vlada.cz

- Úřad vlády České republiky -

Issued by GeoTrust EV RSA CA G2

About this certificate

This digital certificate with serial number 0d:d3:92:c8:71:3d:66:d1:81:03:a0:5d:6e:73:5a:2c was issued on by DigiCert Inc.

With 19 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Úřad vlády České republiky

Company registration number: 00006599
Organization: Úřad vlády České republiky
Locality: Praha
Country: CZ

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0d:d3:92:c8:71:3d:66:d1:81:03:a0:5d:6e:73:5a:2c
Serial Number (int): 18378515694835427104974541150221457964
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 69:59:3b:bc:d6:09:7e:d2:ae:ca:bf:43:79:e9:54:fe:6a:de:e0:38
AuthorityKeyId: 28:d2:cf:ee:09:84:75:dd:b5:b2:b5:bf:3c:d5:a0:c6:73:88:5d:1f

Fingerprint (sha1): 74:ae:a8:5c:99:46:42:90:66:71:eb:42:7d:3d:75:5f:7c:06:f5:21
Fingerprint (sha256): 69:4a:5d:9b:5c:e4:58:7b:16:c8:cd:29:44:50:ff:18:02:c6:fe:b0:2e:9a:49:8c:16:ea:f6:34:29:c9:41:b6

Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustEVRSACAG2.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/GeoTrustEVRSACAG2.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustEVRSACAG2.crl

Check the revocation status for certificate vlada.cz

19

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for vlada.cz

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

vlada.cz
dap.vlada.cz
icm.vlada.cz
ria.vlada.cz
ema.vlada.cz
lotr.vlada.cz
kormoran.vlada.cz
albatros.vlada.cz
icv.vlada.cz
isap.vlada.cz
foto.vlada.cz
www.vlada.cz
tripartita.cz
vlada.gov.cz
tripartita.gov.cz
ria.gov.cz
isap.gov.cz
www.tripartita.cz
uv.gov.cz

Other certificates including the domain name vlada.cz

(limited to 100 certificates)
dotace-lidskaprava.vlada.cz
*.vlada.cz
oo.vlada.cz
sslvpn.vlada.cz
zakazky.vlada.cz
dapmobile.vlada.cz
zakazky.vlada.cz
*.vlada.cz
sslvpn.vlada.cz
sslvpn.vlada.cz
dotace-drogy.vlada.cz
wifiuvcr.vlada.cz
*.vlada.cz
cloud.vlada.cz
albatros.odok.cz
*.vlada.cz
vlada.cz
vlada.cz
oo.vlada.cz
zakazky.vlada.cz
vlada.cz
pis3.vlada.cz
www.vlada.cz
dotace-lidskaprava.vlada.cz
vlada.cz
www.vlada.cz
sslvpn.vlada.cz
zakazky.vlada.cz
dotace-lidskaprava.vlada.cz
zakazky.vlada.cz
dotace-drogy.vlada.cz
dotace-drogy.vlada.cz
alvao.vlada.cz
vlada.cz
dotace-lidskaprava.vlada.cz
vlada.cz
vlada.cz
vlada.cz
vlada.cz
cloud.vlada.cz
cixp.vlada.cz
dotace-drogy.vlada.cz
dotace-drogy.vlada.cz
wifiuvcr.vlada.cz
vlada.cz
dotace-lidskaprava.vlada.cz
dotace-lidskaprava.vlada.cz
pis3.vlada.cz
wifiuvcr.vlada.cz
*.vlada.cz
sslvpn.vlada.cz
antispam01.vlada.cz
dotace-lidskaprava.vlada.cz
www.vlada.cz
wifiuvcr.vlada.cz
cloud.vlada.cz
sslvpn2.vlada.cz
antispam02.vlada.cz
pis3.vlada.cz
vlada.cz
dapmobile.vlada.cz
*.vlada.cz
dotace-lidskaprava.vlada.cz
dotace-lidskaprava.vlada.cz
www.vlada.cz

Certificate

The complete raw certificate details for vlada.cz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIH0zCCBrugAwIBAgIQDdOSyHE9ZtGBA6BdbnNaLDANBgkqhkiG9w0BAQsFADBE
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVH
ZW9UcnVzdCBFViBSU0EgQ0EgRzIwHhcNMjQwMjIwMDAwMDAwWhcNMjUwMjE5MjM1
OTU5WjCBnjETMBEGCysGAQQBgjc8AgEDEwJDWjEaMBgGA1UEDwwRR292ZXJubWVu
dCBFbnRpdHkxETAPBgNVBAUTCDAwMDA2NTk5MQswCQYDVQQGEwJDWjEOMAwGA1UE
BxMFUHJhaGExKDAmBgNVBAoMH8OaxZlhZCB2bMOhZHkgxIxlc2vDqSByZXB1Ymxp
a3kxETAPBgNVBAMTCHZsYWRhLmN6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs/zhcLov3jevixfNsEscngdnopjxD1rHNPtZXnhGcI0k8mDs3zLhNF5s
ipzD8N7nVIQvREQ+q4anEEP3R5LhgSTPcE5Me5v23g2joc93jMnBiGXbb0sjPfe9
k4GzSHFWYs7MflYGgL3deYrjMqGc3gKqyogfs/B2usNRTUR6UjBeeTSPkAAvwEw3
rt5/2vM9ASDvHm6j2FqA3qlxd6xiBVDkLYGoVHsr0fyyDH1263SdQwJDOulKwM9A
ZVCQ+KjSOE36pcrRHThnMxbFXkCyG2KTTI3dsm+/2PXc8OtDYJIBxjIVj/cYBSIl
kFf26WWDAD1fO9WuIl+O0ZwSq5Qr5QIDAQABo4IEZDCCBGAwHwYDVR0jBBgwFoAU
KNLP7gmEdd21srW/PNWgxnOIXR8wHQYDVR0OBBYEFGlZO7zWCX7Srsq/Q3npVP5q
3uA4MIIBJQYDVR0RBIIBHDCCARiCCHZsYWRhLmN6ggxkYXAudmxhZGEuY3qCDGlj
bS52bGFkYS5jeoIMcmlhLnZsYWRhLmN6ggxlbWEudmxhZGEuY3qCDWxvdHIudmxh
ZGEuY3qCEWtvcm1vcmFuLnZsYWRhLmN6ghFhbGJhdHJvcy52bGFkYS5jeoIMaWN2
LnZsYWRhLmN6gg1pc2FwLnZsYWRhLmN6gg1mb3RvLnZsYWRhLmN6ggx3d3cudmxh
ZGEuY3qCDXRyaXBhcnRpdGEuY3qCDHZsYWRhLmdvdi5jeoIRdHJpcGFydGl0YS5n
b3YuY3qCCnJpYS5nb3YuY3qCC2lzYXAuZ292LmN6ghF3d3cudHJpcGFydGl0YS5j
eoIJdXYuZ292LmN6MEoGA1UdIARDMEEwCwYJYIZIAYb9bAIBMDIGBWeBDAEBMCkw
JwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRu
MGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEVWUlNB
Q0FHMi5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9HZW9UcnVz
dEVWUlNBQ0FHMi5jcmwwcwYIKwYBBQUHAQEEZzBlMCQGCCsGAQUFBzABhhhodHRw
Oi8vb2NzcC5kaWdpY2VydC5jb20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9jYWNlcnRz
LmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEVWUlNBQ0FHMi5jcnQwDAYDVR0TAQH/BAIw
ADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHUAzxFW7tUufK/zh1vZaS6b6Rpx
Z0qwF+ysAdJbd87MOwgAAAGNxx3ZowAABAMARjBEAiAygjZF52nt4HhAj7+o6liq
fq2XNzodwj9FUZpiT3BYLQIgeWKbpJKSoFNNwF0QIlObgtjaQvxfSABWIkoGKRgL
JcEAdgB9WR4S4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kOjC55uAAAAY3HHdneAAAE
AwBHMEUCIG+9iIRBYqpBn/WZMhCaBFHFM8y6eh73VB0d8XstIliJAiEAuQcntphL
tp2KICT3FkVkCmje6Kjp698TA9DlWvCKZJwAdwDm0jFjQHeMwRBBBtdxuc7B0kD2
loSG+7qHMh39HjeOUAAAAY3HHdnYAAAEAwBIMEYCIQC8AoIyphRYLtFB4m0Cnj12
M5Dek/CJ6foass6H31mM2gIhALNikoMGz/YhRojDfxz9ykcfRm0MNGoXR+WCmuYe
fSF9MA0GCSqGSIb3DQEBCwUAA4IBAQAdkKmCBpvc4y+MWEJhGvSempE8DmE22msG
V0kfuLdIDFOiRBdDFPhyVLrsTj6mfPNuIadMZ4o5ohHrq/wRln4nVK3E2FvSkNS0
bWSoHZWJ2X2AdjYTJ1FmsbhXMJHpjDDAj6o5xIcgcRd5MexSyFKdCRIIAw6xdlvE
ojPqBihN0QCB2ZsbNikaFYLR3g3ec5ag+uDClXmwWdNuwTi4Pr0M0iA7VHR6IMJa
aDsfdA9rF3pw6sSlFNxXp5AD5tl5VDdBqe7i4SLORAJTyIr1Eadzr1ngD+PV9ms9
VTFszPT+IjJDlIV1BGyT3KZ5KePVEBJd0UOpgg0G4c8zCeyGVyhH
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/zhcLov3jevixfNsEsc
ngdnopjxD1rHNPtZXnhGcI0k8mDs3zLhNF5sipzD8N7nVIQvREQ+q4anEEP3R5Lh
gSTPcE5Me5v23g2joc93jMnBiGXbb0sjPfe9k4GzSHFWYs7MflYGgL3deYrjMqGc
3gKqyogfs/B2usNRTUR6UjBeeTSPkAAvwEw3rt5/2vM9ASDvHm6j2FqA3qlxd6xi
BVDkLYGoVHsr0fyyDH1263SdQwJDOulKwM9AZVCQ+KjSOE36pcrRHThnMxbFXkCy
G2KTTI3dsm+/2PXc8OtDYJIBxjIVj/cYBSIlkFf26WWDAD1fO9WuIl+O0ZwSq5Qr
5QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 18378515694835427104974541150221457964
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust EV RSA CA G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-20 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-19 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00006599'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Praha'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Úřad vlády České republiky'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'vlada.cz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22721356673404590729586907308803167611374123925401918138085551761647826155647841155975754733508215309564029024071928683503564935405447522171149201032614316016178248339453179892429913666336283622579813804418577640411656472849461159635947398963561832594486506781769438110962361358410214471902264983970389462371247115961933444593527240459925798600679092842096126996308713241700844991218716818231110705279906985994489374442018211606132010168873302758346028230780314876349303060003427403886171824524278078342515731870256973007434040028667784714528590343356744373970062960687091556106062681398573784256108247605275142663141
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 28d2cfee098475ddb5b2b5bf3cd5a0c673885d1f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							69593bbcd6097ed2aecabf4379e954fe6adee038
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (284 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dap.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'icm.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ria.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ema.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lotr.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kormoran.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'albatros.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'icv.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'isap.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'foto.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripartita.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vlada.gov.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripartita.gov.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ria.gov.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'isap.gov.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tripartita.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uv.gov.cz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustEVRSACAG2.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustEVRSACAG2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustEVRSACAG2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007500cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018dc71dd9a30000040300463044022032823645e769ede078408fbfa8ea58aa7ead97373a1dc23f45519a624f70582d022079629ba49292a0534dc05d1022539b82d8da42fc5f480056224a0629180b25c10076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018dc71dd9de000004030047304502206fbd88844162aa419ff59932109a0451c533ccba7a1ef7541d1df17b2d225889022100b90727b6984bb69d8a2024f71645640a68dee8a8e9ebdf1303d0e55af08a649c007700e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018dc71dd9d80000040300483046022100bc028232a614582ed141e26d029e3d763390de93f089e9fa1ab2ce87df598cda022100b362928306cff6214688c37f1cfdca471f466d0c346a1747e5829ae61e7d217d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001d90a982069bdce32f8c5842611af49e9a913c0e6136da6b0657491fb8b7480c53a244174314f87254baec4e3ea67cf36e21a74c678a39a211ebabfc11967e2754adc4d85bd290d4b46d64a81d9589d97d80763613275166b1b8573091e98c30c08faa39c4872071177931ec52c8529d091208030eb1765bc4a233ea06284dd10081d99b1b36291a1582d1de0dde7396a0fae0c29579b059d36ec138b83ebd0cd2203b54747a20c25a683b1f740f6b177a70eac4a514dc57a79003e6d979543741a9eee2e122ce440253c88af511a773af59e00fe3d5f66b3d55316cccf4fe223243948575046c93dca67929e3d510125dd143a9820d06e1cf3309ec86572847