www.khaironline.net
Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1
About this certificate
This digital certificate with serial number 0b:f2:9a:a5:63:aa:eb:b2:e0:1e:ee:f1:8c:ed:6b:28 was issued on by DigiCert, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.khaironline.net
DigiCert, Inc.
Organization:
DigiCert, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0b:f2:9a:a5:63:aa:eb:b2:e0:1e:ee:f1:8c:ed:6b:28Serial Number (int): 15881180387970926516348424871599762216
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 46:d2:1c:18:3a:4b:be:32:2b:ff:e8:b1:54:5a:13:c5:d4:ab:97:4e
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23
Fingerprint (sha1): 55:d4:3e:fe:8e:bb:4a:89:48:28:19:37:f6:b2:1f:ec:d9:08:c7:b5
Fingerprint (sha256): 4d:91:ea:ba:0b:fc:4a:80:30:52:f1:ca:4f:7e:33:ae:ad:46:df:dc:70:24:32:30:15:76:4e:d4:b8:9d:87:f8
Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
Check the revocation status for certificate www.khaironline.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.khaironline.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.khaironline.net
khaironline.net
khaironline.net
Other certificates including the domain name khaironline.net
(limited to 100 certificates)
mail.khaironline.net
www.khaironline.net
itsupport.afmforest.com
ssihelpdesk.shoesensation.com
help-desk.soa.org
ayuda.vinte.com
www.khaironline.net
itsupport.quigleysimpson.com
servicedesk.vermontech.net
itsupport.afmforest.com
itsupport.quigleysimpson.com
ssihelpdesk.shoesensation.com
portal.beeyond.co
servicedesk.vermontech.net
www.khaironline.net
servicedesk.vermontech.net
mail.khaironline.net
mail.khaironline.net
servicedesk.vermontech.net
itsupport.afmforest.com
helpdesk.kleysen.com
servicedesk.vermontech.net
support.medicaxl.co.il
www.khaironline.net
www.khaironline.net
servicedesk.vermontech.net
itsupport.afmforest.com
support.khaironline.net
www.khaironline.net
www.khaironline.net
itsupport.quigleysimpson.com
www.khaironline.net
www.khaironline.net
www.khaironline.net
help-desk.soa.org
www.khaironline.net
www.khaironline.net
servicedesk.vermontech.net
ssihelpdesk.shoesensation.com
ayuda.vinte.com
helpdesk.kleysen.com
ssihelpdesk.shoesensation.com
itsupport.afmforest.com
support.khaironline.net
www.khaironline.net
itsupport.afmforest.com
www.khaironline.net
support.khaironline.net
help-desk.soa.org
help-desk.soa.org
help-desk.soa.org
www.khaironline.net
support.medicaxl.co.il
itsupport.afmforest.com
servicedesk.vermontech.net
itsupport.afmforest.com
www.khaironline.net
support.medicaxl.co.il
mail.khaironline.net
help-desk.soa.org
servicedesk.vermontech.net
servicedesk.vermontech.net
itsupport.quigleysimpson.com
servicedesk.vermontech.net
www.khaironline.net
support.khaironline.net
helpdesk.kleysen.com
support.medicaxl.co.il
ayuda.vinte.com
servicedesk.vermontech.net
help-desk.soa.org
help-desk.soa.org
www.khaironline.net
ayuda.vinte.com
helpdesk.kleysen.com
www.khaironline.net
itsupport.afmforest.com
ssihelpdesk.shoesensation.com
help-desk.soa.org
ayuda.vinte.com
www.khaironline.net
itsupport.quigleysimpson.com
servicedesk.vermontech.net
itsupport.afmforest.com
itsupport.quigleysimpson.com
ssihelpdesk.shoesensation.com
portal.beeyond.co
servicedesk.vermontech.net
www.khaironline.net
servicedesk.vermontech.net
mail.khaironline.net
mail.khaironline.net
servicedesk.vermontech.net
itsupport.afmforest.com
helpdesk.kleysen.com
servicedesk.vermontech.net
support.medicaxl.co.il
www.khaironline.net
www.khaironline.net
servicedesk.vermontech.net
itsupport.afmforest.com
support.khaironline.net
www.khaironline.net
www.khaironline.net
itsupport.quigleysimpson.com
www.khaironline.net
www.khaironline.net
www.khaironline.net
help-desk.soa.org
www.khaironline.net
www.khaironline.net
servicedesk.vermontech.net
ssihelpdesk.shoesensation.com
ayuda.vinte.com
helpdesk.kleysen.com
ssihelpdesk.shoesensation.com
itsupport.afmforest.com
support.khaironline.net
www.khaironline.net
itsupport.afmforest.com
www.khaironline.net
support.khaironline.net
help-desk.soa.org
help-desk.soa.org
help-desk.soa.org
www.khaironline.net
support.medicaxl.co.il
itsupport.afmforest.com
servicedesk.vermontech.net
itsupport.afmforest.com
www.khaironline.net
support.medicaxl.co.il
mail.khaironline.net
help-desk.soa.org
servicedesk.vermontech.net
servicedesk.vermontech.net
itsupport.quigleysimpson.com
servicedesk.vermontech.net
www.khaironline.net
support.khaironline.net
helpdesk.kleysen.com
support.medicaxl.co.il
ayuda.vinte.com
servicedesk.vermontech.net
help-desk.soa.org
help-desk.soa.org
www.khaironline.net
ayuda.vinte.com
helpdesk.kleysen.com
Certificate
The complete raw certificate details for www.khaironline.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHozCCBYugAwIBAgIQC/KapWOq67LgHu7xjO1rKDANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN MjIxMTEzMDAwMDAwWhcNMjMwOTA4MjM1OTU5WjAeMRwwGgYDVQQDExN3d3cua2hh aXJvbmxpbmUubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSh8 jRGvw2HQeoc7LtSCRGjUgJVPEW7ACG0EezvX9Ql17WDXYdLGG74gd1Sytyp4E5Gy AY72+8xygcITHpWbf8SqKqOekmt496U1WpJNxS0U7sWGI+8U/F4GQau7ICJzRY0P SGYY7YmSWS40CDwK9ome8Te838f31MYzRO+a0BeqfqrM/+vKu7h+vGG/0A7KEpcG KLqj6+C1znH16VKZuV7/YstkuLtMOc+hp+ilEY9WEIpVr8g9p1Vxc8qLHFfUPGeO lYUFFgJW/pCPGMtuVI2oOrxV033BwXILOy5vb0aIQWnjdtdrJ3vMnW2vGgXIfpE8 Voy6tkeyABuqPAcewQIDAQABo4IDnTCCA5kwHwYDVR0jBBgwFoAUpbTW6zbE52um 38RkCwEqIAS4ZiMwHQYDVR0OBBYEFEbSHBg6S74yK//osVRaE8XUq5dOMC8GA1Ud EQQoMCaCE3d3dy5raGFpcm9ubGluZS5uZXSCD2toYWlyb25saW5lLm5ldDAOBgNV HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGfBgNV HR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9HZW9UcnVz dEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNybDBIoEagRIZCaHR0cDov L2NybDQuZGlnaWNlcnQuY29tL0dlb1RydXN0R2xvYmFsVExTUlNBNDA5NlNIQTI1 NjIwMjJDQTEuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQIBMCkwJwYIKwYBBQUHAgEW G2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBhwYIKwYBBQUHAQEEezB5MCQG CCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUQYIKwYBBQUHMAKG RWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRMU1JT QTQwOTZTSEEyNTYyMDIyQ0ExLmNydDAJBgNVHRMEAjAAMIIBfgYKKwYBBAHWeQIE AgSCAW4EggFqAWgAdgDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAA AYRwpMzVAAAEAwBHMEUCIFJZKpAEM+8pIeGlgfB5DjG3LDdS70CQ7RPekMZFISU1 AiEA2sAoXY/LjzbMsRVU4g8ozzkzlKY6brxpPu+Ahu9sCZUAdQCzc3cH4YRQ+GOG 1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAYRwpM0dAAAEAwBGMEQCID3t1Bobp+GX NRCdntejPxWGSEcQwpO/Ti7J33ekWSw/AiAJmi5umjEJqpBM8Nl7yrFj4aM7YQ65 rQL8GCfjp+ZjvQB3ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAAB hHCkzNYAAAQDAEgwRgIhAMzo1Nx11AAWhrpVnzLfu5vImaYZ4LTmTSGlnA8eRhFR AiEA07ok81tbWn2CEfpTVzoMoMJ/AW854Qn86A/G5K5ES5AwDQYJKoZIhvcNAQEL BQADggIBAKa1BP/wenYctQcMPl/50FYE1pQ9bkn2WNJ20LG1DHmI+/cFo2gqfiyP VpEN/3FLs4mXdhQBTWIlY+0EXAyQO04UE/yLQBHF1GvJj1ym6UpQ+bX3w3OMnifH 4cfkcbyfHBK59fYaee7eFgOcxZI1ZRTJkvNQHaZ9kNW0rC8T/CzP7z9NkwVzKiEo n6gQBZtSmmL0mxn7AdhxrzXXJ5LR9RARTDGB9zpFCO6apkP1ML03VEnMIIH3yo8a jDeQHlWBIPMf0+o+dxGKJy63lZm7GQA8Q2WFuqWkuQspilxhd13E1395Ib58SIaz fTLPYsI6WJ/DqSs6XA00/klyxJKuK8oV5VGOn7yugulQOxZl6u65Itc03khoY+Br quD4H2xNPN6btfCSu/dcDg1DwLK3e998ty083nMLuPIDLAbRToBXB0Zd2v8JstQB Jve6BQ+xBejG7iXlcwvoh+xhCpUybVY8S1FFRTlZGTCZ8xumsZikf7NHRr3lNra+ oOKryJeApdAY8iitOBJ5mti8I5F8Xx8Xf14sSa4RWBmoz9qY0ROLqOQxEUH/zY9y wQJVdHh2AsDqSQDd1JgmgXunEm4aIbd1YhW5zibKWhVIhNZq8X4TNJ6+gMqaggEQ i0S0jn9c+rkYNrLHTK8avUKo/QSdI1exR2Rjy0lUDh79dz19ORyI -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSh8jRGvw2HQeoc7LtSC RGjUgJVPEW7ACG0EezvX9Ql17WDXYdLGG74gd1Sytyp4E5GyAY72+8xygcITHpWb f8SqKqOekmt496U1WpJNxS0U7sWGI+8U/F4GQau7ICJzRY0PSGYY7YmSWS40CDwK 9ome8Te838f31MYzRO+a0BeqfqrM/+vKu7h+vGG/0A7KEpcGKLqj6+C1znH16VKZ uV7/YstkuLtMOc+hp+ilEY9WEIpVr8g9p1Vxc8qLHFfUPGeOlYUFFgJW/pCPGMtu VI2oOrxV033BwXILOy5vb0aIQWnjdtdrJ3vMnW2vGgXIfpE8Voy6tkeyABuqPAce wQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15881180387970926516348424871599762216 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-13 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-08 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.khaironline.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24383957509273720406080929727747369638118555513444953146706739669519419379035916141363110780034284003275843140219674647443527290003011302667914898328036448358775259416714848221602563786787013788953746533478940838571389468514133623606478929524166295834362638984920984252864508041924951949365291675657916443280759795093488027068586166472168076919952032482044990733785692160477684768216060677373497308932216117112125558365293629052957924042523369444307495273689870014386881563258595065978156760007915269640878038902295146616080111674809728879285097574678319984615642966184182226031197272459567567715397088189373863108289 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 46d21c183a4bbe322bffe8b1545a13c5d4ab974e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.khaironline.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'khaironline.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018470a4ccd50000040300473045022052592a900433ef2921e1a581f0790e31b72c3752ef4090ed13de90c645212535022100dac0285d8fcb8f36ccb11554e20f28cf393394a63a6ebc693eef8086ef6c0995007500b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000018470a4cd1d000004030046304402203dedd41a1ba7e19735109d9ed7a33f1586484710c293bf4e2ec9df77a4592c3f0220099a2e6e9a3109aa904cf0d97bcab163e1a33b610eb9ad02fc1827e3a7e663bd007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018470a4ccd60000040300483046022100cce8d4dc75d4001686ba559f32dfbb9bc899a619e0b4e64d21a59c0f1e461151022100d3ba24f35b5b5a7d8211fa53573a0ca0c27f016f39e109fce80fc6e4ae444b90 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00a6b504fff07a761cb5070c3e5ff9d05604d6943d6e49f658d276d0b1b50c7988fbf705a3682a7e2c8f56910dff714bb389977614014d622563ed045c0c903b4e1413fc8b4011c5d46bc98f5ca6e94a50f9b5f7c3738c9e27c7e1c7e471bc9f1c12b9f5f61a79eede16039cc592356514c992f3501da67d90d5b4ac2f13fc2ccfef3f4d9305732a21289fa810059b529a62f49b19fb01d871af35d72792d1f510114c3181f73a4508ee9aa643f530bd375449cc2081f7ca8f1a8c37901e558120f31fd3ea3e77118a272eb79599bb19003c436585baa5a4b90b298a5c61775dc4d77f7921be7c4886b37d32cf62c23a589fc3a92b3a5c0d34fe4972c492ae2bca15e5518e9fbcae82e9503b1665eaeeb922d734de486863e06baae0f81f6c4d3cde9bb5f092bbf75c0e0d43c0b2b77bdf7cb72d3cde730bb8f2032c06d14e805707465ddaff09b2d40126f7ba050fb105e8c6ee25e5730be887ec610a95326d563c4b5145453959193099f31ba6b198a47fb34746bde536b6bea0e2abc89780a5d018f228ad3812799ad8bc23917c5f1f177f5e2c49ae115819a8cfda98d1138ba8e4311141ffcd8f72c1025574787602c0ea4900ddd49826817ba7126e1a21b7756215b9ce26ca5a154884d66af17e13349ebe80ca9a8201108b44b48e7f5cfab91836b2c74caf1abd42a8fd049d2357b1476463cb49540e1efd773d7d391c88