rightsviewtest.ohchr.org
Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1
About this certificate
This digital certificate with serial number 07:36:a1:57:58:89:fe:6d:b1:43:b5:8c:cd:06:a5:78 was issued on by DigiCert, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=rightsviewtest.ohchr.org
DigiCert, Inc.
Organization:
DigiCert, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 07:36:a1:57:58:89:fe:6d:b1:43:b5:8c:cd:06:a5:78Serial Number (int): 9588252389053123668323498122954581368
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 9a:a1:8c:26:76:ce:37:7c:24:92:e4:6b:6a:82:9a:30:f6:1b:a9:02
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23
Fingerprint (sha1): a4:aa:5f:9d:d0:81:25:2d:0f:d5:bc:2a:61:13:e1:1c:9c:24:c2:bc
Fingerprint (sha256): 8a:e9:41:bf:2a:0e:d8:48:5f:32:ba:d2:78:b9:59:37:08:c7:cb:e3:a2:a6:47:f2:80:e7:3c:db:db:23:53:fe
Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
Check the revocation status for certificate rightsviewtest.ohchr.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for rightsviewtest.ohchr.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
rightsviewtest.ohchr.org
Other certificates including the domain name ohchr.org
(limited to 100 certificates)
*.prod.ohchr.un-icc.cloud
sm.ohchr.org
*.test.ohchr.un-icc.cloud
cambodia.ohchr.org
romena.ohchr.org
sm.ohchr.org
cambodia.ohchr.org
sm.ohchr.org
sm.ohchr.org
sm.ohchr.org
bangkok.ohchr.org
*.prod.ohchr.un-icc.cloud
digitalhub.ohchr.org
cambodia.ohchr.org
sm.ohchr.org
bangkok.ohchr.org
sm.ohchr.org
cambodia.ohchr.org
romena.ohchr.org
europe.ohchr.org
dreamlighthelper.com
digitalhub.ohchr.org
webmail2.ohchr.org
auth.kindo.staging.boik.dev
www.westafrica.ohchr.org
webmail.ohchr.org
testrightsview.ohchr.org
webmail.ohchr.org
sm.ohchr.org
remote.ohchr.org
cambodia.ohchr.org
digitalhub.ohchr.org
cambodia.ohchr.org
*.prod.ohchr.un-icc.cloud
seoul.ohchr.org
*.ohchr.org
sm.ohchr.org
sanctionsplatform.ohchr.org
seoul.ohchr.org
westafrica.ohchr.org
searchlibrary.ohchr.org
sm.ohchr.org
waps.ohchr.org
fifa.shapegames.dev
seoul.ohchr.org
ngopub.ohchr.org
cambodia.ohchr.org
sm.ohchr.org
seoul.ohchr.org
*.in.ohchr.org
login.ohchr.org
sm.ohchr.org
sanctionsplatform.ohchr.org
www.westafrica.ohchr.org
webmail.ohchr.org
romena.ohchr.org
westafrica.ohchr.org
cambodia.ohchr.org
www.westafrica.ohchr.org
extranet.ohchr.org
rightsview.ohchr.org
webmail.ohchr.org
sm.ohchr.org
*.ohchr.org
spdb.ohchr.org
easset.ohchr.org
grants.ohchr.org
esurvey.ohchr.org
www.fotoramausa.com
pms.ohchr.org
testrightsview.ohchr.org
rightsviewtest.ohchr.org
www.treadstonelabs.com
grants.ohchr.org
www.digitalbharati.org
*.ohchr.org
sm.ohchr.org
digitalhub.ohchr.org
sm.ohchr.org
ngopub.ohchr.org
sm.ohchr.org
uganda.ohchr.org
*.ohchr.org
cambodia.ohchr.org
rightsviewtest.ohchr.org
rightsview.ohchr.org
fieldsmail.ohchr.org
*.prod.ohchr.un-icc.cloud
sm.ohchr.org
cambodia.ohchr.org
share.ohchr.org
CSWEB.OHCHR.ORG
www.ohchr.org
romena.ohchr.org
sni.cloudflaressl.com
westafrica.ohchr.org
esurvey.ohchr.org
sm.ohchr.org
searchlibrary.ohchr.org
romena.ohchr.org
sm.ohchr.org
*.test.ohchr.un-icc.cloud
cambodia.ohchr.org
romena.ohchr.org
sm.ohchr.org
cambodia.ohchr.org
sm.ohchr.org
sm.ohchr.org
sm.ohchr.org
bangkok.ohchr.org
*.prod.ohchr.un-icc.cloud
digitalhub.ohchr.org
cambodia.ohchr.org
sm.ohchr.org
bangkok.ohchr.org
sm.ohchr.org
cambodia.ohchr.org
romena.ohchr.org
europe.ohchr.org
dreamlighthelper.com
digitalhub.ohchr.org
webmail2.ohchr.org
auth.kindo.staging.boik.dev
www.westafrica.ohchr.org
webmail.ohchr.org
testrightsview.ohchr.org
webmail.ohchr.org
sm.ohchr.org
remote.ohchr.org
cambodia.ohchr.org
digitalhub.ohchr.org
cambodia.ohchr.org
*.prod.ohchr.un-icc.cloud
seoul.ohchr.org
*.ohchr.org
sm.ohchr.org
sanctionsplatform.ohchr.org
seoul.ohchr.org
westafrica.ohchr.org
searchlibrary.ohchr.org
sm.ohchr.org
waps.ohchr.org
fifa.shapegames.dev
seoul.ohchr.org
ngopub.ohchr.org
cambodia.ohchr.org
sm.ohchr.org
seoul.ohchr.org
*.in.ohchr.org
login.ohchr.org
sm.ohchr.org
sanctionsplatform.ohchr.org
www.westafrica.ohchr.org
webmail.ohchr.org
romena.ohchr.org
westafrica.ohchr.org
cambodia.ohchr.org
www.westafrica.ohchr.org
extranet.ohchr.org
rightsview.ohchr.org
webmail.ohchr.org
sm.ohchr.org
*.ohchr.org
spdb.ohchr.org
easset.ohchr.org
grants.ohchr.org
esurvey.ohchr.org
www.fotoramausa.com
pms.ohchr.org
testrightsview.ohchr.org
rightsviewtest.ohchr.org
www.treadstonelabs.com
grants.ohchr.org
www.digitalbharati.org
*.ohchr.org
sm.ohchr.org
digitalhub.ohchr.org
sm.ohchr.org
ngopub.ohchr.org
sm.ohchr.org
uganda.ohchr.org
*.ohchr.org
cambodia.ohchr.org
rightsviewtest.ohchr.org
rightsview.ohchr.org
fieldsmail.ohchr.org
*.prod.ohchr.un-icc.cloud
sm.ohchr.org
cambodia.ohchr.org
share.ohchr.org
CSWEB.OHCHR.ORG
www.ohchr.org
romena.ohchr.org
sni.cloudflaressl.com
westafrica.ohchr.org
esurvey.ohchr.org
sm.ohchr.org
searchlibrary.ohchr.org
romena.ohchr.org
Certificate
The complete raw certificate details for rightsviewtest.ohchr.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHnjCCBYagAwIBAgIQBzahV1iJ/m2xQ7WMzQaleDANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN MjMxMDEyMDAwMDAwWhcNMjQwNDEyMjM1OTU5WjAjMSEwHwYDVQQDExhyaWdodHN2 aWV3dGVzdC5vaGNoci5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDjJ68BewuqAtyFomiEAB2CvNmAhq+WM9fWmZfeZLZm+cGDChwbTEu5vUxko1KZ wTm0eN10aiZzQkHWtUQjfUDQGtqK20erw74veqy7wKesLlJLdACNyRZjMR0XzC49 RBAqV+rsM3MpIG0mHRufJXY+L8E046Mu9MvZcMfbixLZNT0cP+JGCvoJxFPGVvOu ezwuaPZ6MFfEucvsl8mvIjcD0g9rZQu1i5XGZRgRo3NLxONI5+Y487im+Giu2spW wMA3ucGMMHhQHQG2loHIj8gDNGJpZuqiA5iFueKfPSI01J//JzzKNHBwfdefT5Jd PRxSbrQt62PO2Oi9cq6mN3RpAgMBAAGjggOTMIIDjzAfBgNVHSMEGDAWgBSltNbr NsTna6bfxGQLASogBLhmIzAdBgNVHQ4EFgQUmqGMJnbON3wkkuRraoKaMPYbqQIw IwYDVR0RBBwwGoIYcmlnaHRzdmlld3Rlc3Qub2hjaHIub3JnMD4GA1UdIAQ3MDUw MwYGZ4EMAQIBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29t L0NQUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMIGfBgNVHR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNv bS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNybDBIoEag RIZCaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0dlb1RydXN0R2xvYmFsVExTUlNB NDA5NlNIQTI1NjIwMjJDQTEuY3JsMIGHBggrBgEFBQcBAQR7MHkwJAYIKwYBBQUH MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBRBggrBgEFBQcwAoZFaHR0cDov L2NhY2VydHMuZGlnaWNlcnQuY29tL0dlb1RydXN0R2xvYmFsVExTUlNBNDA5NlNI QTI1NjIwMjJDQTEuY3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIB bQSCAWkBZwB1AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABiyHM pvMAAAQDAEYwRAIgdBQQMvpd0AnE7OpBxah6XtPOGUrN/V0Tolm+8+q5qFkCIDMN idc/sBglZaRM/6kaxNe88Wp6qsBDEeWpVx2Y4Vd1AHcASLDja9qmRzQP5WoC+p0w 6xxSActW3SyB2bu/qznYhHMAAAGLIcym6AAABAMASDBGAiEA+M1Kg1ipf6p9B9KN hZVsQa3tY91Pmx6fisxwRl7QJVACIQCo5JINbTZVJiPDJr/BGVQAfib6QZm4CMMk SXzl3GvcawB1ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABiyHM ptgAAAQDAEYwRAIgP8M0+l18MGCd4YpvaFTDuCpedc/wmNhWqkPjbVGCwMQCIDWX /NGIMuZZwVF4tI7aTIgt3BVDkLB6fDJSIkZOFDmLMA0GCSqGSIb3DQEBCwUAA4IC AQBC8zPZCt1HB+6Ljj3UAlZQqkqIqgnzdU7ldFbdnVpjBoMVHRnuaASDrYVs404b EouqhL5R5gIEhAJ/5JaYwrw7ni+3BPVBwumD1YbvRQa7hFYmwc0HNxTs02VnaFob PFuBBiJzCPYC/Ol2SFdYhue9/Ja6vKWUSnpqtOEVZsM4lEti+pP3nYpka+ypjTK1 qFWjDHIDcT/xzLfL0SfKDDO/SJDMzCe2ofyE3lJopAEd4ZsXjpSUJyU7KB8UhRmk 5PG3NDHu/fX0wvpTPkCSv+Us8TOBQyoqgp7hXPX8mBMlI4kbSfPx6l7U+KtgQBIN YC1t/Tw8JBbh/L5QxN00ddsjCtusQtUD9fqASYjtXlp+qT0S0VcimjxxLdO/ion4 fqN55l1mN66tuwqXq535snK0rFJo2lsGRrrDvzvVvzFeT00Cjt76ThkXBV+LPJRw kt0wZ+63uNs42lpi8EolWYa50MtIo/894rM2wqqmWK8CRjY1Wx++EPgSgWpkuqbH w97K2L+pfQgZ+KGpVOmBz6ttw3N+elQpYFnazXyu4ujihGTeowV+DmExy8EJK25h 91yJFHalYs3GYL1KEbVSz/SAGu3Dgr24DFNNHNPOBaaya2r5GFrioaWwMtZ1ZMd/ 3/6EeReWMfjVz880I3sR37gBxb02DEmrh0ZqopbX28FViQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yevAXsLqgLchaJohAAd grzZgIavljPX1pmX3mS2ZvnBgwocG0xLub1MZKNSmcE5tHjddGomc0JB1rVEI31A 0BraittHq8O+L3qsu8CnrC5SS3QAjckWYzEdF8wuPUQQKlfq7DNzKSBtJh0bnyV2 Pi/BNOOjLvTL2XDH24sS2TU9HD/iRgr6CcRTxlbzrns8Lmj2ejBXxLnL7JfJryI3 A9IPa2ULtYuVxmUYEaNzS8TjSOfmOPO4pvhortrKVsDAN7nBjDB4UB0BtpaByI/I AzRiaWbqogOYhbninz0iNNSf/yc8yjRwcH3Xn0+SXT0cUm60LetjztjovXKupjd0 aQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 9588252389053123668323498122954581368 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-12 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'rightsviewtest.ohchr.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28675663947850182508906981596643343678294404856378856952813967171094885442108772328502327769897040088333868347370551654408506746296131865832503089796747049932971899416763319618825708293723171024926778362914099394385543155456457695294518778937193281588946663695598404278721409079548139946628649464605389456559340194713969583951965685638803119633764077553237708051247783233556891884581381427898350324571180207546182212100238602430280825639138068320366398271897333100561269641807170107140320759033359526624253219601435488817156686942344983151978286300216471939582673754597777213896347565597070812900223567135939405247593 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9aa18c2676ce377c2492e46b6a829a30f61ba902 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rightsviewtest.ohchr.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b21cca6f30000040300463044022074141032fa5dd009c4ecea41c5a87a5ed3ce194acdfd5d13a259bef3eab9a8590220330d89d73fb0182565a44cffa91ac4d7bcf16a7aaac04311e5a9571d98e1577500770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b21cca6e80000040300483046022100f8cd4a8358a97faa7d07d28d85956c41aded63dd4f9b1e9f8acc70465ed02550022100a8e4920d6d36552623c326bfc11954007e26fa4199b808c324497ce5dc6bdc6b007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b21cca6d8000004030046304402203fc334fa5d7c30609de18a6f6854c3b82a5e75cff098d856aa43e36d5182c0c402203597fcd18832e659c15178b48eda4c882ddc154390b07a7c325222464e14398b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0042f333d90add4707ee8b8e3dd4025650aa4a88aa09f3754ee57456dd9d5a630683151d19ee680483ad856ce34e1b128baa84be51e6020484027fe49698c2bc3b9e2fb704f541c2e983d586ef4506bb845626c1cd073714ecd36567685a1b3c5b8106227308f602fce97648575886e7bdfc96babca5944a7a6ab4e11566c338944b62fa93f79d8a646beca98d32b5a855a30c7203713ff1ccb7cbd127ca0c33bf4890cccc27b6a1fc84de5268a4011de19b178e949427253b281f148519a4e4f1b73431eefdf5f4c2fa533e4092bfe52cf13381432a2a829ee15cf5fc98132523891b49f3f1ea5ed4f8ab6040120d602d6dfd3c3c2416e1fcbe50c4dd3475db230adbac42d503f5fa804988ed5e5a7ea93d12d157229a3c712dd3bf8a89f87ea379e65d6637aeadbb0a97ab9df9b272b4ac5268da5b0646bac3bf3bd5bf315e4f4d028edefa4e1917055f8b3c947092dd3067eeb7b8db38da5a62f04a255986b9d0cb48a3ff3de2b336c2aaa658af024636355b1fbe10f812816a64baa6c7c3decad8bfa97d0819f8a1a954e981cfab6dc3737e7a54296059dacd7caee2e8e28464dea3057e0e6131cbc1092b6e61f75c891476a562cdc660bd4a11b552cff4801aedc382bdb80c534d1cd3ce05a6b26b6af9185ae2a1a5b032d67564c77fdffe8479179631f8d5cfcf34237b11dfb801c5bd360c49ab87466aa296d7dbc15589