www.ukishiro.net

Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1

About this certificate

This digital certificate with serial number 0c:44:a0:16:3a:a5:da:3e:49:f8:d1:41:50:b1:66:66 was issued on by DigiCert, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.ukishiro.net

DigiCert, Inc.

Organization: DigiCert, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0c:44:a0:16:3a:a5:da:3e:49:f8:d1:41:50:b1:66:66
Serial Number (int): 16307059082506152289465083281886242406
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: f3:07:bb:ab:9e:0a:76:f3:01:5b:37:3e:68:16:11:11:82:5a:1b:e6
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23

Fingerprint (sha1): 9c:64:88:db:a4:74:69:74:09:46:c8:ed:1e:7c:a8:63:a2:a0:90:9f
Fingerprint (sha256): 85:73:f8:30:22:03:f6:2b:31:5c:ef:9e:c1:f0:29:3a:cd:0c:00:a8:17:c1:ec:17:f3:09:c9:ff:9b:d8:20:b9

Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl

Check the revocation status for certificate www.ukishiro.net

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.ukishiro.net

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.ukishiro.net
ukishiro.net

Other certificates including the domain name ukishiro.net

(limited to 100 certificates)
www.ukishiro.net
www.ukishiro.net
www.ukishiro.net
www.ukishiro.net
www.ukishiro.net
www.ukishiro.net
www.ukishiro.net
www.ukishiro.net
www.ukishiro.net
www.ukishiro.net
www.ukishiro.net

Certificate

The complete raw certificate details for www.ukishiro.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIInTCCBoWgAwIBAgIQDESgFjql2j5J+NFBULFmZjANBgkqhkiG9w0BAQsFADBc
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT
K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN
MjIwODE3MDAwMDAwWhcNMjMwODI0MjM1OTU5WjAbMRkwFwYDVQQDExB3d3cudWtp
c2hpcm8ubmV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1cVhYkPZ
n4m+gz14SXYzJjEOjtyrydBXv7V9xeEBMJe87lOiVMwQ6VSfmz87wGB0bRmy+m5R
7C52HNjcHIhWotS7XejBjkNfQn0H1eyrLdwqYBMaMpLM22Xo5jRYwAG+31TPShjq
Rbhjfr2syopCYdrkqygIPqZsHQ0UW7LUZ3pV7RJcEabqWgtG95ucT5ODYJ9vHtCV
K8hcD8vmP7I6il823axLhVU12cSGb672DfnxoTfH/Jf42rWxTdvM4vK1oYry8twY
txDxaSkXg2w/cLcnpV2M8Ks+7Uz+Vo3IECu5GZ20TMDSid481++MYoLJqG5UXrgT
sDlwxPeF77enNK5bec1SqQ4697N7VlTQg66CIZr+woKhMcohTXsq8dDJm2CtfRZm
gbgFl3VHOhIQyv8fr8eiKwtGBq64e82MYJpn6BkFVkZedKK8BblWfHjeYt7dX4No
XoDJU5IhBJ14R6SK/KnSBfCIlmpWu8lfaPvyQIEtkUxeKY79nNsLDkxQu99uloPa
etalhQyLP/CAAY0xn4P4e6RJ2T+03EUBbiHr9/r83slqO0zWN+OpnRs3XiI55OJd
/JU8ukhz1zRjVZs3wVzlRtXDKDIBUcWmZV9qFqdYfVPFymSfwy3cHkzN/byDbeDM
02FzDIkFh8o2I7dZ85KPXxUsxW75Yxp+wO0CAwEAAaOCA5owggOWMB8GA1UdIwQY
MBaAFKW01us2xOdrpt/EZAsBKiAEuGYjMB0GA1UdDgQWBBTzB7urngp28wFbNz5o
FhERglob5jApBgNVHREEIjAgghB3d3cudWtpc2hpcm8ubmV0ggx1a2lzaGlyby5u
ZXQwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjCBnwYDVR0fBIGXMIGUMEigRqBEhkJodHRwOi8vY3JsMy5kaWdpY2VydC5jb20v
R2VvVHJ1c3RHbG9iYWxUTFNSU0E0MDk2U0hBMjU2MjAyMkNBMS5jcmwwSKBGoESG
Qmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQw
OTZTSEEyNTYyMDIyQ0ExLmNybDA+BgNVHSAENzA1MDMGBmeBDAECATApMCcGCCsG
AQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYcGCCsGAQUFBwEB
BHsweTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFEGCCsG
AQUFBzAChkVodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vR2VvVHJ1c3RHbG9i
YWxUTFNSU0E0MDk2U0hBMjU2MjAyMkNBMS5jcnQwCQYDVR0TBAIwADCCAYEGCisG
AQQB1nkCBAIEggFxBIIBbQFrAHcArfe++nz/EMiLnT2cHj4YarRnKV3PsQwkyoWG
NOvcgooAAAGCqaLMQAAABAMASDBGAiEA2VMjl4UzgikzVdgSpwnRukj4TQVy5LxB
WvfNeeYgkW0CIQCx4jrUIA3hhouYRJlQEAHgqKHA9bVSgzccxJ1J+s1UjwB3ADXP
GRu/sWxXvw+tTG1Cy7u2JyAmUeo/4SrvqAPDO9ZMAAABgqmizEgAAAQDAEgwRgIh
AIzG4HUc/qwMR+HioGqeiwZ0q52MMNw7wIq8EzHOyjcFAiEAwYVY6PYfR3OQy8hp
+mrm3BkS/WHsw0eniEMz6/Joiv0AdwCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc
8AMOeTalmgAAAYKposyZAAAEAwBIMEYCIQC2iGq6FrKRMbEe+w8JKIJw+niEGAti
cunZoKe2BZZZbAIhAJTTY/+OIaJ6kR7OEPfG0RsRLSJ/PsLnp11eS7T4mSzvMA0G
CSqGSIb3DQEBCwUAA4ICAQDJuHqchxJQk3hn2qTIEafxGL5rLuIgXwzMkt6vJmpa
7nKDZ9pIVn+Rn52NF3rGO3N12zmJJ4HCh02X8nlQiZa3+gryuj5XTUS2L4T7MSjt
jfwRIqEWwJDv2j13x/Rt2P1CZGSM3AiSthfP83aPQrgaX1bWyhWYy8i53kNP1z3a
iKY6C6eOsCjA31p5izRkGZ7G3GeOF1+F7o+i7fr87waIIpzwaQHOj9G1/w9RB6qa
lK7VgL5P9DtmpKbdSW9IVXePUWqDJKju31UBkFvZm3Z/q1XJPd9QkSJ4vwkBsaJR
h15Jy6FfHVMxV8poXhq4cWXVpo3+rhIEowHqvkdLEl7Cwl+Vh6xtN/l8klXYAEnN
l/T9gCCq9Lac8ovQF9AynAnGA1ND+5fwr6MrGD6QofSB7fNuQrwAlWnHPNKVDE0R
mE5VZsgLARpjvbQrqvKn5fs4F/utWF4Mw/67DQ6CNjzgmG/iuN2MDLrjT98ofKpm
bcQ0emfo4UkpqmjseaEWX/Hm599ag8FKwFL1vo6I+gL10hclwTP1NLN05BnlstMK
Mg9kZNi1582EdCCoFnYykOWhsoMBNbHqG8L9xBUbtm9cH2Io6cBC1GKmnK42TTzw
HjpiZzqiAdU/d2BTTigjAmpEhh1wTXFBzKGAlml/E6Vp/tzkTY+8jc+UyeMxnnRU
Ng==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1cVhYkPZn4m+gz14SXYz
JjEOjtyrydBXv7V9xeEBMJe87lOiVMwQ6VSfmz87wGB0bRmy+m5R7C52HNjcHIhW
otS7XejBjkNfQn0H1eyrLdwqYBMaMpLM22Xo5jRYwAG+31TPShjqRbhjfr2syopC
YdrkqygIPqZsHQ0UW7LUZ3pV7RJcEabqWgtG95ucT5ODYJ9vHtCVK8hcD8vmP7I6
il823axLhVU12cSGb672DfnxoTfH/Jf42rWxTdvM4vK1oYry8twYtxDxaSkXg2w/
cLcnpV2M8Ks+7Uz+Vo3IECu5GZ20TMDSid481++MYoLJqG5UXrgTsDlwxPeF77en
NK5bec1SqQ4697N7VlTQg66CIZr+woKhMcohTXsq8dDJm2CtfRZmgbgFl3VHOhIQ
yv8fr8eiKwtGBq64e82MYJpn6BkFVkZedKK8BblWfHjeYt7dX4NoXoDJU5IhBJ14
R6SK/KnSBfCIlmpWu8lfaPvyQIEtkUxeKY79nNsLDkxQu99uloPaetalhQyLP/CA
AY0xn4P4e6RJ2T+03EUBbiHr9/r83slqO0zWN+OpnRs3XiI55OJd/JU8ukhz1zRj
VZs3wVzlRtXDKDIBUcWmZV9qFqdYfVPFymSfwy3cHkzN/byDbeDM02FzDIkFh8o2
I7dZ85KPXxUsxW75Yxp+wO0CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16307059082506152289465083281886242406
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-17 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-24 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.ukishiro.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 872109662273739789877511753495175871579113719749844483587852789961014150837561083073429649600491193584854832430368196955551901048697394740805222861510136801033972545883904097805612220016707420140124184792838840664765044693162234983989179088164955796043694446624739657011847339460554905313573343125359438968901747795174285972887235751971992419664852740873696853020641386007951887010065859959732275104118822288291711335121819197753086234557645754333978517141340475179701085449655883406702817681115966548045535806290967003063382115753104606578801455167286928943839612575036455365002763223398777299750777463827288391312302310209749286792131059455589994492227259058386860098966908276060112080804438279734431240368726156700793670389522407132134473414124243361782851939555493608689511589042320996386792024626486884048113568338202499069108131017681287592695538610843050920788225295127307236004133404964818612911216945934907483712991783265271974329540153329511776106321860072484105469637128357198293037758609113471032871369268603634812542131029286343843130102389221925888269810437992835318977755127454496686115869324889144048313710971407741661250794660508329836628482771240524238391744398538346838128836516719350477803646758323964142835122413
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f307bbab9e0a76f3015b373e68161111825a1be6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ukishiro.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ukishiro.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (369 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
							016b007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000182a9a2cc400000040300483046022100d9532397853382293355d812a709d1ba48f84d0572e4bc415af7cd79e620916d022100b1e23ad4200de1868b984499501001e0a8a1c0f5b55283371cc49d49facd548f00770035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c00000182a9a2cc4800000403004830460221008cc6e0751cfeac0c47e1e2a06a9e8b0674ab9d8c30dc3bc08abc1331ceca3705022100c18558e8f61f477390cbc869fa6ae6dc1912fd61ecc347a7884333ebf2688afd007700b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000182a9a2cc990000040300483046022100b6886aba16b29131b11efb0f09288270fa7884180b6272e9d9a0a7b60596596c02210094d363ff8e21a27a911ece10f7c6d11b112d227f3ec2e7a75d5e4bb4f8992cef
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00c9b87a9c871250937867daa4c811a7f118be6b2ee2205f0ccc92deaf266a5aee728367da48567f919f9d8d177ac63b7375db39892781c2874d97f279508996b7fa0af2ba3e574d44b62f84fb3128ed8dfc1122a116c090efda3d77c7f46dd8fd4264648cdc0892b617cff3768f42b81a5f56d6ca1598cbc8b9de434fd73dda88a63a0ba78eb028c0df5a798b3464199ec6dc678e175f85ee8fa2edfafcef0688229cf06901ce8fd1b5ff0f5107aa9a94aed580be4ff43b66a4a6dd496f4855778f516a8324a8eedf5501905bd99b767fab55c93ddf50912278bf0901b1a251875e49cba15f1d533157ca685e1ab87165d5a68dfeae1204a301eabe474b125ec2c25f9587ac6d37f97c9255d80049cd97f4fd8020aaf4b69cf28bd017d0329c09c6035343fb97f0afa32b183e90a1f481edf36e42bc009569c73cd2950c4d11984e5566c80b011a63bdb42baaf2a7e5fb3817fbad585e0cc3febb0d0e82363ce0986fe2b8dd8c0cbae34fdf287caa666dc4347a67e8e14929aa68ec79a1165ff1e6e7df5a83c14ac052f5be8e88fa02f5d21725c133f534b374e419e5b2d30a320f6464d8b5e7cd847420a816763290e5a1b2830135b1ea1bc2fdc4151bb66f5c1f6228e9c042d462a69cae364d3cf01e3a62673aa201d53f7760534e2823026a44861d704d7141cca18096697f13a569fedce44d8fbc8dcf94c9e3319e745436