www.banque.di.afpa.fr

- AFPA (L'Agence nationale pour la formation professionnelle) -

Issued by GeoTrust EV RSA CA 2018

About this certificate

This digital certificate with serial number 07:bb:06:06:29:f4:c9:eb:8e:f4:5f:5c:8d:9d:21:1f was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

AFPA (L'Agence nationale pour la formation professionnelle)

Company registration number: 824 228 142
Organization: AFPA (L'Agence nationale pour la formation professionnelle)
Organization unit: DSI
Locality: MONTREUIL
Country: FR

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 07:bb:06:06:29:f4:c9:eb:8e:f4:5f:5c:8d:9d:21:1f
Serial Number (int): 10275677665851837716080416035895583007
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 34:45:6d:92:d0:6b:96:1b:29:93:eb:47:4b:2f:6b:ca:88:2a:40:f6
AuthorityKeyId: ca:92:67:52:61:de:ae:fc:ba:22:2b:7f:1c:87:4c:25:fb:6f:99:58

Fingerprint (sha1): 1e:d0:e8:e5:3a:1c:9e:11:30:5a:ce:1f:04:4a:98:ac:3c:e2:67:45
Fingerprint (sha256): 2f:e3:77:0e:bf:f8:10:fd:25:c5:14:74:b8:9e:93:3f:cf:d0:13:9e:9b:c4:a8:f3:75:9c:fe:d7:21:e6:78:62

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustEVRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustEVRSACA2018.crl

Check the revocation status for certificate www.banque.di.afpa.fr

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.banque.di.afpa.fr

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.banque.di.afpa.fr

Other certificates including the domain name afpa.fr

(limited to 100 certificates)
mooc.afpa.fr
hebergement-afpa.fr
*.afpa.fr
access.afpa.fr
wconvivio.afpa.fr
*.afpa.fr
copilote-sept.afpa.fr
www.questionnaires.hebergement-afpa.fr
www.tsgp.afpa.fr
mooc.afpa.fr
convivio.afpa.fr
hebergement-afpa.fr
*.afpa.fr
manager.eforpro.afpa.fr
mooc.afpa.fr
www.pprod.tsgp.afpa.fr
*.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
moocfle.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
eforpro.afpa.fr
bnr.afpa.fr
www.certification.afpa.fr
mooc.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
mooc.afpa.fr
*.afpa.fr
moocfle.afpa.fr
hebergement-afpa.fr
www.rapportactivite.hebergement-afpa.fr
evenement.afpa.fr
tr.infos.afpa.fr
mooc.afpa.fr
www.admin.di.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
convivio.afpa.fr
www.admin.di.afpa.fr
www.enquetes.afpa.fr
eforpro.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
wslync.afpa.fr
*.afpa.fr
mooc.afpa.fr
preprod-bnr.afpa.fr
stream.tsgp.afpa.fr
www.banque.di.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
rapportactivite.hebergement-afpa.fr
www.catalogues.afpa.fr
mooc.afpa.fr
www.enquetes.afpa.fr
tr.portail.afpa.fr
WWW.MONPARCOURS.TSGP.AFPA.FR
www.certification.afpa.fr
*.afpa.fr
hebergement-afpa.fr
access.afpa.fr
convivio.afpa.fr
www.enquetes.afpa.fr
moocfle.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
moocfle.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
moocfle.afpa.fr
www.afpa.fr
afpasupplierportail.afpa.fr
stream.tsgp.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
eforpro.afpa.fr
videos.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
www.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
www.afpa.fr
www.catalogues.afpa.fr
www.admin.di.afpa.fr
bnr.afpa.fr
tr.portail.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
habilitation.eforpro.afpa.fr
www.afpa.fr
moocfle.afpa.fr
*.afpa.fr
eforpro.afpa.fr
hebergement-afpa.fr
videos.afpa.fr
*.afpa.fr
*.afpa.fr
metis.afpa.fr
tr.portail.afpa.fr
www.banque.di.afpa.fr
bnr.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
mooc.afpa.fr
www.admin.di.afpa.fr
afpasupplierportail.afpa.fr
moocfle.afpa.fr
www.monparcours.tsgp.afpa.fr
www.afpa.fr
certification.afpa.fr

Certificate

The complete raw certificate details for www.banque.di.afpa.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgIQB7sGBin0yeuO9F9cjZ0hHzANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdHZW9UcnVzdCBFViBSU0EgQ0EgMjAx
ODAeFw0yMDA0MDMwMDAwMDBaFw0yMjA2MDMxMjAwMDBaMIIBGjEdMBsGA1UEDwwU
UHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCRlIxHjAcBgsr
BgEEAYI3PAIBAhMNSWxlLWRlLUZyYW5jZTEZMBcGCysGAQQBgjc8AgEBEwhQb250
b2lzZTEUMBIGA1UEBRMLODI0IDIyOCAxNDIxCzAJBgNVBAYTAkZSMRIwEAYDVQQH
EwlNT05UUkVVSUwxRDBCBgNVBAoTO0FGUEEgKEwnQWdlbmNlIG5hdGlvbmFsZSBw
b3VyIGxhIGZvcm1hdGlvbiBwcm9mZXNzaW9ubmVsbGUpMQwwCgYDVQQLEwNEU0kx
HjAcBgNVBAMTFXd3dy5iYW5xdWUuZGkuYWZwYS5mcjCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAJ9Nm8JCiOYCr1LDqaNguW8U7NedFGyqiXYyRyYSNTa9
9wylXdu4OwfFS1nOQG0npJwRPsxbNQf7qgbLfRjhfPimlzjitvxjDrofxR7MFT30
qeOq1J0TJF0ezwg48cjN+gEFQ/1bzXWmoKwbGdTLu2r23mQNXe1GbbnP2rxD/vFp
QVUDKWSmNwqGn27sRfJUYwkR4FLM8dF8gG+pp67X2AqbS0kVqdflp7cBiCJP9H0S
ey2vpfa0X/WZndVHlCO8psZ8FrBh5tfd9b4N/sV0rDNxyfc18Cwj7x3Z+ANSYevL
K5QDIatERJc0XD9AqNH7P5GnKjjniO44tpH8H4BpjbUCAwEAAaOCAb0wggG5MB8G
A1UdIwQYMBaAFMqSZ1Jh3q78uiIrfxyHTCX7b5lYMB0GA1UdDgQWBBQ0RW2S0GuW
GymT60dLL2vKiCpA9jAgBgNVHREEGTAXghV3d3cuYmFucXVlLmRpLmFmcGEuZnIw
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBA
BgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY2RwLmdlb3RydXN0LmNvbS9HZW9UcnVz
dEVWUlNBQ0EyMDE4LmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsG
AQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMHcG
CCsGAQUFBwEBBGswaTAmBggrBgEFBQcwAYYaaHR0cDovL3N0YXR1cy5nZW90cnVz
dC5jb20wPwYIKwYBBQUHMAKGM2h0dHA6Ly9jYWNlcnRzLmdlb3RydXN0LmNvbS9H
ZW9UcnVzdEVWUlNBQ0EyMDE4LmNydDAJBgNVHRMEAjAAMBMGCisGAQQB1nkCBAMB
Af8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAkvdJyHBmgNBKKJudPnQ8Qv7qjufvG
f3aUTJ63BBurhNb6ux45vXtHaRDtnCDEcLynw0ANAmo7NBd7MMcscVgWkz9LKF5t
ta0GkgKLUT+kQpAh5TySe0nvzUDE6BdUsj8kBWrurzD7vsJW0GArWinLXMkKfYON
8PCh8KiRTS1wuib5TPn9eULMdQ8PzeaRo/beS6HBo/xWLL0QbZdmRVupGzjZn4i3
6DRK/6BjiRCpUWj5wjqnp2ioh+p3a4awsnXyxi7dhBinTylD7oF74eb+suyg+NO4
rGkt3afxJLE5g3lVvNlxdEZ5DqrIWWg7HBKlLCRaXRH+YS3e5kFxLXFy
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn02bwkKI5gKvUsOpo2C5
bxTs150UbKqJdjJHJhI1Nr33DKVd27g7B8VLWc5AbSeknBE+zFs1B/uqBst9GOF8
+KaXOOK2/GMOuh/FHswVPfSp46rUnRMkXR7PCDjxyM36AQVD/VvNdaagrBsZ1Mu7
avbeZA1d7UZtuc/avEP+8WlBVQMpZKY3CoafbuxF8lRjCRHgUszx0XyAb6mnrtfY
CptLSRWp1+WntwGIIk/0fRJ7La+l9rRf9Zmd1UeUI7ymxnwWsGHm1931vg3+xXSs
M3HJ9zXwLCPvHdn4A1Jh68srlAMhq0RElzRcP0Co0fs/kacqOOeI7ji2kfwfgGmN
tQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10275677665851837716080416035895583007
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust EV RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-03 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-06-03 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ile-de-France'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.1 (jurisdictionOfIncorporationL)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pontoise'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '824 228 142'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MONTREUIL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AFPA (L'Agence nationale pour la formation professionnelle)'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DSI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.banque.di.afpa.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20110160634224419698878779446830262163222667000707377225740384296900027069360448333824469867250485014966478744561701684321298153217255621340599781614869720440732774349596491039309769491204030739534366816721821905276309961042522109763008798165197264940883559981458003428979041612992768130664278596878558332245697925628525222122998707099357948902806923485910367841118336303936695816761527383233335714641738481752613440549781472857672958091892921666544827017897566361972687377092895534388027012228014108173420213476661550830693143091179603428879777468953327267355816173802606869329253016653533078070714521528362947153333
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ca92675261deaefcba222b7f1c874c25fb6f9958
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							34456d92d06b961b2993eb474b2f6bca882a40f6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.banque.di.afpa.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustEVRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (107 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustEVRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0024bdd2721c19a034128a26e74f9d0f10bfbaa3b9fbc67f76944c9eb7041bab84d6fabb1e39bd7b476910ed9c20c470bca7c3400d026a3b34177b30c72c715816933f4b285e6db5ad0692028b513fa4429021e53c927b49efcd40c4e81754b23f24056aeeaf30fbbec256d0602b5a29cb5cc90a7d838df0f0a1f0a8914d2d70ba26f94cf9fd7942cc750f0fcde691a3f6de4ba1c1a3fc562cbd106d9766455ba91b38d99f88b7e8344affa0638910a95168f9c23aa7a768a887ea776b86b0b275f2c62edd8418a74f2943ee817be1e6feb2eca0f8d3b8ac692ddda7f124b139837955bcd9717446790eaac859683b1c12a52c245a5d11fe612ddee641712d7172