*.idus.co.il
Issued by GeoTrust TLS RSA CA G1
About this certificate
This digital certificate with serial number 0b:95:5d:23:05:47:07:96:b4:db:64:99:8a:d0:63:93 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.idus.co.il
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0b:95:5d:23:05:47:07:96:b4:db:64:99:8a:d0:63:93Serial Number (int): 15397049224267886142102640200871076755
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 58:3e:26:fb:6d:7e:22:de:cd:e3:dc:ed:ef:ec:70:c3:cd:fc:c1:8f
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57
Fingerprint (sha1): 5e:5a:cc:a7:94:ff:35:a2:11:a9:7c:b8:69:47:3f:7b:d8:48:87:6e
Fingerprint (sha256): 57:c2:39:f5:a4:29:b4:ff:09:9f:c2:84:1a:23:a9:7e:08:0c:12:19:fb:4a:60:9a:df:16:8c:c5:20:2a:b7:c1
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl
Check the revocation status for certificate *.idus.co.il
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.idus.co.il
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.idus.co.il
idus.co.il
idus.co.il
Other certificates including the domain name idus.co.il
(limited to 100 certificates)
gali.co.il
kiko3.m2.idus.co.il
*.idus.co.il
*.idus.co.il
*.idus.co.il
*.idus.co.il
mybaby.idus.co.il
mybaby.idus.co.il
*.idus.co.il
*.idus.co.il
*.idus.co.il
*.idus.co.il
*.idus.co.il
www.sce.2.idus.co.il
rebar.2.idus.co.il
upmc.2.idus.co.il
*.idus.co.il
mybaby.m2.idus.co.il
*.idus.co.il
rebar.2.idus.co.il
upmc.2.idus.co.il
rebar.2.idus.co.il
www.idus.co.il
*.idus.co.il
www.idus.co.il
galgalim.2.idus.co.il
vaadim.2.idus.co.il
*.idus.co.il
fritz.2.idus.co.il
rebar.2.idus.co.il
kiko3.m2.idus.co.il
mashbir.idus.co.il
*.idus.co.il
fritz.2.idus.co.il
mashbir.idus.co.il
stag.golbary.idus.co.il
*.idus.co.il
mashbir.idus.co.il
englander-il.co.il
idus.co.il
kiko3.m2.idus.co.il
*.idus.co.il
*.idus.co.il
*.idus.co.il
*.idus.co.il
mybaby.idus.co.il
mybaby.idus.co.il
*.idus.co.il
*.idus.co.il
*.idus.co.il
*.idus.co.il
*.idus.co.il
www.sce.2.idus.co.il
rebar.2.idus.co.il
upmc.2.idus.co.il
*.idus.co.il
mybaby.m2.idus.co.il
*.idus.co.il
rebar.2.idus.co.il
upmc.2.idus.co.il
rebar.2.idus.co.il
www.idus.co.il
*.idus.co.il
www.idus.co.il
galgalim.2.idus.co.il
vaadim.2.idus.co.il
*.idus.co.il
fritz.2.idus.co.il
rebar.2.idus.co.il
kiko3.m2.idus.co.il
mashbir.idus.co.il
*.idus.co.il
fritz.2.idus.co.il
mashbir.idus.co.il
stag.golbary.idus.co.il
*.idus.co.il
mashbir.idus.co.il
englander-il.co.il
idus.co.il
Certificate
The complete raw certificate details for *.idus.co.il in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHJDCCBgygAwIBAgIQC5VdIwVHB5a022SZitBjkzANBgkqhkiG9w0BAQsFADBg MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx MB4XDTIzMDkxODAwMDAwMFoXDTI0MDkxNzIzNTk1OVowFzEVMBMGA1UEAwwMKi5p ZHVzLmNvLmlsMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAst2jIHOF y+Z4yZodF516sc8vVUTkCPZM1r/uQZt4aZ7forWFlgBbOlfdGWFy4WlL3GeeQNnI WfL81O6j3/S2upXGfP0e+6EP2j+URDpwS/zlWQkkJ7rFjiKxjFt91lQHIQcetXuf jxMvIHa/sbm2SB8emrUCd/AUs9X2Gl6RDDyrtjGG87Hp4u4KkLJpZAf11NFekSEV VDAO3jHPWkLkhgfP5vo/5j6A/WfUUILCCHRh2JskJjjH5foVfJlCtnGlMthL2vAh 46uc8Qm1+Ds7nK/ieKuyPaMG+M4vp5RpmbtdJgAF99fVFMvR1YLw3CkX7wkRKpxr rATvEe9IjwWB4cCNN0A7sgiEh6qKxitfBVEV5jfMX1LKaWVc6yMOxdVrfnd4S7nQ uRvdm1NQ81lN7AYd3zDhn8fODY+l/MB7DoAQSRA52WIiUuhMw96vsQSMMCiGpLu7 c/WchKlaA5LeGgxQ7cX2tg0EVUojoGabStfH/RamY5ugeFxWE7cxN9Hp+BspdSEv +mScOgnCRbLqtDnGRaiXNgQll+N1Rfl0Ze9wjBx7q8NgOknYLiTzyuVIvYpERAeH mirVL2uJH2D04+pxM4yTN0uQrFUdylOHewNlO9gYbaP5gO/9Hc7eUivx30htLuSB 5JasjoSowZk9uzlNTclBwn4MmQvEAInIakMCAwEAAaOCAyEwggMdMB8GA1UdIwQY MBaAFJRP1F2L5KTipoD+/dj5AO+jvgJXMB0GA1UdDgQWBBRYPib7bX4i3s3j3O3v 7HDDzfzBjzAjBgNVHREEHDAaggwqLmlkdXMuY28uaWyCCmlkdXMuY28uaWwwPgYD VR0gBDcwNTAzBgZngQwBAgEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdp Y2VydC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2NkcC5nZW90cnVz dC5jb20vR2VvVHJ1c3RUTFNSU0FDQUcxLmNybDB2BggrBgEFBQcBAQRqMGgwJgYI KwYBBQUHMAGGGmh0dHA6Ly9zdGF0dXMuZ2VvdHJ1c3QuY29tMD4GCCsGAQUFBzAC hjJodHRwOi8vY2FjZXJ0cy5nZW90cnVzdC5jb20vR2VvVHJ1c3RUTFNSU0FDQUcx LmNydDAMBgNVHRMBAf8EAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgDu zdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYqoGLOvAAAEAwBHMEUC IQCIaaAz1n22Tx9fqAhWm2FQd/llYXDBt9ra65ezsEIzcAIgIR1PvLOF+vTvg57t AlIjzjGAasefhO35eQCg136oT90AdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZ u7+rOdiEcwAAAYqoGLOgAAAEAwBHMEUCIDLBGKgE3wIWr6/Ni3rFVkzE6QNfsWdx uEBcbIWs9gaMAiEA1E2WEq5z1DNp4GfnBzX8J1yEStCvNfL8nsjoik9Xer8AdgDa tr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYqoGLNoAAAEAwBHMEUC IHYmfWfRvGdwhSb/BPnAL/6dzvbbamNtIgx91Grk8zZNAiEA4gCdI+K3RI+r+MnN qBWIR1gu6mCWI30KhzsNneRkMskwDQYJKoZIhvcNAQELBQADggEBAJjjf5r1vRMN ktxtcdTQPls9LmIZ64qLxikBBbhMqJoI6V0gXq5tbe+ZsI7tthYta5Pbk6UeM1ZH 81eLq/cJFl2Gg/lk8RQLIwnC52e1H0yh2gVcMdoNAKZZT1za4OWpUq5aKKRSsOnY MigN1jpdFo7zE5LIsbXXJCuycgybr2IeH7zWqQq7WVUVcCWIxoeV4mV575AAMo7n B5tqI7ZX8WXOEXlvdmowWZ9N+kC1DTDWEpT4MWiCM5UL78ywhQBBnSaPtuCNxY96 jgPcpfTV9QP23Gq0gnviYeWswb8DgN/J0NSnrW+m8rsYmh1Jh2rEzH9MNkfWwun0 m66umJ5lZqw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAst2jIHOFy+Z4yZodF516 sc8vVUTkCPZM1r/uQZt4aZ7forWFlgBbOlfdGWFy4WlL3GeeQNnIWfL81O6j3/S2 upXGfP0e+6EP2j+URDpwS/zlWQkkJ7rFjiKxjFt91lQHIQcetXufjxMvIHa/sbm2 SB8emrUCd/AUs9X2Gl6RDDyrtjGG87Hp4u4KkLJpZAf11NFekSEVVDAO3jHPWkLk hgfP5vo/5j6A/WfUUILCCHRh2JskJjjH5foVfJlCtnGlMthL2vAh46uc8Qm1+Ds7 nK/ieKuyPaMG+M4vp5RpmbtdJgAF99fVFMvR1YLw3CkX7wkRKpxrrATvEe9IjwWB 4cCNN0A7sgiEh6qKxitfBVEV5jfMX1LKaWVc6yMOxdVrfnd4S7nQuRvdm1NQ81lN 7AYd3zDhn8fODY+l/MB7DoAQSRA52WIiUuhMw96vsQSMMCiGpLu7c/WchKlaA5Le GgxQ7cX2tg0EVUojoGabStfH/RamY5ugeFxWE7cxN9Hp+BspdSEv+mScOgnCRbLq tDnGRaiXNgQll+N1Rfl0Ze9wjBx7q8NgOknYLiTzyuVIvYpERAeHmirVL2uJH2D0 4+pxM4yTN0uQrFUdylOHewNlO9gYbaP5gO/9Hc7eUivx30htLuSB5JasjoSowZk9 uzlNTclBwn4MmQvEAInIakMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15397049224267886142102640200871076755 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-18 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-17 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.idus.co.il' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 729708679049022977990368071813879897552489182406834326257224838619354446044702205711445258235846264627541497000421607343454482089046177440060653011904453058104452682190510877241627737237373377754325244402814526848722200272571224773279840146108969008726311347881454292550649008597343023605407711741910721288611470077588281993267917727302421425271891518259834025671278228106486425524778003692962254046926752205727570073430458212813605013933701766368609547334022241860841307227466256059931926594375009478183070366613580505633508215752972643272992865131961278773577063958504915797680849602217235673861432330976606076380237189245711041585277898842023703310137071291821921454679480272964749377425024350457983751238185751315026729685965437789420875363486226339541318681794193977703137050290037920153284728258673745940749843613223732108397514496467277900525529206960302931371667061182644073773930515769469407655958337966023574176870588975968991964263205627372482311471529031278296070532846713360417930954501218952169165130948663455396796112710359907078561987828195296328961233061275989041580048041909436141487387871187330469675715592679742857772965827520104422452296543282685691522094149217241012232798996069184905354556067916387980885387843 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 583e26fb6d7e22decde3dcedefec70c3cdfcc18f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.idus.co.il' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idus.co.il' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018aa818b3af00000403004730450221008869a033d67db64f1f5fa808569b615077f9656170c1b7dadaeb97b3b04233700220211d4fbcb385faf4ef839eed025223ce31806ac79f84edf97900a0d77ea84fdd00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018aa818b3a00000040300473045022032c118a804df0216afafcd8b7ac5564cc4e9035fb16771b8405c6c85acf6068c022100d44d9612ae73d43369e067e70735fc275c844ad0af35f2fc9ec8e88a4f577abf007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018aa818b3680000040300473045022076267d67d1bc67708526ff04f9c02ffe9dcef6db6a636d220c7dd46ae4f3364d022100e2009d23e2b7448fabf8c9cda8158847582eea6096237d0a873b0d9de46432c9 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0098e37f9af5bd130d92dc6d71d4d03e5b3d2e6219eb8a8bc6290105b84ca89a08e95d205eae6d6def99b08eedb6162d6b93db93a51e335647f3578babf709165d8683f964f1140b2309c2e767b51f4ca1da055c31da0d00a6594f5cdae0e5a952ae5a28a452b0e9d832280dd63a5d168ef31392c8b1b5d7242bb2720c9baf621e1fbcd6a90abb595515702588c68795e26579ef9000328ee7079b6a23b657f165ce11796f766a30599f4dfa40b50d30d61294f831688233950befccb08500419d268fb6e08dc58f7a8e03dca5f4d5f503f6dc6ab4827be261e5acc1bf0380dfc9d0d4a7ad6fa6f2bb189a1d49876ac4cc7f4c3647d6c2e9f49baeae989e6566ac