www.identify-fs.bilfinger.com

- Bilfinger SE -

Issued by GeoTrust SSL CA

About this certificate

This digital certificate with serial number 02:47:75 was issued on by GeoTrust, Inc..

With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Bilfinger SE

Company registration number: hpmnJRnffDSCUUEJy/cVZUuExrgRiUAR
Organization: Bilfinger SE
State / Province: Mannheim
Locality: Mannheim
Country: DE

GeoTrust, Inc.

Organization: GeoTrust, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 02:47:75
Serial Number (int): 149365
Serial Number lenght: 18 bits, 3 octets

SubjectKeyId: 16:a0:e2:65:f5:bd:c3:23:0c:ae:49:ff:ab:36:0d:24:22:12:0e:7c
AuthorityKeyId: 42:79:54:1b:61:cd:55:2b:3e:63:d5:3c:48:57:f5:9f:fb:45:ce:4a

Fingerprint (sha1): f9:64:ac:bf:50:a0:a1:2d:55:74:e8:30:9b:3d:65:dc:ca:af:4e:df
Fingerprint (sha256): 5e:5f:ae:65:6d:7e:8f:d4:64:77:43:8a:b1:c2:9c:ec:a0:64:4e:e7:8b:2b:7b:ad:cd:25:6d:eb:81:ad:05:ec

Issuing Certificate URL: http://gtssl-aia.geotrust.com/gtssl.crt

Revocation information

OCSP Server: http://gtssl-ocsp.geotrust.com
CRL Distribution Point: http://gtssl-crl.geotrust.com/crls/gtssl.crl

Check the revocation status for certificate www.identify-fs.bilfinger.com

7

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.identify-fs.bilfinger.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment
Data Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

identify-fs.bilfinger.net
fs.intranet.bilfinger.net
www.sharepoint-fs.bilfinger.com
www.portal-fm.bilfinger.com
www.portal-test-fm.bilfinger.com
www.printshop-fm.bilfinger.com
www.identify-fs.bilfinger.com

Other certificates including the domain name bilfinger.com

(limited to 100 certificates)
www.cusa-is.bilfinger.com
www.procurement.bilfinger.com
r2c.bis.bilfinger.com
pm.bng.bilfinger.com
auth.bilfinger.net
slmobiletest.bilfinger.com
login.karriere.bilfinger.com
medialibrary.bilfinger.net
sv02111.res1.rlaone.net
world.tebodin.bilfinger.com
world.tebodin.bilfinger.com
ps.bis.bilfinger.com
ts.bng.bilfinger.com
portal.bng.bilfinger.com
fwms.facilitymanagement.bilfinger.com
oos.bilfinger.net
bnextwss.bng.bilfinger.com
lync.bilfinger.net
download.bng.bilfinger.com
pm.bng.bilfinger.com
reports.facilitymanagement.bilfinger.com
now.bilfinger.com
www.geraete.bilfinger.com
download.bng.bilfinger.com
*.bilfinger.com
portal.bng.bilfinger.com
westcon.bilfinger.com
www.geraete.bilfinger.com
autodiscover.bilfinger.net
ts.bng.bilfinger.com
www.qualprocurement.bilfinger.com
*.bilfinger.com
world.tebodin.bilfinger.com
bnextwss.bng.bilfinger.com
medialibrary.bilfinger.net
portal.bng.bilfinger.com
login.karriere.bilfinger.com
vpn.realestate.bilfinger.com
slmobileservice.bilfinger.com
nachunternehmerportal.arnholdt.bilfinger.com
download.bng.bilfinger.com
dms.nig.bilfinger.com
spamdigest.bilfinger.com
nachunternehmerportal.arnholdt.bilfinger.com
bnextwss.bng.bilfinger.com
login.karriere.bilfinger.com
profimiet-shop.bilfinger.com
tpm-feedback-qs.bilfinger.com
bis-vpnmuc.bilfinger.com
login.karriere.bilfinger.com
www.procurement.bilfinger.com
login.career.bilfinger.com
*.mmo.bilfinger.com
bnextwss.bng.bilfinger.com
www.download.power.bilfinger.com
portal.bng.bilfinger.com
tpm-feedback.bilfinger.com
csrreport.bilfinger.com
www.testprocurement.bilfinger.com
www.testprocurement.bilfinger.com
slmobileservice.bilfinger.com
login.career.bilfinger.com
www.identify-fs.bilfinger.com
fwms.facilitymanagement.bilfinger.com
www.qualprocurement.bilfinger.com
*.industrier.bilfinger.com
portal.bng.bilfinger.com
download.bng.bilfinger.com
www.piwik.bilfinger.com
bnextwss.bng.bilfinger.com
www.rbpoint-fs.bilfinger.com
pm.bng.bilfinger.com
www.sp-it.bilfinger.com
portal.bng.bilfinger.com
vpn-na.bilfinger.com
webmail.bilfinger.net
lync.bilfinger.net
portal.piping.bilfinger.com
www.testprocurement.bilfinger.com
transmission.bilfinger.com
norge.vcs.bilfinger.com
ts.bng.bilfinger.com
mail.ddm.bilfinger.com
vpn-na.bilfinger.com
login.karriere.bilfinger.com
*.mmo.bilfinger.com
www.procurement.bilfinger.com
world.tebodin.bilfinger.com
coz.infocenter.ch-fm.bilfinger.com
www.intranet-de-ch-fm.bilfinger.com
mis.bis.bilfinger.com
bbpsportal.bilfinger.com
www.btalent.civil.bilfinger.com
vo.bbs.bilfinger.com
jobs.bilfinger.com
www.procurement.bilfinger.com
bbpsportal.bilfinger.com
world.tebodin.bilfinger.com
fs-cloud.bilfinger.com
www.download.power.bilfinger.com

Certificate

The complete raw certificate details for www.identify-fs.bilfinger.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIDAkd1MA0GCSqGSIb3DQEBBQUAMEAxCzAJBgNVBAYTAlVT
MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEYMBYGA1UEAxMPR2VvVHJ1c3QgU1NM
IENBMB4XDTEzMDUzMDA0MjQ0MFoXDTE2MDUzMTE3MzcxM1owgZ0xKTAnBgNVBAUT
IGhwbW5KUm5mZkRTQ1VVRUp5L2NWWlV1RXhyZ1JpVUFSMQswCQYDVQQGEwJERTER
MA8GA1UECBMITWFubmhlaW0xETAPBgNVBAcTCE1hbm5oZWltMRUwEwYDVQQKEwxC
aWxmaW5nZXIgU0UxJjAkBgNVBAMTHXd3dy5pZGVudGlmeS1mcy5iaWxmaW5nZXIu
Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jYW2JBohC0OOnbc
fT8lLkfiD6e1dE1+u2sgopb289g1FR226Y9wkJX3E6+zduq1LKwvIeQJxLjbCLsZ
SHm60pzt2VGaz4mHRDYWBNX9IHIrwH4wLCiCHkkDgLp2L1uc9ameYXe2GXQW6yV1
Rj2J4G1cpRaHDZGBekpTus04naKGZwCK8zBwB0px0fXZuITVPaaqK7u2M2DPoPSP
8ZFJPY08qyZmwVs79yUnN/aR7QYuXfTNq/RjZpiF+0YY+Y0Atbz/xeojcFppcguL
AGj2C3Tc0ZInXwa4o3AM9iUYB7F1F8vTfO5UnsZRne+baMt6fTjRMmYZE1Lo/QEn
/dY5iQIDAQABo4ICYjCCAl4wHwYDVR0jBBgwFoAUQnlUG2HNVSs+Y9U8SFf1n/tF
zkowDgYDVR0PAQH/BAQDAgSwMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjCB4AYDVR0RBIHYMIHVghlpZGVudGlmeS1mcy5iaWxmaW5nZXIubmV0ghlmcy5p
bnRyYW5ldC5iaWxmaW5nZXIubmV0gh93d3cuc2hhcmVwb2ludC1mcy5iaWxmaW5n
ZXIuY29tght3d3cucG9ydGFsLWZtLmJpbGZpbmdlci5jb22CIHd3dy5wb3J0YWwt
dGVzdC1mbS5iaWxmaW5nZXIuY29tgh53d3cucHJpbnRzaG9wLWZtLmJpbGZpbmdl
ci5jb22CHXd3dy5pZGVudGlmeS1mcy5iaWxmaW5nZXIuY29tMD0GA1UdHwQ2MDQw
MqAwoC6GLGh0dHA6Ly9ndHNzbC1jcmwuZ2VvdHJ1c3QuY29tL2NybHMvZ3Rzc2wu
Y3JsMB0GA1UdDgQWBBQWoOJl9b3DIwyuSf+rNg0kIhIOfDAMBgNVHRMBAf8EAjAA
MG8GCCsGAQUFBwEBBGMwYTAqBggrBgEFBQcwAYYeaHR0cDovL2d0c3NsLW9jc3Au
Z2VvdHJ1c3QuY29tMDMGCCsGAQUFBzAChidodHRwOi8vZ3Rzc2wtYWlhLmdlb3Ry
dXN0LmNvbS9ndHNzbC5jcnQwTAYDVR0gBEUwQzBBBgpghkgBhvhFAQc2MDMwMQYI
KwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9jcHMw
DQYJKoZIhvcNAQEFBQADggEBAHkUDjBjhwJHS3KgaaJZ3iTJH6RuMb0mqXFz8SAv
fhhgse+efB5UCUB0tEEbB7aosSvh5IMEWTw+b+nga4QPySibsHniZuhg4Dv7rWpg
izOx809JibU67VkKVJliU1lMYhZHkI5/sucMtDLDQeTCBGMSK2iYnj5bgXoalyDB
s4N20KW/9D6ZL6G+8ebGBpjFTDWi7Q5aUPP8CRH5T6WFi/r46X0Fh+G0iclMr/cf
4Bv+R5QWKi55MJvlYSNVAiYUSA9TR0tThE+Ky5ArQPFQL+cnHJ2c3m/F0+aGxmp8
VGl7RbW4ZGDAvWWvCA3IN5Miq1/3UWym60krOBAc7Xrbt/Q=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jYW2JBohC0OOnbcfT8l
LkfiD6e1dE1+u2sgopb289g1FR226Y9wkJX3E6+zduq1LKwvIeQJxLjbCLsZSHm6
0pzt2VGaz4mHRDYWBNX9IHIrwH4wLCiCHkkDgLp2L1uc9ameYXe2GXQW6yV1Rj2J
4G1cpRaHDZGBekpTus04naKGZwCK8zBwB0px0fXZuITVPaaqK7u2M2DPoPSP8ZFJ
PY08qyZmwVs79yUnN/aR7QYuXfTNq/RjZpiF+0YY+Y0Atbz/xeojcFppcguLAGj2
C3Tc0ZInXwa4o3AM9iUYB7F1F8vTfO5UnsZRne+baMt6fTjRMmYZE1Lo/QEn/dY5
iQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 149365
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-05-30 04:24:40 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-05-31 17:37:13 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hpmnJRnffDSCUUEJy/cVZUuExrgRiUAR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Mannheim'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Mannheim'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bilfinger SE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.identify-fs.bilfinger.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28051576101792030932560338106058848002598384466443779668901466344011281037759775013212968118034087107122468322541802101072557212473714594382454313189963851113053345316721009533926031387208563264589710647649308370645045781305176778144727838801372745789848084829047755894044044579673477038707836648724043496455763104367160632421363362467496015159250833551433571666532263202319220521497628504859764421124660975465390776489796978136192292849576023877119015534696339927159438264032694020118143413702134250163673077744304904807273796417930849639699109256621015635360063166257703529291367533081045086234830432832547674536329
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 4279541b61cd552b3e63d53c4857f59ffb45ce4a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits)
							04b0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (216 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'identify-fs.bilfinger.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fs.intranet.bilfinger.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sharepoint-fs.bilfinger.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.portal-fm.bilfinger.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.portal-test-fm.bilfinger.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.printshop-fm.bilfinger.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.identify-fs.bilfinger.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtssl-crl.geotrust.com/crls/gtssl.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							16a0e265f5bdc3230cae49ffab360d2422120e7c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtssl-ocsp.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtssl-aia.geotrust.com/gtssl.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.geotrust.com/resources/cps'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0079140e30638702474b72a069a259de24c91fa46e31bd26a97173f1202f7e1860b1ef9e7c1e54094074b4411b07b6a8b12be1e48304593c3e6fe9e06b840fc9289bb079e266e860e03bfbad6a608b33b1f34f4989b53aed590a54996253594c621647908e7fb2e70cb432c341e4c20463122b68989e3e5b817a1a9720c1b38376d0a5bff43e992fa1bef1e6c60698c54c35a2ed0e5a50f3fc0911f94fa5858bfaf8e97d0587e1b489c94caff71fe01bfe4794162a2e79309be5612355022614480f53474b53844f8acb902b40f1502fe7271c9d9cde6fc5d3e686c66a7c54697b45b5b86460c0bd65af080dc8379322ab5ff7516ca6eb492b38101ced7adbb7f4