support.brightfocus.org

- BrightFocus Foundation, Inc. -

Issued by GeoTrust EV SSL CA - G4

About this certificate

This digital certificate with serial number 4d:bc:cc:b0:22:c2:9f:50:b8:1e:05:49:f0:75:29:c5 was issued on by GeoTrust Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

BrightFocus Foundation, Inc.

Company registration number: 731387
Organization: BrightFocus Foundation, Inc.
State / Province: Maryland
Locality: Clarksburg
Country: US

GeoTrust Inc.

Organization: GeoTrust Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 4d:bc:cc:b0:22:c2:9f:50:b8:1e:05:49:f0:75:29:c5
Serial Number (int): 103330859051316591547255098588771199429
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: de:cf:5c:50:b7:ae:02:1f:15:17:aa:16:e8:0d:b5:28:9d:6a:5a:f3

Fingerprint (sha1): 7a:93:8d:a9:02:7e:9c:49:2c:19:b2:fd:a0:90:ef:77:a0:de:76:8b
Fingerprint (sha256): 31:b0:73:84:8b:9c:d0:e8:4a:01:fd:cb:a1:37:53:e0:72:44:f6:17:12:d7:3a:ce:63:b3:e2:df:0c:4d:33:38

Issuing Certificate URL: http://gm.symcb.com/gm.crt

Revocation information

OCSP Server: http://gm.symcd.com
CRL Distribution Point: http://gm.symcb.com/gm.crl

Check the revocation status for certificate support.brightfocus.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for support.brightfocus.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

support.brightfocus.org

Other certificates including the domain name brightfocus.org

(limited to 100 certificates)
utm.brightfocus.org
securedns1.planmygift.org
support.brightfocus.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
5724160613416960-fe2.pantheonsite.io
securedns1.planmygift.org
support1.brightfocus.org
support.brightfocus.org
securedns1.planmygift.org
5724160613416960-fe2.pantheonsite.io
securedns1.planmygift.org
brightfocus.org
5724160613416960-fe2.pantheonsite.io
securedns1.planmygift.org
support1.brightfocus.org
securedns1.planmygift.org
forms.theelenigroup.com
forms.im4u.world
form.clash-event.co.kr
utm.brightfocus.org
securedns1.planmygift.org
securedns1.planmygift.org
5724160613416960-fe2.pantheonsite.io
support.brightfocus.org
register.brightfocus.org
support.brightfocus.org
securedns1.planmygift.org
register.brightfocus.org
utm.brightfocus.org
securedns1.planmygift.org
securedns1.planmygift.org
brightfocus.org
5724160613416960-fe2.pantheonsite.io
support.brightfocus.org
autod.alsubaihisons.com
brightfocus.org
forms.im4u.world
5724160613416960-fe2.pantheonsite.io
5724160613416960-fe2.pantheonsite.io
5724160613416960-fe2.pantheonsite.io
support.brightfocus.org
support1.brightfocus.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
brightfocus.org
securedns1.planmygift.org
securedns1.planmygift.org
support1.brightfocus.org
5724160613416960-fe2.pantheonsite.io
support.brightfocus.org
donate.brightfocus.org
securedns1.planmygift.org
securedns1.planmygift.org
science.brightfocus.org
support.brightfocus.org
5724160613416960-fe2.pantheonsite.io
brightfocus.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
5724160613416960-fe2.pantheonsite.io
science.brightfocus.org
bffex2016.ahaf.org
form.clash-event.co.kr
5724160613416960-fe2.pantheonsite.io
science.brightfocus.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
5724160613416960-fe2.pantheonsite.io
events.brightfocus.org
support.brightfocus.org
5724160613416960-fe2.pantheonsite.io
autod.alsubaihisons.com
support.brightfocus.org
brightfocus.org
5724160613416960-fe2.pantheonsite.io
5724160613416960-fe2.pantheonsite.io
securedns1.planmygift.org
5724160613416960-fe2.pantheonsite.io
securedns1.planmygift.org
brightfocus.org
5724160613416960-fe2.pantheonsite.io
5724160613416960-fe2.pantheonsite.io
5724160613416960-fe2.pantheonsite.io
form.clash-event.co.kr
securedns1.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
events.brightfocus.org
securedns1.planmygift.org
securedns1.planmygift.org

Certificate

The complete raw certificate details for support.brightfocus.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIQTbzMsCLCn1C4HgVJ8HUpxTANBgkqhkiG9w0BAQsFADBH
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMX
R2VvVHJ1c3QgRVYgU1NMIENBIC0gRzQwHhcNMTUwNjI5MDAwMDAwWhcNMTcwNjI4
MjM1OTU5WjCB6jETMBEGCysGAQQBgjc8AgEDEwJVUzElMCMGCysGAQQBgjc8AgEC
FBREaXN0cmljdCBvZiBDb2x1bWJpYTEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6
YXRpb24xDzANBgNVBAUTBjczMTM4NzELMAkGA1UEBhMCVVMxETAPBgNVBAgUCE1h
cnlsYW5kMRMwEQYDVQQHFApDbGFya3NidXJnMSUwIwYDVQQKFBxCcmlnaHRGb2N1
cyBGb3VuZGF0aW9uLCBJbmMuMSAwHgYDVQQDFBdzdXBwb3J0LmJyaWdodGZvY3Vz
Lm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAImZRN00MlXAAEH/
edipMQOUGw6cSx203b5tnXj0Tz3W2iHrtLy7L3vMIf9ZoH7Mc8xTyowZfS4zsLbT
nV8qUryBMipQ+q7SsrlOtnl9TxqJyPLq3RaYr7TWn+WRnC3Pc/WJ/FzX6MsZqwNG
IUnyzv8fAExZpVri81WZ2WCoPzNz5jahh5p07zHiP4VFnWfqPgPYhuPxtQ6pZ7Lg
8m6h484JGG9GTzcmhi0f8BCdHljHdgdohiFntRYpEG/EjisO0RtYws6h3TpGzOh6
0CYvk/CM5HvzMYKFgzXK/DekrxBSwkEJR1kEtxdXHdTls+nO8f5ihMsbp4js8jAF
iQvPFFECAwEAAaOCAcEwggG9MCIGA1UdEQQbMBmCF3N1cHBvcnQuYnJpZ2h0Zm9j
dXMub3JnMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMCsGA1UdHwQkMCIwIKAe
oByGGmh0dHA6Ly9nbS5zeW1jYi5jb20vZ20uY3JsMIGgBgNVHSAEgZgwgZUwgZIG
CSsGAQQB8CIBBjCBhDA/BggrBgEFBQcCARYzaHR0cHM6Ly93d3cuZ2VvdHJ1c3Qu
Y29tL3Jlc291cmNlcy9yZXBvc2l0b3J5L2xlZ2FsMEEGCCsGAQUFBwICMDUMM2h0
dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNvdXJjZXMvcmVwb3NpdG9yeS9sZWdh
bDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAU3s9c
ULeuAh8VF6oW6A21KJ1qWvMwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNo
dHRwOi8vZ20uc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vZ20uc3ltY2Iu
Y29tL2dtLmNydDATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAdSrEs3R5P8t8epKeSysBWf3eLqonreWZGK0Wg0J4JPq7pUkoa7TZLV3Es/1v
37Avl19D6HkGCnkhv1xTZVY1wwrnGLo32Y+ub3zwdJx91INJH5BIub6AiokyUB3s
6hxk/mpKd4Ehj/cupxGUn7zQDtOp2ThQxXgF1INfYmIej2XC12d1JsDiqYq0Ni/O
/mPlq8Pb52ezJu+uGyuB1yDkLNzQGy1FOiiBWYfCAtijnNjfQUU/P5/MYeO2dn+C
7WdfBIakMRyw1Lh5/YtAkbevHcYGLjEmSIbrPAQWgwQaKbzr7MLcVnlziDJ/iLIn
7CxpwIb59XnvuvtovrOLv/a2yQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZlE3TQyVcAAQf952Kkx
A5QbDpxLHbTdvm2dePRPPdbaIeu0vLsve8wh/1mgfsxzzFPKjBl9LjOwttOdXypS
vIEyKlD6rtKyuU62eX1PGonI8urdFpivtNaf5ZGcLc9z9Yn8XNfoyxmrA0YhSfLO
/x8ATFmlWuLzVZnZYKg/M3PmNqGHmnTvMeI/hUWdZ+o+A9iG4/G1DqlnsuDybqHj
zgkYb0ZPNyaGLR/wEJ0eWMd2B2iGIWe1FikQb8SOKw7RG1jCzqHdOkbM6HrQJi+T
8Izke/MxgoWDNcr8N6SvEFLCQQlHWQS3F1cd1OWz6c7x/mKEyxuniOzyMAWJC88U
UQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 103330859051316591547255098588771199429
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust EV SSL CA - G4'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-06-29 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-06-28 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'District of Columbia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '731387'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Maryland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Clarksburg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'BrightFocus Foundation, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'support.brightfocus.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17370227541295975397728533195163461342900177772377175360451354395863967959104673139591361729344265570807596376313405107634546880922585517878381489853320636222142188889570133032234291632915467434910877211928774887926996639276050312186101732045139554987857801031786274758598642915387051697323803018240793270566679141247352453782206818963026136010237328347811281319596992171280348912675082488818722190071570310278863797132889983837940884992472830511279673018185714762790518386442477682351489463917148319180677282278077744756233483482682172593370484789078268336697811137437640165999749830646345017222834574285870258394193
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'support.brightfocus.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gm.symcb.com/gm.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (152 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.14370.1.6 (GeoTrust EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName decf5c50b7ae021f1517aa16e80db5289d6a5af3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gm.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gm.symcb.com/gm.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00752ac4b374793fcb7c7a929e4b2b0159fdde2eaa27ade59918ad1683427824fabba549286bb4d92d5dc4b3fd6fdfb02f975f43e879060a7921bf5c53655635c30ae718ba37d98fae6f7cf0749c7dd483491f9048b9be808a8932501decea1c64fe6a4a7781218ff72ea711949fbcd00ed3a9d93850c57805d4835f62621e8f65c2d7677526c0e2a98ab4362fcefe63e5abc3dbe767b326efae1b2b81d720e42cdcd01b2d453a28815987c202d8a39cd8df41453f3f9fcc61e3b6767f82ed675f0486a4311cb0d4b879fd8b4091b7af1dc6062e31264886eb3c041683041a29bcebecc2dc56797388327f88b227ec2c69c086f9f579efbafb68beb38bbff6b6c9