secure.highmarkfcu.com
Issued by GeoTrust RSA CA 2018
About this certificate
This digital certificate with serial number 06:19:ed:91:f2:a5:db:1a:14:0a:0a:b5:16:2e:b8:ef was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=secure.highmarkfcu.com
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 06:19:ed:91:f2:a5:db:1a:14:0a:0a:b5:16:2e:b8:efSerial Number (int): 8109993890428375758676524549717014767
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: af:cc:07:75:53:0a:77:2c:61:1d:f0:d3:96:a4:41:ec:40:9a:2e:53
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5
Fingerprint (sha1): c2:56:62:a3:c0:35:d9:56:2c:67:b0:1e:b6:38:af:e0:15:6a:1f:76
Fingerprint (sha256): a5:67:d5:b0:f3:41:d2:32:d5:17:a1:ca:f1:5a:fb:5b:4c:d2:17:9a:c6:16:3f:f3:77:87:02:f8:86:0a:85:8e
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl
Check the revocation status for certificate secure.highmarkfcu.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for secure.highmarkfcu.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
secure.highmarkfcu.com
Other certificates including the domain name highmarkfcu.com
(limited to 100 certificates)
highmarkfcu.com
mail.highmarkfcu.com
sslvpn.highmarkfcu.com
highmarkfcu.com
www.highmarkfcu.com
highmarkfcu.com
supportdesk.highmarkfcu.com
highmarkfcu.com
highmarkfcu.com
mail.highmarkfcu.com
mail.highmarkfcu.com
mail.highmarkfcu.com
highmarkfcu.com
highmarkfcu.com
supportdesk.highmarkfcu.com
mail.highmarkfcu.com
highmarkfcu.com
sslvpn.highmarkfcu.com
sslvpn.highmarkfcu.com
highmarkfcu.com
highmarkfcu.com
www.highmarkfcu.com
start.highmarkfcu.com
monitor.highmarkfcu.com
mail.highmarkfcu.com
highmarkfcu.com
highmarkfcu.com
start.highmarkfcu.com
highmarkfcu.com
synapsys.highmarkfcu.com
highmarkfcu.com
cm.helpdesk.carimed.com
monitor.highmarkfcu.com
secure.highmarkfcu.com
sslvpn.highmarkfcu.com
ithelp.mainecc.edu
sd.globalrateset.com
mail.highmarkfcu.com
www.highmarkfcu.com
secure.highmarkfcu.com
start.highmarkfcu.com
highmarkfcu.com
start.highmarkfcu.com
highmarkfcu.com
sslvpn.highmarkfcu.com
highmarkfcu.com
sslvpn.highmarkfcu.com
*.highmarkfcu.com
sslvpn.highmarkfcu.com
highmarkfcu.com
mail.highmarkfcu.com
supportdesk.highmarkfcu.com
*.highmarkfcu.com
highmarkfcu.com
synapsys.highmarkfcu.com
start.highmarkfcu.com
supportdesk.highmarkfcu.com
highmarkfcu.com
start.highmarkfcu.com
mail.highmarkfcu.com
sslvpn.highmarkfcu.com
highmarkfcu.com
www.highmarkfcu.com
highmarkfcu.com
supportdesk.highmarkfcu.com
highmarkfcu.com
highmarkfcu.com
mail.highmarkfcu.com
mail.highmarkfcu.com
mail.highmarkfcu.com
highmarkfcu.com
highmarkfcu.com
supportdesk.highmarkfcu.com
mail.highmarkfcu.com
highmarkfcu.com
sslvpn.highmarkfcu.com
sslvpn.highmarkfcu.com
highmarkfcu.com
highmarkfcu.com
www.highmarkfcu.com
start.highmarkfcu.com
monitor.highmarkfcu.com
mail.highmarkfcu.com
highmarkfcu.com
highmarkfcu.com
start.highmarkfcu.com
highmarkfcu.com
synapsys.highmarkfcu.com
highmarkfcu.com
cm.helpdesk.carimed.com
monitor.highmarkfcu.com
secure.highmarkfcu.com
sslvpn.highmarkfcu.com
ithelp.mainecc.edu
sd.globalrateset.com
mail.highmarkfcu.com
www.highmarkfcu.com
secure.highmarkfcu.com
start.highmarkfcu.com
highmarkfcu.com
start.highmarkfcu.com
highmarkfcu.com
sslvpn.highmarkfcu.com
highmarkfcu.com
sslvpn.highmarkfcu.com
*.highmarkfcu.com
sslvpn.highmarkfcu.com
highmarkfcu.com
mail.highmarkfcu.com
supportdesk.highmarkfcu.com
*.highmarkfcu.com
highmarkfcu.com
synapsys.highmarkfcu.com
start.highmarkfcu.com
supportdesk.highmarkfcu.com
highmarkfcu.com
start.highmarkfcu.com
Certificate
The complete raw certificate details for secure.highmarkfcu.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFtzCCBJ+gAwIBAgIQBhntkfKl2xoUCgq1Fi647zANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe Fw0yMDAyMDUwMDAwMDBaFw0yMTAyMDQxMjAwMDBaMCExHzAdBgNVBAMTFnNlY3Vy ZS5oaWdobWFya2ZjdS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCleosSTJUvDjP+lvWDNC38zfc1DIkp7TEevu/ppqZf7MGHl/if6YpXdzow83Jc yMoweEfg2Y69BVzxBv9q4nNjrW7q9GP95M1wHeHX28kgiAeRuNuwDrsJtwfBzS9Q RkBrsaBiNanrH2do8DZfc4xkBFPfoC5EsE2qq/yXTMiEwdDdVy+CHt+m62d7/+wE QsPJOlTS1yz0rQQJ1yK6dDOI2NAHUBrS/Dg61Nmt+5jImLKIFTpRrR+cP8RsQ8+B qRBfitEE+KCV3wNTqb9mG0j/XeRJgVkyxTE94GNjtekebPEqtWwyCkNdcJb8gDa1 USi4JHM4nE2AIBzTl9tMdkFpAgMBAAGjggKsMIICqDAfBgNVHSMEGDAWgBSQWP+w nHWoUVR3se3yo0MWOJ5sxTAdBgNVHQ4EFgQUr8wHdVMKdyxhHfDTlqRB7ECaLlMw IQYDVR0RBBowGIIWc2VjdXJlLmhpZ2htYXJrZmN1LmNvbTAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD4GA1UdHwQ3MDUwM6Ax oC+GLWh0dHA6Ly9jZHAuZ2VvdHJ1c3QuY29tL0dlb1RydXN0UlNBQ0EyMDE4LmNy bDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczov L3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcw JgYIKwYBBQUHMAGGGmh0dHA6Ly9zdGF0dXMuZ2VvdHJ1c3QuY29tMD0GCCsGAQUF BzAChjFodHRwOi8vY2FjZXJ0cy5nZW90cnVzdC5jb20vR2VvVHJ1c3RSU0FDQTIw MTguY3J0MAkGA1UdEwQCMAAwggECBgorBgEEAdZ5AgQCBIHzBIHwAO4AdQD2XJQv 0XcwIhRUGAgwlFaO400TGTO/3wwvIAvMTvFk4wAAAXAWktjeAAAEAwBGMEQCICcb ZwZyp5XKBWadiI70nAx6ZY0FNBbGz2QCVM2eP3BfAiAyYdLT+O8p+mjLFlrTzmHy 35OFbs/h3wQEAB5a1XxqrAB1AFzcQ5L+5qtFRLFemtRW5hA3+9X6R9yhc5SyXub2 xw7KAAABcBaS2S4AAAQDAEYwRAIgQ2c8FUnKpGJy7/Hbxa7MNDagKEMjINUgfURV oAeyWj4CICzAvL3bGws2LLghpH+f3oIZgu9YlLoltCTWihJDOo/5MA0GCSqGSIb3 DQEBCwUAA4IBAQA5GwpzC//tDcPeoxNLxGdbRYHZQEYDMhemuz4oBYMdAqHkZSkD 56vrZZsh0YC1xsMKuFTZlNMTVw41unpUsvnIcZaFbUD/68iCOsKXE/qud9SeA+h+ EolwuC9NE4EOeJ3IHupHB2WDtBQ/WL1wVUHV+/OIyO/qrDCs6cqqKlOb7NjQNbL5 ZYPgqmKOM3B7oF/29gsV9K8YloxB7Lwb+jg4pKANtojLKEpVMYDEiT9IDzp0J5lv ptVicpYXkTTwiKa4GDISnHAXyFjhzF7qfO8OoHNtXxZNcw3ZYicgAhjs68qx4TY6 qn1ok/+dwplQ463Uk6rxM8j2JxSR074zy1hu -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXqLEkyVLw4z/pb1gzQt /M33NQyJKe0xHr7v6aamX+zBh5f4n+mKV3c6MPNyXMjKMHhH4NmOvQVc8Qb/auJz Y61u6vRj/eTNcB3h19vJIIgHkbjbsA67CbcHwc0vUEZAa7GgYjWp6x9naPA2X3OM ZART36AuRLBNqqv8l0zIhMHQ3Vcvgh7fputne//sBELDyTpU0tcs9K0ECdciunQz iNjQB1Aa0vw4OtTZrfuYyJiyiBU6Ua0fnD/EbEPPgakQX4rRBPigld8DU6m/ZhtI /13kSYFZMsUxPeBjY7XpHmzxKrVsMgpDXXCW/IA2tVEouCRzOJxNgCAc05fbTHZB aQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 8109993890428375758676524549717014767 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-02-04 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'secure.highmarkfcu.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20889748647169723924510503386330379668692627786633569146340837758465978806552286290945392424893845086110500537381372589433390863736307049974222790837582890832449619229497640778549008437688087903779907647200274058661907959382259484137562379407394430516263522580048606253084736144285211321066172751262178315224199648216327610030686758104877973943689055502288543648222638803822314103202967454575156609024324284935075404961200780958281514800886204776676009731477508906607242039047874000113225471712695391231543722890822159829383683785602815353206090881266458083937645021099498480973320833351533509329028957311144658616681 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) afcc0775530a772c611df0d396a441ec409a2e53 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.highmarkfcu.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee007500f65c942fd1773022145418083094568ee34d131933bfdf0c2f200bcc4ef164e3000001701692d8de00000403004630440220271b670672a795ca05669d888ef49c0c7a658d053416c6cf640254cd9e3f705f02203261d2d3f8ef29fa68cb165ad3ce61f2df93856ecfe1df0404001e5ad57c6aac0075005cdc4392fee6ab4544b15e9ad456e61037fbd5fa47dca17394b25ee6f6c70eca000001701692d92e0000040300463044022043673c1549caa46272eff1dbc5aecc3436a028432320d5207d4455a007b25a3e02202cc0bcbddb1b0b362cb821a47f9fde821982ef5894ba25b424d68a12433a8ff9 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00391b0a730bffed0dc3dea3134bc4675b4581d94046033217a6bb3e2805831d02a1e4652903e7abeb659b21d180b5c6c30ab854d994d313570e35ba7a54b2f9c87196856d40ffebc8823ac29713faae77d49e03e87e128970b82f4d13810e789dc81eea47076583b4143f58bd705541d5fbf388c8efeaac30ace9caaa2a539becd8d035b2f96583e0aa628e33707ba05ff6f60b15f4af18968c41ecbc1bfa3838a4a00db688cb284a553180c4893f480f3a7427996fa6d5627296179134f088a6b81832129c7017c858e1cc5eea7cef0ea0736d5f164d730dd96227200218ecebcab1e1363aaa7d6893ff9dc29950e3add493aaf133c8f6271491d3be33cb586e