*.afpa.fr

- AFPA (L'Agence nationale pour la formation professionnelle) -

Issued by GeoTrust RSA CA 2018

About this certificate

This digital certificate with serial number 01:27:7f:95:15:a1:72:7f:37:0a:be:d9:04:f5:90:49 was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

AFPA (L'Agence nationale pour la formation professionnelle)

Organization: AFPA (L'Agence nationale pour la formation professionnelle)
Organization unit: DSI
Locality: MONTREUIL
Country: FR

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 01:27:7f:95:15:a1:72:7f:37:0a:be:d9:04:f5:90:49
Serial Number (int): 1534315250978015497634577658250891337
Serial Number lenght: 121 bits, 16 octets

SubjectKeyId: 4b:26:bd:68:83:db:0c:47:76:48:5a:73:59:f0:1d:25:4c:27:c6:c4
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5

Fingerprint (sha1): c6:aa:6a:44:cf:40:ad:b1:a2:73:59:0f:8a:3c:42:b5:18:fc:a2:ad
Fingerprint (sha256): 60:80:98:3e:c1:17:85:d0:08:3a:50:79:93:8a:2d:7f:f0:af:ae:0d:e3:29:bd:15:75:dd:18:2b:13:b4:71:40

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl

Check the revocation status for certificate *.afpa.fr

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.afpa.fr

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.afpa.fr
afpa.fr

Other certificates including the domain name afpa.fr

(limited to 100 certificates)
mooc.afpa.fr
hebergement-afpa.fr
*.afpa.fr
access.afpa.fr
wconvivio.afpa.fr
*.afpa.fr
copilote-sept.afpa.fr
www.questionnaires.hebergement-afpa.fr
www.tsgp.afpa.fr
mooc.afpa.fr
convivio.afpa.fr
hebergement-afpa.fr
*.afpa.fr
manager.eforpro.afpa.fr
mooc.afpa.fr
www.pprod.tsgp.afpa.fr
*.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
moocfle.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
eforpro.afpa.fr
bnr.afpa.fr
www.certification.afpa.fr
mooc.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
mooc.afpa.fr
*.afpa.fr
moocfle.afpa.fr
hebergement-afpa.fr
www.rapportactivite.hebergement-afpa.fr
evenement.afpa.fr
tr.infos.afpa.fr
mooc.afpa.fr
www.admin.di.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
convivio.afpa.fr
www.admin.di.afpa.fr
www.enquetes.afpa.fr
eforpro.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
wslync.afpa.fr
*.afpa.fr
mooc.afpa.fr
preprod-bnr.afpa.fr
stream.tsgp.afpa.fr
www.banque.di.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
rapportactivite.hebergement-afpa.fr
www.catalogues.afpa.fr
mooc.afpa.fr
www.enquetes.afpa.fr
tr.portail.afpa.fr
WWW.MONPARCOURS.TSGP.AFPA.FR
www.certification.afpa.fr
*.afpa.fr
hebergement-afpa.fr
access.afpa.fr
convivio.afpa.fr
www.enquetes.afpa.fr
moocfle.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
moocfle.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
moocfle.afpa.fr
www.afpa.fr
afpasupplierportail.afpa.fr
stream.tsgp.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
eforpro.afpa.fr
videos.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
www.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
www.afpa.fr
www.catalogues.afpa.fr
www.admin.di.afpa.fr
bnr.afpa.fr
tr.portail.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
habilitation.eforpro.afpa.fr
www.afpa.fr
moocfle.afpa.fr
*.afpa.fr
eforpro.afpa.fr
hebergement-afpa.fr
videos.afpa.fr
*.afpa.fr
*.afpa.fr
metis.afpa.fr
tr.portail.afpa.fr
www.banque.di.afpa.fr
bnr.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
mooc.afpa.fr
www.admin.di.afpa.fr
afpasupplierportail.afpa.fr
moocfle.afpa.fr
www.monparcours.tsgp.afpa.fr
www.afpa.fr
certification.afpa.fr

Certificate

The complete raw certificate details for *.afpa.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIQASd/lRWhcn83Cr7ZBPWQSTANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe
Fw0yMDAzMDUwMDAwMDBaFw0yMjA1MDExMjAwMDBaMIGJMQswCQYDVQQGEwJGUjES
MBAGA1UEBxMJTU9OVFJFVUlMMUQwQgYDVQQKEztBRlBBIChMJ0FnZW5jZSBuYXRp
b25hbGUgcG91ciBsYSBmb3JtYXRpb24gcHJvZmVzc2lvbm5lbGxlKTEMMAoGA1UE
CxMDRFNJMRIwEAYDVQQDDAkqLmFmcGEuZnIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIKEqCK48Tn+1hjnE8m2bCd1X+JHLG/5GULb3cWaClvNpOFAEC
QO7ryUkbiRjZ3Uw0m/xL+vPp8KQDuY4h6zb5CBVsO5f2sT8r48DguHKV1sGh4oQ1
CXaIV9MWckpIJnEa4UMIUct1SBuCOMOhmg1KWt5ATh8GaqK7QhC/i0ThvrEY+sCK
/0cIbaoJ+zFxEX+dTq7bNarBy6MUXC7sv53rzWFdcp9qcLbFy3e2KmqEb8nR3qO5
QwXjlSIfCWBxhByq3VljeGjlVq0Pv6kBVqk52A9LlH0eGg+eXEf+2yl/TaT+Qo1Y
/LJlf321Adr94Ywhl6GwinsvzilWQ/vaFHdrAgMBAAGjggG3MIIBszAfBgNVHSME
GDAWgBSQWP+wnHWoUVR3se3yo0MWOJ5sxTAdBgNVHQ4EFgQUSya9aIPbDEd2SFpz
WfAdJUwnxsQwHQYDVR0RBBYwFIIJKi5hZnBhLmZyggdhZnBhLmZyMA4GA1UdDwEB
/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPgYDVR0fBDcw
NTAzoDGgL4YtaHR0cDovL2NkcC5nZW90cnVzdC5jb20vR2VvVHJ1c3RSU0FDQTIw
MTguY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0
dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHUGCCsGAQUFBwEB
BGkwZzAmBggrBgEFBQcwAYYaaHR0cDovL3N0YXR1cy5nZW90cnVzdC5jb20wPQYI
KwYBBQUHMAKGMWh0dHA6Ly9jYWNlcnRzLmdlb3RydXN0LmNvbS9HZW9UcnVzdFJT
QUNBMjAxOC5jcnQwCQYDVR0TBAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkq
hkiG9w0BAQsFAAOCAQEAHB9u+Grm8F6Da2Y6+Y5kuA5niNxzcFrWGzVbzNsJqN16
69wrIZZ7y4YA/lF8139d/wQHlRHXr8f/IJgTEBmZ8WP8nAYBJoGg9CQg+WWztQK1
FieK2wdJESYplt5M++JDOf5gjhlY5VfUhvNSqDVZrvxEN3ZI+4IVjNkX9ZDUYT1/
krQl71zsY6pifanM5LWi6WkFVSUZn5wO78OcITmt7Gil7/blfR+zLXkjf0Hs+/mR
uPcwKcs6/gUlBNBKiL+j90E9hNQHucqew4TwQR3N9mw56NsjQqBwX/jAVRqSiuxl
NFa0RYNduKNriSR/hD+ErBhnIu8nCYymGrD0XQh9rA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyChKgiuPE5/tYY5xPJtm
wndV/iRyxv+RlC293FmgpbzaThQBAkDu68lJG4kY2d1MNJv8S/rz6fCkA7mOIes2
+QgVbDuX9rE/K+PA4LhyldbBoeKENQl2iFfTFnJKSCZxGuFDCFHLdUgbgjjDoZoN
SlreQE4fBmqiu0IQv4tE4b6xGPrAiv9HCG2qCfsxcRF/nU6u2zWqwcujFFwu7L+d
681hXXKfanC2xct3tipqhG/J0d6juUMF45UiHwlgcYQcqt1ZY3ho5VatD7+pAVap
OdgPS5R9HhoPnlxH/tspf02k/kKNWPyyZX99tQHa/eGMIZehsIp7L84pVkP72hR3
awIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1534315250978015497634577658250891337
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-05 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-05-01 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MONTREUIL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AFPA (L'Agence nationale pour la formation professionnelle)'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DSI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.afpa.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25267529249844936907560471340336358640236655602676632110223774990380775660550104079000949319814002672613364502036390967125974405258567075638035804405160647651763485334171189667703902875818331013033432257191301143435549204408268503166093789485403968212419307899728036010497181467094873171334389923011644899973732743089996659944426883133370604549719275388307970820381848732020825628982686963945679173685317190679135862066860324886730269130222504365808010892715864497709374824465589177926864266550033867408529299604862088682404659327299554058637918002960406001059515834620649605012230226712095939541428376848311342364523
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4b26bd6883db0c4776485a7359f01d254c27c6c4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.afpa.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'afpa.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001c1f6ef86ae6f05e836b663af98e64b80e6788dc73705ad61b355bccdb09a8dd7aebdc2b21967bcb8600fe517cd77f5dff04079511d7afc7ff209813101999f163fc9c06012681a0f42420f965b3b502b516278adb074911262996de4cfbe24339fe608e1958e557d486f352a83559aefc44377648fb82158cd917f590d4613d7f92b425ef5cec63aa627da9cce4b5a2e969055525199f9c0eefc39c2139adec68a5eff6e57d1fb32d79237f41ecfbf991b8f73029cb3afe052504d04a88bfa3f7413d84d407b9ca9ec384f0411dcdf66c39e8db2342a0705ff8c0551a928aec653456b445835db8a36b89247f843f84ac186722ef27098ca61ab0f45d087dac