www.expandinglight.org

Issued by USERTrust RSA Organization Validation Secure Server CA

About this certificate


This digital certificate with serial number e0:d6:28:dc:09:03:83:33:91:d7:6e:d4:9e:4e:d7:11 was issued on by The USERTRUST Network .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

ANANDA CHURCH OF SELF-REALIZATION

Organization: ANANDA CHURCH OF SELF-REALIZATION
Organization unit: Expanding Light
Organization unit: Hosted by Register.com
Organization unit: InstantSSL Pro
Address: 14618 Tyler Foote Rd,
Postal code: 95959
State / Province: CA
Locality: Nevada City
Country: US

The USERTRUST Network

Organization: The USERTRUST Network
Postal code: 95959
State / Province: CA
Locality: Nevada City
Country: US

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): e0:d6:28:dc:09:03:83:33:91:d7:6e:d4:9e:4e:d7:11
Serial Number (int): 298859051312917119295082679490688505617
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 69:3c:93:bb:be:a4:50:13:f6:58:67:56:87:ee:7d:1e:3d:1c:ee:e2
AuthorityKeyId: 83:01:56:47:a6:4e:30:11:2e:6d:0c:05:a2:42:93:72:d2:43:4d:73

Fingerprint (sha1): 5d:61:59:b9:be:c4:3f:33:1f:54:35:23:74:a4:30:39:c6:f9:9b:35
Fingerprint (sha256): 58:9a:a3:2a:b1:f0:de:eb:5d:8e:91:01:45:7e:9b:3c:d0:99:f4:c4:63:f8:96:78:1f:2d:8c:07:80:f4:98:cd

Issuing Certificate URL: http://crt.usertrust.com/USERTrustRSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.usertrust.com/USERTrustRSAOrganizationValidationSecureServerCA.crl

Check the revocation status for the current certificate on www.expandinglight.org
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

www.expandinglight.org
expandinglight.org

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIGJTCCBQ2gAwIBAgIRAODWKNwJA4Mzkddu1J5O1xEwDQYJKoZIhvcNAQELBQAw gZkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMT8wPQYD VQQDEzZVU0VSVHJ1c3QgUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3Vy ZSBTZXJ2ZXIgQ0EwHhcNMTQwOTE5MDAwMDAwWhcNMTcwOTE1MjM1OTU5WjCCAQEx CzAJBgNVBAYTAlVTMQ4wDAYDVQQREwU5NTk1OTELMAkGA1UECBMCQ0ExFDASBgNV BAcTC05ldmFkYSBDaXR5MR4wHAYDVQQJExUxNDYxOCBUeWxlciBGb290ZSBSZCwx KjAoBgNVBAoTIUFOQU5EQSBDSFVSQ0ggT0YgU0VMRi1SRUFMSVpBVElPTjEYMBYG A1UECxMPRXhwYW5kaW5nIExpZ2h0MR8wHQYDVQQLExZIb3N0ZWQgYnkgUmVnaXN0 ZXIuY29tMRcwFQYDVQQLEw5JbnN0YW50U1NMIFBybzEfMB0GA1UEAxMWd3d3LmV4 cGFuZGluZ2xpZ2h0Lm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AO1JB24fs+3AaT9nh72NziqcT8nMyiUSwyBzPhUvuIV9rkdnzGGh8QCM513sKoLS xP6qeeaUJSdqg5fOKOJpTy64lEf9JqASN8faIlNthU0VQF5LlFEWF41TEgG1mHXv cXjSnPw+KOI1hfhO27nS5hhSqgr69hFNHBPio1aBg6fqMLJoLUYP7fBwN7Yl6aaz m1PB+DiETVciN4IU5FTc/is27ORJAB9jQSxsNJ2L1Bq+9c+gKogjPzgJt7b7y/PF r0ttvGBM04nHafPK4Kdfvx/NxGdrqakrRLPWatyYVtBKliiIENHdl14tVxHaGxhy 3kYlQUgbZKA3K9ttFcXGS3ECAwEAAaOCAfswggH3MB8GA1UdIwQYMBaAFIMBVkem TjARLm0MBaJCk3LSQ01zMB0GA1UdDgQWBBRpPJO7vqRQE/ZYZ1aH7n0ePRzu4jAO BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwTAYDVR0gBEUwQzA3BgwrBgEEAbIxAQIBAwQwJzAlBggrBgEF BQcCARYZaHR0cHM6Ly9jcHMudXNlcnRydXN0LmNvbTAIBgZngQwBAgIwXgYDVR0f BFcwVTBToFGgT4ZNaHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJT QU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgZIGCCsG AQUFBwEBBIGFMIGCMFkGCCsGAQUFBzAChk1odHRwOi8vY3J0LnVzZXJ0cnVzdC5j b20vVVNFUlRydXN0UlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZl ckNBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTA1 BgNVHREELjAsghZ3d3cuZXhwYW5kaW5nbGlnaHQub3JnghJleHBhbmRpbmdsaWdo dC5vcmcwDQYJKoZIhvcNAQELBQADggEBAKsGbxzhB8paCO4+/jIqd+nEhz9Kgj6K FrvyrPqfV4ob92dLsVdXSeGwwQ30T8HtBjJIE9nQWlcCSKI2WPviHq+lIOqjzOiv 4+iHkdBmp8mGKD54HrmRxFdk+P9udnlmfWh6LHx9+qCWHVF+1StD75Zp0Zqt2Yfu 8D6PFhdGVXYX7JyvnxgkxqNGmrcOdxgGzIHNYORUuPg73K9Nj7bSfBXcscdP4hRa 8l87YwMy+t3Fs7MymesVOLFAzeeuirbJHBEQhRxfDAM/QR8O/SAluOFIumZCfP+J h3QsP17fIyNs/Eh/6ukBfOsBAIfcAZpALnRV0rnqgsxeKQV1MP9Q/l0= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7UkHbh+z7cBpP2eHvY3O KpxPyczKJRLDIHM+FS+4hX2uR2fMYaHxAIznXewqgtLE/qp55pQlJ2qDl84o4mlP LriUR/0moBI3x9oiU22FTRVAXkuUURYXjVMSAbWYde9xeNKc/D4o4jWF+E7budLm GFKqCvr2EU0cE+KjVoGDp+owsmgtRg/t8HA3tiXpprObU8H4OIRNVyI3ghTkVNz+ Kzbs5EkAH2NBLGw0nYvUGr71z6AqiCM/OAm3tvvL88WvS228YEzTicdp88rgp1+/ H83EZ2upqStEs9Zq3JhW0EqWKIgQ0d2XXi1XEdobGHLeRiVBSBtkoDcr220VxcZL cQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 298859051312917119295082679490688505617 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Jersey' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Jersey City' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The USERTRUST Network' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'USERTrust RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-09-19 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-09-15 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '95959' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Nevada City' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '14618 Tyler Foote Rd,' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ANANDA CHURCH OF SELF-REALIZATION' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Expanding Light' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hosted by Register.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InstantSSL Pro' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.expandinglight.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29954490230926681112582083506730079824389785404637266787419392480040584517192256077782800198981014654721677625278784118037766896449153760946286540803554112269973122623253733807962201954447686124016614981596368103918371853364010129109227156147251825042360958917286663842518751402458555758265300382992114562813433379429275598753065328982640272547564559080263467588780577234429090845133977027273415500016098871298357371161125588751811011590904720944847773966843168762795699277718912665487318172733496688173180407997292678477804594359686042853389168398092075577830151682312661568175948949790758915730363779077353631009649 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 83015647a64e30112e6d0c05a2429372d2434d73 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 693c93bbbea45013f658675687ee7d1e3d1ceee2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/USERTrustRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/USERTrustRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.expandinglight.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'expandinglight.org' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00ab066f1ce107ca5a08ee3efe322a77e9c4873f4a823e8a16bbf2acfa9f578a1bf7674bb1575749e1b0c10df44fc1ed06324813d9d05a570248a23658fbe21eafa520eaa3cce8afe3e88791d066a7c986283e781eb991c45764f8ff6e7679667d687a2c7c7dfaa0961d517ed52b43ef9669d19aadd987eef03e8f161746557617ec9caf9f1824c6a3469ab70e771806cc81cd60e454b8f83bdcaf4d8fb6d27c15dcb1c74fe2145af25f3b630332faddc5b3b33299eb1538b140cde7ae8ab6c91c1110851c5f0c033f411f0efd2025b8e148ba66427cff8987742c3f5edf23236cfc487feae9017ceb010087dc019a402e7455d2b9ea82cc5e29057530ff50fe5d