*.ahrq.gov
- Agency for Healthcare Research & Quality -
Issued by GeoTrust RSA CA 2018
About this certificate
This digital certificate with serial number 0b:f5:a3:1b:55:18:7c:c0:a7:ab:6c:24:61:d1:06:8c was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Agency for Healthcare Research & Quality
Organization:
Agency for Healthcare Research & Quality
Organization unit: IT
Organization unit: IT
State / Province:
Maryland
Locality: Rockville
Country: US
Locality: Rockville
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0b:f5:a3:1b:55:18:7c:c0:a7:ab:6c:24:61:d1:06:8cSerial Number (int): 15896928882236719660133756950295938700
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 58:b7:50:35:99:92:bc:ec:97:96:5f:c5:33:a9:68:08:9d:f8:f5:9b
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5
Fingerprint (sha1): 22:fc:8c:57:32:fa:ec:90:44:5d:30:f8:54:c8:79:56:38:07:05:52
Fingerprint (sha256): 33:4a:48:44:d1:b0:57:7d:f4:14:51:12:26:1a:5c:d5:48:71:c0:61:90:f3:d0:0a:40:c9:f4:c6:f3:ba:cc:40
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl
Check the revocation status for certificate *.ahrq.gov
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.ahrq.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.ahrq.gov
ahrq.gov
ahrq.gov
Other certificates including the domain name ahrq.gov
(limited to 100 certificates)
*.ahrq.gov
owa.hhs.gov
dataviz.ahrq.gov
innovations.ahrq.gov
qualityindicators.ahrq.gov
lhspilot.ahrq.gov
www.hcup-us.ahrq.gov
www.ahrq.gov
arrs.ahrq.gov
hcupnet-archive.ahrq.gov
sdc3.ahrq.gov
srdr.training.ahrq.gov
*.ahrq.gov
www.cahps.ahrq.gov
www.ahrq.gov
info.ahrq.gov
nhqrnet.ahrq.gov
www.ahrq.gov
sopsdatabase.ahrq.gov
subscriptions.ahrq.gov
distributor.hcup-us.ahrq.gov
*.ahrq.gov
voltage-pp-0000.ahrq.gov
dam.ahrq.gov
gold.ahrq.gov
pso.ahrq.gov
ce.ahrq.gov
meps.ahrq.gov
ocdashboard.ahrq.gov
iqdnet.ahrq.gov
pso.ahrq.gov
srdrplus.ahrq.gov
sdc3.ahrq.gov
patientregistry.ahrq.gov
owa.hhs.gov
www.ahrq.gov
qsrs.ahrq.gov
arrs.ahrq.gov
effectivehealthcare.ahrq.gov
stage.ahrq.gov
www.ahrq.gov
www.ahrq.gov
owa.hhs.gov
ahrqivedhcupnet.ahrq.gov
epc-src.ahrq.gov
epssdata.ahrq.gov
innovations.ahrq.gov
accounts.ahrq.gov
iqdnet.ahrq.gov
cma.ahrq.gov
iqdnet.ahrq.gov
staging-nhqrnet.ahrq.gov
journal.ahrq.gov
jira.ahrq.gov
lhslc.ahrq.gov
info.ahrq.gov
cahpsdatabase.ahrq.gov
epc-src.ahrq.gov
gold.ahrq.gov
effectivehealthcare.ahrq.gov
jira.ahrq.gov
epssdata.ahrq.gov
www.hcup-us.ahrq.gov
www.hcup-us.ahrq.gov
qualitymeasures.ahrq.gov
jira.ahrq.gov
ahrq.gov
meps.ahrq.gov
*.ahrq.gov
ahrqpubs.ahrq.gov
confluence.ahrq.gov
cds-pass.ahrq.gov
ahrq.gov
subscriptions.ahrq.gov
confluence.ahrq.gov
www.ahrq.gov
www.distributor.hcup-us.ahrq.gov
docs.ahrq.gov
arrs.ahrq.gov
owa.hhs.gov
info.ahrq.gov
accounts.ahrq.gov
staging-nhqrnet.ahrq.gov
sopsdatabase.ahrq.gov
www.distributor.hcup-us.ahrq.gov
srdr.ahrq.gov
cahpsdatabase.ahrq.gov
www.hcup-us.ahrq.gov
ahrqpubs.ahrq.gov
www.ahrq.gov
primarycaremeasures.ahrq.gov
*.ahrq.gov
Owa.HHS.Gov
accounts.ahrq.gov
admin.ahrq.gov
nhqrnet.ahrq.gov
takeheart.ahrq.gov
www.sopsdatabase.ahrq.gov
search.ahrq.gov
hcupnet.ahrq.gov
owa.hhs.gov
dataviz.ahrq.gov
innovations.ahrq.gov
qualityindicators.ahrq.gov
lhspilot.ahrq.gov
www.hcup-us.ahrq.gov
www.ahrq.gov
arrs.ahrq.gov
hcupnet-archive.ahrq.gov
sdc3.ahrq.gov
srdr.training.ahrq.gov
*.ahrq.gov
www.cahps.ahrq.gov
www.ahrq.gov
info.ahrq.gov
nhqrnet.ahrq.gov
www.ahrq.gov
sopsdatabase.ahrq.gov
subscriptions.ahrq.gov
distributor.hcup-us.ahrq.gov
*.ahrq.gov
voltage-pp-0000.ahrq.gov
dam.ahrq.gov
gold.ahrq.gov
pso.ahrq.gov
ce.ahrq.gov
meps.ahrq.gov
ocdashboard.ahrq.gov
iqdnet.ahrq.gov
pso.ahrq.gov
srdrplus.ahrq.gov
sdc3.ahrq.gov
patientregistry.ahrq.gov
owa.hhs.gov
www.ahrq.gov
qsrs.ahrq.gov
arrs.ahrq.gov
effectivehealthcare.ahrq.gov
stage.ahrq.gov
www.ahrq.gov
www.ahrq.gov
owa.hhs.gov
ahrqivedhcupnet.ahrq.gov
epc-src.ahrq.gov
epssdata.ahrq.gov
innovations.ahrq.gov
accounts.ahrq.gov
iqdnet.ahrq.gov
cma.ahrq.gov
iqdnet.ahrq.gov
staging-nhqrnet.ahrq.gov
journal.ahrq.gov
jira.ahrq.gov
lhslc.ahrq.gov
info.ahrq.gov
cahpsdatabase.ahrq.gov
epc-src.ahrq.gov
gold.ahrq.gov
effectivehealthcare.ahrq.gov
jira.ahrq.gov
epssdata.ahrq.gov
www.hcup-us.ahrq.gov
www.hcup-us.ahrq.gov
qualitymeasures.ahrq.gov
jira.ahrq.gov
ahrq.gov
meps.ahrq.gov
*.ahrq.gov
ahrqpubs.ahrq.gov
confluence.ahrq.gov
cds-pass.ahrq.gov
ahrq.gov
subscriptions.ahrq.gov
confluence.ahrq.gov
www.ahrq.gov
www.distributor.hcup-us.ahrq.gov
docs.ahrq.gov
arrs.ahrq.gov
owa.hhs.gov
info.ahrq.gov
accounts.ahrq.gov
staging-nhqrnet.ahrq.gov
sopsdatabase.ahrq.gov
www.distributor.hcup-us.ahrq.gov
srdr.ahrq.gov
cahpsdatabase.ahrq.gov
www.hcup-us.ahrq.gov
ahrqpubs.ahrq.gov
www.ahrq.gov
primarycaremeasures.ahrq.gov
*.ahrq.gov
Owa.HHS.Gov
accounts.ahrq.gov
admin.ahrq.gov
nhqrnet.ahrq.gov
takeheart.ahrq.gov
www.sopsdatabase.ahrq.gov
search.ahrq.gov
hcupnet.ahrq.gov
Certificate
The complete raw certificate details for *.ahrq.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIQC/WjG1UYfMCnq2wkYdEGjDANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe Fw0xODA0MjUwMDAwMDBaFw0yMDA1MTkxMjAwMDBaMIGJMQswCQYDVQQGEwJVUzER MA8GA1UECBMITWFyeWxhbmQxEjAQBgNVBAcTCVJvY2t2aWxsZTExMC8GA1UECgwo QWdlbmN5IGZvciBIZWFsdGhjYXJlIFJlc2VhcmNoICYgUXVhbGl0eTELMAkGA1UE CxMCSVQxEzARBgNVBAMMCiouYWhycS5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCiyoDfDmjV4lGowCgeEemLTkvM580MKdKc1094zwlW0tlCxWEh tZENBRwg1ZZ1z0z4kn1XAAHOVHh0MK+nnb5zCsotjKf2B3s/TGd9dnjkg9bSksvh Epf+1ZH9DfTxXp4GnXl9Ha08YoOk1Qt4CZ0V9QFwfuJPu6NCTyvXn6gT/yn1CcYa Vc50fTp+AgBqeIh0r4Rxvzlh9aGvLKSzUEhq6OHyEyO7KCbkeNL2oeV09gKIwf7A pZrcMhd93Po02B5pvLKPX9KAQ5ol8R0KDxpi76Suocl+TBmsrVdFT1luqsAK0ogl 54B4DmJwKY8EAbEJNgZiGLJSWVfPuFBmbHgRAgMBAAGjggG5MIIBtTAfBgNVHSME GDAWgBSQWP+wnHWoUVR3se3yo0MWOJ5sxTAdBgNVHQ4EFgQUWLdQNZmSvOyXll/F M6loCJ349ZswHwYDVR0RBBgwFoIKKi5haHJxLmdvdoIIYWhycS5nb3YwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA+BgNVHR8E NzA1MDOgMaAvhi1odHRwOi8vY2RwLmdlb3RydXN0LmNvbS9HZW9UcnVzdFJTQUNB MjAxOC5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYc aHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwdQYIKwYBBQUH AQEEaTBnMCYGCCsGAQUFBzABhhpodHRwOi8vc3RhdHVzLmdlb3RydXN0LmNvbTA9 BggrBgEFBQcwAoYxaHR0cDovL2NhY2VydHMuZ2VvdHJ1c3QuY29tL0dlb1RydXN0 UlNBQ0EyMDE4LmNydDAJBgNVHRMEAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0G CSqGSIb3DQEBCwUAA4IBAQAnsEzCm5MiZLVTG1LUgO8OsL74GedxbUuUIIFz/xSu b93GH86eeODzbY84Tj4qnK9+W+VMwHzz+q40SRkQW4DASrFNCpmKqJcpUE54iWyO TCkgTfa/qZzSNrDRrG8cnx6NcoOuc079E1ZojorB0csnQ/pE+MN2dqu8nBnKbGXl XwXFnn9VlOvvkKPFV//SDsCSJvjeqz5PRCuveRZkC5JfDuUGWpd31uYGPglDGVQH PFZz6+eH7aI+CMSSLeHnc1HvDVU7Zynq0wQkDsIZfvzW5jUmE6sNzE+1NI5oCd7/ k6Zg60F0HUi5lkW5vHVewMaH8CKwmRfEEejxv6x7wXEW -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosqA3w5o1eJRqMAoHhHp i05LzOfNDCnSnNdPeM8JVtLZQsVhIbWRDQUcINWWdc9M+JJ9VwABzlR4dDCvp52+ cwrKLYyn9gd7P0xnfXZ45IPW0pLL4RKX/tWR/Q308V6eBp15fR2tPGKDpNULeAmd FfUBcH7iT7ujQk8r15+oE/8p9QnGGlXOdH06fgIAaniIdK+Ecb85YfWhryyks1BI aujh8hMjuygm5HjS9qHldPYCiMH+wKWa3DIXfdz6NNgeabyyj1/SgEOaJfEdCg8a Yu+krqHJfkwZrK1XRU9ZbqrACtKIJeeAeA5icCmPBAGxCTYGYhiyUllXz7hQZmx4 EQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15896928882236719660133756950295938700 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-25 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-19 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Maryland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rockville' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Agency for Healthcare Research & Quality' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.ahrq.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20550463554565510171838993109936980672260042097520490572761818537248625985324885877846511329090807384275763913238451329736806278927476393763522748603487054636088999467131219667734089076260772072613543805641307679620245090651772528605611378341757365901765523267557441435872361338055075649410040359912621498169746587535006597058025838387521358444636259862038248107294691766645818727331857986366841827969447280137115992136184016437914321918435540149171991735411967802810579006500677819389581721192202363961862203883587578609743961923350609205581888171247678920077924192253633434600589475353002420881860879012407964104721 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 58b750359992bcec97965fc533a968089df8f59b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ahrq.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ahrq.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0027b04cc29b932264b5531b52d480ef0eb0bef819e7716d4b94208173ff14ae6fddc61fce9e78e0f36d8f384e3e2a9caf7e5be54cc07cf3faae344919105b80c04ab14d0a998aa89729504e78896c8e4c29204df6bfa99cd236b0d1ac6f1c9f1e8d7283ae734efd1356688e8ac1d1cb2743fa44f8c37676abbc9c19ca6c65e55f05c59e7f5594ebef90a3c557ffd20ec09226f8deab3e4f442baf7916640b925f0ee5065a9777d6e6063e09431954073c5673ebe787eda23e08c4922de1e77351ef0d553b6729ead304240ec2197efcd6e6352613ab0dcc4fb5348e6809deff93a660eb41741d48b99645b9bc755ec0c687f022b09917c411e8f1bfac7bc17116