www.uspspostalone.com

- US Postal Service -

Issued by GeoTrust SSL CA - G4

About this certificate

This digital certificate with serial number 05:39 was issued on by GeoTrust Inc..

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

US Postal Service

Organization: US Postal Service
Organization unit: Telecommunications Services
State / Province: North Carolina
Locality: Raleigh
Country: US

GeoTrust Inc.

Organization: GeoTrust Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 05:39
Serial Number (int): 1337
Serial Number lenght: 11 bits, 2 octets

SubjectKeyId:
AuthorityKeyId: ac:32:ed:5a:c9:e0:de:30:9c:90:58:55:26:63:f6:72:a6:54:5f:e3

Fingerprint (sha1): ae:a5:6b:51:f3:a3:ba:4b:bc:ee:29:10:e1:15:79:e2:7d:21:02:5c
Fingerprint (sha256): da:f2:e5:d1:51:e8:b5:3c:de:9d:2e:66:23:7c:e8:6a:1c:e3:97:6d:57:f4:46:ef:87:13:cd:64:74:2f:b8:f8

Issuing Certificate URL: http://gw.symcb.com/gw.crt

Revocation information

OCSP Server: http://gw.symcd.com
CRL Distribution Point: http://gw.symcb.com/gw.crl

Check the revocation status for certificate www.uspspostalone.com

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.uspspostalone.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.m.usps.com
stage-www.uspspostalone.com
keepingposted.org
www.keepingposted.org
www.uspspostalone.com
uspspostalone.com

Other certificates including the domain name uspspostalone.com

(limited to 100 certificates)
myusps.gov

cat1a.usps.com
www.uspspostalone.com
*.keepingposted.org
www.uspspostalone.com
www.uspspostalone.com
tem1a.usps.com

mailxmltem.uspspostalone.com
tem1a.usps.com
cat1a.usps.com
fast.uspspostalone.com
prod1a.usps.com
cat1a.usps.com
www.uspspostalone.com
www.uspspostalone.com
preprod.uspspostalone.com
UNITED STATES POSTAL SERVICES IT
*.keepingposted.org
prod1a.usps.com
prod1a.usps.com
prod1a.usps.com
www.uspspostalone.com
fast.uspspostalone.com
www.uspspostalone.com
www.uspspostalone.com
cat1a.usps.com
preprod.uspspostalone.com
www.uspspostalone.com
cat1a.usps.com
tem1a.usps.com

www.uspspostalone.com
upload9.uspspostalone.com

www.uspspostalone.com
UNITED STATES POSTAL SERVICES IT
cat1a.usps.com
www.uspspostalone.com
preprod.usps.com
preprod.uspspostalone.com
cat1a.usps.com
www.uspspostalone.com
www.uspspostalone.com

www.uspspostalone.com

preprod.uspspostalone.com
*.keepingposted.org
www.uspspostalone.com
www.uspspostalone.com

preprod.usps.com

www.uspspostalone.com
myusps.gov
myusps.gov
upload1.uspspostalone.com
www.uspspostalone.com
tem1a.usps.com
fast.uspspostalone.com
www.uspspostalone.com
cat1a.usps.com
prod1.uspspostalone.com
preprod.usps.com
cat1a.usps.com

myusps.gov
www.uspspostalone.com
cat1a.usps.com
www.uspspostalone.com

www.uspspostalone.com
fast.uspspostalone.com
*.keepingposted.org
tem1a.usps.com
myusps.gov
www.uspspostalone.com
www.uspspostalone.com
myusps.gov
www.uspspostalone.com
www.uspspostalone.com
www.uspspostalone.com
fast.uspspostalone.com

www.uspspostalone.com
www.uspspostalone.com
www.uspspostalone.com
www.uspspostalone.com
www.uspspostalone.com

Certificate

The complete raw certificate details for www.uspspostalone.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgICBTkwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UEBhMCVVMx
FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHTAbBgNVBAMTFEdlb1RydXN0IFNTTCBD
QSAtIEc0MB4XDTE1MDMwNTEzMDU0MVoXDTE2MDYwNjA3MjgyN1owgZoxCzAJBgNV
BAYTAlVTMRcwFQYDVQQIEw5Ob3J0aCBDYXJvbGluYTEQMA4GA1UEBxMHUmFsZWln
aDEaMBgGA1UEChMRVVMgUG9zdGFsIFNlcnZpY2UxJDAiBgNVBAsTG1RlbGVjb21t
dW5pY2F0aW9ucyBTZXJ2aWNlczEeMBwGA1UEAxMVd3d3LnVzcHNwb3N0YWxvbmUu
Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9QYRzeDrrcrzbBUj
pIHK10kP9Oc/xD4Ge4N6n6Z6Ezq6Qt6PDYuCkxB4scj8Bm0mnIlCB7ScNA6WtwaZ
6wlY/eLsrWxJODIpGFXAEOEFJBNFyU1tVlTwTau4DXElyFByZ+YfdvRXse/urWoV
pfYF7nnUfPj9nhPQcZO7ynXsJCFxii3J9SyAt9PCQfZP7gOjLSFlD49DvFxS0aBZ
pqLKTDhDRUNPRtCzC7XPp9XigzbHp/jRiJDuzOzflQzh+6mIr2ZbsvKncr3On4Hw
/mfg6g9quXgUZFLZdqT5YE/8kUS9EwTbKtPHEbwSUWrp6ycgPj/E7arUbZ/CYwR5
P08FPwIDAQABo4IB0zCCAc8wHwYDVR0jBBgwFoAUrDLtWsng3jCckFhVJmP2cqZU
X+MwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vZ3cuc3ltY2Qu
Y29tMCYGCCsGAQUFBzAChhpodHRwOi8vZ3cuc3ltY2IuY29tL2d3LmNydDAOBgNV
HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGMBgNV
HREEgYQwgYGCDnd3dy5tLnVzcHMuY29tghtzdGFnZS13d3cudXNwc3Bvc3RhbG9u
ZS5jb22CEWtlZXBpbmdwb3N0ZWQub3JnghV3d3cua2VlcGluZ3Bvc3RlZC5vcmeC
FXd3dy51c3BzcG9zdGFsb25lLmNvbYIRdXNwc3Bvc3RhbG9uZS5jb20wKwYDVR0f
BCQwIjAgoB6gHIYaaHR0cDovL2d3LnN5bWNiLmNvbS9ndy5jcmwwDAYDVR0TAQH/
BAIwADBaBgNVHSAEUzBRME8GCmCGSAGG+EUBBzYwQTA/BggrBgEFBQcCARYzaHR0
cHM6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5L2xlZ2Fs
MA0GCSqGSIb3DQEBCwUAA4IBAQBcnt7McLU45fs11AycQRziAds9Kl9bXdt6rLdU
zD4ULv0N3THJ01r7kNlIjrfQMkWZ7DmNPVVFEtoqflWtszf0iHwyU8+3QNLoOFzU
dJGloalmYBCuBNSX6DaCpR62b0r7XLDuBfN8YGQrmMHL31uyIw+SmwgTakrkqhGo
IWVjS6FW5KSVw0haH+V0iotso0mKarT7JRc5Vay+5UAZB7L/e53s3YuZLLKWRTIV
a43bGVCpIXrCJT7Ts83dZjAtK5fM0EOz8aWahz5XxA1FfP8YX4S8QyxDP/ME5NlH
aJgRYk8IDIaRsUO+5Zdd2nj4zuTA5eC7Rl4UGMjqlSROsQMR
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9QYRzeDrrcrzbBUjpIHK
10kP9Oc/xD4Ge4N6n6Z6Ezq6Qt6PDYuCkxB4scj8Bm0mnIlCB7ScNA6WtwaZ6wlY
/eLsrWxJODIpGFXAEOEFJBNFyU1tVlTwTau4DXElyFByZ+YfdvRXse/urWoVpfYF
7nnUfPj9nhPQcZO7ynXsJCFxii3J9SyAt9PCQfZP7gOjLSFlD49DvFxS0aBZpqLK
TDhDRUNPRtCzC7XPp9XigzbHp/jRiJDuzOzflQzh+6mIr2ZbsvKncr3On4Hw/mfg
6g9quXgUZFLZdqT5YE/8kUS9EwTbKtPHEbwSUWrp6ycgPj/E7arUbZ/CYwR5P08F
PwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1337
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA - G4'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-03-05 13:05:41 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-06-06 07:28:27 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'North Carolina'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Raleigh'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US Postal Service'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Telecommunications Services'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.uspspostalone.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30931377722210056100520533078008565996746637979862004164269702876709599491307259307849377757329748162439661989131682308496221112902152268168320402369699687971315057634972260783034374442533816129404608640202512815879502638599795814614210772474849917371400479349008166563925949894764871601405396658127581517093975585115655437247934478870032728507933485003519220428071486275955280012735688359644548127514230732346466584044066277140573184410932808920097979494898895648520819709247020903959973734669074563690108704859682168902799396200651872423740517202362701261619608266045515648786578824374169101713512596106354673780031
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ac32ed5ac9e0de309c9058552663f672a6545fe3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gw.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gw.symcb.com/gw.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (132 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.m.usps.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage-www.uspspostalone.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'keepingposted.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.keepingposted.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uspspostalone.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uspspostalone.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gw.symcb.com/gw.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005c9edecc70b538e5fb35d40c9c411ce201db3d2a5f5b5ddb7aacb754cc3e142efd0ddd31c9d35afb90d9488eb7d0324599ec398d3d554512da2a7e55adb337f4887c3253cfb740d2e8385cd47491a5a1a9666010ae04d497e83682a51eb66f4afb5cb0ee05f37c60642b98c1cbdf5bb2230f929b08136a4ae4aa11a82165634ba156e4a495c3485a1fe5748a8b6ca3498a6ab4fb25173955acbee5401907b2ff7b9decdd8b992cb2964532156b8ddb1950a9217ac2253ed3b3cddd66302d2b97ccd043b3f1a59a873e57c40d457cff185f84bc432c433ff304e4d947689811624f080c8691b143bee5975dda78f8cee4c0e5e0bb465e1418c8ea95244eb10311