www.banksanjuans.com

- Glacier Bank -

Issued by GeoTrust EV RSA CA 2018

About this certificate

This digital certificate with serial number 07:de:16:38:13:48:f6:1a:3b:9a:bf:79:36:c6:3e:22 was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Glacier Bank

Company registration number: D093435
Organization: Glacier Bank
State / Province: MT
Locality: Kalispell
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 07:de:16:38:13:48:f6:1a:3b:9a:bf:79:36:c6:3e:22
Serial Number (int): 10457736528845944011095548862541479458
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 01:86:db:8b:13:00:4b:6a:fa:34:8a:c3:42:48:ae:bf:f3:27:0a:5f
AuthorityKeyId: ca:92:67:52:61:de:ae:fc:ba:22:2b:7f:1c:87:4c:25:fb:6f:99:58

Fingerprint (sha1): e4:91:48:e2:aa:4e:aa:f9:6a:01:c0:42:84:17:bb:67:a5:35:67:a4
Fingerprint (sha256): 2f:4d:ae:43:d5:df:d2:90:55:7e:df:95:70:9a:19:b8:c0:ad:eb:fb:f8:a6:01:86:2a:82:11:64:7f:be:56:df

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustEVRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustEVRSACA2018.crl

Check the revocation status for certificate www.banksanjuans.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.banksanjuans.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA512 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.banksanjuans.com
banksanjuans.com

Other certificates including the domain name banksanjuans.com

(limited to 100 certificates)
www.banksanjuans.com
mortgage.1stbmt.com.roostify.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
www.banksanjuans.com
www.banksanjuans.com
www.banksanjuans.com
san-10-s11.tlsprovisioning.exacttarget.com
www.banksanjuans.com
mortgage.1stbmt.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
www.banksanjuans.com
san-10-s11.tlsprovisioning.exacttarget.com
mortgage.banksanjuans.com
mortgage.gofirstbank.com
san-10-s11.tlsprovisioning.exacttarget.com
mortgage.gofirstbank.com
mortgage.1stbmt.com
mortgage.1stbmt.com
san-10-s11.tlsprovisioning.exacttarget.com
www.banksanjuans.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
www.banksanjuans.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
www.banksanjuans.com
san-10-s11.tlsprovisioning.exacttarget.com
banksanjuans.com
mortgage.banksanjuans.com
mortgage.1stbmt.com
www.banksanjuans.com
mortgage.valleybankhelena.com.roostify.com
mortgage.banksanjuans.com
mortgage.fsbwy.com
san-10-s11.tlsprovisioning.exacttarget.com
mortgage.banksanjuans.com
san-10-s11.tlsprovisioning.exacttarget.com
www.banksanjuans.com
www.banksanjuans.com
mortgage.1stbmt.com
www.banksanjuans.com
www.banksanjuans.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
mortgage.fcbutah.com.roostify.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
mortgage.collegiatepeaksbank.com.roostify.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
mortgage.banksanjuans.com
banksanjuans.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
www.quickapply.banksanjuans.com
mortgage.collegiatepeaksbank.com.roostify.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
banksanjuans.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
san-10-s11.tlsprovisioning.exacttarget.com
banksanjuans.com

Certificate

The complete raw certificate details for www.banksanjuans.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG7TCCBdWgAwIBAgIQB94WOBNI9ho7mr95NsY+IjANBgkqhkiG9w0BAQ0FADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdHZW9UcnVzdCBFViBSU0EgQ0EgMjAx
ODAeFw0yMjEwMTkwMDAwMDBaFw0yMzEwMjIyMzU5NTlaMIHEMRMwEQYLKwYBBAGC
NzwCAQMTAlVTMRgwFgYLKwYBBAGCNzwCAQITB01vbnRhbmExHTAbBgNVBA8MFFBy
aXZhdGUgT3JnYW5pemF0aW9uMRAwDgYDVQQFEwdEMDkzNDM1MQswCQYDVQQGEwJV
UzELMAkGA1UECBMCTVQxEjAQBgNVBAcTCUthbGlzcGVsbDEVMBMGA1UEChMMR2xh
Y2llciBCYW5rMR0wGwYDVQQDExR3d3cuYmFua3Nhbmp1YW5zLmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJT7iNxOBseZO08292ryhWxpFfp2GFN3
d7P95F02HtZO46YYFvUuUJstGHP0RR45z1lhH9plqAXS5ayYYRmMM1b7PDnCTkis
GllQaWc4tbda2sHgNl17VB2S1gD6WfPDoua5Tx0SS2qf+ERymNvGpBtKCyuCazSr
BEXm0XQkCCOMgIVuO8mEFI2emE4SPHuj8+7mAnfsSsR0ZQXT6RmvIIeD3uzfQBpz
nwjkM6ElL2v2UwksnQJ968JMKRYUpJ0r5IqMMRPXI96Pw381D5dxVwV9HzCkOl1U
+DnZ/0NyT8wVAk+Ydu2UBDXLtUZWvHXM7cxpdDB8QvewvG8fgL+ID70CAwEAAaOC
AzswggM3MB8GA1UdIwQYMBaAFMqSZ1Jh3q78uiIrfxyHTCX7b5lYMB0GA1UdDgQW
BBQBhtuLEwBLavo0isNCSK6/8ycKXzAxBgNVHREEKjAoghR3d3cuYmFua3Nhbmp1
YW5zLmNvbYIQYmFua3Nhbmp1YW5zLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEAGA1UdHwQ5MDcwNaAzoDGGL2h0dHA6
Ly9jZHAuZ2VvdHJ1c3QuY29tL0dlb1RydXN0RVZSU0FDQTIwMTguY3JsMEoGA1Ud
IARDMEEwCwYJYIZIAYb9bAIBMDIGBWeBDAEBMCkwJwYIKwYBBQUHAgEWG2h0dHA6
Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB3BggrBgEFBQcBAQRrMGkwJgYIKwYBBQUH
MAGGGmh0dHA6Ly9zdGF0dXMuZ2VvdHJ1c3QuY29tMD8GCCsGAQUFBzAChjNodHRw
Oi8vY2FjZXJ0cy5nZW90cnVzdC5jb20vR2VvVHJ1c3RFVlJTQUNBMjAxOC5jcnQw
CQYDVR0TBAIwADCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHUA6D7Q2j71BjUy
51covIlryQPTy9ERa+zraeF3fW0GvW4AAAGD8kUkxwAABAMARjBEAiA3NNL+DxaI
rgbysYS4ZtFz98agbdpXXl8xqxkKlMGEjgIgYrNpegQSHGSrM+9C6Ok3vcYX5/Iv
EZIO98QO/e49ho4AdwCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAA
AYPyRSTjAAAEAwBIMEYCIQC0Kl+G4WNzxt4ecUnhMlOhn2ukQKcwUDR0cZNzaroK
lgIhAOmGYByVqYW82m56G2W5T3yo2FJG5HOFVoWUdIMTi7qTAHcAtz77JN+cTbp1
8jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGD8kUkoAAABAMASDBGAiEA6AffkNhO
FOSYlgC8gh4QWT1PoKAT7yqMQJdfVgaeuIcCIQCWxbg1rHqHN1qqBLfWl/zBFK3A
TtQxwVLNcbNbCi6FfTANBgkqhkiG9w0BAQ0FAAOCAQEAqVtVBR8EHzeDyyw/8Mub
V3Drljah3B0ienizXo9vO7j1GVEyMtp+AWDcCw2BidngmCuCyMp7Hf4CjXdCyLk0
BwwzYe5wR1BVS33GElyO2VoNl1CFi82lrdVAP1jnKX0SxeVN/vHbH94aFVuGiYzK
zN8PVo0+qmxp2c20euwsOlzLHc2Uo4M5BHKjVqsWsNPOW3tzuotsLugTWvEbjuI2
Dpil91ghxgbtN+SQHsoDmBQ15jmBMpY0n0RrWvFTpDIYw7qg8Fj5nbFX3/uOfiif
GAzvxjHYidXvczjNHZUAEwNG/1p4uRW/SaLv+u672OXaXjxDcWVgjbVfnuDbow7k
AQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPuI3E4Gx5k7Tzb3avKF
bGkV+nYYU3d3s/3kXTYe1k7jphgW9S5Qmy0Yc/RFHjnPWWEf2mWoBdLlrJhhGYwz
Vvs8OcJOSKwaWVBpZzi1t1raweA2XXtUHZLWAPpZ88Oi5rlPHRJLap/4RHKY28ak
G0oLK4JrNKsERebRdCQII4yAhW47yYQUjZ6YThI8e6Pz7uYCd+xKxHRlBdPpGa8g
h4Pe7N9AGnOfCOQzoSUva/ZTCSydAn3rwkwpFhSknSvkiowxE9cj3o/DfzUPl3FX
BX0fMKQ6XVT4Odn/Q3JPzBUCT5h27ZQENcu1Rla8dcztzGl0MHxC97C8bx+Av4gP
vQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10457736528845944011095548862541479458
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust EV RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-19 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-22 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Montana'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'D093435'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Kalispell'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Glacier Bank'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.banksanjuans.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18807305474846607065121211988994513415735865586349852759035098488882548901987577730673530971092255971145599167187508379106658529574080862611804160611163903502144412523504539016747845039375864116850578006816219318812504434570524554445914208740875220804103446238590644147847412114516381048350273386260023630238162105947689383005418160341026895686674056676605080263666714664463146786123151639304419912338691242470505620897420109279599138404397931279618726080969392168465283862712497828049630236106541663608242029390543805120720178675845310242573324548203241629966251497738428111595222921091934101259375556623984593735613
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ca92675261deaefcba222b7f1c874c25fb6f9958
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0186db8b13004b6afa348ac34248aebff3270a5f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.banksanjuans.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'banksanjuans.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustEVRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (107 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustEVRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000183f24524c7000004030046304402203734d2fe0f1688ae06f2b184b866d173f7c6a06dda575e5f31ab190a94c1848e022062b3697a04121c64ab33ef42e8e937bdc617e7f22f11920ef7c40efdee3d868e007700b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000183f24524e30000040300483046022100b42a5f86e16373c6de1e7149e13253a19f6ba440a7305034747193736aba0a96022100e986601c95a985bcda6e7a1b65b94f7ca8d85246e473855685947483138bba93007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000183f24524a00000040300483046022100e807df90d84e14e4989600bc821e10593d4fa0a013ef2a8c40975f56069eb88702210096c5b835ac7a87375aaa04b7d697fcc114adc04ed431c152cd71b35b0a2e857d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a95b55051f041f3783cb2c3ff0cb9b5770eb9636a1dc1d227a78b35e8f6f3bb8f519513232da7e0160dc0b0d8189d9e0982b82c8ca7b1dfe028d7742c8b934070c3361ee704750554b7dc6125c8ed95a0d9750858bcda5add5403f58e7297d12c5e54dfef1db1fde1a155b86898ccaccdf0f568d3eaa6c69d9cdb47aec2c3a5ccb1dcd94a383390472a356ab16b0d3ce5b7b73ba8b6c2ee8135af11b8ee2360e98a5f75821c606ed37e4901eca03981435e639813296349f446b5af153a43218c3baa0f058f99db157dffb8e7e289f180cefc631d889d5ef7338cd1d9500130346ff5a78b915bf49a2effaeebbd8e5da5e3c437165608db55f9ee0dba30ee401