prod-mtls.apis.lllext.com
- Lululemon Athletica Canada inc. -
Issued by GeoTrust TLS RSA CA G1
About this certificate
This digital certificate with serial number 09:a1:99:27:30:56:74:d5:c6:4f:eb:76:47:be:25:5c was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Lululemon Athletica Canada inc.
Organization:
Lululemon Athletica Canada inc.
State / Province:
British Columbia
Locality: Vancouver
Country: CA
Locality: Vancouver
Country: CA
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 09:a1:99:27:30:56:74:d5:c6:4f:eb:76:47:be:25:5cSerial Number (int): 12802118069815846696081524551894050140
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 0c:97:8b:2c:1a:23:b9:d2:ba:56:a3:73:33:59:7b:2c:46:20:ca:b3
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57
Fingerprint (sha1): 58:19:b8:34:73:5e:d1:f3:e5:41:74:a8:da:ee:3c:9d:98:4c:00:b8
Fingerprint (sha256): 4c:17:68:e7:c6:1e:06:85:1f:fa:22:52:f8:5d:21:50:30:bc:1a:e1:a7:a1:25:e4:18:e4:01:f6:2a:ad:96:2a
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl
Check the revocation status for certificate prod-mtls.apis.lllext.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for prod-mtls.apis.lllext.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
prod-mtls.apis.lllext.com
Other certificates including the domain name lllext.com
(limited to 100 certificates)
*.np.rcsvcs.lllext.com
prod.apis.lllext.com
prod.apis.lllext.com
lma-prd.us-west-2.k8s.lllext.com
preview.apis.lllext.com
ek8s-sbx.us-east-1.k8s.lllext.com
prd-rmcosting.prd-product-systems.aws.lllext.com
ngc-prd.us-west-2.k8s.lllext.com
ngc-npd.us-east-1.k8s.lllext.com
lma-npd-main.us-west-2.k8s.lllext.com
qa-plm-svc.aws.lllext.com
stg-plm-svc.aws.lllext.com
ek8s-npd.us-west-2.k8s.lllext.com
stg-plm-svc.aws.lllext.com
ek8s-npd.us-east-1.k8s.lllext.com
prod-mtls.apis.lllext.com
ek8s-npd-rancher.us-west-2.k8s.lllext.com
sandbox-dev.apis.lllext.com
api.npd-nettools.lllext.com
dev-mtls.apis.lllext.com
stage.apis.lllext.com
ek8s-sbx.us-west-2.k8s.lllext.com
stage-mtls.apis.lllext.com
ek8s-prd.us-east-1.k8s.lllext.com
preview.apis.lllext.com
sandbox-mtls.apis.lllext.com
ngc-prd.us-east-1.k8s.lllext.com
prod-plm-svc.aws.lllext.com
api.nettools.lllext.com
ek8s-npd.us-west-2.k8s.lllext.com
cmmrfidinnovation.aws.lllext.com
prod.apis.lllext.com
api.plim-dev.aws.lllext.com
prd-psci.prd-product-systems.aws.lllext.com
ngc-npd.us-west-2.k8s.lllext.com
dev-psci.npd-product-systems.aws.lllext.com
sandbox.apis.lllext.com
preview-mtls.apis.lllext.com
prod.apis.lllext.com
stage.apis.lllext.com
ek8s-prd.us-west-2.k8s.lllext.com
ek8s-npd.us-east-1.k8s.lllext.com
dev.apis.lllext.com
api.plim-qas.aws.lllext.com
mock.apis.lllext.com
mock.apis.lllext.com
test.apis.lllext.com
prod.apis.lllext.com
prod.apis.lllext.com
lma-prd.us-west-2.k8s.lllext.com
preview.apis.lllext.com
ek8s-sbx.us-east-1.k8s.lllext.com
prd-rmcosting.prd-product-systems.aws.lllext.com
ngc-prd.us-west-2.k8s.lllext.com
ngc-npd.us-east-1.k8s.lllext.com
lma-npd-main.us-west-2.k8s.lllext.com
qa-plm-svc.aws.lllext.com
stg-plm-svc.aws.lllext.com
ek8s-npd.us-west-2.k8s.lllext.com
stg-plm-svc.aws.lllext.com
ek8s-npd.us-east-1.k8s.lllext.com
prod-mtls.apis.lllext.com
ek8s-npd-rancher.us-west-2.k8s.lllext.com
sandbox-dev.apis.lllext.com
api.npd-nettools.lllext.com
dev-mtls.apis.lllext.com
stage.apis.lllext.com
ek8s-sbx.us-west-2.k8s.lllext.com
stage-mtls.apis.lllext.com
ek8s-prd.us-east-1.k8s.lllext.com
preview.apis.lllext.com
sandbox-mtls.apis.lllext.com
ngc-prd.us-east-1.k8s.lllext.com
prod-plm-svc.aws.lllext.com
api.nettools.lllext.com
ek8s-npd.us-west-2.k8s.lllext.com
cmmrfidinnovation.aws.lllext.com
prod.apis.lllext.com
api.plim-dev.aws.lllext.com
prd-psci.prd-product-systems.aws.lllext.com
ngc-npd.us-west-2.k8s.lllext.com
dev-psci.npd-product-systems.aws.lllext.com
sandbox.apis.lllext.com
preview-mtls.apis.lllext.com
prod.apis.lllext.com
stage.apis.lllext.com
ek8s-prd.us-west-2.k8s.lllext.com
ek8s-npd.us-east-1.k8s.lllext.com
dev.apis.lllext.com
api.plim-qas.aws.lllext.com
mock.apis.lllext.com
mock.apis.lllext.com
test.apis.lllext.com
Certificate
The complete raw certificate details for prod-mtls.apis.lllext.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGlzCCBX+gAwIBAgIQCaGZJzBWdNXGT+t2R74lXDANBgkqhkiG9w0BAQsFADBg MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx MB4XDTIzMDMyMTAwMDAwMFoXDTI0MDQyMDIzNTk1OVowgYoxCzAJBgNVBAYTAkNB MRkwFwYDVQQIExBCcml0aXNoIENvbHVtYmlhMRIwEAYDVQQHEwlWYW5jb3V2ZXIx KDAmBgNVBAoTH0x1bHVsZW1vbiBBdGhsZXRpY2EgQ2FuYWRhIGluYy4xIjAgBgNV BAMTGXByb2QtbXRscy5hcGlzLmxsbGV4dC5jb20wggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDhSO/0ywksdKr9+l4iMMbmvUJ3FjxF9tu5YEqxTNOo/SRh wJk9geUzO3bXAr4tw0Ld4VhCbpxSczJXPQCPNuDtgLvem9c2aUuGoS7DVlegj3Nf B2UJjJlCYsVc69SkrWA2EGGh5xZzwfxFkAW3SbGq2XUC4p0qfWZkY5C6ftwnrJ8J nP38rGMfAl65JSY+p4MUcwj15y5Z7DaiZzIq9VZg4OB/YHQ4YyXRhv5Tkwxh8z83 eur31eCFuSWmvXshcxQnx7uHAHeQP305EHwijOuKI3ALZW2+Z93hcDM02v6vlNlm DJxkEGqK+xOU0f4w/ynkXxqLy7HTZRWfDQrINloPAgMBAAGjggMgMIIDHDAfBgNV HSMEGDAWgBSUT9Rdi+Sk4qaA/v3Y+QDvo74CVzAdBgNVHQ4EFgQUDJeLLBojudK6 VqNzM1l7LEYgyrMwJAYDVR0RBB0wG4IZcHJvZC1tdGxzLmFwaXMubGxsZXh0LmNv bTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC MD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9jZHAuZ2VvdHJ1c3QuY29tL0dlb1Ry dXN0VExTUlNBQ0FHMS5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEF BQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMHYGCCsGAQUFBwEBBGow aDAmBggrBgEFBQcwAYYaaHR0cDovL3N0YXR1cy5nZW90cnVzdC5jb20wPgYIKwYB BQUHMAKGMmh0dHA6Ly9jYWNlcnRzLmdlb3RydXN0LmNvbS9HZW9UcnVzdFRMU1JT QUNBRzEuY3J0MAkGA1UdEwQCMAAwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2 AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABhwQyYEoAAAQDAEcw RQIhAL2e6OHIjpPTMISFPa+fYQyVsbFTzxvcWgkSjmQnsQvUAiAb8M7JYs+nyB8A pCBiUV+cMUW/UGfCvbX1eQua3efs+QB3AHPZnokbTJZ4oCB9R53mssYc0FFecRkq jGuAEHrBd3K1AAABhwQyYKkAAAQDAEgwRgIhAJXMXMcOEbVDQugRCKgkrIkgO5qS nd+3bcr4FhogKeD2AiEA3IOzcr9EnShIpxxBzS6il8jt0oObtHy3vHOs69ZeieAA dgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYcEMmAdAAAEAwBH MEUCICixLeEDyjSf1/p/1dziqxWtjz7Ggcbn3SxtyrXt9mNxAiEAueDxKmDqtg0s 7IVAVJrRZHUlF66Gz+vZr4aspqdD3CIwDQYJKoZIhvcNAQELBQADggEBAIm51TPp YRFhZuu2yDLiTQLvKgO4hOa5wkT0g+ZBVcVsJb7V+sXbcNe6JxEzHk4gNwZqetxP cT+kxRegXBDuFsU427dtvYXSA295iNXusD/RpO1B/rEGeX+O2gGNoD5w4xcgo5b0 E/DR878oosEyKilfVvcnnZ/7EPU+CjA85iudaDdG/W1yTUIkvf7PERJqWNlBwszS u7pQVvCdOLYHwiHlsTWtLfqYq99Ovxz0UGf7YaC/rwxwo92UYhG7QqRd/BzUOtA6 1bxb0uoQ2CMljwf/w2QhuWeE0rtPSDiawMGWa3rZpd3wfyPocrlumeniGMo6e7sZ PC+JK22jUE3Vy+I= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Ujv9MsJLHSq/fpeIjDG 5r1CdxY8RfbbuWBKsUzTqP0kYcCZPYHlMzt21wK+LcNC3eFYQm6cUnMyVz0Ajzbg 7YC73pvXNmlLhqEuw1ZXoI9zXwdlCYyZQmLFXOvUpK1gNhBhoecWc8H8RZAFt0mx qtl1AuKdKn1mZGOQun7cJ6yfCZz9/KxjHwJeuSUmPqeDFHMI9ecuWew2omcyKvVW YODgf2B0OGMl0Yb+U5MMYfM/N3rq99Xghbklpr17IXMUJ8e7hwB3kD99ORB8Iozr iiNwC2Vtvmfd4XAzNNr+r5TZZgycZBBqivsTlNH+MP8p5F8ai8ux02UVnw0KyDZa DwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 12802118069815846696081524551894050140 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-21 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-20 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'British Columbia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Vancouver' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Lululemon Athletica Canada inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'prod-mtls.apis.lllext.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28439585354789981268366941654645392303845999594059625859562064069711965416549223398420559706823825458636648713700281228164444647630163591582572366877602029517577991454079027598800029790359210525701223549547768344627689685706631044042994392148707204369052727541451126250137882488441052781299854297999512687894717391599538417411237404383461955702230631521498829299369381850599472006759193081821552271390443109986660245561559077734749841737485562308742524454702848559866713472525845637537834036027743103804003930529238590168126297512865608187537760596654757019191135170500744564039704291432473997613096710306189326834191 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0c978b2c1a23b9d2ba56a37333597b2c4620cab3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod-mtls.apis.lllext.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001870432604a0000040300473045022100bd9ee8e1c88e93d33084853daf9f610c95b1b153cf1bdc5a09128e6427b10bd402201bf0cec962cfa7c81f00a42062515f9c3145bf5067c2bdb5f5790b9adde7ecf900770073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b500000187043260a9000004030048304602210095cc5cc70e11b54342e81108a824ac89203b9a929ddfb76dcaf8161a2029e0f6022100dc83b372bf449d2848a71c41cd2ea297c8edd2839bb47cb7bc73acebd65e89e000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001870432601d0000040300473045022028b12de103ca349fd7fa7fd5dce2ab15ad8f3ec681c6e7dd2c6dcab5edf66371022100b9e0f12a60eab60d2cec8540549ad164752517ae86cfebd9af86aca6a743dc22 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0089b9d533e961116166ebb6c832e24d02ef2a03b884e6b9c244f483e64155c56c25bed5fac5db70d7ba2711331e4e2037066a7adc4f713fa4c517a05c10ee16c538dbb76dbd85d2036f7988d5eeb03fd1a4ed41feb106797f8eda018da03e70e31720a396f413f0d1f3bf28a2c1322a295f56f7279d9ffb10f53e0a303ce62b9d683746fd6d724d4224bdfecf11126a58d941c2ccd2bbba5056f09d38b607c221e5b135ad2dfa98abdf4ebf1cf45067fb61a0bfaf0c70a3dd946211bb42a45dfc1cd43ad03ad5bc5bd2ea10d823258f07ffc36421b96784d2bb4f48389ac0c1966b7ad9a5ddf07f23e872b96e99e9e218ca3a7bbb193c2f892b6da3504dd5cbe2