www.rodenstock.com

- Rodenstock GmbH -

Issued by GeoTrust TLS RSA CA G1

About this certificate

This digital certificate with serial number 01:16:41:5e:93:58:8c:a8:bc:a3:cf:6e:51:08:be:54 was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Rodenstock GmbH

Organization: Rodenstock GmbH
Organization unit: IT
State / Province: Bayern
Locality: München
Country: DE

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 01:16:41:5e:93:58:8c:a8:bc:a3:cf:6e:51:08:be:54
Serial Number (int): 1444784376345541939974123120486825556
Serial Number lenght: 121 bits, 16 octets

SubjectKeyId: 7e:89:85:f9:c3:a9:47:6c:bb:4b:ea:d1:69:d4:a9:07:28:0e:ce:56
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57

Fingerprint (sha1): 7b:11:d3:dc:6b:7a:2f:47:b3:96:ac:c9:7f:ac:54:75:b7:56:47:34
Fingerprint (sha256): 2d:58:1c:2e:e5:b5:d6:d7:f6:75:c4:74:9d:bc:6b:34:72:fd:cf:12:1f:40:d7:58:c8:91:25:fa:2f:a4:b3:0b

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl

Check the revocation status for certificate www.rodenstock.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.rodenstock.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.rodenstock.com
rodenstock.com

Other certificates including the domain name rodenstock.com

(limited to 100 certificates)
*.rodenstock.com
sf6-staging.cnxt.rodenstock.com
ftp3.rodenstock.com
analytics.cnxt.rodenstock.com
cnxt.rodenstock.com
erpc-cl1.rodenstock.com
develop.cnxt.rodenstock.com
scopia.rodenstock.com
wifi.rodenstock.com
countdown.rodenstock.com
api-staging.cnxt.rodenstock.com
countdown.rodenstock.com
dsa.rodenstock.com
cnxt-hub-preview.cnxt.rodenstock.com
develop.cnxt.rodenstock.com
select-api.cnxt.rodenstock.com
webmail.rodenstock.com
hub-staging.cnxt.rodenstock.com
develop.cnxt.rodenstock.com
dsa.rodenstock.com
gateway-develop.cnxt.rodenstock.com
consumer-api-develop.cnxt.rodenstock.com
consumer-api-develop.cnxt.rodenstock.com
consumer-api-staging.cnxt.rodenstock.com
mailsn.rodenstock.com
wifi.rodenstock.com
mailsn.rodenstock.com
payment.rodenstock.com
develop.cnxt.rodenstock.com
sf6-develop.cnxt.rodenstock.com
api-develop.cnxt.rodenstock.com
select-api-staging.cnxt.rodenstock.com
webservices.rodenstock.com
winfitb2b.rodenstock.com
dsa.rodenstock.com
select-api.cnxt.rodenstock.com
select-api-develop.cnxt.rodenstock.com
css.rodenstock.com
sf6-develop.cnxt.rodenstock.com
mailsn.rodenstock.com
analytics.cnxt.rodenstock.com
sf6.cnxt.rodenstock.com
dsa.rodenstock.com
*.rodenstock.com
sso.cnxt.rodenstock.com
staging.cnxt.rodenstock.com
backend.events.rodenstock.com
sf6.cnxt.rodenstock.com
cnxt.rodenstock.com
trustcenter.cnxt.rodenstock.com
expertenfilm.rodenstock.com
www.rodenstock.com
bignorm.rodenstock.com
payment.rodenstock.com
api-develop.cnxt.rodenstock.com
sso.cnxt.rodenstock.com
consumer-api.cnxt.rodenstock.com
mailsn.rodenstock.com
semis.rodenstock.com
hub.cnxt.rodenstock.com
*.rodenstock.com
api-staging.cnxt.rodenstock.com
expertmovie.rodenstock.com
staging.cnxt.rodenstock.com
cnxt-frontend-preview.cnxt.rodenstock.com
tool.rodenstock.com
gateway-develop.cnxt.rodenstock.com
vst.rodenstock.com
backend.events.rodenstock.com
hub.cnxt.rodenstock.com
cnxt-postgraphile-production.cnxt.rodenstock.com
analytics.cnxt.rodenstock.com
api.cnxt.rodenstock.com
cnxt-postgraphile-production.cnxt.rodenstock.com
select-api.cnxt.rodenstock.com
cnxt.rodenstock.com
sf6-preview.cnxt.rodenstock.com
dsa.rodenstock.com
cnxt-sf6-backend-staging.cnxt.rodenstock.com
api-develop.cnxt.rodenstock.com
payment.rodenstock.com
wiki.cnxt.rodenstock.com
tool.rodenstock.com
sf6-staging.cnxt.rodenstock.com
dsa-develop.cnxt.rodenstock.com
www.rodenstock.com
tool.rodenstock.com
shop-develop.cnxt.rodenstock.com
api-staging.cnxt.rodenstock.com
api-staging.cnxt.rodenstock.com
tool.rodenstock.com
trustcenter.cnxt.rodenstock.com
dsa.cnxt.rodenstock.com
www.rodenstock.com
cnxt-consumer-api-preview.cnxt.rodenstock.com
css.rodenstock.com
consumer-api-staging.cnxt.rodenstock.com
gateway-preview.cnxt.rodenstock.com
api.cnxt.rodenstock.com
cnxt-postgraphile-staging.cnxt.rodenstock.com

Certificate

The complete raw certificate details for www.rodenstock.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIQARZBXpNYjKi8o89uUQi+VDANBgkqhkiG9w0BAQsFADBg
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx
MB4XDTIwMDIyMTAwMDAwMFoXDTIyMDMyMjEyMDAwMFowdTELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJheWVybjERMA8GA1UEBwwITcO8bmNoZW4xGDAWBgNVBAoTD1Jv
ZGVuc3RvY2sgR21iSDELMAkGA1UECxMCSVQxGzAZBgNVBAMTEnd3dy5yb2RlbnN0
b2NrLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPvTvyiddOTV
tahY4Qppp8rxPYb4etUUC1tAFCFnXNzm9R4al0QGp5+KSBN96aIIjbcyMkde+wA/
Aav/3NTl1At/6MO+WQbpqA1YEad9azCEgsJXdqZ0S5yGxJpJMwtL+s6JztSNdJ7P
QopIPaZVisihsmWfbjRVnXpn4XB/5/IGnIUH7iDITaTGWcnr44xg5dDHTGNQ6PR1
owr8Prl1mbpejEnT0DGRjbzrshgUlXL18n7gRoZruilfqsfjwZOsoSvRZ9vq8CCl
3PWSIf7t8rJos7P8103JAhzS9OIMcIrDjPVw+IrpYcdFa0bBn4uKgv4sfIFMSXkQ
w2SCeAoOjXECAwEAAaOCAckwggHFMB8GA1UdIwQYMBaAFJRP1F2L5KTipoD+/dj5
AO+jvgJXMB0GA1UdDgQWBBR+iYX5w6lHbLtL6tFp1KkHKA7OVjAtBgNVHREEJjAk
ghJ3d3cucm9kZW5zdG9jay5jb22CDnJvZGVuc3RvY2suY29tMA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPwYDVR0fBDgwNjA0
oDKgMIYuaHR0cDovL2NkcC5nZW90cnVzdC5jb20vR2VvVHJ1c3RUTFNSU0FDQUcx
LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRw
czovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB2BggrBgEFBQcBAQRq
MGgwJgYIKwYBBQUHMAGGGmh0dHA6Ly9zdGF0dXMuZ2VvdHJ1c3QuY29tMD4GCCsG
AQUFBzAChjJodHRwOi8vY2FjZXJ0cy5nZW90cnVzdC5jb20vR2VvVHJ1c3RUTFNS
U0FDQUcxLmNydDAJBgNVHRMEAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqG
SIb3DQEBCwUAA4IBAQAK5JVSG0nKXdT7t6PvoBMigch0a4KfzenQWpIZGpiLON5e
Ah+XBQZDuGIkSfdOnxXcKWCHT9eYXB9fOWP4T0t5rjCCsp91OLP/+og2LsBWcVCd
YjIK4usdX+MtUp2RZXNbDLnani5KkI0DLtpRbZbDi/AzT+m06NofWUPw3i9wTgbE
kIaQs0ojUi5O/9tZe/n2HXsegyjpKI4cvcG5dkhJxox5J5q7TrjJmsCd11vdNjRU
P2wDKAwRXYRE5oXPV56ARbgnya1eGtXBn14EnWHQf7XVpmJTVEK0C3X4VhFAzxYy
50XKHAVGhYPs3BDLWIfw6cxi6hSa4+lt6grW5z1U
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+9O/KJ105NW1qFjhCmmn
yvE9hvh61RQLW0AUIWdc3Ob1HhqXRAann4pIE33pogiNtzIyR177AD8Bq//c1OXU
C3/ow75ZBumoDVgRp31rMISCwld2pnRLnIbEmkkzC0v6zonO1I10ns9Cikg9plWK
yKGyZZ9uNFWdemfhcH/n8gachQfuIMhNpMZZyevjjGDl0MdMY1Do9HWjCvw+uXWZ
ul6MSdPQMZGNvOuyGBSVcvXyfuBGhmu6KV+qx+PBk6yhK9Fn2+rwIKXc9ZIh/u3y
smizs/zXTckCHNL04gxwisOM9XD4iulhx0VrRsGfi4qC/ix8gUxJeRDDZIJ4Cg6N
cQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1444784376345541939974123120486825556
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-21 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-03-22 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bayern'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'München'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rodenstock GmbH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.rodenstock.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 31790230742545931802956110761439356426662705662695377952124237934263263592851060308984917558960673028114073776962249708865546449451605843543253045096751279134987825340553170679024301609283684695225090770391771150021360289878092942074162085668540363254468010386047288863009666297490869989068907051345435862582653208555595729324794894055797585997663782147946824874816128828211845138975736394043322180888858389585924293107569954623882289270878528563755810640821557939783546777051966851228185578412216297115592443021107148367493008583854082643211818018401132938415626102622083592486579044659708057636158025771162794888561
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7e8985f9c3a9476cbb4bead169d4a907280ece56
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rodenstock.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rodenstock.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000ae495521b49ca5dd4fbb7a3efa0132281c8746b829fcde9d05a92191a988b38de5e021f97050643b8622449f74e9f15dc2960874fd7985c1f5f3963f84f4b79ae3082b29f7538b3fffa88362ec05671509d62320ae2eb1d5fe32d529d9165735b0cb9da9e2e4a908d032eda516d96c38bf0334fe9b4e8da1f5943f0de2f704e06c4908690b34a23522e4effdb597bf9f61d7b1e8328e9288e1cbdc1b9764849c68c79279abb4eb8c99ac09dd75bdd3634543f6c03280c115d8444e685cf579e8045b827c9ad5e1ad5c19f5e049d61d07fb5d5a662535442b40b75f8561140cf1632e745ca1c05468583ecdc10cb5887f0e9cc62ea149ae3e96dea0ad6e73d54