMODO RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number 65:40:02:d9:38:7a:f9:47:29:62:76:cb:fd:e4:69:66 was issued on by COMODO CA Limited.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

UnitedHealth Group Inc.

Organization: UnitedHealth Group Inc.
Organization unit: IT
Organization unit: Enterprise SSL Pro
Address: 9900 Bren Road East
Postal code: 55343
State / Province: Minnesota
Locality: Minnetonka
Country: US

COMODO CA Limited

Organization: COMODO CA Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 65:40:02:d9:38:7a:f9:47:29:62:76:cb:fd:e4:69:66
Serial Number (int): 134584392348033031712156019451645684070
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 03:1f:0c:29:bf:22:13:9c:a8:9e:04:bd:42:54:89:cd:3f:4a:7a:83
AuthorityKeyId: 9a:f3:2b:da:cf:ad:4f:b6:2f:bb:2a:48:48:2a:12:b7:1b:42:c1:24

Fingerprint (sha1): ef:11:ca:86:15:36:4f:16:9c:9a:e4:f8:e4:e2:7f:cb:80:28:d9:4c
Fingerprint (sha256): 2c:2f:3b:2e:36:37:ed:84:2b:7c:05:84:b8:25:75:c9:13:23:a8:1f:9a:65:8a:49:a9:d8:cc:9a:fd:59:96:93

Issuing Certificate URL: http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.comodoca.com
CRL Distribution Point: http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate hl-shra.member.aarpmedicareplans.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for hl-shra.member.aarpmedicareplans.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

hl-shra.member.aarpmedicareplans.com

Other certificates including the domain name aarpmedicareplans.com

(limited to 100 certificates)
5767409591910400-fe4.pantheonsite.io
ma.aarpmedicareplans.com
offline-mnrgeneric.uhc.com
pdp.aarpmedicareplans.com
5638916786880512-fe1.pantheonsite.io
caid.uhccommunityplan.com
5767409591910400-fe4.pantheonsite.io
offline.uhcmedicaresolutions.com
gpd-acq-azure.optum.com
ma.aarpmedicareplans.com
dlm-mnrfed.uhcsouthflorida.com
www.uhcmedicaresolutions.com
mnrgeneric.uhc.com
5638916786880512-fe1.pantheonsite.io
www.uhcmedicaresolutions.com
5638916786880512-fe1.pantheonsite.io
info.aarpmedicareplans.com
caid.uhccommunityplan.com
5638916786880512-fe1.pantheonsite.io
5638916786880512-fe1.pantheonsite.io
mars.aarpmedicareplans.com
5638916786880512-fe1.pantheonsite.io
microsites-prod-externalprodv2.aemprod.optum.com
gpd-acq-azure.optum.com
renew.aarpmedicareplans.com
roadtripreunion.aarpmedicareplans.com
www.aarpmedicareplans.com
mnrgeneric2.uhc.com
ma.aarpmedicareplans.com
mnrgeneric.uhc.com
www.aarpmedicareplans.com
visualizeyou.member.aarpmedicareplans.com
www.aarpmedicareplans.com
renew.aarpmedicareplans.com
info.aarpmedicareplans.com
caid.uhccommunityplan.com
offline.aarpmedicareplans.com
caid.uhccommunityplan.com
5767409591910400-fe4.pantheonsite.io
www.aarpmedicareplans.com
mnrgeneric2.uhc.com
renew.aarpmedicareplans.com
www.uhcmedicaresolutions.com
5767409591910400-fe4.pantheonsite.io
mnrgeneric.uhc.com
5638916786880512-fe1.pantheonsite.io
offline.uhcmedicaresolutions.com
www.uhcmedicaresolutions.com
hl.member.aarpmedicareplans.com
offline.uhcmedicaresolutions.com
mnrgeneric2.uhc.com
5767409591910400-fe4.pantheonsite.io
planselector.aarpmedicareplans.com
microsites-prod-externalprodv5.aemprod.optum.com
offline.uhcmedicaresolutions.com
advisor.aarpmedicareplans.com
www.uhcmedicaresolutions.com
5638916786880512-fe1.pantheonsite.io
hl-shra.member.aarpmedicareplans.com
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
pdp.aarpmedicareplans.com
caid.uhccommunityplan.com
www.uhcmedicaresolutions.com
caid.uhccommunityplan.com
offline-mnrgeneric.uhc.com
5767409591910400-fe4.pantheonsite.io
offline.aarpmedicareplans.com
mnrgeneric.uhc.com

info.aarpmedicareplans.com
5638916786880512-fe1.pantheonsite.io
info.aarpmedicareplans.com
www.uhcmedicaresolutions.com
5767409591910400-fe4.pantheonsite.io
renew.aarpmedicareplans.com
mnrgeneric.uhc.com
5767409591910400-fe4.pantheonsite.io
microsites-prod-externalprodv3.aemprod.optum.com
mnrgeneric2.uhc.com
5638916786880512-fe1.pantheonsite.io
5638916786880512-fe1.pantheonsite.io
offline-mnrgeneric2.uhc.com
5767409591910400-fe4.pantheonsite.io
offline.uhcmedicaresolutions.com
hl.member.aarpmedicareplans.com
ma.aarpmedicareplans.com
5767409591910400-fe4.pantheonsite.io
renew.aarpmedicareplans.com
5638916786880512-fe1.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
mnrgeneric.uhc.com
www.uhcmedicaresolutions.com
5638916786880512-fe1.pantheonsite.io
offline.uhcmedicaresolutions.com
gpd-acq-azure.optum.com
5767409591910400-fe4.pantheonsite.io
5638916786880512-fe1.pantheonsite.io
offline-mnrgeneric2.uhc.com
5767409591910400-fe4.pantheonsite.io

Certificate

The complete raw certificate details for hl-shra.member.aarpmedicareplans.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG+jCCBeKgAwIBAgIQZUAC2Th6+UcpYnbL/eRpZjANBgkqhkiG9w0BAQsFADCB
ljELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPDA6BgNV
BAMTM0NPTU9ETyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl
cnZlciBDQTAeFw0xODA4MTUwMDAwMDBaFw0xOTA4MTUyMzU5NTlaMIHfMQswCQYD
VQQGEwJVUzEOMAwGA1UEERMFNTUzNDMxEjAQBgNVBAgTCU1pbm5lc290YTETMBEG
A1UEBxMKTWlubmV0b25rYTEcMBoGA1UECRMTOTkwMCBCcmVuIFJvYWQgRWFzdDEg
MB4GA1UEChMXVW5pdGVkSGVhbHRoIEdyb3VwIEluYy4xCzAJBgNVBAsTAklUMRsw
GQYDVQQLExJFbnRlcnByaXNlIFNTTCBQcm8xLTArBgNVBAMTJGhsLXNocmEubWVt
YmVyLmFhcnBtZWRpY2FyZXBsYW5zLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKvm1Nl1GLELYtaQyXSm9pLy0fiuzVcXblCS5BzvAn5wtcsL1Io/
gG9NANZ0VQpa9LNGwZla1/nsI46EN9exNxyMLcgY8DIJ+owPR0Tm6Pv8h72prwZF
1SroqpjCqWHeZCj5jhZpH4/XOMxXmxQvDtaFR5RfG20wqh3+zrH9OcUTQm9Z4pJO
kzHQ85wCBjN4D5B9iTpDaKz6KKsYI7YpyMtASkcWCvefgL0sJgEh1sJCDwa7axj6
q0c8EjmtpNyvJzmFlOTnoJV9irh3XlT8FvfIpl83wz8r0c1kMvbJSd5zcdYjCza9
MQlx+G14k94BpsZ6+OubOxgZgvzg9miQAzcCAwEAAaOCAvcwggLzMB8GA1UdIwQY
MBaAFJrzK9rPrU+2L7sqSEgqErcbQsEkMB0GA1UdDgQWBBQDHwwpvyITnKieBL1C
VInNP0p6gzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwUAYDVR0gBEkwRzA7BgwrBgEEAbIxAQIBAwQw
KzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwCAYG
Z4EMAQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuY29tb2RvY2EuY29t
L0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5j
cmwwgYsGCCsGAQUFBwEBBH8wfTBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5jb21v
ZG9jYS5jb20vQ09NT0RPUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNl
cnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29t
MC8GA1UdEQQoMCaCJGhsLXNocmEubWVtYmVyLmFhcnBtZWRpY2FyZXBsYW5zLmNv
bTCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AO5Lvbd1zmC64UJpH6vhnmajD35f
sHLYgwDEe4l6qP3LAAABZT9aeGkAAAQDAEgwRgIhALTZ+jIMeVoIYM0iSFevERYV
n1SG+7x8HWqRmXXZF2NhAiEA4J2Z7IU4cM47jytTMbMjhxkKveFcwsYcnSbVEgZN
Kn0AdgB0ftqDMa0zEJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAWU/WnjUAAAE
AwBHMEUCIQCuC0MGYw5YWzQHQEUiyE37fAfy/IgJtHVrDGEhrmsosgIgAaruDByd
bZKOwgMU5UXn2bfPAB87PVD7w3Sik/NP6OcwDQYJKoZIhvcNAQELBQADggEBAAU3
4jxMO0atSU28mgoQkRSt70S5ojcbQQXEO5igxBX0tAVQImw9DRIGKn9hxq+My3lw
7yFC1DLeFq44K2pr6aUNbSwZ8+Zp6UKfhgJ9Cq2rZVYjJSWXOvH5gP0kYGNaRCTw
PCfyIFqZEr5gZN83+Y1/CXTenMxKrFkciUvtqcvRpeGCFHnaG+p2HG1bhzXD79Bu
ecodG1UI8ybYu1jehEy04AgXUB4HjLXyiUdjFdMUDY3v2n2X4uWLeKVQEdxYW1Ua
87s4ltN1/id5moorFY4QdFmiGJmRJjpFLtXdAN62P/lpYJlN3A3vQyH9fHS8ssPP
Evpr0yFnrigO16KMzEQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+bU2XUYsQti1pDJdKb2
kvLR+K7NVxduUJLkHO8CfnC1ywvUij+Ab00A1nRVClr0s0bBmVrX+ewjjoQ317E3
HIwtyBjwMgn6jA9HRObo+/yHvamvBkXVKuiqmMKpYd5kKPmOFmkfj9c4zFebFC8O
1oVHlF8bbTCqHf7Osf05xRNCb1nikk6TMdDznAIGM3gPkH2JOkNorPooqxgjtinI
y0BKRxYK95+AvSwmASHWwkIPBrtrGPqrRzwSOa2k3K8nOYWU5OeglX2KuHdeVPwW
98imXzfDPyvRzWQy9slJ3nNx1iMLNr0xCXH4bXiT3gGmxnr465s7GBmC/OD2aJAD
NwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 134584392348033031712156019451645684070
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-15 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '55343'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Minnesota'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Minnetonka'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '9900 Bren Road East'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'UnitedHealth Group Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Enterprise SSL Pro'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hl-shra.member.aarpmedicareplans.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21700577376205589045693637362539353505007213815497420527179416158984167556919758311437029991681283092751343032900957067858137820974616139941792904386271812283414147237797153127882029759752680319944803684419519998762544145946602952556699362771710217156029692145354662344216430826229290825466812604792001447299479513439649848607507490900290240347838295824186460897993268017164521514346198572171947871819670538721732498227786103706493629075867585526251912182888948273295337833040213897871296021283918221086380051388032194254921043334650324078731787870994944262046577336086200460317983696588660633086332190750683054474039
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9af32bdacfad4fb62fbb2a48482a12b71b42c124
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							031f0c29bf22139ca89e04bd425489cd3f4a7a83
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (127 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hl-shra.member.aarpmedicareplans.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb000001653f5a78690000040300483046022100b4d9fa320c795a0860cd224857af1116159f5486fbbc7c1d6a919975d9176361022100e09d99ec853870ce3b8f2b5331b32387190abde15cc2c61c9d26d512064d2a7d007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc56000001653f5a78d40000040300473045022100ae0b4306630e585b3407404522c84dfb7c07f2fc8809b4756b0c6121ae6b28b2022001aaee0c1c9d6d928ec20314e545e7d9b7cf001f3b3d50fbc374a293f34fe8e7
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000537e23c4c3b46ad494dbc9a0a109114adef44b9a2371b4105c43b98a0c415f4b40550226c3d0d12062a7f61c6af8ccb7970ef2142d432de16ae382b6a6be9a50d6d2c19f3e669e9429f86027d0aadab6556232525973af1f980fd2460635a4424f03c27f2205a9912be6064df37f98d7f0974de9ccc4aac591c894beda9cbd1a5e1821479da1bea761c6d5b8735c3efd06e79ca1d1b5508f326d8bb58de844cb4e00817501e078cb5f289476315d3140d8defda7d97e2e58b78a55011dc585b551af3bb3896d375fe27799a8a2b158e107459a2189991263a452ed5dd00deb63ff96960994ddc0def4321fd7c74bcb2c3cf12fa6bd32167ae280ed7a28ccc44