prod.occ.o360.cloud
Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1
About this certificate
This digital certificate with serial number 05:18:64:91:6b:a3:fb:2c:a7:e8:5f:d7:d9:17:74:93 was issued on by DigiCert, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=prod.occ.o360.cloud
DigiCert, Inc.
Organization:
DigiCert, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 05:18:64:91:6b:a3:fb:2c:a7:e8:5f:d7:d9:17:74:93Serial Number (int): 6772794865886482060199185215097631891
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 65:92:58:81:14:6b:6c:0a:f4:32:b8:c9:b2:f0:1a:2e:0f:c3:59:b3
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23
Fingerprint (sha1): e7:04:6f:10:4e:f0:fe:86:93:ac:58:fd:b7:d5:a7:f0:00:12:2b:41
Fingerprint (sha256): d4:88:0c:37:1e:7d:61:13:49:3b:2a:9f:d4:68:fe:5d:be:49:00:d8:8d:d3:5c:4a:3e:27:4f:da:a3:88:ad:53
Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
Check the revocation status for certificate prod.occ.o360.cloud
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for prod.occ.o360.cloud
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
prod.occ.o360.cloud
Other certificates including the domain name o360.cloud
(limited to 100 certificates)
epro.dev-eastus2.cs-np.o360.cloud
qa-patients.caseadvisor-np.o360.cloud
sb-patients.caseadvisor-np.o360.cloud
stg-patients.caseadvisor-np.o360.cloud
prod.occ.o360.cloud
eproprd-az.optum.com
epro.tst-eastus2.cs-np.o360.cloud
qa.cta.o360.cloud
splunk-dev.o360.cloud
sit1-blue.occ.o360.cloud
occ-np.o360.cloud
eprostg-az.optum.com
eproprd-az.optum.com
sb-patients.caseadvisor-np.o360.cloud
rulesenginepreview.efrbilling.o360.cloud
prod-green.occ.o360.cloud
sbgit-patients.caseadvisor-np.o360.cloud
occ-np.o360.cloud
caseadvisor.o360.cloud
dev.cta.o360.cloud
caseadvisor-np.o360.cloud
dev-main.caseadvisor-np.o360.cloud
stg-patients.caseadvisor-np.o360.cloud
occ.o360.cloud
dev-patients.caseadvisor-np.o360.cloud
epro.prd-eastus2.cs.o360.cloud
eproprd-az.optum.com
dev-main.caseadvisor-np.o360.cloud
dev-patients.caseadvisor-np.o360.cloud
eproprd-az.optum.com
api-dev.cta.o360.cloud
asc.prd-eastus2.cs.o360.cloud
kc.o360.cloud
sb-patients.caseadvisor-np.o360.cloud
cta.o360.cloud
caseadvisor-np.o360.cloud
stg-patients.caseadvisor-np.o360.cloud
api-brc.cta.o360.cloud
qa-patients.caseadvisor-np.o360.cloud
pcac.o360.cloud
dojo.o360.cloud
dojo.o360.cloud
caseadvisor.o360.cloud
occ-np.o360.cloud
man.cta.o360.cloud
occ.o360.cloud
occ.o360.cloud
api-dev.cta.o360.cloud
api-brc.cta.o360.cloud
cta.o360.cloud
prod.occ.o360.cloud
api-dev.cta.o360.cloud
prd.cta.o360.cloud
sit1.occ.o360.cloud
epro.stg-eastus2.cs.o360.cloud
eproprd-az.optum.com
dev-patients.caseadvisor-np.o360.cloud
fddemo.o360.cloud
rmsnavbar.caseadvisor.o360.cloud
api-qa.cta.o360.cloud
dev-main.caseadvisor-np.o360.cloud
patients.caseadvisor.o360.cloud
cta.o360.cloud
qa-patients.caseadvisor-np.o360.cloud
sb-patients.caseadvisor-np.o360.cloud
stg-patients.caseadvisor-np.o360.cloud
prod.occ.o360.cloud
eproprd-az.optum.com
epro.tst-eastus2.cs-np.o360.cloud
qa.cta.o360.cloud
splunk-dev.o360.cloud
sit1-blue.occ.o360.cloud
occ-np.o360.cloud
eprostg-az.optum.com
eproprd-az.optum.com
sb-patients.caseadvisor-np.o360.cloud
rulesenginepreview.efrbilling.o360.cloud
prod-green.occ.o360.cloud
sbgit-patients.caseadvisor-np.o360.cloud
occ-np.o360.cloud
caseadvisor.o360.cloud
dev.cta.o360.cloud
caseadvisor-np.o360.cloud
dev-main.caseadvisor-np.o360.cloud
stg-patients.caseadvisor-np.o360.cloud
occ.o360.cloud
dev-patients.caseadvisor-np.o360.cloud
epro.prd-eastus2.cs.o360.cloud
eproprd-az.optum.com
dev-main.caseadvisor-np.o360.cloud
dev-patients.caseadvisor-np.o360.cloud
eproprd-az.optum.com
api-dev.cta.o360.cloud
asc.prd-eastus2.cs.o360.cloud
kc.o360.cloud
sb-patients.caseadvisor-np.o360.cloud
cta.o360.cloud
caseadvisor-np.o360.cloud
stg-patients.caseadvisor-np.o360.cloud
api-brc.cta.o360.cloud
qa-patients.caseadvisor-np.o360.cloud
pcac.o360.cloud
dojo.o360.cloud
dojo.o360.cloud
caseadvisor.o360.cloud
occ-np.o360.cloud
man.cta.o360.cloud
occ.o360.cloud
occ.o360.cloud
api-dev.cta.o360.cloud
api-brc.cta.o360.cloud
cta.o360.cloud
prod.occ.o360.cloud
api-dev.cta.o360.cloud
prd.cta.o360.cloud
sit1.occ.o360.cloud
epro.stg-eastus2.cs.o360.cloud
eproprd-az.optum.com
dev-patients.caseadvisor-np.o360.cloud
fddemo.o360.cloud
rmsnavbar.caseadvisor.o360.cloud
api-qa.cta.o360.cloud
dev-main.caseadvisor-np.o360.cloud
patients.caseadvisor.o360.cloud
cta.o360.cloud
Certificate
The complete raw certificate details for prod.occ.o360.cloud in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHljCCBX6gAwIBAgIQBRhkkWuj+yyn6F/X2Rd0kzANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN MjMwOTI0MDAwMDAwWhcNMjQwMzI0MjM1OTU5WjAeMRwwGgYDVQQDExNwcm9kLm9j Yy5vMzYwLmNsb3VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzCt 8QCwEymufhD5nQCXSTuiTm58hCQYJCqMTd/OXNj3fS3fKU3jmLweUH+f5khdGcAg OE0YsnlgHZltT0aGmnQkTGtTX5iU9u1aaacyBYv36bsVBivxeJ8lGyixnGWnDAhq lZAsLkFRBvlN8PB6TcPYqdwqgeRRfRNFhuNAzCtwDi3tUawutUjFo5Av1TzbJ3Ou JJPiZWpMvwJTWMp8FpasMCdpATQIny7ZSyGjMTqJKCu+FseKSGrtZluvteX4lQn2 oEGBkAkumnYgLHrpOCtqg7R/WQvtVX2ucSIbgJeHt9h5Ff98/caWv6mt7jWhbBqX BUHqBe5W0c66sji47QIDAQABo4IDkDCCA4wwHwYDVR0jBBgwFoAUpbTW6zbE52um 38RkCwEqIAS4ZiMwHQYDVR0OBBYEFGWSWIEUa2wK9DK4ybLwGi4Pw1mzMB4GA1Ud EQQXMBWCE3Byb2Qub2NjLm8zNjAuY2xvdWQwPgYDVR0gBDcwNTAzBgZngQwBAgEw KTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgZ8GA1Ud HwSBlzCBlDBIoEagRIZCaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0dlb1RydXN0 R2xvYmFsVExTUlNBNDA5NlNIQTI1NjIwMjJDQTEuY3JsMEigRqBEhkJodHRwOi8v Y3JsNC5kaWdpY2VydC5jb20vR2VvVHJ1c3RHbG9iYWxUTFNSU0E0MDk2U0hBMjU2 MjAyMkNBMS5jcmwwgYcGCCsGAQUFBwEBBHsweTAkBggrBgEFBQcwAYYYaHR0cDov L29jc3AuZGlnaWNlcnQuY29tMFEGCCsGAQUFBzAChkVodHRwOi8vY2FjZXJ0cy5k aWdpY2VydC5jb20vR2VvVHJ1c3RHbG9iYWxUTFNSU0E0MDk2U0hBMjU2MjAyMkNB MS5jcnQwDAYDVR0TAQH/BAIwADCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHcA 7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGKyUkgCQAABAMASDBG AiEA+lBtKPSzYkWu11VmUt3pf2EWbYBX+rR1PUXXuzhBpogCIQDjLRIzx430KHx+ grp/MmSo3xUDxNiET/fnSpTb/701pQB1AEiw42vapkc0D+VqAvqdMOscUgHLVt0s gdm7v6s52IRzAAABislJIEEAAAQDAEYwRAIgMUTnVMUkDkH9k2cvfRV9k8Ep0s7A UoxK7YktlLVLM6wCIAtaEN/tKqufnDboNhW9/zBVEdfJVxI+1OTjdch1ixfPAHcA 2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGKyUkgBwAABAMASDBG AiEAzxoDf53xr0DyVDJ2SnxwQ7oLzo/Fxpp9K14FkQXA6EsCIQDdGiRYMNOnxpsm I97bSfmq0sIR+zZBfe9HUfdDxdmlATANBgkqhkiG9w0BAQsFAAOCAgEAV/oUemT1 /8VdCfUn2KwJunJWeqWy+NX0Dc/KPEm2mLesrC4P/7HtmVKuoGbEfzJACCeHv7g7 7Y3bM6ChcFYuGhYCpKnaDCi98l9g/d9sx1ILfEoo+AGPtjROhtSl9wulkEl5k0kH Q2m7sYkEw60MSJeoSgQlcl33Jtg9Or7t7QEJ+NbHsfbaVELKlQGCIH4uOdpCdCpw Fxlj76Mo4TgBdyOrpq1Zy/Y1V1hsG06d3uXpaof5zOhpeZLSxTaUqvO5N07aYHS/ BJ7s1kndYZyCYSq3pIqu5Y7riOlXwDdec63w35LqgpIz9m1rwZvNGIZDMkvtKxkI eyQdrQN9a1XpJbY9TRSyCY13zb1nxK6ZNIyGWoqdC9bhDtTbf1NK7Z6QHRFmIoI5 RfRfKXnpwdf/uGdvLo0h7DS8WBCF7YkZ+N1DbXpuJBHY47JhgHs0QcJzZlMZyu14 k8NIRuG1TG6kziAB7Z+pMt6eQ2dtYLPISXVpyBYBhUHAYA2kYy8wEKM3ygDItFcK wGXl5zvEe/IxUaGr8mBU5HwCUVE9U7+y0zXP9qkABHd9vrDQxWArTvdTK+wqbv9T hAj5XCZ5D66Wp2Jj4/0QBCKWDWfhGuL71TRHCQdnnHAZWNFQ6NVFHYEzZ1mXIzsq EOz7+XxFwtk4aShFU+3bCX0RPzSyxVO5S6s= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzCt8QCwEymufhD5nQCX STuiTm58hCQYJCqMTd/OXNj3fS3fKU3jmLweUH+f5khdGcAgOE0YsnlgHZltT0aG mnQkTGtTX5iU9u1aaacyBYv36bsVBivxeJ8lGyixnGWnDAhqlZAsLkFRBvlN8PB6 TcPYqdwqgeRRfRNFhuNAzCtwDi3tUawutUjFo5Av1TzbJ3OuJJPiZWpMvwJTWMp8 FpasMCdpATQIny7ZSyGjMTqJKCu+FseKSGrtZluvteX4lQn2oEGBkAkumnYgLHrp OCtqg7R/WQvtVX2ucSIbgJeHt9h5Ff98/caWv6mt7jWhbBqXBUHqBe5W0c66sji4 7QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6772794865886482060199185215097631891 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-24 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-24 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'prod.occ.o360.cloud' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25145427423979250375836408713338144602322503113514403598837440169457778421978724102848262743073071553377978908616365186288597405698550091061430043549180273679229005015372547353430687388358345041340397552352947739392123844014673193372425788229447319477790705199005216785184894908450268656163715328867113313444799295106124352599453989574732711303772849367506381093815320508167770284081385030472300734977005361213032077498826526858870717205593840346986498620244592116477303824353262654719336781135252793209413356533376589882384858759264144551935679686958619797047888919853755550958201057358374365339430432907177328425197 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 65925881146b6c0af432b8c9b2f01a2e0fc359b3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.occ.o360.cloud' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018ac94920090000040300483046022100fa506d28f4b36245aed7556652dde97f61166d8057fab4753d45d7bb3841a688022100e32d1233c78df4287c7e82ba7f3264a8df1503c4d8844ff7e74a94dbffbd35a500750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ac9492041000004030046304402203144e754c5240e41fd93672f7d157d93c129d2cec0528c4aed892d94b54b33ac02200b5a10dfed2aab9f9c36e83615bdff305511d7c957123ed4e4e375c8758b17cf007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018ac94920070000040300483046022100cf1a037f9df1af40f25432764a7c7043ba0bce8fc5c69a7d2b5e059105c0e84b022100dd1a245830d3a7c69b2623dedb49f9aad2c211fb36417def4751f743c5d9a501 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0057fa147a64f5ffc55d09f527d8ac09ba72567aa5b2f8d5f40dcfca3c49b698b7acac2e0fffb1ed9952aea066c47f3240082787bfb83bed8ddb33a0a170562e1a1602a4a9da0c28bdf25f60fddf6cc7520b7c4a28f8018fb6344e86d4a5f70ba59049799349074369bbb18904c3ad0c4897a84a0425725df726d83d3abeeded0109f8d6c7b1f6da5442ca950182207e2e39da42742a70171963efa328e138017723aba6ad59cbf63557586c1b4e9ddee5e96a87f9cce8697992d2c53694aaf3b9374eda6074bf049eecd649dd619c82612ab7a48aaee58eeb88e957c0375e73adf0df92ea829233f66d6bc19bcd188643324bed2b19087b241dad037d6b55e925b63d4d14b2098d77cdbd67c4ae99348c865a8a9d0bd6e10ed4db7f534aed9e901d116622823945f45f2979e9c1d7ffb8676f2e8d21ec34bc581085ed8919f8dd436d7a6e2411d8e3b261807b3441c273665319caed7893c34846e1b54c6ea4ce2001ed9fa932de9e43676d60b3c8497569c816018541c0600da4632f3010a337ca00c8b4570ac065e5e73bc47bf23151a1abf26054e47c0251513d53bfb2d335cff6a90004777dbeb0d0c5602b4ef7532bec2a6eff538408f95c26790fae96a76263e3fd100422960d67e11ae2fbd534470907679c701958d150e8d5451d8133675997233b2a10ecfbf97c45c2d93869284553eddb097d113f34b2c553b94bab