aws.irex.org

- International Research and Exchanges Board Inc. -

Issued by GeoTrust EV SSL CA - G4

About this certificate

This digital certificate with serial number 4a:8b:f4:73:73:fa:45:4e:37:c0:6e:ce:f6:b6:a8:3a was issued on by GeoTrust Inc..

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

International Research and Exchanges Board Inc.

Company registration number: 0100472686
Organization: International Research and Exchanges Board Inc.
Organization unit: ICT
State / Province: District of Columbia
Locality: Washington
Locality: Washington
Country: US

GeoTrust Inc.

Organization: GeoTrust Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 4a:8b:f4:73:73:fa:45:4e:37:c0:6e:ce:f6:b6:a8:3a
Serial Number (int): 99089559006495430653738756492062271546
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: de:cf:5c:50:b7:ae:02:1f:15:17:aa:16:e8:0d:b5:28:9d:6a:5a:f3

Fingerprint (sha1): 82:b9:76:38:bd:f3:30:c0:9c:7e:d1:46:05:74:6b:f4:61:c0:b8:ba
Fingerprint (sha256): 4a:36:1b:4c:9c:82:47:2e:24:7f:2f:72:d2:75:4f:08:05:7e:39:bc:ee:74:62:ec:96:30:e4:a5:59:2f:6b:3c

Issuing Certificate URL: http://gm.symcb.com/gm.crt

Revocation information

OCSP Server: http://gm.symcd.com
CRL Distribution Point: http://gm.symcb.com/gm.crl

Check the revocation status for certificate aws.irex.org

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for aws.irex.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

oas.irex.org
yaliapp.irex.org
aws.irex.org

Other certificates including the domain name irex.org

(limited to 100 certificates)
lingos.irex.org
glamartsy.wiki
lingos.irex.org
accredible.armanl.eu
www.irex.org
irex.org
*.irex.org
irex.org
irex.org
www.irex.org
spam.irex.org
etm-demo.spotparking.com.au
irex.org
accredible.armanl.eu
exchange2.irex.org
csp.irex.org
aws.irex.org
627elmp04.blackmesh.com
www.aidhon.com
idars.irex.org
www.mightydata.xyz
accredible.armanl.eu
*.irex.org
www.saiki.lol
lingos.irex.org
remote.irex.org
irex.org
itservices.irex.org
support.irex.org
627elmp04.blackmesh.com
yalisummit.irex.org
*.irex.org
ylai.irex.org
support.irex.org
accredible.armanl.eu
lingos.irex.org
tjsp.irex.org
apply.mandelawashingtonfellowship.org
itservices.irex.org
aws.irex.org
oasmd.irex.org
627elmp04.blackmesh.com
627elmp04.blackmesh.com
itservices.irex.org
support.irex.org
627elmp04.blackmesh.com
627elmp04.blackmesh.com
lingos.irex.org
ap.irex.org
*.irex.org
itservices.irex.org
www.aidhon.com
www.irex.org
tender.md.irex.org
627elmp04.blackmesh.com
stage-ylai.irex.org
aws.irex.org
lingos.irex.org
accredible.armanl.eu
www.irex.org
iknow.irex.org
www.irex.org
cipmd.irex.org
lingos.irex.org
support.hr.irex.org
accredible.armanl.eu
627elmp04.blackmesh.com
irex.org
itservices.irex.org
www.irex.org
627elmp04.blackmesh.com
cee.irex.org
lingos.irex.org
ylai.irex.org
tender.md.irex.org
vpn.irex.org
products.candbdev.com
www.irex.org
aws.irex.org
627elmp04.blackmesh.com
www.irex.org
vibe.irex.org
support.irex.org
*.irex.org
aws.irex.org
itservices.irex.org
support.irex.org
Quickbooks.irex.org
www.irex.org
www.juliangoetze.me
*.irex.org
627elmp04.blackmesh.com
itservices.irex.org
irex.org
accredible.armanl.eu
support.irex.org
accredible.armanl.eu
accredible.armanl.eu
lingos.irex.org
aws.irex.org

Certificate

The complete raw certificate details for aws.irex.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgIQSov0c3P6RU43wG7O9raoOjANBgkqhkiG9w0BAQsFADBH
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMX
R2VvVHJ1c3QgRVYgU1NMIENBIC0gRzQwHhcNMTcwOTE0MDAwMDAwWhcNMTcwOTMw
MjM1OTU5WjCCARsxEzARBgsrBgEEAYI3PAIBAxMCVVMxGzAZBgsrBgEEAYI3PAIB
AgwKTmV3IEplcnNleTELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9m
IENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMR0wGwYDVQQPExRQcml2YXRl
IE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDEwMDQ3MjY4NjE4MDYGA1UECgwvSW50
ZXJuYXRpb25hbCBSZXNlYXJjaCBhbmQgRXhjaGFuZ2VzIEJvYXJkIEluYy4xDDAK
BgNVBAsMA0lDVDEVMBMGA1UEAwwMYXdzLmlyZXgub3JnMRMwEQYDVQQHDApXYXNo
aW5ndG9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxE4HWV9csREG
XgM8tyJYlg2Pcs7Y4mImY0ReYrv+xfPGqmcw4g5a24/5TZ26w17U4dWHnFgZea7g
IrY7hTY1t9aOTVKYlBEzcuBSRuK3OJR+4m0cTwodMXUS2IVLqL1OTcYaTHJHuNU4
MJskpCFPoXJuB+B1QpBzKLt8E+fH7n68UoyyK6s351RIUB4xH9rwTeSWfAk3CLuk
YjKP8tAXH2ECGDSL4EWAvVF7Asiv7Y3I6TnpsuNC2BwTc4n84BSK9C1wT18Pz7fF
YhEzQ3oz4Ou7A2wVpyoXPQAnQE6zFUeEPYmnDKafm5tSsRiVoXAOG8WsqBAmMxyb
29xfC4G2gwIDAQABo4IB3zCCAdswNwYDVR0RBDAwLoIMb2FzLmlyZXgub3JnghB5
YWxpYXBwLmlyZXgub3Jnggxhd3MuaXJleC5vcmcwCQYDVR0TBAIwADAOBgNVHQ8B
Af8EBAMCBaAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2dtLnN5bWNiLmNvbS9n
bS5jcmwwgakGA1UdIASBoTCBnjCBkgYJKwYBBAHwIgEGMIGEMD8GCCsGAQUFBwIB
FjNodHRwczovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL3JlcG9zaXRvcnkv
bGVnYWwwQQYIKwYBBQUHAgIwNQwzaHR0cHM6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jl
c291cmNlcy9yZXBvc2l0b3J5L2xlZ2FsMAcGBWeBDAEBMB0GA1UdJQQWMBQGCCsG
AQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBTez1xQt64CHxUXqhboDbUonWpa
8zBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9nbS5zeW1jZC5j
b20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9nbS5zeW1jYi5jb20vZ20uY3J0MBMGCisG
AQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBqXoLtMM3m8axxyYtJ
WClcGsK15bBGc5D+/eminnMh9qwj2M9zh9mU8W/A+IVyBu4uF0H7UHFhuKPtpVz0
vKdtUtuUu6a7sASctkQ4PYkr4iL4icYquXEUsd7q7t0tZvfgvigGJ1Pwn2cn2Opg
ZED8eWLpQHO7TnieuAyISMJvr097dKfMUG98yXrP69yCVOopLMZwO1LtixLyT+op
rcuDm0550OFfZWHQuh27Q1WaXjV3gStizdi1A0LBQPm1RlTYTSGV27fzpk9VA6ze
MeYjqcVMze+eW2VMoV5G3dlrwqvhyeySYxdlE7SqMggksCtK0q+NxghEbAWR5B7D
GFsm
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxE4HWV9csREGXgM8tyJY
lg2Pcs7Y4mImY0ReYrv+xfPGqmcw4g5a24/5TZ26w17U4dWHnFgZea7gIrY7hTY1
t9aOTVKYlBEzcuBSRuK3OJR+4m0cTwodMXUS2IVLqL1OTcYaTHJHuNU4MJskpCFP
oXJuB+B1QpBzKLt8E+fH7n68UoyyK6s351RIUB4xH9rwTeSWfAk3CLukYjKP8tAX
H2ECGDSL4EWAvVF7Asiv7Y3I6TnpsuNC2BwTc4n84BSK9C1wT18Pz7fFYhEzQ3oz
4Ou7A2wVpyoXPQAnQE6zFUeEPYmnDKafm5tSsRiVoXAOG8WsqBAmMxyb29xfC4G2
gwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 99089559006495430653738756492062271546
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust EV SSL CA - G4'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-09-14 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-09-30 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'New Jersey'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'District of Columbia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Washington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '0100472686'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'International Research and Exchanges Board Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ICT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'aws.irex.org'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Washington'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24781185163071051494021335943636241618917865209039142531844914521587629184634416358508845433627046289142260621539920436694723565843904161780642956144073039712699579493901808473611179607191415605981042303446703773958853754205456917043185917457666707587175119076426112311000194186017003036549939361185424769139177484321909576693321349867117965912514759803359241027651423984366546822566336616493051311962777533809495972734645400977250949084825517239322140882945713821853139237653488917567717665552964863970722826374297494033689790233950791448822052640655863078145674340087138982502339277165342010063244705569591955404419
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oas.irex.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yaliapp.irex.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aws.irex.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gm.symcb.com/gm.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (161 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.14370.1.6 (GeoTrust EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName decf5c50b7ae021f1517aa16e80db5289d6a5af3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gm.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gm.symcb.com/gm.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006a5e82ed30cde6f1ac71c98b4958295c1ac2b5e5b0467390fefde9a29e7321f6ac23d8cf7387d994f16fc0f8857206ee2e1741fb507161b8a3eda55cf4bca76d52db94bba6bbb0049cb644383d892be222f889c62ab97114b1deeaeedd2d66f7e0be28062753f09f6727d8ea606440fc7962e94073bb4e789eb80c8848c26faf4f7b74a7cc506f7cc97acfebdc8254ea292cc6703b52ed8b12f24fea29adcb839b4e79d0e15f6561d0ba1dbb43559a5e3577812b62cdd8b50342c140f9b54654d84d2195dbb7f3a64f5503acde31e623a9c54ccdef9e5b654ca15e46ddd96bc2abe1c9ec9263176513b4aa320824b02b4ad2af8dc608446c0591e41ec3185b26