bms.envisionpharma.com

- Bristol-Myers Squibb -

Issued by GeoTrust RSA CA 2018

About this certificate

This digital certificate with serial number 05:ce:49:2f:35:5d:e8:65:c7:b0:2b:eb:97:ac:b9:68 was issued on by DigiCert Inc.

With 9 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Bristol-Myers Squibb

Organization: Bristol-Myers Squibb
Organization unit: Global Development & Regulatory IT
State / Province: New York
Locality: New York
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 05:ce:49:2f:35:5d:e8:65:c7:b0:2b:eb:97:ac:b9:68
Serial Number (int): 7717237487923691686650808049456691560
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 7f:e5:15:10:26:35:42:90:09:7f:3e:ab:23:6d:b6:3e:89:2f:7f:42
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5

Fingerprint (sha1): cf:14:a1:95:d1:78:62:ab:5d:75:8a:6c:5a:6c:48:5b:14:7a:33:b2
Fingerprint (sha256): 70:46:75:d6:29:12:e2:21:0b:e8:b3:14:1c:9b:68:01:46:3a:3b:ab:08:24:88:18:5c:20:fb:12:12:9d:1b:30

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl

Check the revocation status for certificate bms.envisionpharma.com

9

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for bms.envisionpharma.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bms.envisionpharma.com
na3.author-it.bms.com
na3files1.author-it.bms.com
na3files2.author-it.bms.com
amylin-stg.envisionpharma.com
na3gw1.author-it.bms.com
na3gw2.author-it.bms.com
bms-stg.envisionpharma.com
amylin.envisionpharma.com

Other certificates including the domain name envisionpharma.com

(limited to 100 certificates)
suport.staff.utcluj.app
helpdesk.centurionukrs.com
www.envisionpharma.com
www.envisionpharma.com
*.envisionpharma.com
support.ecctis.com
servicedesk.cheaperwaste.co.uk
www.envisionpharma.com
support.tuxexpert.com
support.ecctis.com
servicedesk.cheaperwaste.co.uk
*.envisionpharma.com
servicedesk.cheaperwaste.co.uk
*.envisionpharma.com
ithelpdesk.uteco.com
sd.sch1584.su
www.envisionpharma.com
*.production.etsaws.envisionpharma.com
www.envisionpharma.com
*.envisionpharma.com
*.staging.etsaws.envisionpharma.com
support-services.gruener-punkt.de
servicedesk.quorumdev.com
www.envisionpharma.com
dsi.alivetravel.com
www.envisionpharma.com
*.envisionpharma.com
*.envisionpharma.com
suport.staff.utcluj.app
bms.envisionpharma.com
www.envisionpharma.com
servicedesk.cheaperwaste.co.uk
helpdesk.zultys.com
sd.sch1584.su
support-services.gruener-punkt.de
support.tuxexpert.com
*.envisionpharma.com
*.envisionpharma.com
www.envisionpharma.com
bms.envisionpharma.com
*.envisionpharma.com
envisionpharma.com
OneLogin.envisionpharma.com
helpdesk.derbigum.com
support-services.gruener-punkt.de
*.envisionpharma.com
servicedesk.quorumdev.com
ithelpdesk.uteco.com
*.implementation.etsaws.envisionpharma.com
*.envisionpharma.com
envisionpharma.com
techteam.awayresorts.co.uk
support.gjesdal.kommune.no
*.envisionpharma.com
ithelpdesk.uteco.com
*.envisionpharma.com
www.envisionpharma.com
ithelpdesk.uteco.com
dsi.alivetravel.com
servicedesk.envisionpharma.com
*.envisionpharma.com
*.envisionpharma.com
servicedesk.cheaperwaste.co.uk
servicedesk.cheaperwaste.co.uk
bms.envisionpharma.com
servicedesk.cheaperwaste.co.uk
servicedesk.cheaperwaste.co.uk
epukhovmweb01.envisionpharma.com
*.envisionpharma.com
servicedesk.cheaperwaste.co.uk
servicedesk.cheaperwaste.co.uk
servicedesk.beauchamps.ie
filesafe.envisionpharma.com
bms.envisionpharma.com
*.envisionpharma.com
*.envisionpharma.com
support-services.gruener-punkt.de
helpdesk.derbigum.com
*.envisionpharma.com
servicedesk.chsgroup.org.uk
*.envisionpharma.com
servicedesk.cheaperwaste.co.uk
servicedesk.beauchamps.ie
bms.envisionpharma.com
envisionpharma.com
suport.staff.utcluj.app
servicedesk.cheaperwaste.co.uk
servicedesk.cheaperwaste.co.uk
sd.sch1584.su
*.envisionpharma.com
www.envisionpharma.com
helpdesk.pgzinternational.com
techteam.awayresorts.co.uk
envisionpharma.com
companycentral-new.smarttuna.com
support.languagelink.ru
*.envisionpharma.com
servicedesk.cheaperwaste.co.uk
*.envisionpharma.com
*.envisionpharma.com

Certificate

The complete raw certificate details for bms.envisionpharma.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHkDCCBnigAwIBAgIQBc5JLzVd6GXHsCvrl6y5aDANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe
Fw0xOTAxMjIwMDAwMDBaFw0yMDA0MjIxMjAwMDBaMIGgMQswCQYDVQQGEwJVUzER
MA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMR0wGwYDVQQKExRC
cmlzdG9sLU15ZXJzIFNxdWliYjErMCkGA1UECwwiR2xvYmFsIERldmVsb3BtZW50
ICYgUmVndWxhdG9yeSBJVDEfMB0GA1UEAxMWYm1zLmVudmlzaW9ucGhhcm1hLmNv
bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPMoL+eQ+5GefTC38Bpw
VHUW3XUMlojTMva2z/vJKsAhPw/OR8Q0D+QraTuCZAH5IHizLBU5ntIVIYw6EW7p
kQUy4B1x/f0S3i4mE9XR3WO4dr3Mhvxy+/7bSWk9QIOPlf8Ufe3qaNHa+ikhZYJ5
++cKLFw6jirmU9HMmy0foomKpIP0aUdhhBmWQxRj9oe5+3wcdU5p8EtNqi85LB27
0LlkbdEfmRINzmwy9F91rRnVy2ISb2W3aTIrFv47kTITJUFIjKWFl63Ar/KA6scx
4bjGPrEN7VtyAI8Ad9Z6RBT6fc8TByCSUNW01w9ivXCaTXncdtEMb+0Zk8n+CzlA
KU8CAwEAAaOCBAUwggQBMB8GA1UdIwQYMBaAFJBY/7CcdahRVHex7fKjQxY4nmzF
MB0GA1UdDgQWBBR/5RUQJjVCkAl/PqsjbbY+iS9/QjCB/gYDVR0RBIH2MIHzghZi
bXMuZW52aXNpb25waGFybWEuY29tghVuYTMuYXV0aG9yLWl0LmJtcy5jb22CG25h
M2ZpbGVzMS5hdXRob3ItaXQuYm1zLmNvbYIbbmEzZmlsZXMyLmF1dGhvci1pdC5i
bXMuY29tgh1hbXlsaW4tc3RnLmVudmlzaW9ucGhhcm1hLmNvbYIYbmEzZ3cxLmF1
dGhvci1pdC5ibXMuY29tghhuYTNndzIuYXV0aG9yLWl0LmJtcy5jb22CGmJtcy1z
dGcuZW52aXNpb25waGFybWEuY29tghlhbXlsaW4uZW52aXNpb25waGFybWEuY29t
MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
PgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2NkcC5nZW90cnVzdC5jb20vR2VvVHJ1
c3RSU0FDQTIwMTguY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYB
BQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHUG
CCsGAQUFBwEBBGkwZzAmBggrBgEFBQcwAYYaaHR0cDovL3N0YXR1cy5nZW90cnVz
dC5jb20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9jYWNlcnRzLmdlb3RydXN0LmNvbS9H
ZW9UcnVzdFJTQUNBMjAxOC5jcnQwCQYDVR0TBAIwADCCAX0GCisGAQQB1nkCBAIE
ggFtBIIBaQFnAHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFo
dXZ/5QAABAMARjBEAiAguZyTsNG2g0IKyjhyJRnycZBLr7XB1zf0HTkR16SbuwIg
JypraeshHT5WxweK06BURNE2YmK8ThC5kon0WhDFfDIAdgCHdb/nWXz4jEOZX73z
bv9WjUdWNv9KtWDBtOr/XqCDDwAAAWh1doDEAAAEAwBHMEUCIQDjdbTtRDV5LV5v
cezosGbkZIjDMDA/IDTTX26JDEvuIQIgbfhlHRX69NCS1Jsz8JTMk3XcHXV67vyz
eVUsmMnX0/IAdgCyHgXMi6LNiiBOh2b5K7mKJSBna9r6cOeySVMt74uQXgAAAWh1
dn/7AAAEAwBHMEUCIQCqBWw/k3FlpJRdcD5VcKuuFs5NDJLJKtH+j9iF3AUMZgIg
fEZ7CT/aB0WWkd2gP66nlGmRY9fGwhvHggI/jAZtpLIwDQYJKoZIhvcNAQELBQAD
ggEBAHG23W1gCYAoQUq20r0RR8eMD6V/DvAkLJpub7x6R8Peo45mCvTAnnwqsPtY
irrPJIy9NuCjdiDGIx5NkUxiLCrSba0nXuWkjVSd8mvniKLfHrH+UssUz+t4BYZn
+ysFeGG8I4TDw6ua2uDrNknfaHKK5lAEARmvNqTUg6s14TPecpB8kcmMtq6z0yWa
aTR0BmChVqeVPDMQmlPuhQ4p8xz96Ketkoa+qLbBgJjR7XjtlEJ/iEOidZQjYRyn
BIjVHpbEL4+26RTfS2SM1nXk1cOfZisfPE//m6vgTUrGfRik4+oPkTU2MOv+sG+s
tlSzXpm50NN9VYxiYTA1BDsHo78=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ygv55D7kZ59MLfwGnBU
dRbddQyWiNMy9rbP+8kqwCE/D85HxDQP5CtpO4JkAfkgeLMsFTme0hUhjDoRbumR
BTLgHXH9/RLeLiYT1dHdY7h2vcyG/HL7/ttJaT1Ag4+V/xR97epo0dr6KSFlgnn7
5wosXDqOKuZT0cybLR+iiYqkg/RpR2GEGZZDFGP2h7n7fBx1TmnwS02qLzksHbvQ
uWRt0R+ZEg3ObDL0X3WtGdXLYhJvZbdpMisW/juRMhMlQUiMpYWXrcCv8oDqxzHh
uMY+sQ3tW3IAjwB31npEFPp9zxMHIJJQ1bTXD2K9cJpNedx20Qxv7RmTyf4LOUAp
TwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7717237487923691686650808049456691560
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-22 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-22 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bristol-Myers Squibb'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Global Development & Regulatory IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bms.envisionpharma.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30695725117750831203697322853116561632450600834042314964056175612816991545868214315525249966801933337432335880757255123406457085369175519228193440414191474041693872415242183034812018330499966682538906167435409189788058983974076642904612256844793783869195058066661021881230478865064906887106048548354224136679212039875389803529817581580809800842986290678616169329301297036173320961971357671760841564863422569559939036742261408035374338252630164063771280115189017015110769040665797978864357262207847010883906779229615869235354605834465456400109431684891605789098383974383439724655956961884431948192554347537664906897743
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7fe5151026354290097f3eab236db63e892f7f42
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bms.envisionpharma.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'na3.author-it.bms.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'na3files1.author-it.bms.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'na3files2.author-it.bms.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'amylin-stg.envisionpharma.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'na3gw1.author-it.bms.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'na3gw2.author-it.bms.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bms-stg.envisionpharma.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'amylin.envisionpharma.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016875767fe50000040300463044022020b99c93b0d1b683420aca38722519f271904bafb5c1d737f41d3911d7a49bbb0220272a6b69eb211d3e56c7078ad3a05444d1366262bc4e10b99289f45a10c57c320076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f00000168757680c40000040300473045022100e375b4ed4435792d5e6f71ece8b066e46488c330303f2034d35f6e890c4bee2102206df8651d15faf4d092d49b33f094cc9375dc1d757aeefcb379552c98c9d7d3f2007600b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016875767ffb0000040300473045022100aa056c3f937165a4945d703e5570abae16ce4d0c92c92ad1fe8fd885dc050c6602207c467b093fda07459691dda03faea794699163d7c6c21bc782023f8c066da4b2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0071b6dd6d60098028414ab6d2bd1147c78c0fa57f0ef0242c9a6e6fbc7a47c3dea38e660af4c09e7c2ab0fb588abacf248cbd36e0a37620c6231e4d914c622c2ad26dad275ee5a48d549df26be788a2df1eb1fe52cb14cfeb78058667fb2b057861bc2384c3c3ab9adae0eb3649df68728ae650040119af36a4d483ab35e133de72907c91c98cb6aeb3d3259a6934740660a156a7953c33109a53ee850e29f31cfde8a7ad9286bea8b6c18098d1ed78ed94427f8843a2759423611ca70488d51e96c42f8fb6e914df4b648cd675e4d5c39f662b1f3c4fff9babe04d4ac67d18a4e3ea0f91353630ebfeb06facb654b35e99b9d0d37d558c62613035043b07a3bf