mybiz.heco.com

Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1

About this certificate

This digital certificate with serial number 02:43:fd:35:b8:ff:cb:28:12:f6:fa:c2:e1:0c:41:fc was issued on by DigiCert, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=mybiz.heco.com

DigiCert, Inc.

Organization: DigiCert, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 02:43:fd:35:b8:ff:cb:28:12:f6:fa:c2:e1:0c:41:fc
Serial Number (int): 3011475587068479596307872310153200124
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: bc:e2:7c:a0:64:73:b9:b2:ac:0d:5e:37:a5:4a:6f:ea:5d:29:83:d1
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23

Fingerprint (sha1): 3e:27:3b:e2:45:e9:18:e2:3e:6c:32:16:16:6e:80:f4:89:13:c5:16
Fingerprint (sha256): 5f:68:59:86:98:6e:d9:0d:ab:b4:e5:d1:6c:72:31:50:a7:87:69:f5:b0:24:74:56:2e:a6:37:c0:8d:eb:60:3f

Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl

Check the revocation status for certificate mybiz.heco.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mybiz.heco.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mybiz.heco.com

Other certificates including the domain name heco.com

(limited to 100 certificates)
irecruitment.heco.com
partner.heco.com
myhr.heco.com
myhr2.heco.com
ebillweb.heco.com
myhr2.heco.com
eservice.hawaiianelectric.com
irecruitment.heco.com
mvweb02.heco.com
irecruitment.heco.com
sip.heco.com
mycms.heco.com
mybiz.heco.com
energyscout.heco.com
mvweb.heco.com
www.heco.com
www.heco.com
irecruitment.heco.com
partner.heco.com
mybiz.heco.com
mvweb02.heco.com
securemail.heco.com
mvweb.heco.com
myhr.heco.com
partner.heco.com
201705.heco.com
myhr2.heco.com
rproxy01.heco.com
201412.heco.com
mybiz.heco.com
ebillweb.heco.com
www.heco.com
mybiz.heco.com
myhr.heco.com
www.heco.com
eservice.hawaiianelectric.com
eservice.hawaiianelectric.com
mybiz.heco.com
eservice.hawaiianelectric.com
ebillweb02.heco.com
myhr.heco.com
myhr2.heco.com
eservice.hawaiianelectric.com
eservice.hawaiianelectric.com
eservice.hawaiianelectric.com
mybiz.heco.com
www.heco.com
mycms.heco.com
eservice.hawaiianelectric.com
irecruitment.heco.com
www.heco.com
eservice.heco.com
hawaiianelectric.com
energyscout.heco.com
mvweb.heco.com
energyscout.heco.com
mybiz.heco.com
myhr.heco.com
signing.heco.com
access.heco.com
www.heco.com
ebillapp02.heco.com
www.heco.com
www.heco.com
partner.heco.com
energyscout.heco.com
securemail.heco.com
201804.heco.com
ebillweb.heco.com
signing.heco.com
eservice.hawaiianelectric.com
mybiz.heco.com
energyscout.heco.com
rproxy01.heco.com
myhr.heco.com
mybiz.heco.com
mvweb.heco.com
www.heco.com
mybiz.heco.com
irecruitment.heco.com
securemail.heco.com
securemail.heco.com
securemail.heco.com
signing.heco.com
mycms.heco.com
rproxy01.heco.com
ebillweb02.heco.com
myhr.heco.com
securemail.heco.com
energyscout.heco.com
energyscout.heco.com
securemail.heco.com
sip.heco.com
ebillweb.heco.com
partner.heco.com
myhr.heco.com
ebillweb.heco.com
ebillapp02.heco.com
www.heco.com
www.heco.com

Certificate

The complete raw certificate details for mybiz.heco.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHijCCBXKgAwIBAgIQAkP9Nbj/yygS9vrC4QxB/DANBgkqhkiG9w0BAQsFADBc
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT
K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN
MjMwMjIyMDAwMDAwWhcNMjMwODIyMjM1OTU5WjAZMRcwFQYDVQQDEw5teWJpei5o
ZWNvLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALnhBgy/jULf
PLIrwYTLF30+4N0Jzvi/uGJEx3zW5APFrxCT3YhCiJZpNLNXnNqn3ui+6uzGnVHL
BHT+F9LzpdrMum9MUjmSZ+gIAlo5cCiZCugIFOGiAtNUES44Df+t6DJTvihNz94y
8evbk6gnpAJGZeY903cZl21BIlO4I1wekL8yUNTKEdz4eZSf8IGFXKNtsqfRRzwM
TS3wc0yLKGJP9nY3AWyXMgectnO2x2tgsJ8SkDd+6lPzDWzgWoSQkgFuVTkbANiN
QReYRwSar+h/OCWqFBVGrF+37vG4bCMkj4/ZCsEQ4yd2UlrI4jd5rnTx0pjNOUiI
3zKRKOtxGBECAwEAAaOCA4kwggOFMB8GA1UdIwQYMBaAFKW01us2xOdrpt/EZAsB
KiAEuGYjMB0GA1UdDgQWBBS84nygZHO5sqwNXjelSm/qXSmD0TAZBgNVHREEEjAQ
gg5teWJpei5oZWNvLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB
BQUHAwEGCCsGAQUFBwMCMIGfBgNVHR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwz
LmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIy
Q0ExLmNybDBIoEagRIZCaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0dlb1RydXN0
R2xvYmFsVExTUlNBNDA5NlNIQTI1NjIwMjJDQTEuY3JsMD4GA1UdIAQ3MDUwMwYG
Z4EMAQIBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQ
UzCBhwYIKwYBBQUHAQEEezB5MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
Y2VydC5jb20wUQYIKwYBBQUHMAKGRWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNv
bS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNydDAJBgNV
HRMEAjAAMIIBgAYKKwYBBAHWeQIEAgSCAXAEggFsAWoAdwCt9776fP8QyIudPZwe
PhhqtGcpXc+xDCTKhYY069yCigAAAYZ6rjY7AAAEAwBIMEYCIQCVVS90Z5h6w7U+
ULEiHpBDj1kzOU3T6lsCUgNC6sI9KgIhAKEFT8k5xEz11Lpc5dPSzAIUuWmVtzip
CMMXBLo3f3dYAHYAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PADDnk2pZoAAAGG
eq42VgAABAMARzBFAiA8JdtQhshZuMwXTmVHO1Ar6QdL5ITQYTU9TYJz+TnPDAIh
AOqNMrwOOgZSOD0R/M1EWu3cKdy079XzU/Llm5eSa0s+AHcAtz77JN+cTbp18jnF
ulj0bF38Qs96nzXEnh0JgSXttJkAAAGGeq42JgAABAMASDBGAiEAtaofuAiEMunf
1OoAMWGGWzuAqcHacb9qJo7tByX+WcICIQCEMkghjCqDxmBQnzoGPs6IW9Um7q6K
BprKlsrGywwx2TANBgkqhkiG9w0BAQsFAAOCAgEAHLdVBSnyRI6IXVvg29/6+bPk
i7fxrIrbgMa77CzaATj8ufp5ZA9GYqeL3efvLuMQnO7XZFzt6qzEupElrL0N9c4v
CJkPyWTQsa8pLF4GP3q5xgnUt6sNz2Ub1Dp9IW/9iljl9zRgisXH17NJrGOVZ4lH
2iZV8l0R4zMZazZDnSonhnGbiKi9aY9wbT1n7zZ/0DC0UQpAGOzVkm4E0vbD8gdg
mNcNHo/prsRfV70dlx/nuRHZbGhjBucng/Wo64tmoYSKtM6xTn69iGdGq3FdbES8
VMDbbUlhFF5b2pSZu7J1yDpheBPB1EoByQUCniiMF6F9jbS93glTM6kOtDiv03us
g0yhxXl4TGFrZYSQym+FesXpR8CKjfS9xx4CSHcPCkYuihb7R9oU71c9AqfsT0bn
qsDpPQ34J894BpdfVPpK1hg28dWH6iw09JYkJQ8N6yz9M0gPFjE1EUbWoDZHeqeY
vJeMuyX9LDEgLYY2fvpAuDQMkcePTK7eBTBv0I1iimQnHs4kdTy7clGofzw6GomT
kCEdvZnerzrauGBrBVRQYR0szu4qxyp6ZM/UAlFPSQeEZZCGtNrvPjknTZu3Bbn2
OH68vai1AV6ObkBg2IUhj1JSe4paoK+PsRhvDZ6ivUckFrIuD2vaOYLhI+jAkC/Q
PCm1Yka+J63rDUUjae4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueEGDL+NQt88sivBhMsX
fT7g3QnO+L+4YkTHfNbkA8WvEJPdiEKIlmk0s1ec2qfe6L7q7MadUcsEdP4X0vOl
2sy6b0xSOZJn6AgCWjlwKJkK6AgU4aIC01QRLjgN/63oMlO+KE3P3jLx69uTqCek
AkZl5j3TdxmXbUEiU7gjXB6QvzJQ1MoR3Ph5lJ/wgYVco22yp9FHPAxNLfBzTIso
Yk/2djcBbJcyB5y2c7bHa2CwnxKQN37qU/MNbOBahJCSAW5VORsA2I1BF5hHBJqv
6H84JaoUFUasX7fu8bhsIySPj9kKwRDjJ3ZSWsjiN3mudPHSmM05SIjfMpEo63EY
EQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 3011475587068479596307872310153200124
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-22 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-22 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mybiz.heco.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23465049707329712964787816208424698640647508755957898280506846062214533605923132832494201124348842235475117833803325124993663051461540236494416828843766784896952448575610164242709860862663396867113776779695878839647105192674107716497488163781951170926954575754912934189359875656001594245313379750952751715286191191480160320817043081048173984713989909757622881179354531615198887730423091838773628624833246517195167068524999693732829133711621178911127902693134724055468457292241484346563138750869273218371898659179521939803737693538653967817227308356567669425643429341039606769491351996634546767480896842384266388117521
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							bce27ca06473b9b2ac0d5e37a54a6fea5d2983d1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mybiz.heco.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a000001867aae363b000004030048304602210095552f7467987ac3b53e50b1221e90438f5933394dd3ea5b02520342eac23d2a022100a1054fc939c44cf5d4ba5ce5d3d2cc0214b96995b738a908c31704ba377f7758007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a000001867aae3656000004030047304502203c25db5086c859b8cc174e65473b502be9074be484d061353d4d8273f939cf0c022100ea8d32bc0e3a0652383d11fccd445aeddc29dcb4efd5f353f2e59b97926b4b3e007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001867aae36260000040300483046022100b5aa1fb8088432e9dfd4ea003161865b3b80a9c1da71bf6a268eed0725fe59c2022100843248218c2a83c660509f3a063ece885bd526eeae8a069aca96cac6cb0c31d9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		001cb7550529f2448e885d5be0dbdffaf9b3e48bb7f1ac8adb80c6bbec2cda0138fcb9fa79640f4662a78bdde7ef2ee3109ceed7645cedeaacc4ba9125acbd0df5ce2f08990fc964d0b1af292c5e063f7ab9c609d4b7ab0dcf651bd43a7d216ffd8a58e5f734608ac5c7d7b349ac6395678947da2655f25d11e333196b36439d2a2786719b88a8bd698f706d3d67ef367fd030b4510a4018ecd5926e04d2f6c3f2076098d70d1e8fe9aec45f57bd1d971fe7b911d96c686306e72783f5a8eb8b66a1848ab4ceb14e7ebd886746ab715d6c44bc54c0db6d4961145e5bda9499bbb275c83a617813c1d44a01c905029e288c17a17d8db4bdde095333a90eb438afd37bac834ca1c579784c616b658490ca6f857ac5e947c08a8df4bdc71e0248770f0a462e8a16fb47da14ef573d02a7ec4f46e7aac0e93d0df827cf7806975f54fa4ad61836f1d587ea2c34f49624250f0deb2cfd33480f1631351146d6a036477aa798bc978cbb25fd2c31202d86367efa40b8340c91c78f4caede05306fd08d628a64271ece24753cbb7251a87f3c3a1a899390211dbd99deaf3adab8606b055450611d2cceee2ac72a7a64cfd402514f490784659086b4daef3e39274d9bb705b9f6387ebcbda8b5015e8e6e4060d885218f52527b8a5aa0af8fb1186f0d9ea2bd472416b22e0f6bda3982e123e8c0902fd03c29b56246be27adeb0d452369ee