join.womansday.com
Issued by GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
About this certificate
This digital certificate with serial number 03:da:87:f7:d1:7f:a4:a9:dd:51:be:14:c2:c5:98:db was issued on by DigiCert Inc.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=join.womansday.com
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:da:87:f7:d1:7f:a4:a9:dd:51:be:14:c2:c5:98:dbSerial Number (int): 5122362462004652273832540964158544091
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: 7a:9a:ac:6f:85:6b:90:ed:81:05:07:67:a9:aa:db:f4:d2:56:f1:f5
AuthorityKeyId: 12:c9:88:9b:2f:c9:44:7a:7d:12:f1:df:40:03:42:98:92:c7:24:d6
Fingerprint (sha1): 92:88:28:57:39:42:0d:55:cc:9d:26:7d:7c:aa:83:33:3a:ce:f7:17
Fingerprint (sha256): 34:dd:94:9d:0c:82:8c:28:b0:fa:5f:67:e7:2f:f9:c6:ff:07:17:15:8e:8b:0b:bb:68:69:c6:07:f2:f0:d1:72
Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1-1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1-1.crl
Check the revocation status for certificate join.womansday.com
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for join.womansday.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
join.womansday.com
join.townandcountrymag.com
join.oprahmag.com
join.elle.com
join.elledecor.com
join.townandcountrymag.com
join.oprahmag.com
join.elle.com
join.elledecor.com
Other certificates including the domain name womansday.com
(limited to 100 certificates)
*.25ans.jp
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
shop.elle.com
sli.esquire.com
dns-vetting1-mims-pawel.map.fastly.net
cosmopolitan.com
mcstaging-shop.elle.com
hearst-prod.actioniq.mr-in.com
hearst-hdm.map.fastly.net
mcstaging-shop.elle.com
link.womansday.com
shop.elle.com
*.hearstapps.com
dns-vetting1-mims-pawel.map.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
secure.hdmtools.com
dns-vetting1-mims-pawel.map.fastly.net
shop.elle.com
cosmopolitan.com
shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
store.caranddriver.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
sli.esquire.com
sli.esquire.com
mcstaging-shop.elle.com
shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
shop.cosmopolitan.com
shop.elle.com
hearst-hdm.map.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
link.womansday.com
sli.esquire.com
cosmopolitan.com
subscribe.hearstmags.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
cosmopolitan.com
shop.elle.com
link.womansday.com
shop.elle.com
link.womansday.com
hearst-prod.actioniq.mr-in.com
shop.elledecor.com
mcstaging-shop.elle.com
mcstaging-shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
sli.esquire.com
link.womansday.com
hearst-hdm.map.fastly.net
shop.elle.com
hearst-hdm.map.fastly.net
subscribe.hearstmags.com
dns-vetting1-mims-pawel.map.fastly.net
cosmopolitan.com
store.caranddriver.com
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-shop.elle.com
shop.elle.com
shop.elle.com
sli.esquire.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
subscribe.hearstmags.com
cosmopolitan.com
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-shop.elle.com
mcstaging-shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
shop.elle.com
shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
join.womansday.com
hearst-hdm.map.fastly.net
sli.esquire.com
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
mcstaging-shop.elle.com
shop.elle.com
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
sli.esquire.com
secure.hdmtools.com
shop.thehgtvmag.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
shop.elle.com
sli.esquire.com
dns-vetting1-mims-pawel.map.fastly.net
cosmopolitan.com
mcstaging-shop.elle.com
hearst-prod.actioniq.mr-in.com
hearst-hdm.map.fastly.net
mcstaging-shop.elle.com
link.womansday.com
shop.elle.com
*.hearstapps.com
dns-vetting1-mims-pawel.map.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
secure.hdmtools.com
dns-vetting1-mims-pawel.map.fastly.net
shop.elle.com
cosmopolitan.com
shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
store.caranddriver.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
sli.esquire.com
sli.esquire.com
mcstaging-shop.elle.com
shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
shop.cosmopolitan.com
shop.elle.com
hearst-hdm.map.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
link.womansday.com
sli.esquire.com
cosmopolitan.com
subscribe.hearstmags.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
cosmopolitan.com
shop.elle.com
link.womansday.com
shop.elle.com
link.womansday.com
hearst-prod.actioniq.mr-in.com
shop.elledecor.com
mcstaging-shop.elle.com
mcstaging-shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
sli.esquire.com
link.womansday.com
hearst-hdm.map.fastly.net
shop.elle.com
hearst-hdm.map.fastly.net
subscribe.hearstmags.com
dns-vetting1-mims-pawel.map.fastly.net
cosmopolitan.com
store.caranddriver.com
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-shop.elle.com
shop.elle.com
shop.elle.com
sli.esquire.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
subscribe.hearstmags.com
cosmopolitan.com
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-shop.elle.com
mcstaging-shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
shop.elle.com
shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
join.womansday.com
hearst-hdm.map.fastly.net
sli.esquire.com
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
mcstaging-shop.elle.com
shop.elle.com
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
sli.esquire.com
secure.hdmtools.com
shop.thehgtvmag.com
Certificate
The complete raw certificate details for join.womansday.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG3TCCBcWgAwIBAgIQA9qH99F/pKndUb4UwsWY2zANBgkqhkiG9w0BAQsFADBZ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypH ZW9UcnVzdCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjIw MTEyMDAwMDAwWhcNMjMwMTEyMjM1OTU5WjAdMRswGQYDVQQDExJqb2luLndvbWFu c2RheS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5tAW2jb3V a+axZVWfdnQ0DN7KCC01kBaP5PZNTqcPZ+LgYGwceA0s37Yx89hwgoKBtMtlOaA9 WAPtMdXqNlLaQ/d84lKMZFBhIvC5L+2Ik5LOzdNAEEDt/WwxRcJD6esc9V/0orux DSJagZIjkqXCiqG24kJ5Az9PXNnZEkmbbmbDVRpS6FlH03j43AQVs1U6P+cwI6aF /TOr2mFJzGkUzMA+DkIPjrnXsXrSFtvSfgWpz4Sx3/uPwP8N9T2USoto/Hc1AAl7 wFu9yonwmFXBeB6gOwW34t47r1mhqdz9nPRUzSjcMCoYOWyAyPCjQAGx+lr2puVP BPnTkTBmeruhAgMBAAGjggPbMIID1zAfBgNVHSMEGDAWgBQSyYibL8lEen0S8d9A A0KYksck1jAdBgNVHQ4EFgQUepqsb4VrkO2BBQdnqarb9NJW8fUwbwYDVR0RBGgw ZoISam9pbi53b21hbnNkYXkuY29tghpqb2luLnRvd25hbmRjb3VudHJ5bWFnLmNv bYIRam9pbi5vcHJhaG1hZy5jb22CDWpvaW4uZWxsZS5jb22CEmpvaW4uZWxsZWRl Y29yLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMIGfBgNVHR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0 LmNvbS9HZW9UcnVzdFRMU0RWUlNBTWl4ZWRTSEEyNTYyMDIwQ0EtMS0xLmNybDBI oEagRIZCaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0dlb1RydXN0VExTRFZSU0FN aXhlZFNIQTI1NjIwMjBDQS0xLTEuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQIBMCkw JwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBhQYIKwYB BQUHAQEEeTB3MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20w TwYIKwYBBQUHMAKGQ2h0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9HZW9UcnVz dFRMU0RWUlNBTWl4ZWRTSEEyNTYyMDIwQ0EtMS5jcnQwCQYDVR0TBAIwADCCAX4G CisGAQQB1nkCBAIEggFuBIIBagFoAHYA6D7Q2j71BjUy51covIlryQPTy9ERa+zr aeF3fW0GvW4AAAF+UBmSBQAABAMARzBFAiAZ6O5D4o4wJhkV2o+S7M8NFQnTgFU0 gl2iijWdxxiE2AIhAJRrj6aw0vbR6195siJLBaIb9EVPr4FQPpRq9S23f9K+AHYA Nc8ZG7+xbFe/D61MbULLu7YnICZR6j/hKu+oA8M71kwAAAF+UBmR2AAABAMARzBF AiAJKC1VqKvcRBNxUnWtdWzIPOuyqOpQBG034BCJFPRQNQIhAJ63UwDIBhhP4FL0 7y+whb8RRzYiPB9WXekr3U8PY0RGAHYAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH 3PADDnk2pZoAAAF+UBmSAwAABAMARzBFAiEA1mAqljrDBp5TQ0ogVc4BrXSBkAlt Rs9BrPDbu5OBOoUCIF000OYryibzbeIDCJ/5dPblKWHG3jezqrpZxljj1a+BMA0G CSqGSIb3DQEBCwUAA4IBAQBdaYFwP+hyT27pt44H0zwQp+uPz/W9Mhv46m0Hm7dX ca3GJVXQeZ4rieMLyp2G5fmAHMnsCBvth8DzYb83pyzVGZ4F1Jc4+WBuBderFJ54 rGch2dEwbUhbjMguHfkI281vO8Rfqb9SFgW3avCkYZ3CRdTl4kNFtnX5EnpB28+D rUzGz+Ed4UtoLMz17582/ND6nGHhoufhGKNU9/43d2xeTY4dwNtEE0pptyBd55/u nLdwDuoVfkRJ0875y0rk6qGUa/Mt4zJ1GODOxUxG7ZhFIks87r3tYz27KNY3d09R i0SN+K9WFwn+p3Uo8w3SdtSFevu2qvekjHLGB+fiiAcW -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubQFto291WvmsWVVn3Z0 NAzeyggtNZAWj+T2TU6nD2fi4GBsHHgNLN+2MfPYcIKCgbTLZTmgPVgD7THV6jZS 2kP3fOJSjGRQYSLwuS/tiJOSzs3TQBBA7f1sMUXCQ+nrHPVf9KK7sQ0iWoGSI5Kl woqhtuJCeQM/T1zZ2RJJm25mw1UaUuhZR9N4+NwEFbNVOj/nMCOmhf0zq9phScxp FMzAPg5CD46517F60hbb0n4Fqc+Esd/7j8D/DfU9lEqLaPx3NQAJe8BbvcqJ8JhV wXgeoDsFt+LeO69Zoanc/Zz0VM0o3DAqGDlsgMjwo0ABsfpa9qblTwT505EwZnq7 oQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5122362462004652273832540964158544091 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-12 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'join.womansday.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23442858731723385524493232030359983738849008429717432077482963190102872266932696973651936720013816875081864234322189393259112707802533336633498382750899597676692998849919457187929268643768073823057050129975560780317742059962694001659277642580065805752306358834973974005056947684814656073881043015430039270713591010844546208166413813696410522344178272851608325008015611177627660578628761896982287671308777367310694672110733580295171328156469086964282105128947984832793382024874994987058430381566365930887135707312439377869417063434926069936165133952771962651559280428639775404150541478600896840846533871176979616283553 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 12c9889b2fc9447a7d12f1df4003429892c724d6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7a9aac6f856b90ed81050767a9aadbf4d256f1f5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'join.womansday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'join.townandcountrymag.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'join.oprahmag.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'join.elle.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'join.elledecor.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1-1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustTLSDVRSAMixedSHA2562020CA-1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017e501992050000040300473045022019e8ee43e28e30261915da8f92eccf0d1509d3805534825da28a359dc71884d8022100946b8fa6b0d2f6d1eb5f79b2224b05a21bf4454faf81503e946af52db77fd2be00760035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c0000017e501991d80000040300473045022009282d55a8abdc4413715275ad756cc83cebb2a8ea50046d37e0108914f450350221009eb75300c806184fe052f4ef2fb085bf114736223c1f565de92bdd4f0f634446007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017e501992030000040300473045022100d6602a963ac3069e53434a2055ce01ad748190096d46cf41acf0dbbb93813a8502205d34d0e62bca26f36de203089ff974f6e52961c6de37b3aaba59c658e3d5af81 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005d6981703fe8724f6ee9b78e07d33c10a7eb8fcff5bd321bf8ea6d079bb75771adc62555d0799e2b89e30bca9d86e5f9801cc9ec081bed87c0f361bf37a72cd5199e05d49738f9606e05d7ab149e78ac6721d9d1306d485b8cc82e1df908dbcd6f3bc45fa9bf521605b76af0a4619dc245d4e5e24345b675f9127a41dbcf83ad4cc6cfe11de14b682cccf5ef9f36fcd0fa9c61e1a2e7e118a354f7fe37776c5e4d8e1dc0db44134a69b7205de79fee9cb7700eea157e4449d3cef9cb4ae4eaa1946bf32de3327518e0cec54c46ed9845224b3ceebded633dbb28d637774f518b448df8af561709fea77528f30dd276d4857afbb6aaf7a48c72c607e7e2880716