www.aoa.org
- American Optometric Association -
Issued by DigiCert SHA2 Extended Validation Server CA
About this certificate
This digital certificate with serial number 06:f3:30:c3:65:23:73:c7:24:87:8c:26:c5:51:09:7b was issued on by DigiCert Inc.
With 34 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
American Optometric Association
Company registration number:
50965
Organization: American Optometric Association
Organization: American Optometric Association
State / Province:
Missouri
Locality: St. Louis
Country: US
Locality: St. Louis
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 06:f3:30:c3:65:23:73:c7:24:87:8c:26:c5:51:09:7bSerial Number (int): 9238085147786969054204124423900957051
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 67:e0:28:7a:fa:d9:29:04:81:57:5b:c2:30:35:30:90:cb:28:20:b1
AuthorityKeyId: 3d:d3:50:a5:d6:a0:ad:ee:f3:4a:60:0a:65:d3:21:d4:f8:f8:d6:0f
Fingerprint (sha1): 0f:3c:08:9e:11:88:ea:de:a0:19:00:e9:3f:f7:e6:f2:9f:e4:e4:59
Fingerprint (sha256): 54:e2:ec:6e:5f:51:ad:a6:b1:d7:c1:b5:57:bf:95:e2:cf:c8:29:de:a8:77:4b:5d:ed:dd:94:45:10:47:99:b0
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ev-server-g2.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ev-server-g2.crl
Check the revocation status for certificate www.aoa.org
34
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.aoa.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.aoa.org
autodiscover.aoa.org
dev.aoa.org
hybrid.aoa.org
mail.aoa.org
netapps.aoa.org
stage.aoa.org
store.aoa.org
alabama.aoa.org
alabama.stage.aoa.org
colorado.aoa.org
colorado.stage.aoa.org
idaho.aoa.org
idaho.stage.aoa.org
kansas.aoa.org
kansas.stage.aoa.org
maine.aoa.org
maine.stage.aoa.org
minnesota.aoa.org
minnesota.stage.aoa.org
nebraska.aoa.org
nebraska.stage.aoa.org
ohio.aoa.org
ohio.stage.aoa.org
pennsylvania.aoa.org
pennsylvania.stage.aoa.org
rhodeisland.aoa.org
rhodeisland.stage.aoa.org
texas.aoa.org
texas.stage.aoa.org
texasv9.aoa.org
washington.aoa.org
illinois.aoa.org
oklahoma.aoa.org
autodiscover.aoa.org
dev.aoa.org
hybrid.aoa.org
mail.aoa.org
netapps.aoa.org
stage.aoa.org
store.aoa.org
alabama.aoa.org
alabama.stage.aoa.org
colorado.aoa.org
colorado.stage.aoa.org
idaho.aoa.org
idaho.stage.aoa.org
kansas.aoa.org
kansas.stage.aoa.org
maine.aoa.org
maine.stage.aoa.org
minnesota.aoa.org
minnesota.stage.aoa.org
nebraska.aoa.org
nebraska.stage.aoa.org
ohio.aoa.org
ohio.stage.aoa.org
pennsylvania.aoa.org
pennsylvania.stage.aoa.org
rhodeisland.aoa.org
rhodeisland.stage.aoa.org
texas.aoa.org
texas.stage.aoa.org
texasv9.aoa.org
washington.aoa.org
illinois.aoa.org
oklahoma.aoa.org
Other certificates including the domain name aoa.org
(limited to 100 certificates)
www.aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
cordialdata.aoa.org
aafprs.mercantile.cards
dg-0035-c25fe2a.client-tls.adestra.com
www.aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
*.aoa.org
*.aoa.org
www.aoa.org
aafprs.mercantile.cards
www.aoa.org
aafprs.mercantile.cards
www.aoa.org
aoa.org
cordialclick.aoa.org
*.aoa.org
www.aoa.org
www.aoa.org
aoa.org
cordialclick.aoa.org
www.aoa.org
*.aoa.org
cordialclick.aoa.org
*.aoa.org
www.aoa.org
www.aoa.org
*.aoa.org
www.aoa.org
*.aoa.org
*.aoa.org
*.aoa.org
cordialdata.aoa.org
*.aoa.org
*.stage.aoa.org
*.aoa.org
www.aoa.org
dg-0035-c25fe2a.client-tls.adestra.com
*.aoa.org
www.aoa.org
secure.aoa.org
secure.aoa.org
www.aoa.org
cordialdata.aoa.org
api.card.aoa.org
www.aoa.org
aoa.org
secure.aoa.org
*.aoa.org
aoa.org
about.card.aoa.org
ithelp.patchi.com
aoa.mercantile.cards
aafprs.mercantile.cards
www.aoa.org
www.aoa.org
*.aoa.org
*.aoa.org
*.aoa.org
www.aoa.org
cordialclick.aoa.org
auth.card.aoa.org
cordialdata.aoa.org
www.aoa.org
aafprs.mercantile.cards
www.aoa.org
aafprs.mercantile.cards
*.aoa.org
aafprs.mercantile.cards
*.aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
aoa.org
www.aoa.org
mail.aoa.org
www.aoa.org
cordialdata.aoa.org
aafprs.mercantile.cards
aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
soporte.iobot.chat
help.dealers.energy
*.aoa.org
secure.aoa.org
stage.aoa.org
mail.aoa.org
*.aoa.org
stage.aoa.org
*.aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
cordialdata.aoa.org
aafprs.mercantile.cards
dg-0035-c25fe2a.client-tls.adestra.com
www.aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
*.aoa.org
*.aoa.org
www.aoa.org
aafprs.mercantile.cards
www.aoa.org
aafprs.mercantile.cards
www.aoa.org
aoa.org
cordialclick.aoa.org
*.aoa.org
www.aoa.org
www.aoa.org
aoa.org
cordialclick.aoa.org
www.aoa.org
*.aoa.org
cordialclick.aoa.org
*.aoa.org
www.aoa.org
www.aoa.org
*.aoa.org
www.aoa.org
*.aoa.org
*.aoa.org
*.aoa.org
cordialdata.aoa.org
*.aoa.org
*.stage.aoa.org
*.aoa.org
www.aoa.org
dg-0035-c25fe2a.client-tls.adestra.com
*.aoa.org
www.aoa.org
secure.aoa.org
secure.aoa.org
www.aoa.org
cordialdata.aoa.org
api.card.aoa.org
www.aoa.org
aoa.org
secure.aoa.org
*.aoa.org
aoa.org
about.card.aoa.org
ithelp.patchi.com
aoa.mercantile.cards
aafprs.mercantile.cards
www.aoa.org
www.aoa.org
*.aoa.org
*.aoa.org
*.aoa.org
www.aoa.org
cordialclick.aoa.org
auth.card.aoa.org
cordialdata.aoa.org
www.aoa.org
aafprs.mercantile.cards
www.aoa.org
aafprs.mercantile.cards
*.aoa.org
aafprs.mercantile.cards
*.aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
aoa.org
www.aoa.org
mail.aoa.org
www.aoa.org
cordialdata.aoa.org
aafprs.mercantile.cards
aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
www.aoa.org
soporte.iobot.chat
help.dealers.energy
*.aoa.org
secure.aoa.org
stage.aoa.org
mail.aoa.org
*.aoa.org
stage.aoa.org
*.aoa.org
Certificate
The complete raw certificate details for www.aoa.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIISzCCBzOgAwIBAgIQBvMww2Ujc8ckh4wmxVEJezANBgkqhkiG9w0BAQsFADB1 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE5MDMxMjAwMDAwMFoXDTIwMDIwNDEy MDAwMFowgc8xHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB BAGCNzwCAQMTAlVTMRUwEwYLKwYBBAGCNzwCAQITBE9oaW8xDjAMBgNVBAUTBTUw OTY1MQswCQYDVQQGEwJVUzERMA8GA1UECBMITWlzc291cmkxEjAQBgNVBAcTCVN0 LiBMb3VpczEoMCYGA1UEChMfQW1lcmljYW4gT3B0b21ldHJpYyBBc3NvY2lhdGlv bjEUMBIGA1UEAxMLd3d3LmFvYS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQCe4EuFp71Hc1CQZz8Sx9BxUSrVUW56iwKPOtw1RxbSfzCtit/bX48s AYqEEqA2Ts3/LTOfskbrcB0Sr3tig5+/Zx56n/ROZk5BtZ0rTv64S1KcCklUx0aY 8YigwlyrPTZMPD7jk2+Cv0xlVqCiqegz8DUkzna/VcgdV5i2ByEo2to3nNxVlcEp gaWwDlgaW8ujrX7JL9o2PxnX7lO7ylvDkgtnJRNQBtguV/xC2CqM4mQDseX01Fu9 3jTgg0AL6FqYLWFfmi0bpo7HKMY8sw5q02GBKnSNjAeQLJWJc70yMq+Fp0DdSVr+ FcnxIEFRjjzvoXf1Z8XsJV2KYOt1LI+PAgMBAAGjggR6MIIEdjAfBgNVHSMEGDAW gBQ901Cl1qCt7vNKYApl0yHU+PjWDzAdBgNVHQ4EFgQUZ+AoevrZKQSBV1vCMDUw kMsoILEwggKRBgNVHREEggKIMIIChIILd3d3LmFvYS5vcmeCFGF1dG9kaXNjb3Zl ci5hb2Eub3JnggtkZXYuYW9hLm9yZ4IOaHlicmlkLmFvYS5vcmeCDG1haWwuYW9h Lm9yZ4IPbmV0YXBwcy5hb2Eub3Jngg1zdGFnZS5hb2Eub3Jngg1zdG9yZS5hb2Eu b3Jngg9hbGFiYW1hLmFvYS5vcmeCFWFsYWJhbWEuc3RhZ2UuYW9hLm9yZ4IQY29s b3JhZG8uYW9hLm9yZ4IWY29sb3JhZG8uc3RhZ2UuYW9hLm9yZ4INaWRhaG8uYW9h Lm9yZ4ITaWRhaG8uc3RhZ2UuYW9hLm9yZ4IOa2Fuc2FzLmFvYS5vcmeCFGthbnNh cy5zdGFnZS5hb2Eub3Jngg1tYWluZS5hb2Eub3JnghNtYWluZS5zdGFnZS5hb2Eu b3JnghFtaW5uZXNvdGEuYW9hLm9yZ4IXbWlubmVzb3RhLnN0YWdlLmFvYS5vcmeC EG5lYnJhc2thLmFvYS5vcmeCFm5lYnJhc2thLnN0YWdlLmFvYS5vcmeCDG9oaW8u YW9hLm9yZ4ISb2hpby5zdGFnZS5hb2Eub3JnghRwZW5uc3lsdmFuaWEuYW9hLm9y Z4IacGVubnN5bHZhbmlhLnN0YWdlLmFvYS5vcmeCE3Job2RlaXNsYW5kLmFvYS5v cmeCGXJob2RlaXNsYW5kLnN0YWdlLmFvYS5vcmeCDXRleGFzLmFvYS5vcmeCE3Rl eGFzLnN0YWdlLmFvYS5vcmeCD3RleGFzdjkuYW9hLm9yZ4ISd2FzaGluZ3Rvbi5h b2Eub3JnghBpbGxpbm9pcy5hb2Eub3JnghBva2xhaG9tYS5hb2Eub3JnMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0f BG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItZXYtc2Vy dmVyLWcyLmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTIt ZXYtc2VydmVyLWcyLmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsG AQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMIGI BggrBgEFBQcBAQR8MHowJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0 LmNvbTBSBggrBgEFBQcwAoZGaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Rp Z2lDZXJ0U0hBMkV4dGVuZGVkVmFsaWRhdGlvblNlcnZlckNBLmNydDAMBgNVHRMB Af8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCM H5FPkagJkh5bxc7sYUyWVjgAVoYVQbNlTMWSxdN8GWgfClzalxI4Kc91GQUFS+U1 w/YtziVIbvore0MYdUvo2pS9ZQm0s+teeSe3LmO5/lo04QQrfBqIlUVBy4HFBgDt JqZ5CHJBl86MMnoEH71JaePvacJYN0jjx2WJM9sg8hkirfRaOEAhQiyMero0kK2i P17g9Pce+6+2Z13S8B25knvMMOUWW9QCuWCKEZuFr1M3fdwwr/qzbdkS/GD8+mZG /QyXQl2O9wBzxhHBmQ+4VSovqo3tZn+RfGQ3ulYDsTy7r9ilrnl/EBxiHZ/1WX8H UtVLz7LGm1au2UXTqAbv -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuBLhae9R3NQkGc/EsfQ cVEq1VFueosCjzrcNUcW0n8wrYrf21+PLAGKhBKgNk7N/y0zn7JG63AdEq97YoOf v2ceep/0TmZOQbWdK07+uEtSnApJVMdGmPGIoMJcqz02TDw+45Nvgr9MZVagoqno M/A1JM52v1XIHVeYtgchKNraN5zcVZXBKYGlsA5YGlvLo61+yS/aNj8Z1+5Tu8pb w5ILZyUTUAbYLlf8QtgqjOJkA7Hl9NRbvd404INAC+hamC1hX5otG6aOxyjGPLMO atNhgSp0jYwHkCyViXO9MjKvhadA3Ula/hXJ8SBBUY4876F39WfF7CVdimDrdSyP jwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 9238085147786969054204124423900957051 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Extended Validation Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-04 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ohio' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '50965' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Missouri' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'St. Louis' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'American Optometric Association' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.aoa.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20056256175431595188849637108651506236260224583728141000110725915269129089182117081505031781421597224920718994465354378800971550335005831405547514799228038075695778420250401802657712074128813905457542555893642351576155948923346164308254384690014555169388915308293057437624064459484367574089338094841052460048831277353475135719655854686047102673199702405202928015730732923660308099804736997529923584353053941867445727786483042838062134878120934720593009826979018304833696582049860081406547669598362762812481167886050998504963724045776953512500481518082347513493650362631249950700737647510801163512392834325043835867023 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3dd350a5d6a0adeef34a600a65d321d4f8f8d60f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 67e0287afad9290481575bc230353090cb2820b1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (648 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hybrid.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'netapps.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alabama.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alabama.stage.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'colorado.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'colorado.stage.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idaho.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idaho.stage.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kansas.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kansas.stage.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maine.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maine.stage.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'minnesota.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'minnesota.stage.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nebraska.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nebraska.stage.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ohio.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ohio.stage.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pennsylvania.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pennsylvania.stage.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rhodeisland.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rhodeisland.stage.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'texas.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'texas.stage.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'texasv9.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'washington.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'illinois.aoa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oklahoma.aoa.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008c1f914f91a809921e5bc5ceec614c9656380056861541b3654cc592c5d37c19681f0a5cda97123829cf751905054be535c3f62dce25486efa2b7b4318754be8da94bd6509b4b3eb5e7927b72e63b9fe5a34e1042b7c1a88954541cb81c50600ed26a67908724197ce8c327a041fbd4969e3ef69c2583748e3c7658933db20f21922adf45a384021422c8c7aba3490ada23f5ee0f4f71efbafb6675dd2f01db9927bcc30e5165bd402b9608a119b85af53377ddc30affab36dd912fc60fcfa6646fd0c97425d8ef70073c611c1990fb8552a2faa8ded667f917c6437ba5603b13cbbafd8a5ae797f101c621d9ff5597f0752d54bcfb2c69b56aed945d3a806ef