Department of Education

- Department of Education -

Issued by DigiCert Verified Mark RSA4096 SHA256 2021 CA1

About this certificate

This digital certificate with serial number 0b:70:2c:bd:a6:03:62:74:ab:f4:f6:a6:a1:61:56:05 was issued on by DigiCert, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.

Department of Education

Company registration number: Government Entity
Organization: Department of Education
Address: 830 1st St NE Union CTR Plz
State / Province: District of Columbia
Locality: Washington
Country: US

DigiCert, Inc.

Organization: DigiCert, Inc.
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0b:70:2c:bd:a6:03:62:74:ab:f4:f6:a6:a1:61:56:05
Serial Number (int): 15203952653313854517726310852531934725
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: c5:34:30:d2:66:f8:38:33:39:58:bb:c1:a9:af:34:cf:c0:99:bf:14
AuthorityKeyId: be:9f:bd:8d:57:6d:95:b5:ad:63:c3:97:4e:ab:a8:84:5d:3a:07:f5

Fingerprint (sha1): b5:c0:7b:e1:30:ba:07:ef:d7:2f:42:a1:4a:eb:5b:a6:13:b2:40:b4
Fingerprint (sha256): dc:5f:c2:ce:dd:fe:6e:97:c5:0e:16:a0:65:3a:84:2a:4c:86:21:a0:af:c3:06:f2:b8:3d:ee:46:7b:6d:40:94

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crt

Revocation information

CRL Distribution Point: http://crl3.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crl

Check the revocation status for certificate Department of Education

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for Department of Education

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Extended Key Usages

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

test.studentaid.gov
studentaid.gov

Certificate

The complete raw certificate details for Department of Education in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIMMzCCChugAwIBAgIQC3AsvaYDYnSr9PamoWFWBTANBgkqhkiG9w0BAQsFADBf
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNzA1BgNVBAMT
LkRpZ2lDZXJ0IFZlcmlmaWVkIE1hcmsgUlNBNDA5NiBTSEEyNTYgMjAyMSBDQTEw
HhcNMjQwMjA2MDAwMDAwWhcNMjUwMTA0MjM1OTU5WjCCAUYxEzARBgsrBgEEAYI3
PAIBAxMCVVMxGjAYBgNVBA8TEUdvdmVybm1lbnQgRW50aXR5MRowGAYDVQQFExFH
b3Zlcm5tZW50IEVudGl0eTELMAkGA1UEBhMCVVMxHTAbBgNVBAgTFERpc3RyaWN0
IG9mIENvbHVtYmlhMRMwEQYDVQQHEwpXYXNoaW5ndG9uMSQwIgYDVQQJExs4MzAg
MXN0IFN0IE5FIFVuaW9uIENUUiBQbHoxIDAeBgNVBAoTF0RlcGFydG1lbnQgb2Yg
RWR1Y2F0aW9uMSAwHgYDVQQDExdEZXBhcnRtZW50IG9mIEVkdWNhdGlvbjEfMB0G
CisGAQQBg55fAQ0TD1JlZ2lzdGVyZWQgTWFyazESMBAGCisGAQQBg55fAQMTAlVT
MRcwFQYKKwYBBAGDnl8BBBMHNzAzOTc0MzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALNRG54V1SvIz9MLliF4pVl7Sv8XZNri7fW6Cv0rn3vsmGUJ4IkR
Q+4gX9wtq3UZLn7imTVA3dMClVy84CrwQIWaGmcQ6B2CfoHetap2XM5CzfbdaVYn
mhPlDgaMd9B242x12QlwTZy6PMUogniNlpDb9o8SV6F22lLB4I1gMRUs6EWC5IsT
Fn53BapVnqe4MQD2NRYeMDU+0EdyKS0SQsXdHrRQ9KtJtiM6TekZBr7qtmh13YWZ
0UwUdE2QDLmxBKoRo9OmOxJFFoitEveyA+hr/CjoriGg7xEncDAk0m4IPEvKGzH0
LSg07Va/j/GoTuMflDrxy/eNseKhAeNdQC8CAwEAAaOCBwAwggb8MB8GA1UdIwQY
MBaAFL6fvY1XbZW1rWPDl06rqIRdOgf1MB0GA1UdDgQWBBTFNDDSZvg4MzlYu8Gp
rzTPwJm/FDAuBgNVHREEJzAlghN0ZXN0LnN0dWRlbnRhaWQuZ292gg5zdHVkZW50
YWlkLmdvdjBQBgNVHSAESTBHMDcGCmCGSAGG/WwAAgUwKTAnBggrBgEFBQcCARYb
aHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAwGCisGAQQBg55fAQEwEwYDVR0l
BAwwCgYIKwYBBQUHAx8wgaUGA1UdHwSBnTCBmjBLoEmgR4ZFaHR0cDovL2NybDMu
ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VmVyaWZpZWRNYXJrUlNBNDA5NlNIQTI1NjIw
MjFDQTEuY3JsMEugSaBHhkVodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNl
cnRWZXJpZmllZE1hcmtSU0E0MDk2U0hBMjU2MjAyMUNBMS5jcmwwZAYIKwYBBQUH
AQEEWDBWMFQGCCsGAQUFBzAChkhodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20v
RGlnaUNlcnRWZXJpZmllZE1hcmtSU0E0MDk2U0hBMjU2MjAyMUNBMS5jcnQwDAYD
VR0TAQH/BAIwADCCBPAGCCsGAQUFBwEMBIIE4jCCBN6iggTaoIIE1jCCBNIwggTO
MIIEyhYNaW1hZ2Uvc3ZnK3htbDAjMCEwCQYFKw4DAhoFAAQUL76sevQ1ffAD6Snu
aYU5JzFaX6wwggSSFoIEjmRhdGE6aW1hZ2Uvc3ZnK3htbDtiYXNlNjQsSDRzSUFB
QUFBQUFBQ20xVWJXL2NOZ3orblB3S1R2dXlBcEpPa2wvT0N1NVNKRUdURlVpeFlB
SDZOWEI5anMrWWE5OXMzMHY2NjB0U1BxL0FZa0FpUmRMazg1Q3lWeDlQM3hzNGxQ
MVFkKzFhV0cwRWxHM1JiZXEyV292OStLb3k4Zkg2Y3ZXYlV2QlF0bVdmajExL0JU
ZWI3bHNKbjV0bVA0eHNBcmZVWGhzSnoxOGY0Tk5wMS9ValBEWDdTbjF1UWJQeGE2
aHhCYWsyQm03M2RiTUI4d0ZBS1V3L0hLcGZRVGdCMy9LaGZPcTcxN29wMTJLczJ6
ZTFHd1FnMkhhNE9qVjErODlhYk1keGQ3VllISTlIZll4MDExY0w2NzFmc0ZmQW9T
NlB0OTFwTFF3WWlKZDZ5ZHVVNHIyWG5URm1nVURFOVNYQWFxekhwcnkrZjc1WkxZ
SjZ1YXFnM3F6RlkxZDF3OHZKM2IvYzU0ZTY2RnFNdjVoOEdLNStzVjZzaXJvdm1w
SjlmeDN5UmdEeWFkYmlkMnVqdXdSWkZvalBSZHFqOW5iV2VsWXlBUXRPRVRJLy83
dlArMUpSY1FIWThuWjQ3ZnJ2MkJsU20zd3MvOER1OHlQQjJrbjl3Q0RPS1I3NmJy
OExsb3ZWcm12ZXFxNWx4MU0rYm1kazkvd0kySFYxTzJLZmpFNmt6WFFFckdnTFM1
M09NdElPSXIyY1pZWXkxWDZXMXVpWUhmOHBtR3BpUmlpdzhnemh4Yjc4RHdXNnZ0
anB2YVJRVmhwbHRWZEdPK1YwaWpJZDBPQ1V4VDNGbFJWb2kzRmw1RVBEa3FYVHZu
R3NKOEJQWWFUQnJFWmI1T0pRT2trdjA1bDRHaDNoOHJpSXF5dkNPZUl6NWlmK0pB
ZkRXQ2lIcGR3RjRacGlWY2dmRWJ4enpRa1h3bVdNeVJsd3hBZHlXbmJoYWhBenhm
bUNDWVJnT3kxKzhjNWo0VlJuMkd3dlU5NFRiUXRxVUV6Z01BRUJkU3JDWWZFelVP
c0llc1NwTVJiZk5oaVRjQ01jVTdJVDZVamFJZEQxM0NxTUdrS2JMTGNDRVR6YVJL
Yk1pc0Fqc0RPM1FZVkdaQUgzUkg4eXVvbFF6UEV4bWJHK1lpd0JGNDNnempxSjhC
R3hqS2xhVURLZVd6ck56VTZ6aUtudnJBZGZKbm1xT0hHUy90eDluc2RFTFJDUWpw
dVF5RkE4WTV0aHUrZEtQQzJpemlCeElueTlaQ0RnNVRRTkNnaEY3bXhDbVRQYTR2
RGg0SGErdnovZXVmalAyM3hYdm4vdFBTZHFJdXJVVXJzdEtuU1FmT0FyVFhkTXhW
c1ZzU2JqUDYzL0FWK2NJMmhPUjF0Y2p5Nm1hL0U0RzJjUXEwVVZaRjhXSTJQNUc1
VzhyUnJFYytJUFh3RDlsUEJEbXdGR24yNnN2UlZ3ckRmakZuMFovVkczWlYxdFJ6
ek5uM2JJemZ1MDRYLzEraWM2aUpoK2JBWUFBQT09MBMGCisGAQQB1nkCBAMBAf8E
AgUAMA0GCSqGSIb3DQEBCwUAA4ICAQAvyui/4sJR0tM5WzIPHyqrd9B0PCVlIj/s
ZRosp+TMKQ3jSaY/JDnCwDVqjuebTwJZNJwFYkrtOsH31HKncqiEslcA18CuIas0
nHDh/slTpeFDTknQDQer8hysuHqQvmJsaQTmumQwfRtB8Rm7BYcnsk5KpHHNvmCQ
yhkBzeJhwhT5tsRD7rwfFolQ/j5sLoPZzmkZdp8O9SQbUAfWFVVmUKg05uB6R468
Wdit0N81FoSlvarmrEjVPL43CKMgRKCscCH0ht+4kgb2ctwcK77NZ4utiBQ+jabC
2e39nzT3XOMv6DEgsex2ZWcqXop5utr8pAk1BPhYakORrKW0JrO9U+4EGePRfJWK
/rzNdxd5WpJOztalYdnXhVkDECB4GUNnx4jTbFygWpd3o2P70C2j5DWtJ6FhSNQ0
SRS1Su7BRQ0u1x/r83S2/sgkA+bjT8lS2T/PY7vUkbN6/AsWj+gMK6QZ/Dva7iU2
CIxlPQT05M4LdqKOewB4jYcXYu+P78NA8gwQl5q/f55SMxcywg7JlV6Ku2baCWYg
i4B0dx0jaipcWtLIG/0OMjaw1iBhUMxR3miZLg5qjM01xYqQWpe9Iexa9DIB8MCk
jMh++OGLj6meltDfaZpPLL/hk35t8ghfNaN5s54/j/Fcq5RLtPELGF+VJftentfO
cpFIzJndTA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1EbnhXVK8jP0wuWIXil
WXtK/xdk2uLt9boK/Sufe+yYZQngiRFD7iBf3C2rdRkufuKZNUDd0wKVXLzgKvBA
hZoaZxDoHYJ+gd61qnZczkLN9t1pVieaE+UOBox30HbjbHXZCXBNnLo8xSiCeI2W
kNv2jxJXoXbaUsHgjWAxFSzoRYLkixMWfncFqlWep7gxAPY1Fh4wNT7QR3IpLRJC
xd0etFD0q0m2IzpN6RkGvuq2aHXdhZnRTBR0TZAMubEEqhGj06Y7EkUWiK0S97ID
6Gv8KOiuIaDvESdwMCTSbgg8S8obMfQtKDTtVr+P8ahO4x+UOvHL942x4qEB411A
LwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 15203952653313854517726310852531934725
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Verified Mark RSA4096 SHA256 2021 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-04 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'District of Columbia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '830 1st St NE Union CTR Plz'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Department of Education'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Department of Education'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.13
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Registered Mark'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.4
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '7039743'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22636652375679394818335267040455107542690111420546921729780756073189460014918287435252220846015980193130527750794914745464844556989403472408642212045900837311535031949321190659735842810350843693777644414784535156867530188416062183822200607352810970611311102004075041106456111777796971643997973160192927179667186375455982852939031118614132108189011368105070419737630082927328009071189982626036050882651732131462469647424589041660637985083677942925841199943733907636976635561663533785642480159069112363249369101083985787038712855978112488793706737005821181836378316973187689027816178225953992834261646814365183129763887
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName be9fbd8d576d95b5ad63c3974eaba8845d3a07f5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c53430d266f838333958bbc1a9af34cfc099bf14
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.studentaid.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'studentaid.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.0.2.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.31
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (157 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.12 (logoType)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1250 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|true] IA5String 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'image/svg+xml'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.14.3.2.26 (sha1)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
															2fbeac7af4357df003e929ee69853927315a5fac
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'data:image/svg+xml;base64,H4sIAAAAAAAACm1UbW/cNgz+nPwKTvuyApJOkl/OCu5SJEGTFUixYAH6NXB9js+Ya99s30v660tSPq/AYkAiRdLk85CyVx9P3xs4lP1Qd+1aWG0ElG3Rbeq2Wov9+Koy8fH6cvWbUvBQtmWfj11/BTeb7lsJn5tmP4xsArfUXhsJz18f4NNp1/UjPDX7Sn1uQbPxa6hxBak2Bm73dbMB8wFAKUw/HKpfQTgB3/KhfOq717op12Ks2ze1GwQg2Ha4OjV1+89abMdxd7VYHI9HfYx011cL671fsFfAoS6Pt91pLQwYiJd6yduU4r2XnTFmgUDE9SXAaqzHpry+f75ZLYJ6uaqg3qzFY1d1w8vJ3b/c54e66FqMv5h8GK5+sV6sirovmpJ9fx3yRgDyadbid2ujuwRZFojPRdqj9nbWelYyAQtOETI//7vP+1JRcQHY8nZ47frv2BlSm3ws/8Du8yPB2kn9wCDOKR76br8LlovVrmveqq5lx1M+bmdk9/wI2HV1O2KfjE6kzXQErGgLS53OMtIOIr2cZYYy1X6W1uiYHf8pmGpiRiiw8gzhxb78DwW6vtjpvaRQVhpltVdGO+V0ijId0OCUxT3FlRVoi3Fl5EPDkqXTvnGsJ8BPYaTBrEZb5OJQOkkv05l4Gh3h8riIqyvCOeIz5if+JAfDWCiHpdwF4ZpiVcgfEbxzzQkXwmWMyRlwxAdyWnbhahAzxfmCCYRgOy1+8c5j4VRn2GwvU94TbQtqUEzgMAEBdSrCYfEzUOsIesSpMRbfNhiTcCMcU7IT6UjaIdD13CqMGkKbLLcCETzaRKbMisAjsDO3QYVGZAH3RH8yuolQzPExmbG+YiwBF43gzjqJ8BGxjKlaUDKeWzrNzU6ziKnvrAdfJnmqOHGS/tx9nsdELRCQjpuQyFA8Y5thu+dKPC2iziBxIny9ZCDg5TQNCghF7mxCmTPa4vDh4Ha+vz/eufjP23xXvn/tPSdqIurUUrstKnSQfOArTXdMxVsVsSbjP63/AV+cI2hOR1tcjy6ma/E4G2cQq0UVZF8WI2P5G5W8rRrEc+IPXwD9lPBDmwFGn26svRVwrDfjFn0Z/VG3ZV1tRzzNn3bIzfu04X/1+ic6iJh+bAYAAA=='
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		002fcae8bfe2c251d2d3395b320f1f2aab77d0743c2565223fec651a2ca7e4cc290de349a63f2439c2c0356a8ee79b4f0259349c05624aed3ac1f7d472a772a884b25700d7c0ae21ab349c70e1fec953a5e1434e49d00d07abf21cacb87a90be626c6904e6ba64307d1b41f119bb058727b24e4aa471cdbe6090ca1901cde261c214f9b6c443eebc1f168950fe3e6c2e83d9ce6919769f0ef5241b5007d615556650a834e6e07a478ebc59d8add0df351684a5bdaae6ac48d53cbe3708a32044a0ac7021f486dfb89206f672dc1c2bbecd678bad88143e8da6c2d9edfd9f34f75ce32fe83120b1ec7665672a5e8a79badafca4093504f8586a4391aca5b426b3bd53ee0419e3d17c958afebccd7717795a924eced6a561d9d7855903102078194367c788d36c5ca05a9777a363fbd02da3e435ad27a16148d4344914b54aeec1450d2ed71febf374b6fec82403e6e34fc952d93fcf63bbd491b37afc0b168fe80c2ba419fc3bdaee2536088c653d04f4e4ce0b76a28e7b00788d871762ef8fefc340f20c10979abf7f9e52331732c20ec9955e8abb66da0966208b8074771d236a2a5c5ad2c81bfd0e3236b0d6206150cc51de68992e0e6a8ccd35c58a905a97bd21ec5af43201f0c0a48cc87ef8e18b8fa99e96d0df699a4f2cbfe1937e6df2085f35a379b39e3f8ff15cab944bb4f10b185f9525fb5e9ed7ce729148cc99dd4c