*.tnc.ne.jp

- TOKAI Communications Corporation -

Issued by GeoTrust TLS RSA CA G1

About this certificate

This digital certificate with serial number 02:e9:3e:95:34:e8:a0:d5:e2:fa:57:40:ae:a9:55:1a was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

TOKAI Communications Corporation

Organization: TOKAI Communications Corporation
State / Province: Shizuoka
Locality: shizuoka-shi
Country: JP

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 02:e9:3e:95:34:e8:a0:d5:e2:fa:57:40:ae:a9:55:1a
Serial Number (int): 3869530490374538437217571250555671834
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 47:ad:0a:ae:5f:3f:40:47:59:b8:85:bf:ec:61:70:c2:77:b9:8e:90
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57

Fingerprint (sha1): 5b:16:d2:0c:b5:99:87:ba:4d:92:8a:ce:17:31:ce:35:4d:78:11:e5
Fingerprint (sha256): 34:c3:fd:68:cc:e1:d1:d0:47:78:43:0a:7a:24:5a:19:b7:10:e8:08:11:c9:fc:65:5c:62:a4:4e:9a:6e:6e:ff

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl

Check the revocation status for certificate *.tnc.ne.jp

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.tnc.ne.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.tnc.ne.jp
tnc.ne.jp

Other certificates including the domain name tnc.ne.jp

(limited to 100 certificates)
reg3.tok.tnc.ne.jp
mconfig.tnc.ne.jp
web2.tnc.ne.jp
www.tnc.ne.jp
pocketbbs.tnc.ne.jp
member.tnc.ne.jp
reg2.tok.tnc.ne.jp
reg5.tok.tnc.ne.jp
cs.tnc.ne.jp
www.coupons.tnc.ne.jp
member.tnc.ne.jp
speed.tok.tnc.ne.jp
partner.ser.tnc.ne.jp
speed.tok.tnc.ne.jp
reg3.tok.tnc.ne.jp
www.tnc.ne.jp
*.tok.tnc.ne.jp
cs.tnc.ne.jp
mguard.tnc.ne.jp
partner.ser.tnc.ne.jp
*.tnc.ne.jp
pocket.tnc.ne.jp
reg4.tok.tnc.ne.jp
reg3.tok.tnc.ne.jp
*.tok.tnc.ne.jp
speed.tok.tnc.ne.jp
reg3.tok.tnc.ne.jp
web1.tnc.ne.jp
orb1.tnc.ne.jp
www.tnc.ne.jp
*.tnc.ne.jp
pocketbbs.tnc.ne.jp
cs.tnc.ne.jp
reg5.tok.tnc.ne.jp
pocket.tnc.ne.jp
www.coupons.tnc.ne.jp
mconfig.tnc.ne.jp
reg4.tok.tnc.ne.jp
reg2.tok.tnc.ne.jp
reg4.tok.tnc.ne.jp
mconfig.tnc.ne.jp
*.tnc.ne.jp
partner.ser.tnc.ne.jp
www.tnc.ne.jp
reg4.tok.tnc.ne.jp
pocket.tnc.ne.jp
pocket.tnc.ne.jp
reg2.tok.tnc.ne.jp
www.tnc.ne.jp
wm.tnc.ne.jp
web2.tnc.ne.jp
reg4.tok.tnc.ne.jp
partner.ser.tnc.ne.jp
web1.tnc.ne.jp
pocketbbs.tnc.ne.jp
mguard.tnc.ne.jp
web2.tnc.ne.jp
reg3.tok.tnc.ne.jp
member.tnc.ne.jp
speed.tok.tnc.ne.jp
reg2.tok.tnc.ne.jp
reg4.tok.tnc.ne.jp
reg4.tok.tnc.ne.jp
web1.tnc.ne.jp
web2.tnc.ne.jp
reg5.tok.tnc.ne.jp
*.tnc.ne.jp
reg3.tok.tnc.ne.jp
pocket.tnc.ne.jp
mguard.tnc.ne.jp
*.tnc.ne.jp
mguard.tnc.ne.jp
wm.tnc.ne.jp
reg2.tok.tnc.ne.jp
mguard.tnc.ne.jp
wm.tnc.ne.jp
reg4.tok.tnc.ne.jp
partner.ser.tnc.ne.jp
pocketbbs.tnc.ne.jp
*.tok.tnc.ne.jp
web1.tnc.ne.jp
*.tnc.ne.jp
speed.tok.tnc.ne.jp
coupons.tnc.ne.jp
reg3.tok.tnc.ne.jp
pocketbbs.tnc.ne.jp
reg3.tok.tnc.ne.jp
reg4.tok.tnc.ne.jp
wm.tnc.ne.jp
reg2.tok.tnc.ne.jp
pocketbbs.tnc.ne.jp
wm.tnc.ne.jp
pocketbbs.tnc.ne.jp
pocket.tnc.ne.jp
partner.ser.tnc.ne.jp
reg2.tok.tnc.ne.jp
pocket.tnc.ne.jp
reg2.tok.tnc.ne.jp
reg3.tok.tnc.ne.jp
*.tok.tnc.ne.jp

Certificate

The complete raw certificate details for *.tnc.ne.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGgTCCBWmgAwIBAgIQAuk+lTTooNXi+ldArqlVGjANBgkqhkiG9w0BAQsFADBg
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx
MB4XDTIzMDYyMTAwMDAwMFoXDTI0MDcyMTIzNTk1OVoweDELMAkGA1UEBhMCSlAx
ETAPBgNVBAgTCFNoaXp1b2thMRUwEwYDVQQHEwxzaGl6dW9rYS1zaGkxKTAnBgNV
BAoTIFRPS0FJIENvbW11bmljYXRpb25zIENvcnBvcmF0aW9uMRQwEgYDVQQDDAsq
LnRuYy5uZS5qcDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxnGurs
xfa096x2HL1hbMZ2AJ10H/ktSD7zx3Y55WL/ojOx9dOA6XWtz9c3QNxOr/PjwDYD
HAnlC6p7c94KI7b9oRT23kTs6ln6pHbenZifQiI64YjeoXK9EbEunPXffJl+1ZFr
ANU0gvcXb2Kq7k01rKPYWuJt4Jo80zDR+2gAg4CeykRUUC/cvONyvObIPNNa/lca
MR2PKuP3tj/w7PaVtpB3jT1DRnF/w8Z8kDSBFI8qu5+P8VC2vHkZgIAtPIrOfw9p
BLGZPatUySFLp8O3BMa2p2dJmNxxzKRAQfHtwuOEH6I2L8plsPXPD3UctPWuhDCt
cj6cAVR7Gn5cidMCAwEAAaOCAx0wggMZMB8GA1UdIwQYMBaAFJRP1F2L5KTipoD+
/dj5AO+jvgJXMB0GA1UdDgQWBBRHrQquXz9AR1m4hb/sYXDCd7mOkDAhBgNVHREE
GjAYggsqLnRuYy5uZS5qcIIJdG5jLm5lLmpwMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPwYDVR0fBDgwNjA0oDKgMIYuaHR0
cDovL2NkcC5nZW90cnVzdC5jb20vR2VvVHJ1c3RUTFNSU0FDQUcxLmNybDA+BgNV
HSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2lj
ZXJ0LmNvbS9DUFMwdgYIKwYBBQUHAQEEajBoMCYGCCsGAQUFBzABhhpodHRwOi8v
c3RhdHVzLmdlb3RydXN0LmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL2NhY2VydHMu
Z2VvdHJ1c3QuY29tL0dlb1RydXN0VExTUlNBQ0FHMS5jcnQwCQYDVR0TBAIwADCC
AX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHcA7s3QZNXbGs7FXLedtM0TojKHRny8
7N7DUUhZRnEftZsAAAGI269JpgAABAMASDBGAiEA27noXPvbTHsDHygE58D/k5+i
Cq3ypFfvmRj1DGxOzksCIQDKZDlcGp3vsZflnpCJyfnRSa6XJ03B5Xs6KWq8PNyN
eQB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABiNuvSZgAAAQD
AEcwRQIhAJTPETIS8oUrVqJ/F50zS2vafec6BJ6MhSKhI0rKzW0JAiAEld1j2uMK
07v7qrbqDeDoJU1GjOtIwkhu7nx0YKrzPgB2ANq2v2s/tbYin5vCu1xr6HCRcWy7
UYSFNL2kPTBI1/urAAABiNuvST4AAAQDAEcwRQIhAMNtRL7N0BYqTUP7GIztgGSm
bjnwHQT8HyyJ64gpWST1AiAMjjOUfuY+0P2AU7hNb4bsD92z2krO+4Gp1rmjXBom
EjANBgkqhkiG9w0BAQsFAAOCAQEAE0rJRwYkQG9YbRjGbPmFjlS3F8F9X40oWNfM
1hN0hWj2jQ8Sx/Sk545pA83avSxNoDTVAgZ6MjoUA0kMa1Ff2UsDlSwVwBlLFiwo
MGEQF0Rgxe8ObeGR8FD2/6AsJ7Xjniba0G7G7pA3hVpdHoncndvf5IDPKU4dhDIJ
B+kph4HegIq6wrk2yNB4Zl1++PCI1TFEtCF1GSIgRe0EzoTzecRfz1tS6vz4XHaC
mJQ5AhmVWimIaF/brEqjGkQMLnseCPNbfrBFqA8I2pAxJZHDHyva4M19DeU/uxBX
8V7y/tI8zByymv0cHFUeGuprCXN6S6+amxZGbH/whLJqryL8CA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGca6uzF9rT3rHYcvWFs
xnYAnXQf+S1IPvPHdjnlYv+iM7H104Dpda3P1zdA3E6v8+PANgMcCeULqntz3goj
tv2hFPbeROzqWfqkdt6dmJ9CIjrhiN6hcr0RsS6c9d98mX7VkWsA1TSC9xdvYqru
TTWso9ha4m3gmjzTMNH7aACDgJ7KRFRQL9y843K85sg801r+VxoxHY8q4/e2P/Ds
9pW2kHeNPUNGcX/DxnyQNIEUjyq7n4/xULa8eRmAgC08is5/D2kEsZk9q1TJIUun
w7cExranZ0mY3HHMpEBB8e3C44QfojYvymWw9c8PdRy09a6EMK1yPpwBVHsaflyJ
0wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 3869530490374538437217571250555671834
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-21 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-21 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Shizuoka'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'shizuoka-shi'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TOKAI Communications Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.tnc.ne.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21763831497177492052511556750210359549974162938895724527212081312018455896643214888581334100501806388814545893373974292588975168478322482202032434116345746532369368477469546870088684302093625704929246548591397475851092718352598913301368979494866457724970507863047526853659006849548280283883903271695489609745068615313412557077998996868528209698887315672940529837119622986762921883110219789423989168199805150479479507690478815657854344788620201009941549492681471476442327592425398065293511074623253407863874985018562645075191571407698888252617170261939681170602194099037286378747806786078118542222277161707365570742739
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							47ad0aae5f3f404759b885bfec6170c277b98e90
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tnc.ne.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tnc.ne.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000188dbaf49a60000040300483046022100dbb9e85cfbdb4c7b031f2804e7c0ff939fa20aadf2a457ef9918f50c6c4ece4b022100ca64395c1a9defb197e59e9089c9f9d149ae97274dc1e57b3a296abc3cdc8d7900760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000188dbaf4998000004030047304502210094cf113212f2852b56a27f179d334b6bda7de73a049e8c8522a1234acacd6d0902200495dd63dae30ad3bbfbaab6ea0de0e8254d468ceb48c2486eee7c7460aaf33e007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000188dbaf493e0000040300473045022100c36d44becdd0162a4d43fb188ced8064a66e39f01d04fc1f2c89eb88295924f502200c8e33947ee63ed0fd8053b84d6f86ec0fddb3da4acefb81a9d6b9a35c1a2612
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00134ac9470624406f586d18c66cf9858e54b717c17d5f8d2858d7ccd613748568f68d0f12c7f4a4e78e6903cddabd2c4da034d502067a323a1403490c6b515fd94b03952c15c0194b162c28306110174460c5ef0e6de191f050f6ffa02c27b5e39e26dad06ec6ee9037855a5d1e89dc9ddbdfe480cf294e1d84320907e9298781de808abac2b936c8d078665d7ef8f088d53144b4217519222045ed04ce84f379c45fcf5b52eafcf85c76829894390219955a2988685fdbac4aa31a440c2e7b1e08f35b7eb045a80f08da90312591c31f2bdae0cd7d0de53fbb1057f15ef2fed23ccc1cb29afd1c1c551e1aea6b09737a4baf9a9b16466c7ff084b26aaf22fc08