access.mcfarlandclinic.com

- McFarland Clinic PC -

Issued by GeoTrust TLS RSA CA G1

About this certificate

This digital certificate with serial number 0d:fd:d1:bb:9e:e5:85:4c:28:fa:ef:35:b9:a6:e6:c3 was issued on by DigiCert Inc.

With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

McFarland Clinic PC

Organization: McFarland Clinic PC
State / Province: Iowa
Locality: Ames
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0d:fd:d1:bb:9e:e5:85:4c:28:fa:ef:35:b9:a6:e6:c3
Serial Number (int): 18597868938862876148429420047158929091
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 9f:ca:aa:89:60:57:57:ac:d5:01:1e:49:52:f4:eb:9f:c6:68:8f:00
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57

Fingerprint (sha1): 76:59:2c:1b:b4:3d:b3:08:d3:14:8b:e4:53:b0:01:99:e5:34:fb:c1
Fingerprint (sha256): 4f:ad:ea:3f:59:87:dd:10:6e:10:3b:a3:22:6f:8a:08:40:50:ab:af:7b:e7:dc:86:e7:2d:66:57:55:93:66:74

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl

Check the revocation status for certificate access.mcfarlandclinic.com

7

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for access.mcfarlandclinic.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

access.mcfarlandclinic.com
iConAcc-PRD-Web.mcfarlandclinic.com
iConnAcc-TEST.mcfarlandclinic.com
HV-iConnShare.mcfarlandclinic.com
HV-iConnVNA-Test.mcfarlandclinic.com
Access2.mcfarlandclinic.com
iConAcc-PRD-Rnd.mcfarlandclinic.com

Other certificates including the domain name mcfarlandclinic.com

(limited to 100 certificates)
sso2.mcfarlandclinic.com
sfdmcf.mcfarlandclinic.com
update.mcfarlandclinic.com
demosched.mcfarlandclinic.com
pacs.mcfarlandclinic.com
sfdtest.mcfarlandclinic.com
tmtest.mcfarlandclinic.com
sso1.mcfarlandclinic.com
eclink.mcfarlandclinic.com
demosched.mcfarlandclinic.com
webvpn.mcfarlandclinic.com
mcffed.mcfarlandclinic.com
epiphany.mcfarlandclinic.com
apps.mcfarlandclinic.com
tm01.mcfarlandclinic.com
sso.mcfarlandclinic.com
eclink.mcfarlandclinic.com
sso.mcfarlandclinic.com
emrproxy.mcfarlandclinic.com
sched.mcfarlandclinic.com
access.mcfarlandclinic.com
work.mcfarlandclinic.com
password.mcfarlandclinic.com
access.mcfarlandclinic.com
mcfarlandclinic.com
password.mcfarlandclinic.com
www.mitsubishidrummondville.com
citrix.mcfarlandclinic.com
share.mcfarlandclinic.com
emrproxy.mcfarlandclinic.com
tokensigning1.mcfarlandclinic.com
password.mcfarlandclinic.com
app.sukii.at
sfdtest.mcfarlandclinic.com
apps.mcfarlandclinic.com
citrix.mcfarlandclinic.com
mcfarlandclinic.com
sfdmcf.mcfarlandclinic.com
www.mcfarlandclinic.com
pacs.mcfarlandclinic.com
update.mcfarlandclinic.com
www.ultimatesoundgroup.com
epiphany.mcfarlandclinic.com
tokensigning1.mcfarlandclinic.com
mcffed.mcfarlandclinic.com
*.mcfarlandclinic.com
epiphany.mcfarlandclinic.com
nasb.beta.literalword.com
pacs.mcfarlandclinic.com
remote.mcfarlandclinic.com
rte.mcfarlandclinic.com
emrproxy.mcfarlandclinic.com
www.mcfarlandclinic.com
password.mcfarlandclinic.com
update.mcfarlandclinic.com
sched.mcfarlandclinic.com
schedule.mcfarlandclinic.com
mcffed.mcfarlandclinic.com
mcf-fresh.mcfarlandclinic.com
emrproxytst.mcfarlandclinic.com
share.mcfarlandclinic.com
webvpn.mcfarlandclinic.com
access.mcfarlandclinic.com
pacs.mcfarlandclinic.com
password.mcfarlandclinic.com
access.mcfarlandclinic.com
password.mcfarlandclinic.com
demosched.mcfarlandclinic.com
epiphany.mcfarlandclinic.com
mcffed.mcfarlandclinic.com
rte.mcfarlandclinic.com
tm01.mcfarlandclinic.com
access.mcfarlandclinic.com
apps.mcfarlandclinic.com
app.masworldsuite.com
mycharttst.mcfarlandclinic.com
sso2.mcfarlandclinic.com
mcfarlandclinic.com
citrix.mcfarlandclinic.com
renouf.dev
MYCHARTTST.MCFARLANDCLINIC.COM
PASSWORD.MCFARLANDCLINIC.COM
webvpn.mcfarlandclinic.com
eclink.mcfarlandclinic.com
apps.mcfarlandclinic.com
securelink.mcfarlandclinic.com
mycharttst.mcfarlandclinic.com
epiphany.mcfarlandclinic.com
sfdtest.mcfarlandclinic.com
citrix.mcfarlandclinic.com
share.mcfarlandclinic.com
tm01.mcfarlandclinic.com
mcfarlandclinic.com
mcffed.mcfarlandclinic.com
mcfarlandclinic.com
www.mcfarlandclinic.com
mcffed.mcfarlandclinic.com
sso.mcfarlandclinic.com
mycharttst.mcfarlandclinic.com
citrix.mcfarlandclinic.com

Certificate

The complete raw certificate details for access.mcfarlandclinic.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHUjCCBjqgAwIBAgIQDf3Ru57lhUwo+u81uabmwzANBgkqhkiG9w0BAQsFADBg
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx
MB4XDTIzMTIxODAwMDAwMFoXDTI0MTIxOTIzNTk1OVowbjELMAkGA1UEBhMCVVMx
DTALBgNVBAgTBElvd2ExDTALBgNVBAcTBEFtZXMxHDAaBgNVBAoTE01jRmFybGFu
ZCBDbGluaWMgUEMxIzAhBgNVBAMTGmFjY2Vzcy5tY2ZhcmxhbmRjbGluaWMuY29t
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cpPAd9IvaeWvwXXln0h
sxmJih4DodFL/i/Vi7p2uMxn1blRTXVzgUUwCSODv7rlbrR9h5uHqr68KuE+EIZ5
ptLnmu1pjp8BM1Rd4Qqt7yqBnHCBKSlxTQmMrI+Hl7Cz93EAjKg17bSYYH0tt/vb
1KYZLE3fEFryQxdxqez8d2APCLaZ5qGPUYRHz2cOz1kN7tOsI5jiVZZzO6g/QGA8
SugffM8jrKdWtO+pboujHbdBXRo/a86YBfDkO5cB/Gap6Ha+bBXHlGNo6O+Z5DaS
M9Ww9g1lX9AiSiDOzPyQQ2mMWg1HQEdRstplQVgDEvWKVXDY9Fk157+K8an/+ZQf
6QIDAQABo4ID+DCCA/QwHwYDVR0jBBgwFoAUlE/UXYvkpOKmgP792PkA76O+Alcw
HQYDVR0OBBYEFJ/KqolgV1es1QEeSVL065/GaI8AMIH6BgNVHREEgfIwge+CGmFj
Y2Vzcy5tY2ZhcmxhbmRjbGluaWMuY29tgiNpQ29uQWNjLVBSRC1XZWIubWNmYXJs
YW5kY2xpbmljLmNvbYIhaUNvbm5BY2MtVEVTVC5tY2ZhcmxhbmRjbGluaWMuY29t
giFIVi1pQ29ublNoYXJlLm1jZmFybGFuZGNsaW5pYy5jb22CJEhWLWlDb25uVk5B
LVRlc3QubWNmYXJsYW5kY2xpbmljLmNvbYIbQWNjZXNzMi5tY2ZhcmxhbmRjbGlu
aWMuY29tgiNpQ29uQWNjLVBSRC1SbmQubWNmYXJsYW5kY2xpbmljLmNvbTA+BgNV
HSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2lj
ZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY2RwLmdlb3RydXN0
LmNvbS9HZW9UcnVzdFRMU1JTQUNBRzEuY3JsMHYGCCsGAQUFBwEBBGowaDAmBggr
BgEFBQcwAYYaaHR0cDovL3N0YXR1cy5nZW90cnVzdC5jb20wPgYIKwYBBQUHMAKG
Mmh0dHA6Ly9jYWNlcnRzLmdlb3RydXN0LmNvbS9HZW9UcnVzdFRMU1JTQUNBRzEu
Y3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AO7N
0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABjH4FExoAAAQDAEcwRQIh
ALsV6uhEIVFdH/WCHLqF5VyAWyKn1IwJF7d4jLsrrJfjAiAgviNuM43ij1F/NNwv
ixAMkhbaoUKJHZ0TxGyhNoNvsgB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7
v6s52IRzAAABjH4FEzoAAAQDAEcwRQIhAJL7bdE5jv2Okm9wv6QQQp4RxfBsb4Mi
jhqTLZQoRyATAiA9vntyZvZkBQQqw+SCdQv8WwKbqk0cjoWkBcm2kUw+fQB1ANq2
v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABjH4FEyMAAAQDAEYwRAIg
G1vC4Vp+7arMogvEBuCFRSgILyo6yY/F4buJZHuURG0CID0++RzlHu2rLg8b4eiL
+5Uy2/K++513WI5LLwPf+tK3MA0GCSqGSIb3DQEBCwUAA4IBAQAEwfUYpssOqvdL
rxkW7VLSypymO8n9b0nEfVzrxH4DHRxFkvJPZAvVDPoqTAj4BQ388y6z5zzJljSR
Xn2QucAs7C639Z1/tAnB6QHiE+mVPcHi/ezdm3iK3c/O24T9GMS1yAIiwFj8DGXm
nXNPfkNFlwvPJWZK+YHRn2FlXSXbpbY4rDDKc3kSd+sRmLxRWD97s46KlTuJuCmC
EUPKc+i6mp6mRchNUWwCF+D5eGvT2+UTqjSP6WPPNVO99cRng7N2K6d3vH6Kw7EA
Q6TsNEuQ3qaJ3I8y5l5Sc+zmsxPt3U1iCZVodCKwU9yoDuV+t8wEdH2EI3qUSwaR
LQWgE3Lv
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cpPAd9IvaeWvwXXln0h
sxmJih4DodFL/i/Vi7p2uMxn1blRTXVzgUUwCSODv7rlbrR9h5uHqr68KuE+EIZ5
ptLnmu1pjp8BM1Rd4Qqt7yqBnHCBKSlxTQmMrI+Hl7Cz93EAjKg17bSYYH0tt/vb
1KYZLE3fEFryQxdxqez8d2APCLaZ5qGPUYRHz2cOz1kN7tOsI5jiVZZzO6g/QGA8
SugffM8jrKdWtO+pboujHbdBXRo/a86YBfDkO5cB/Gap6Ha+bBXHlGNo6O+Z5DaS
M9Ww9g1lX9AiSiDOzPyQQ2mMWg1HQEdRstplQVgDEvWKVXDY9Fk157+K8an/+ZQf
6QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 18597868938862876148429420047158929091
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-18 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-19 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Iowa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ames'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'McFarland Clinic PC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'access.mcfarlandclinic.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28503380717212359764845804815434738431779986559663749780499394851720835651152963130910445788229035789620842862086964452079174999034150694761215041969994917181993129406591072950709497117520405711125539158240257105120031708712075374658383049343356037312221440049654406866699003196195237562990074832335059027832963570515763902934137789752295409416956265664297861512455450625741549286079872079823329523941679655998624451606041643592319741194218449835518181124321991240161323407617844904226946703588670015801442375627600221861160575565807295527706129407438855419082315863163531995955833556297564881216533522089894498017257
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9fcaaa89605757acd5011e4952f4eb9fc6688f00
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'access.mcfarlandclinic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iConAcc-PRD-Web.mcfarlandclinic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iConnAcc-TEST.mcfarlandclinic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'HV-iConnShare.mcfarlandclinic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'HV-iConnVNA-Test.mcfarlandclinic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'Access2.mcfarlandclinic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iConAcc-PRD-Rnd.mcfarlandclinic.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c7e05131a0000040300473045022100bb15eae84421515d1ff5821cba85e55c805b22a7d48c0917b7788cbb2bac97e3022020be236e338de28f517f34dc2f8b100c9216daa142891d9d13c46ca136836fb200760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c7e05133a000004030047304502210092fb6dd1398efd8e926f70bfa410429e11c5f06c6f83228e1a932d942847201302203dbe7b7266f66405042ac3e482750bfc5b029baa4d1c8e85a405c9b6914c3e7d007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018c7e051323000004030046304402201b5bc2e15a7eedaacca20bc406e0854528082f2a3ac98fc5e1bb89647b94446d02203d3ef91ce51eedab2e0f1be1e88bfb9532dbf2befb9d77588e4b2f03dffad2b7
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0004c1f518a6cb0eaaf74baf1916ed52d2ca9ca63bc9fd6f49c47d5cebc47e031d1c4592f24f640bd50cfa2a4c08f8050dfcf32eb3e73cc99634915e7d90b9c02cec2eb7f59d7fb409c1e901e213e9953dc1e2fdecdd9b788addcfcedb84fd18c4b5c80222c058fc0c65e69d734f7e4345970bcf25664af981d19f61655d25dba5b638ac30ca73791277eb1198bc51583f7bb38e8a953b89b829821143ca73e8ba9a9ea645c84d516c0217e0f9786bd3dbe513aa348fe963cf3553bdf5c46783b3762ba777bc7e8ac3b10043a4ec344b90dea689dc8f32e65e5273ece6b313eddd4d620995687422b053dca80ee57eb7cc04747d84237a944b06912d05a01372ef