www.pennyappeal.org

Issued by RapidSSL CA

About this certificate

This digital certificate with serial number 08:79:dd was issued on by GeoTrust, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

SERIALNUMBER=QnbVnqNN7gIJUgmTot4sPJkbYQ3gSCjM,CN=www.pennyappeal.org,OU=GT58499136+OU=See www.rapidssl.com/resources/cps (c)12+OU=Domain Control Validated - RapidSSL(R)

GeoTrust, Inc.

Organization: GeoTrust, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 08:79:dd
Serial Number (int): 555485
Serial Number lenght: 20 bits, 3 octets

SubjectKeyId: df:f2:67:6d:f3:35:a8:03:77:28:4b:bd:fd:20:f8:f3:1d:c7:79:a5
AuthorityKeyId: 6b:69:3d:6a:18:42:4a:dd:8f:02:65:39:fd:35:24:86:78:91:16:30

Fingerprint (sha1): c3:52:14:fb:ef:3b:d0:69:b1:9b:37:23:06:fa:c8:bb:d0:32:b9:a5
Fingerprint (sha256): 95:9a:53:2b:c3:1a:64:bf:26:13:8a:13:90:ce:1c:63:9a:c2:9b:80:84:8d:18:72:74:b4:c9:d0:32:ae:a2:ae

Issuing Certificate URL: http://rapidssl-aia.geotrust.com/rapidssl.crt

Revocation information

OCSP Server: http://rapidssl-ocsp.geotrust.com
CRL Distribution Point: http://rapidssl-crl.geotrust.com/crls/rapidssl.crl

Check the revocation status for certificate www.pennyappeal.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.pennyappeal.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.pennyappeal.org
pennyappeal.org

Other certificates including the domain name pennyappeal.org

(limited to 100 certificates)
suport.staff.utcluj.app
helpme.agilico.co.uk
promo.pennyappeal.org
helpdesk.centurionukrs.com
servicedesk.cheaperwaste.co.uk
support.ecctis.com
*.pennyappeal.org
servicedesk.cheaperwaste.co.uk
helpdesk.flycenter.it
servicedesk.restoredigital.co.uk
support.tuxexpert.com
*.pennyappeal.org
support.ecctis.com
servicedesk.cheaperwaste.co.uk
servicedesk.cheaperwaste.co.uk
helpdesk.pfleiderer.pl
ithelpdesk.uteco.com
sd.sch1584.su
servicedesk.hidefsurveying.co.uk
san-13-s51.tlsprovisioning.exacttarget.com
it-support.drkbg.de
servicedesk.orpea.ie
servicedesk.pennyappeal.org
san-13-s51.tlsprovisioning.exacttarget.com
san-13-s51.tlsprovisioning.exacttarget.com
shop.pennyappeal.org
servicedesk.ibisacam.at
support-services.gruener-punkt.de
pennyappeal.org
servicedesk.quorumdev.com
dsi.alivetravel.com
suport.staff.utcluj.app
servicedesk.cheaperwaste.co.uk
helpdesk.zultys.com
sd.sch1584.su
support-services.gruener-punkt.de
support.tuxexpert.com
promo.pennyappeal.org
helpdesk.derbigum.com
support-services.gruener-punkt.de
support.kscorporation.co.uk
servicedesk.quorumdev.com
ithelpdesk.uteco.com
techteam.awayresorts.co.uk
san-13-s51.tlsprovisioning.exacttarget.com
*.pennyappeal.org
support.gjesdal.kommune.no
ithelpdesk.uteco.com
san-13-s51.tlsprovisioning.exacttarget.com
ithelpdesk.uteco.com
dsi.alivetravel.com
servicedesk.envisionpharma.com
helpdesk.praha2.cz
servicedesk.cheaperwaste.co.uk
servicedesk.cheaperwaste.co.uk
san-13-s51.tlsprovisioning.exacttarget.com
servicedesk.cheaperwaste.co.uk
*.pennyappeal.org
servicedesk.cheaperwaste.co.uk
servicedesk.cheaperwaste.co.uk
servicedesk.cheaperwaste.co.uk
san-13-s51.tlsprovisioning.exacttarget.com
servicedesk.beauchamps.ie
san-13-s51.tlsprovisioning.exacttarget.com
support-services.gruener-punkt.de
san-13-s51.tlsprovisioning.exacttarget.com
helpdesk.derbigum.com
san-13-s51.tlsprovisioning.exacttarget.com
san-13-s51.tlsprovisioning.exacttarget.com
*.pennyappeal.org
*.pennyappeal.org
san-13-s51.tlsprovisioning.exacttarget.com
servicedesk.chsgroup.org.uk
servicedesk.cheaperwaste.co.uk
servicedesk.beauchamps.ie
servicedesk.cheaperwaste.co.uk
san-13-s51.tlsprovisioning.exacttarget.com
sdcloud.thenottingham.com
suport.staff.utcluj.app
servicedesk.cheaperwaste.co.uk
servicedesk.cheaperwaste.co.uk
*.pennyappeal.org
sd.sch1584.su
*.pennyappeal.org
helpdesk.pgzinternational.com
*.pennyappeal.org
techteam.awayresorts.co.uk
san-13-s51.tlsprovisioning.exacttarget.com
support.languagelink.ru
servicedesk.cheaperwaste.co.uk
servicedesk.envisionpharma.com
servicemanager.loacker.com
*.tools.pennyappeal.org
www.pennyappeal.org
sd.sch1584.su
itservicedesk.eu.anritsu.com
servicedesk.cheaperwaste.co.uk
servicedesk.cheaperwaste.co.uk
servicedesk.solidsolutions.co.uk
helpdesk.zultys.com

Certificate

The complete raw certificate details for www.pennyappeal.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIDCHndMA0GCSqGSIb3DQEBBQUAMDwxCzAJBgNVBAYTAlVT
MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEUMBIGA1UEAxMLUmFwaWRTU0wgQ0Ew
HhcNMTIwOTI5MjM1OTEzWhcNMTQxMTAxMTcyOTQ5WjCBwjEpMCcGA1UEBRMgUW5i
Vm5xTk43Z0lKVWdtVG90NHNQSmtiWVEzZ1NDak0xEzARBgNVBAsTCkdUNTg0OTkx
MzYxMTAvBgNVBAsTKFNlZSB3d3cucmFwaWRzc2wuY29tL3Jlc291cmNlcy9jcHMg
KGMpMTIxLzAtBgNVBAsTJkRvbWFpbiBDb250cm9sIFZhbGlkYXRlZCAtIFJhcGlk
U1NMKFIpMRwwGgYDVQQDExN3d3cucGVubnlhcHBlYWwub3JnMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu25XXLZRNT18Qrx6NObRFWQKlCARhIc4EHM9
Syxu6o5RKvGGi946F1hlyhO72CVyr6xHnQltyL2J63YI9Fv/Eux5Kpuke8ovea0M
LAzspQndBcpjZjopXflYz9NN/OXs6ncIVRjfEAnNcNSThDMq+A/bvkHaeFRxY12t
9ocnqqoO+NYBwDjDkXKpWwN9o41JU+iNac5hRb7uRYUMVWhq5W31kc4hKmQbQWX/
DueDaWzt1S7FjwkPItetXTqauCj1nH8xoxBVRFJ4jYmdE2OZ/e3vVCntowDygtlR
WG9p8eV8b34ugum6DvGyDLEOMGcWckQsEnjoCooY4KvFsryh8wIDAQABo4IBvzCC
AbswHwYDVR0jBBgwFoAUa2k9ahhCSt2PAmU5/TUkhniRFjAwDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAvBgNVHREEKDAmghN3
d3cucGVubnlhcHBlYWwub3Jngg9wZW5ueWFwcGVhbC5vcmcwQwYDVR0fBDwwOjA4
oDagNIYyaHR0cDovL3JhcGlkc3NsLWNybC5nZW90cnVzdC5jb20vY3Jscy9yYXBp
ZHNzbC5jcmwwHQYDVR0OBBYEFN/yZ23zNagDdyhLvf0g+PMdx3mlMAwGA1UdEwEB
/wQCMAAweAYIKwYBBQUHAQEEbDBqMC0GCCsGAQUFBzABhiFodHRwOi8vcmFwaWRz
c2wtb2NzcC5nZW90cnVzdC5jb20wOQYIKwYBBQUHMAKGLWh0dHA6Ly9yYXBpZHNz
bC1haWEuZ2VvdHJ1c3QuY29tL3JhcGlkc3NsLmNydDBMBgNVHSAERTBDMEEGCmCG
SAGG+EUBBzYwMzAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5nZW90cnVzdC5jb20v
cmVzb3VyY2VzL2NwczANBgkqhkiG9w0BAQUFAAOCAQEAAdOgaX3oBtsOyRQ/7/GF
2ocM2zrNn/+dYTxyEEu8wu0PtBuppHysAzrzObo+xqkqC+H/pAWC7FFFpKtK4ORW
wXArMQWfJjfWVlyY5Fb8UWQRtkdR7979up4Us7aDX0lDUqFiB7pXboMxvU7wQBXn
xqqHNKm6XdNikdMNaaemFnu+SvLI0ZaRusFVN3KAEvdfvXJgMIf4P40R2FUMLUMm
YBl2obpB5YbakO1oAx9KsrjQDo0RMoXiQugnw/Yp/4XhXIjZYa47HX+91J3ixQbd
DucgpV8N3ovpMeepfh1CCBVPAQ5jdCqzAdxX3YPxkZUGLyrMiNZLlxtB+DYzhKoD
bQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu25XXLZRNT18Qrx6NObR
FWQKlCARhIc4EHM9Syxu6o5RKvGGi946F1hlyhO72CVyr6xHnQltyL2J63YI9Fv/
Eux5Kpuke8ovea0MLAzspQndBcpjZjopXflYz9NN/OXs6ncIVRjfEAnNcNSThDMq
+A/bvkHaeFRxY12t9ocnqqoO+NYBwDjDkXKpWwN9o41JU+iNac5hRb7uRYUMVWhq
5W31kc4hKmQbQWX/DueDaWzt1S7FjwkPItetXTqauCj1nH8xoxBVRFJ4jYmdE2OZ
/e3vVCntowDygtlRWG9p8eV8b34ugum6DvGyDLEOMGcWckQsEnjoCooY4KvFsryh
8wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 555485
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-09-29 23:59:13 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-11-01 17:29:49 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'QnbVnqNN7gIJUgmTot4sPJkbYQ3gSCjM'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GT58499136'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.rapidssl.com/resources/cps (c)12'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated - RapidSSL(R)'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.pennyappeal.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23660974331119614171876557146736576374353206821258622500866029159311637177343036584068684682247778560455080124169911418485112223201530217987066816443037564662326148250246450410382846204376591604405449988767830969955801936752199436583460550629195686570884739283128912315466838972578519865573740112386399259762665446623741708454685530303246021647822815705774587057346608441489153836683489935686004670967806929115107038458756689183703640380928330631657703394233212421642890288592930548156764191053130754906351281640348219130304812210011880317268148255762381347391840557062307124436287104232850564060496421968674929025523
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6b693d6a18424add8f026539fd35248678911630
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pennyappeal.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pennyappeal.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://rapidssl-crl.geotrust.com/crls/rapidssl.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							dff2676df335a80377284bbdfd20f8f31dc779a5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://rapidssl-ocsp.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://rapidssl-aia.geotrust.com/rapidssl.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.geotrust.com/resources/cps'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0001d3a0697de806db0ec9143feff185da870cdb3acd9fff9d613c72104bbcc2ed0fb41ba9a47cac033af339ba3ec6a92a0be1ffa40582ec5145a4ab4ae0e456c1702b31059f2637d6565c98e456fc516411b64751efdefdba9e14b3b6835f494352a16207ba576e8331bd4ef04015e7c6aa8734a9ba5dd36291d30d69a7a6167bbe4af2c8d19691bac15537728012f75fbd72603087f83f8d11d8550c2d4326601976a1ba41e586da90ed68031f4ab2b8d00e8d113285e242e827c3f629ff85e15c88d961ae3b1d7fbdd49de2c506dd0ee720a55f0dde8be931e7a97e1d4208154f010e63742ab301dc57dd83f19195062f2acc88d64b971b41f8363384aa036d