api.netnation.com
Issued by GeoTrust TLS RSA CA G1
About this certificate
This digital certificate with serial number 01:7f:3f:9e:29:85:49:07:7c:f0:a8:54:50:2d:11:77 was issued on by DigiCert Inc.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=api.netnation.com
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 01:7f:3f:9e:29:85:49:07:7c:f0:a8:54:50:2d:11:77Serial Number (int): 1989940019523563698296460784075346295
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: 39:2a:51:07:1c:9d:78:0c:db:2f:b5:53:02:be:8b:47:76:7b:fd:44
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57
Fingerprint (sha1): c1:27:72:7f:cd:2c:5f:96:41:5b:09:64:35:17:02:65:b5:78:30:bf
Fingerprint (sha256): 2c:77:03:67:90:9d:d9:1e:e8:49:a2:60:a4:2a:4d:4b:7d:15:c8:01:f7:62:97:b4:fc:63:9c:d5:ae:50:1e:a1
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl
Check the revocation status for certificate api.netnation.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for api.netnation.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
api.netnation.com
Other certificates including the domain name netnation.com
(limited to 100 certificates)
sitecontrol.netnation.com
spritessl.netnation.com
sitecontrol.netnation.com
api.netnation.com
freeway.netnation.com
0x.ca
webmail.netnation.com
webmail.netnation.com
webmail.netnation.com
webmail.netnation.com
padlock.netnation.com
secure1.sc.netnation.com
cart.netnation.com
*.netnation.com
api.netnation.com
0x.ca
api.netnation.com
sitecontrol.netnation.com
sitemail.netnation.com
cart.netnation.com
api.netnation.com
acctmgr.netnation.com
order.netnation.com
order.netnation.com
api.netnation.com
api.netnation.com
0x.ca
bladesssl.netnation.com
domains.netnation.com
acctmgr.netnation.com
webmail.netnation.com
safe.netnation.com
acctmgr.netnation.com
cart.netnation.com
sitecontrol.netnation.com
api.netnation.com
acctmgr.netnation.com
domains.netnation.com
freeway.netnation.com
webmail.netnation.com
stronghold.netnation.com
netnation.com
sitecontrol.netnation.com
cart.netnation.com
manage.netnation.com
cart.netnation.com
springerssl.netnation.com
0x.ca
lock.netnation.com
marblessl.netnation.com
cart.netnation.com
cart.netnation.com
domains.netnation.com
webmail.netnation.com
0x.ca
webmail.netnation.com
manage.netnation.com
ssl.netnation.com
netnation.com
0x.ca
acctmgr.netnation.com
acctmgr.netnation.com
sitemail.netnation.com
0x.ca
order.netnation.com
webmail.netnation.com
freeway.netnation.com
freeway.netnation.com
apt.netnation.com
*.netnation.com
sitecontrol.netnation.com
sitecontrol.netnation.com
order.netnation.com
api.netnation.com
0x.ca
api.netnation.com
0x.ca
sitecontrol.netnation.com
am.netnation.com
cart.netnation.com
urchin400.netnation.com
order.netnation.com
webmail.netnation.com
0x.ca
sitemail.netnation.com
staging.netnation.com
acctmgr.netnation.com
0x.ca
sitecontrol.netnation.com
spritessl.netnation.com
sitecontrol.netnation.com
api.netnation.com
freeway.netnation.com
0x.ca
webmail.netnation.com
webmail.netnation.com
webmail.netnation.com
webmail.netnation.com
padlock.netnation.com
secure1.sc.netnation.com
cart.netnation.com
*.netnation.com
api.netnation.com
0x.ca
api.netnation.com
sitecontrol.netnation.com
sitemail.netnation.com
cart.netnation.com
api.netnation.com
acctmgr.netnation.com
order.netnation.com
order.netnation.com
api.netnation.com
api.netnation.com
0x.ca
bladesssl.netnation.com
domains.netnation.com
acctmgr.netnation.com
webmail.netnation.com
safe.netnation.com
acctmgr.netnation.com
cart.netnation.com
sitecontrol.netnation.com
api.netnation.com
acctmgr.netnation.com
domains.netnation.com
freeway.netnation.com
webmail.netnation.com
stronghold.netnation.com
netnation.com
sitecontrol.netnation.com
cart.netnation.com
manage.netnation.com
cart.netnation.com
springerssl.netnation.com
0x.ca
lock.netnation.com
marblessl.netnation.com
cart.netnation.com
cart.netnation.com
domains.netnation.com
webmail.netnation.com
0x.ca
webmail.netnation.com
manage.netnation.com
ssl.netnation.com
netnation.com
0x.ca
acctmgr.netnation.com
acctmgr.netnation.com
sitemail.netnation.com
0x.ca
order.netnation.com
webmail.netnation.com
freeway.netnation.com
freeway.netnation.com
apt.netnation.com
*.netnation.com
sitecontrol.netnation.com
sitecontrol.netnation.com
order.netnation.com
api.netnation.com
0x.ca
api.netnation.com
0x.ca
sitecontrol.netnation.com
am.netnation.com
cart.netnation.com
urchin400.netnation.com
order.netnation.com
webmail.netnation.com
0x.ca
sitemail.netnation.com
staging.netnation.com
acctmgr.netnation.com
0x.ca
sitecontrol.netnation.com
Certificate
The complete raw certificate details for api.netnation.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGIDCCBQigAwIBAgIQAX8/nimFSQd88KhUUC0RdzANBgkqhkiG9w0BAQsFADBg MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx MB4XDTI0MDIyMDAwMDAwMFoXDTI1MDIyNzIzNTk1OVowHDEaMBgGA1UEAxMRYXBp Lm5ldG5hdGlvbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx y0O4EQegfJ2H5vWWqj4s44SCQrQG5qmj2/WWnRsG5F2ynf1pzmMQ76ANAL6CMLvG v7ZUPLRhmT0wkppcYIZrgWWGW7YTgSJbZ0GdllQ0ke0HtsF26VqfQmcssC6lz4ne w58ubWzX2hue7vvvXd3XrUzsBkKu8u8cP8sgddPcPJ/UkGuXMtpszoO17ejqH8bf GZPeOSnVmxYIC2kiHSvd6b+P8q1wOoQXKY3eTSoTTjNiWDNJVDWtYOHJ/SoUYoB4 BiGKFhqA9NmcUQnTKZUkKYS9Hg9iA9Qcp4Y+ibtViuRIawIx26CJZY96aOhe0OAJ LPDfUQ+qTYlwoFucVAqJAgMBAAGjggMYMIIDFDAfBgNVHSMEGDAWgBSUT9Rdi+Sk 4qaA/v3Y+QDvo74CVzAdBgNVHQ4EFgQUOSpRBxydeAzbL7VTAr6LR3Z7/UQwHAYD VR0RBBUwE4IRYXBpLm5ldG5hdGlvbi5jb20wPgYDVR0gBDcwNTAzBgZngQwBAgEw KTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPwYDVR0f BDgwNjA0oDKgMIYuaHR0cDovL2NkcC5nZW90cnVzdC5jb20vR2VvVHJ1c3RUTFNS U0FDQUcxLmNybDB2BggrBgEFBQcBAQRqMGgwJgYIKwYBBQUHMAGGGmh0dHA6Ly9z dGF0dXMuZ2VvdHJ1c3QuY29tMD4GCCsGAQUFBzAChjJodHRwOi8vY2FjZXJ0cy5n ZW90cnVzdC5jb20vR2VvVHJ1c3RUTFNSU0FDQUcxLmNydDAMBgNVHRMBAf8EAjAA MIIBfAYKKwYBBAHWeQIEAgSCAWwEggFoAWYAdgBOdaMnXJoQwzhbbNTfP1LrHfDg jhuNacCx+mSxYpo53wAAAY3HddS6AAAEAwBHMEUCIFmuX605A0WO7FmxYnTsVvWJ DnBB5GMo7EEcMGupwjKrAiEAuuBfHkP5MOoyKk0FrzLOYLfmqn+yOgoyZ4HtVqn/ lvMAdQB9WR4S4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kOjC55uAAAAY3HddTzAAAE AwBGMEQCIAE/jdhcOXjZdiWCfGqcQpxyC/jFaVk1trIaNo+DuHLfAiBpowlagCtE SWvXkzreksvlxHZwyE//Lr21pfG4GxaMxwB1AObSMWNAd4zBEEEG13G5zsHSQPaW hIb7uocyHf0eN45QAAABjcd11RsAAAQDAEYwRAIgIJeGL776ZOnSim2iqGS+/GsE z5tyyMQXhNSAomvb/VICIEv0gk/M3tV9+Z0fKos5+Q1PATpOhaGHIDoDIO+/uiKu MA0GCSqGSIb3DQEBCwUAA4IBAQC8nusbE3akJ1VGIXD1X3UmiUZKV5XB71V4J07J f8zyGIb21Iuu+DNLurUezIIhesGRolyXnA3iUoYV5e7gz6Krc3GYKbZY+b/7yS22 ZLF8hjtd1HTeRMPenIarjAl03ztZityWE2zMAzDosuPJVdpdZneaYINjJgUu9sDg /M+9ZSLamZ/g+UaUUJL8zeirnEpgm3kwCPJIHEqVOphLUNeZYa+xIBVKOuaeRE4D tGjvaSvjKHw3aCFbhKJ9W7zgiRlOOqX+Lr5uvdCJfpOJUPv6KlMo2f2ybXTjkNQU W/kohuWYpgzLx0mKSo+7Yp9Vq4VwzINSsamugaT5B0erixV0 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsctDuBEHoHydh+b1lqo+ LOOEgkK0Buapo9v1lp0bBuRdsp39ac5jEO+gDQC+gjC7xr+2VDy0YZk9MJKaXGCG a4Flhlu2E4EiW2dBnZZUNJHtB7bBdulan0JnLLAupc+J3sOfLm1s19obnu77713d 161M7AZCrvLvHD/LIHXT3Dyf1JBrlzLabM6Dte3o6h/G3xmT3jkp1ZsWCAtpIh0r 3em/j/KtcDqEFymN3k0qE04zYlgzSVQ1rWDhyf0qFGKAeAYhihYagPTZnFEJ0ymV JCmEvR4PYgPUHKeGPom7VYrkSGsCMdugiWWPemjoXtDgCSzw31EPqk2JcKBbnFQK iQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1989940019523563698296460784075346295 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-20 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'api.netnation.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22444413453197302973798740290116799086871564236532716767251268843539035958686945238922505656395661878977666862211785240044103076867851328772908743073991382110036037941534896753289223591757526217494491066283841668527392694159988519959510341599663002702000047153423694737117240384988688644827909915947380717887034619791035183218595252105117718710760621753995394070679771820137632702303870239663689363637095184021664655431554370630200934142956202700657165035849743775434663986136234601438981352445709612636659872283270322633946507609749762491011684005505420849555914076847292119146112239376626896180409981469355777723017 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 392a51071c9d780cdb2fb55302be8b47767bfd44 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.netnation.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 01660076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018dc775d4ba0000040300473045022059ae5fad3903458eec59b16274ec56f5890e7041e46328ec411c306ba9c232ab022100bae05f1e43f930ea322a4d05af32ce60b7e6aa7fb23a0a326781ed56a9ff96f30075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018dc775d4f300000403004630440220013f8dd85c3978d97625827c6a9c429c720bf8c5695935b6b21a368f83b872df022069a3095a802b44496bd7933ade92cbe5c47670c84fff2ebdb5a5f1b81b168cc7007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018dc775d51b000004030046304402202097862fbefa64e9d28a6da2a864befc6b04cf9b72c8c41784d480a26bdbfd5202204bf4824fccded57df99d1f2a8b39f90d4f013a4e85a187203a0320efbfba22ae . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bc9eeb1b1376a42755462170f55f752689464a5795c1ef5578274ec97fccf21886f6d48baef8334bbab51ecc82217ac191a25c979c0de2528615e5eee0cfa2ab73719829b658f9bffbc92db664b17c863b5dd474de44c3de9c86ab8c0974df3b598adc96136ccc0330e8b2e3c955da5d66779a60836326052ef6c0e0fccfbd6522da999fe0f946945092fccde8ab9c4a609b793008f2481c4a953a984b50d79961afb120154a3ae69e444e03b468ef692be3287c3768215b84a27d5bbce089194e3aa5fe2ebe6ebdd0897e938950fbfa2a5328d9fdb26d74e390d4145bf92886e598a60ccbc7498a4a8fbb629f55ab8570cc8352b1a9ae81a4f90747ab8b1574