novica.ca
Issued by GeoTrust TLS RSA CA G1
About this certificate
This digital certificate with serial number 03:5b:b4:67:c5:dc:6d:0c:c5:80:05:98:e6:77:fb:a5 was issued on by DigiCert Inc.
With 27 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=novica.ca
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:5b:b4:67:c5:dc:6d:0c:c5:80:05:98:e6:77:fb:a5Serial Number (int): 4463842056945838791469918596869127077
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: 70:e3:d0:35:64:b3:2f:0b:d0:52:35:c2:1c:3b:3c:d3:56:a8:dd:fd
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57
Fingerprint (sha1): 3a:cd:c4:03:88:cb:78:3b:73:d3:d6:51:c9:ef:62:22:4f:fa:a3:9a
Fingerprint (sha256): 68:2d:20:ac:9c:9a:19:a1:98:d4:9a:b6:1f:03:3c:bb:73:03:b4:92:6e:92:f8:5c:ff:12:ec:44:e5:07:2e:96
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl
Check the revocation status for certificate novica.ca
27
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for novica.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
novica.ca
*.novica.ca
*.worldartisanday.org
worldartisanday.org
*.worldartisanday.com
worldartisanday.com
artisanday.com
*.artisanday.org
*.artisansday.com
*.artisanday.com
artisansday.org
artisanday.org
artisansday.com
*.artisansday.org
*.worldartisansday.org
worldartisansday.org
*.worldartisansday.com
worldartisansday.com
handmade.com
*.handmade.com
novica.co.uk
*.novica.co.uk
novica.uk
*.novica.uk
*.es.novica.com
*.novica.es
novica.es
*.novica.ca
*.worldartisanday.org
worldartisanday.org
*.worldartisanday.com
worldartisanday.com
artisanday.com
*.artisanday.org
*.artisansday.com
*.artisanday.com
artisansday.org
artisanday.org
artisansday.com
*.artisansday.org
*.worldartisansday.org
worldartisansday.org
*.worldartisansday.com
worldartisansday.com
handmade.com
*.handmade.com
novica.co.uk
*.novica.co.uk
novica.uk
*.novica.uk
*.es.novica.com
*.novica.es
novica.es
Other certificates including the domain name novica.ca
(limited to 100 certificates)
Certificate
The complete raw certificate details for novica.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIH4jCCBsqgAwIBAgIQA1u0Z8XcbQzFgAWY5nf7pTANBgkqhkiG9w0BAQsFADBg MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx MB4XDTIzMDkxODAwMDAwMFoXDTI0MTAxODIzNTk1OVowFDESMBAGA1UEAxMJbm92 aWNhLmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXPU3MBYS2Pj ghOcQIqRO6A1dwke3FnfUYO/FEnsXJm2pm7SyxzU9ZtxVdQOI3owpmGfex/OfQBa MmvaeIqepu8Y0fQ5M5CwgvBGJ6cQNvtBpBKmuQEu7t1dAIYWWeReAGm7LbVHIRWq IYvVbO9x2/0Sh5MtA5mLQy1n/Ww+GJLQoBdn8qfX360zqktbxbq39cYedcNdZDba BvUQMLexNdKXFVsZWrjmo+FYDqA0BvgiDfpToPotXoCNwiXBM3h5YFZ9CLy+LtjI tG6pCNo6GtWaqFrupbOozYQ5+qhZSJyLMgdO7n01uCa5MpVLhN6hSE6u++82Q6xy Fj6wLA5lLwIDAQABo4IE4jCCBN4wHwYDVR0jBBgwFoAUlE/UXYvkpOKmgP792PkA 76O+AlcwHQYDVR0OBBYEFHDj0DVksy8L0FI1whw7PNNWqN39MIIB4gYDVR0RBIIB 2TCCAdWCCW5vdmljYS5jYYILKi5ub3ZpY2EuY2GCFSoud29ybGRhcnRpc2FuZGF5 Lm9yZ4ITd29ybGRhcnRpc2FuZGF5Lm9yZ4IVKi53b3JsZGFydGlzYW5kYXkuY29t ghN3b3JsZGFydGlzYW5kYXkuY29tgg5hcnRpc2FuZGF5LmNvbYIQKi5hcnRpc2Fu ZGF5Lm9yZ4IRKi5hcnRpc2Fuc2RheS5jb22CECouYXJ0aXNhbmRheS5jb22CD2Fy dGlzYW5zZGF5Lm9yZ4IOYXJ0aXNhbmRheS5vcmeCD2FydGlzYW5zZGF5LmNvbYIR Ki5hcnRpc2Fuc2RheS5vcmeCFioud29ybGRhcnRpc2Fuc2RheS5vcmeCFHdvcmxk YXJ0aXNhbnNkYXkub3JnghYqLndvcmxkYXJ0aXNhbnNkYXkuY29tghR3b3JsZGFy dGlzYW5zZGF5LmNvbYIMaGFuZG1hZGUuY29tgg4qLmhhbmRtYWRlLmNvbYIMbm92 aWNhLmNvLnVrgg4qLm5vdmljYS5jby51a4IJbm92aWNhLnVrggsqLm5vdmljYS51 a4IPKi5lcy5ub3ZpY2EuY29tggsqLm5vdmljYS5lc4IJbm92aWNhLmVzMD4GA1Ud IAQ3MDUwMwYGZ4EMAQIBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNl cnQuY29tL0NQUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9jZHAuZ2VvdHJ1c3Qu Y29tL0dlb1RydXN0VExTUlNBQ0FHMS5jcmwwdgYIKwYBBQUHAQEEajBoMCYGCCsG AQUFBzABhhpodHRwOi8vc3RhdHVzLmdlb3RydXN0LmNvbTA+BggrBgEFBQcwAoYy aHR0cDovL2NhY2VydHMuZ2VvdHJ1c3QuY29tL0dlb1RydXN0VExTUlNBQ0FHMS5j cnQwDAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHcA7s3Q ZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGKqnGLiwAABAMASDBGAiEA qA4ptUzJSQnzcxE8nDQul89nBWBvOuXz3NIzHsO/XXoCIQCMiGN5ilbl+HZECC1v /A/cV6RXGL2XTfdioDEwrFWAHwB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7 v6s52IRzAAABiqpxi6cAAAQDAEcwRQIhAMMDwW84ytu8XHRgjIvvNppBVyd2mL6b L92qO7CR0HAwAiBw8dFn5VPdaUwfnR2pnLZKsk2EdEAq/zAsjkxVK5ZAQQB1ANq2 v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABiqpxi30AAAQDAEYwRAIg U/qcTtZotkZHgxoARWppO799xETd0ShkQ5emwpTSKsICICfYmDL+UZJj/O5q372f 5XIV6sCaIj8OJ6JRfzLr40zMMA0GCSqGSIb3DQEBCwUAA4IBAQAkfmbhZvmAFBmm PlBIVCklJ1UPvDRu9Bp6XUaZVZsRyDkHlms7Dp+L5+cTW/b6Rr583ggxkHc+yrfi 51Zc+nWS0tTs8JzgoHlTF9pYq23OZhYhuLsOlkZ58Tv5/4NwxFihjG6r3oWMhTHX Z5LsKtrMuugjMDcXU5DRqlPscNXydBze7OwgDAPc6mD+XXuE8Y0X6UWOb/7UbjR0 ZIgwet4WgaXlarI7zyDminIgfdCHQNDKC0I8JrCf30KL9iKA3p+eV4GzSGZEbMi1 Wa+GZFC5KFqBS1ij+9cFJFAkZxXcvbQS8GWKUAOkki/LsIFj8nfkCe0MZwLBYCM0 x3tAPPr7 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXPU3MBYS2PjghOcQIqR O6A1dwke3FnfUYO/FEnsXJm2pm7SyxzU9ZtxVdQOI3owpmGfex/OfQBaMmvaeIqe pu8Y0fQ5M5CwgvBGJ6cQNvtBpBKmuQEu7t1dAIYWWeReAGm7LbVHIRWqIYvVbO9x 2/0Sh5MtA5mLQy1n/Ww+GJLQoBdn8qfX360zqktbxbq39cYedcNdZDbaBvUQMLex NdKXFVsZWrjmo+FYDqA0BvgiDfpToPotXoCNwiXBM3h5YFZ9CLy+LtjItG6pCNo6 GtWaqFrupbOozYQ5+qhZSJyLMgdO7n01uCa5MpVLhN6hSE6u++82Q6xyFj6wLA5l LwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4463842056945838791469918596869127077 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-18 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-18 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'novica.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25935971156277491910338167763690020357939791550825883559467911374879582544241891134730763253730344451835638174194469335039549471829158433284869229972506802653540665910906113243224751065830015428506769243031328793984557471471279504974406726370590336886255677414545953946940120988730244170603584962965273309483206667604124871193128985915040810581901960560969515954972346489710714011493195950401873394674235726830265095368758912905939097960084714102545906838243885485834616081727384354148879449619975164820647874679184732476607681232992869061609852153312894698691811254690287791349236036956638097333738940008919804568879 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 70e3d03564b32f0bd05235c21c3b3cd356a8ddfd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (473 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'novica.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.novica.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.worldartisanday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'worldartisanday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.worldartisanday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'worldartisanday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'artisanday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.artisanday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.artisansday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.artisanday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'artisansday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'artisanday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'artisansday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.artisansday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.worldartisansday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'worldartisansday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.worldartisansday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'worldartisansday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'handmade.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.handmade.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'novica.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.novica.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'novica.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.novica.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.es.novica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.novica.es' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'novica.es' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018aaa718b8b0000040300483046022100a80e29b54cc94909f373113c9c342e97cf6705606f3ae5f3dcd2331ec3bf5d7a0221008c8863798a56e5f87644082d6ffc0fdc57a45718bd974df762a03130ac55801f00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018aaa718ba70000040300473045022100c303c16f38cadbbc5c74608c8bef369a4157277698be9b2fddaa3bb091d07030022070f1d167e553dd694c1f9d1da99cb64ab24d8474402aff302c8e4c552b964041007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018aaa718b7d0000040300463044022053fa9c4ed668b64647831a00456a693bbf7dc444ddd128644397a6c294d22ac2022027d89832fe519263fcee6adfbd9fe57215eac09a223f0e27a2517f32ebe34ccc . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00247e66e166f9801419a63e504854292527550fbc346ef41a7a5d4699559b11c83907966b3b0e9f8be7e7135bf6fa46be7cde083190773ecab7e2e7565cfa7592d2d4ecf09ce0a0795317da58ab6dce661621b8bb0e964679f13bf9ff8370c458a18c6eabde858c8531d76792ec2adaccbae8233037175390d1aa53ec70d5f2741cdeecec200c03dcea60fe5d7b84f18d17e9458e6ffed46e34746488307ade1681a5e56ab23bcf20e68a72207dd08740d0ca0b423c26b09fdf428bf62280de9f9e5781b34866446cc8b559af866450b9285a814b58a3fbd7052450246715dcbdb412f0658a5003a4922fcbb08163f277e409ed0c6702c1602334c77b403cfafb