www.banque.di.afpa.fr

- AFPA (L'Agence nationale pour la formation professionnelle) -

Issued by GeoTrust EV RSA CA 2018

About this certificate

This digital certificate with serial number 0b:16:ab:ae:da:a1:24:3e:37:fc:78:11:db:f9:47:dd was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

AFPA (L'Agence nationale pour la formation professionnelle)

Company registration number: 824 228 142
Organization: AFPA (L'Agence nationale pour la formation professionnelle)
Organization unit: DSI
Locality: MONTREUIL
Country: FR

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0b:16:ab:ae:da:a1:24:3e:37:fc:78:11:db:f9:47:dd
Serial Number (int): 14739220629926883078343712379611203549
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 0f:e0:fe:2b:ab:24:72:60:85:26:4a:eb:b2:9c:40:cf:bd:0c:d1:44
AuthorityKeyId: ca:92:67:52:61:de:ae:fc:ba:22:2b:7f:1c:87:4c:25:fb:6f:99:58

Fingerprint (sha1): f2:97:c9:80:d5:44:2b:f5:73:33:b9:81:2a:ed:5d:94:73:76:fb:9b
Fingerprint (sha256): 68:0e:fe:24:03:51:49:86:ba:2d:f6:68:a2:ca:29:9f:68:50:4c:96:73:fb:80:ad:f0:4d:0b:c2:9c:70:ec:76

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustEVRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustEVRSACA2018.crl

Check the revocation status for certificate www.banque.di.afpa.fr

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.banque.di.afpa.fr

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.banque.di.afpa.fr

Other certificates including the domain name afpa.fr

(limited to 100 certificates)
mooc.afpa.fr
hebergement-afpa.fr
*.afpa.fr
access.afpa.fr
wconvivio.afpa.fr
*.afpa.fr
copilote-sept.afpa.fr
www.questionnaires.hebergement-afpa.fr
www.tsgp.afpa.fr
mooc.afpa.fr
convivio.afpa.fr
hebergement-afpa.fr
*.afpa.fr
manager.eforpro.afpa.fr
mooc.afpa.fr
www.pprod.tsgp.afpa.fr
*.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
moocfle.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
eforpro.afpa.fr
bnr.afpa.fr
www.certification.afpa.fr
mooc.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
mooc.afpa.fr
*.afpa.fr
moocfle.afpa.fr
hebergement-afpa.fr
www.rapportactivite.hebergement-afpa.fr
evenement.afpa.fr
tr.infos.afpa.fr
mooc.afpa.fr
www.admin.di.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
convivio.afpa.fr
www.admin.di.afpa.fr
www.enquetes.afpa.fr
eforpro.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
wslync.afpa.fr
*.afpa.fr
mooc.afpa.fr
preprod-bnr.afpa.fr
stream.tsgp.afpa.fr
www.banque.di.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
rapportactivite.hebergement-afpa.fr
www.catalogues.afpa.fr
mooc.afpa.fr
www.enquetes.afpa.fr
tr.portail.afpa.fr
WWW.MONPARCOURS.TSGP.AFPA.FR
www.certification.afpa.fr
*.afpa.fr
hebergement-afpa.fr
access.afpa.fr
convivio.afpa.fr
www.enquetes.afpa.fr
moocfle.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
moocfle.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
moocfle.afpa.fr
www.afpa.fr
afpasupplierportail.afpa.fr
stream.tsgp.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
eforpro.afpa.fr
videos.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
www.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
www.afpa.fr
www.catalogues.afpa.fr
www.admin.di.afpa.fr
bnr.afpa.fr
tr.portail.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
habilitation.eforpro.afpa.fr
www.afpa.fr
moocfle.afpa.fr
*.afpa.fr
eforpro.afpa.fr
hebergement-afpa.fr
videos.afpa.fr
*.afpa.fr
*.afpa.fr
metis.afpa.fr
tr.portail.afpa.fr
www.banque.di.afpa.fr
bnr.afpa.fr
san-13-s50.tlsprovisioning.exacttarget.com
mooc.afpa.fr
www.admin.di.afpa.fr
afpasupplierportail.afpa.fr
moocfle.afpa.fr
www.monparcours.tsgp.afpa.fr
www.afpa.fr
certification.afpa.fr

Certificate

The complete raw certificate details for www.banque.di.afpa.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHMjCCBhqgAwIBAgIQCxarrtqhJD43/HgR2/lH3TANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdHZW9UcnVzdCBFViBSU0EgQ0EgMjAx
ODAeFw0yMDA0MjIwMDAwMDBaFw0yMjA2MDMxMjAwMDBaMIIBGjEdMBsGA1UEDwwU
UHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCRlIxHjAcBgsr
BgEEAYI3PAIBAhMNSWxlLWRlLUZyYW5jZTEZMBcGCysGAQQBgjc8AgEBEwhQb250
b2lzZTEUMBIGA1UEBRMLODI0IDIyOCAxNDIxCzAJBgNVBAYTAkZSMRIwEAYDVQQH
EwlNT05UUkVVSUwxRDBCBgNVBAoTO0FGUEEgKEwnQWdlbmNlIG5hdGlvbmFsZSBw
b3VyIGxhIGZvcm1hdGlvbiBwcm9mZXNzaW9ubmVsbGUpMQwwCgYDVQQLEwNEU0kx
HjAcBgNVBAMTFXd3dy5iYW5xdWUuZGkuYWZwYS5mcjCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBANTQ85NdXqQgDFkElQnkCoR3FzURAilgk3hPm/VTxvRN
nrtgAsDkIEGedqhn3m1988hgzejb6LeTsscVHKccx4MAKl0qVM0VrwYB7V5kL4ee
1U0aR6KKEzJcLwobZizne+F8pgJWcIcog4WULHdEi1xA0knSWxcHwrYGcVY1U0h0
jvOq7gBmbmyDKyj7XcS/HYE/JYTAPjcSsjOMZ1lL81fyWnemnYUUu/vdGzCNWcjO
FgHbrYgpynaBJeVw2/S8XpT3zeLLB4YVgNhgLwBIzn6pQFKiwe7mCna3RXToDeZb
zt4K4zQWY/GRa1C0up1iJ1Fq0V9HO5VSnOPijcaCsTsCAwEAAaOCAykwggMlMB8G
A1UdIwQYMBaAFMqSZ1Jh3q78uiIrfxyHTCX7b5lYMB0GA1UdDgQWBBQP4P4rqyRy
YIUmSuuynEDPvQzRRDAgBgNVHREEGTAXghV3d3cuYmFucXVlLmRpLmFmcGEuZnIw
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBA
BgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY2RwLmdlb3RydXN0LmNvbS9HZW9UcnVz
dEVWUlNBQ0EyMDE4LmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsG
AQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMHcG
CCsGAQUFBwEBBGswaTAmBggrBgEFBQcwAYYaaHR0cDovL3N0YXR1cy5nZW90cnVz
dC5jb20wPwYIKwYBBQUHMAKGM2h0dHA6Ly9jYWNlcnRzLmdlb3RydXN0LmNvbS9H
ZW9UcnVzdEVWUlNBQ0EyMDE4LmNydDAJBgNVHRMEAjAAMIIBfQYKKwYBBAHWeQIE
AgSCAW0EggFpAWcAdgApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZcJV3HhAAA
AXGibxJSAAAEAwBHMEUCIAC1MSxMEXgJ5IyN54QOP/pqatXYJBR2zEbQfor7B5PV
AiEArXtMFf6NtsX/65wm1zzC37Lpcmkk4Pa/seA+odLfAnoAdQAiRUUHWVUkVpY/
oS/x922G4CMmY63AS39dxoNcbuIPAgAAAXGibxJ5AAAEAwBGMEQCICfdH5gZMn3e
Mbc0gyYsmLaEseePX4I7WduIsnD/wwbXAiAjER4MZaFx8T19O2m+08Hl7VMQSii2
jl5CN1QibgbrCwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAAB
caJvErgAAAQDAEcwRQIhAMZCe8Bo7NGveYN+CjTTr3RVpCzA7nqwcsXvPLetgflH
AiAfmA/cyb6oETMmquhjINacgE/yCZlwEqUkq80quvusfzANBgkqhkiG9w0BAQsF
AAOCAQEAn11yLLN7opJ4TlZghTNez51xtT/Jf1vJIEdf7P6lXtH2pVRPzD4JNpgt
2OLWDWcK1mHrix+HpXbsT+5FH2RbxjUt5SSGHAWRV8Q8e8pfO2tmWi6zWeSFU7cq
hbQCXmW/iH5+CdcWBMUGBm5o2/jtjg5te29Rw0g68OfPW/ZXLbZCGYuBPuL30Kqh
riP0ftAJULbL278uxh/6iDyydry6s3dSvXRqlKnQ0M7QO7/6xQQwzKbH3c5kHKI8
yJLAxmWeGQVS6ZXWGpkEYW9Ax0k9Gz2oz6VzjZqnyMhep1OyNmRwcbGLBHAutcOL
SZsP9B3NsloXOJAaB7mH7Rm3YEhe/A==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NDzk11epCAMWQSVCeQK
hHcXNRECKWCTeE+b9VPG9E2eu2ACwOQgQZ52qGfebX3zyGDN6Nvot5OyxxUcpxzH
gwAqXSpUzRWvBgHtXmQvh57VTRpHoooTMlwvChtmLOd74XymAlZwhyiDhZQsd0SL
XEDSSdJbFwfCtgZxVjVTSHSO86ruAGZubIMrKPtdxL8dgT8lhMA+NxKyM4xnWUvz
V/Jad6adhRS7+90bMI1ZyM4WAdutiCnKdoEl5XDb9LxelPfN4ssHhhWA2GAvAEjO
fqlAUqLB7uYKdrdFdOgN5lvO3grjNBZj8ZFrULS6nWInUWrRX0c7lVKc4+KNxoKx
OwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 14739220629926883078343712379611203549
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust EV RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-22 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-06-03 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ile-de-France'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.1 (jurisdictionOfIncorporationL)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pontoise'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '824 228 142'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MONTREUIL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AFPA (L'Agence nationale pour la formation professionnelle)'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DSI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.banque.di.afpa.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26865558461630018422607085591936787897326123756953907657942414317703680835696970951215508525641833960843850545517274505900724537911239022446627085786449794073068846769566560195079322921608131857429297367255373462401683825105948975393377062115341633481859905302557061922981990796354731756984507181228978838405322219296000845176705410509098017877856922903030194730593357824428493812786614444924082603703207623964602877898424909467544435337445398035984366354897808612219623413583798723573595279507876173050350583843437885251164955427672754332236106363963113561991172749938575909416753710456322041895301300266541156315451
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ca92675261deaefcba222b7f1c874c25fb6f9958
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0fe0fe2bab24726085264aebb29c40cfbd0cd144
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.banque.di.afpa.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustEVRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (107 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustEVRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							01670076002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc78400000171a26f12520000040300473045022000b5312c4c117809e48c8de7840e3ffa6a6ad5d8241476cc46d07e8afb0793d5022100ad7b4c15fe8db6c5ffeb9c26d73cc2dfb2e9726924e0f6bfb1e03ea1d2df027a0075002245450759552456963fa12ff1f76d86e0232663adc04b7f5dc6835c6ee20f0200000171a26f12790000040300463044022027dd1f9819327dde31b73483262c98b684b1e78f5f823b59db88b270ffc306d7022023111e0c65a171f13d7d3b69bed3c1e5ed53104a28b68e5e423754226e06eb0b00760051a3b0f5fd01799c566db837788f0ca47acc1b27cbf79e88429a0dfed48b05e500000171a26f12b80000040300473045022100c6427bc068ecd1af79837e0a34d3af7455a42cc0ee7ab072c5ef3cb7ad81f94702201f980fdcc9bea8113326aae86320d69c804ff209997012a524abcd2abafbac7f
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009f5d722cb37ba292784e566085335ecf9d71b53fc97f5bc920475fecfea55ed1f6a5544fcc3e0936982dd8e2d60d670ad661eb8b1f87a576ec4fee451f645bc6352de524861c059157c43c7bca5f3b6b665a2eb359e48553b72a85b4025e65bf887e7e09d71604c506066e68dbf8ed8e0e6d7b6f51c3483af0e7cf5bf6572db642198b813ee2f7d0aaa1ae23f47ed00950b6cbdbbf2ec61ffa883cb276bcbab37752bd746a94a9d0d0ced03bbffac50430cca6c7ddce641ca23cc892c0c6659e190552e995d61a9904616f40c7493d1b3da8cfa5738d9aa7c8c85ea753b236647071b18b04702eb5c38b499b0ff41dcdb25a1738901a07b987ed19b760485efc