novica.ca
Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1
About this certificate
This digital certificate with serial number 0e:a4:9f:ea:ca:a0:59:bd:3b:6f:f6:10:42:0c:e0:a1 was issued on by DigiCert, Inc..
With 27 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=novica.ca
DigiCert, Inc.
Organization:
DigiCert, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0e:a4:9f:ea:ca:a0:59:bd:3b:6f:f6:10:42:0c:e0:a1Serial Number (int): 19463972131015366801569266944384491681
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 19:92:a2:22:af:5d:8d:7f:83:6b:47:d5:50:16:70:a0:2b:5f:78:43
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23
Fingerprint (sha1): 49:96:5b:e8:4b:56:ef:5f:11:48:37:6c:f7:18:ff:28:2a:00:90:28
Fingerprint (sha256): f0:ed:13:25:97:49:05:14:2f:3c:16:57:ed:f3:7f:87:f2:b1:22:35:a8:89:a3:92:c6:96:2a:79:a6:bf:03:0f
Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
Check the revocation status for certificate novica.ca
27
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for novica.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
novica.ca
*.novica.ca
*.worldartisanday.org
worldartisanday.org
*.worldartisanday.com
worldartisanday.com
artisanday.com
*.artisanday.org
*.artisansday.com
*.artisanday.com
artisansday.org
artisanday.org
artisansday.com
*.artisansday.org
*.worldartisansday.org
worldartisansday.org
*.worldartisansday.com
worldartisansday.com
handmade.com
*.handmade.com
novica.co.uk
*.novica.co.uk
novica.uk
*.novica.uk
*.es.novica.com
*.novica.es
novica.es
*.novica.ca
*.worldartisanday.org
worldartisanday.org
*.worldartisanday.com
worldartisanday.com
artisanday.com
*.artisanday.org
*.artisansday.com
*.artisanday.com
artisansday.org
artisanday.org
artisansday.com
*.artisansday.org
*.worldartisansday.org
worldartisansday.org
*.worldartisansday.com
worldartisansday.com
handmade.com
*.handmade.com
novica.co.uk
*.novica.co.uk
novica.uk
*.novica.uk
*.es.novica.com
*.novica.es
novica.es
Other certificates including the domain name novica.ca
(limited to 100 certificates)
Certificate
The complete raw certificate details for novica.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJUTCCBzmgAwIBAgIQDqSf6sqgWb07b/YQQgzgoTANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN MjMwMTE3MDAwMDAwWhcNMjMxMDI5MjM1OTU5WjAUMRIwEAYDVQQDEwlub3ZpY2Eu Y2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkhsywIyd6SAUP54sn r1B3y8RhFm5oKBoNKavO+x0rR7XIJoZ67RCj5TbJdMGY0Zt/mAVPRiHBA3Zf8mzM Q1pu/IQZf9eaTv4lJYlYPoJV8kFIurmyj1yvV2HRvLaEWbpzToVt8nVA20i3s6Uj Jje3eSdFHrS5x55hcUoYWiK3X/G5nT6GtUafFxxqt0+6939MjCD5dG+fj8TC3nMn LF5yWK7o0btU8nQZhXwbn9/fPe7naPQbROUrEN+MWieGGdUMqmu/2AO7enEyFKV9 b1qN50/QdsEr7jHzwePSvKxeRw4ipOmiAYWn/geMvEwev5ktKLxAFQXh3WmtKZ6W Wr59AgMBAAGjggVVMIIFUTAfBgNVHSMEGDAWgBSltNbrNsTna6bfxGQLASogBLhm IzAdBgNVHQ4EFgQUGZKiIq9djX+Da0fVUBZwoCtfeEMwggHiBgNVHREEggHZMIIB 1YIJbm92aWNhLmNhggsqLm5vdmljYS5jYYIVKi53b3JsZGFydGlzYW5kYXkub3Jn ghN3b3JsZGFydGlzYW5kYXkub3JnghUqLndvcmxkYXJ0aXNhbmRheS5jb22CE3dv cmxkYXJ0aXNhbmRheS5jb22CDmFydGlzYW5kYXkuY29tghAqLmFydGlzYW5kYXku b3JnghEqLmFydGlzYW5zZGF5LmNvbYIQKi5hcnRpc2FuZGF5LmNvbYIPYXJ0aXNh bnNkYXkub3Jngg5hcnRpc2FuZGF5Lm9yZ4IPYXJ0aXNhbnNkYXkuY29tghEqLmFy dGlzYW5zZGF5Lm9yZ4IWKi53b3JsZGFydGlzYW5zZGF5Lm9yZ4IUd29ybGRhcnRp c2Fuc2RheS5vcmeCFioud29ybGRhcnRpc2Fuc2RheS5jb22CFHdvcmxkYXJ0aXNh bnNkYXkuY29tggxoYW5kbWFkZS5jb22CDiouaGFuZG1hZGUuY29tggxub3ZpY2Eu Y28udWuCDioubm92aWNhLmNvLnVrgglub3ZpY2EudWuCCyoubm92aWNhLnVrgg8q LmVzLm5vdmljYS5jb22CCyoubm92aWNhLmVzgglub3ZpY2EuZXMwDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBnwYDVR0fBIGX MIGUMEigRqBEhkJodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vR2VvVHJ1c3RHbG9i YWxUTFNSU0E0MDk2U0hBMjU2MjAyMkNBMS5jcmwwSKBGoESGQmh0dHA6Ly9jcmw0 LmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIy Q0ExLmNybDA+BgNVHSAENzA1MDMGBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRw Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYcGCCsGAQUFBwEBBHsweTAkBggrBgEF BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFEGCCsGAQUFBzAChkVodHRw Oi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vR2VvVHJ1c3RHbG9iYWxUTFNSU0E0MDk2 U0hBMjU2MjAyMkNBMS5jcnQwCQYDVR0TBAIwADCCAYEGCisGAQQB1nkCBAIEggFx BIIBbQFrAHcA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4AAAGFwek3 7QAABAMASDBGAiEAk9CmzTGbP/FSY16UEH2btQ3YAZsbzviyRzNdrZXUXOgCIQD3 JFrOuGoJ9w8HQD57XvZDrEHtkuULOlASl0zh6gPauAB3ALNzdwfhhFD4Y4bWBanc EQlKeS2xZwwLh9zwAw55NqWaAAABhcHpOEgAAAQDAEgwRgIhAIuZ+ZNPdMx3svw3 8hKxCnhcSnf/4h0dh3us5D/rDnXgAiEAq5kh8BOSNDCsYQJGkdDxanKJnuWaIh5j OFxV0k97hLYAdwC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYXB 6TgGAAAEAwBIMEYCIQCXvClMe11PXPlBBzhno3s9BratdFbq0QuNCX2NgZU+ywIh AINfS3urDdutuh1u4ebpqk+NrCwcoHcA85Orjq7QyoVvMA0GCSqGSIb3DQEBCwUA A4ICAQAfwAoJKJuop7I6lGxfALEQcCKaJX8xS+pnH99VccI73VtAqc1eqBf/huwX zi2SpY/q+4OyeHY56vz5fCVGLlib+eC+GxaiwCzu87Pa4rCieztii2R9v4oRtvZu 8at8ZzZ+wfW5ARZ/7dfDsJlg9D2SHlM/vGRCG7BYhtIpx+k5ECJl2bgLbEVp9vqm ngW33Ovob6kbfk+7LIuyhncVTbFX+iewZippcTj5U5j7L4pykXHCxO3CxBXWvwHO LVQx8Z5xtLr6/KmcNDH4XIxmSijQdt/L/SIBwY94Q0vYOHDGrBYFeyVrt0GZWtU3 GireeHmhiId4B5LeFrJR/B2DJPiPVIUQdnqz6pW4kiqk1nedi2GBBz0rRKO4ktnY Hdq96dp0sGvFcFY5P6Pwd0h/GN9eO8kWgy+UyjshFwgokfVKeuWeaip3DpyS+MZT +yru5bGctH7lGxHAqs6Vcz+C6T0KPQnMDx4EyBQqDX/zIZbPZ+IpTHZXd+7FQVvO f63nRc7K9KFAiL2+B8PM2CXqUFfr2cJETNf3CB1nfrzCKbx4sFG3JYBbUWEXqg0O kEQe6vbbDNG+3DnvAc7VD3Ynx+lm5ufpLNcmy6gBbkE5SmxSjl1wAmIHn7WnTZwF 1/0MeY/QjgyiR8CeQjJSOSndeRoTiRySCqFnRUwLF4Xaoh217w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIbMsCMnekgFD+eLJ69Q d8vEYRZuaCgaDSmrzvsdK0e1yCaGeu0Qo+U2yXTBmNGbf5gFT0YhwQN2X/JszENa bvyEGX/Xmk7+JSWJWD6CVfJBSLq5so9cr1dh0by2hFm6c06FbfJ1QNtIt7OlIyY3 t3knRR60uceeYXFKGFoit1/xuZ0+hrVGnxccardPuvd/TIwg+XRvn4/Ewt5zJyxe cliu6NG7VPJ0GYV8G5/f3z3u52j0G0TlKxDfjFonhhnVDKprv9gDu3pxMhSlfW9a jedP0HbBK+4x88Hj0rysXkcOIqTpogGFp/4HjLxMHr+ZLSi8QBUF4d1prSmellq+ fQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 19463972131015366801569266944384491681 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-29 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'novica.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20769554156223149402740069217432473361796809483640350193167759098371365226018462425414982613935223080890649792770363135613419892954271248607751329145723650587342201773740973552070453903184693961559197689149112297716823221296568425486236007845039420687590884757759783340745794191730555208982099363616756225999415824624085877232673776666471345297189409275627211155970260075398923615577804645511781457562709143032618984962342050857345047759189451277099999674041408874369125497271840201825967264451641623401558303076597810271146577260118819203749495054746010506686917524546675213143691541757607217422534602547050592255613 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1992a222af5d8d7f836b47d5501670a02b5f7843 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (473 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'novica.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.novica.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.worldartisanday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'worldartisanday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.worldartisanday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'worldartisanday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'artisanday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.artisanday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.artisansday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.artisanday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'artisansday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'artisanday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'artisansday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.artisansday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.worldartisansday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'worldartisansday.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.worldartisansday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'worldartisansday.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'handmade.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.handmade.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'novica.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.novica.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'novica.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.novica.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.es.novica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.novica.es' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'novica.es' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (369 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) 016b007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000185c1e937ed000004030048304602210093d0a6cd319b3ff152635e94107d9bb50dd8019b1bcef8b247335dad95d45ce8022100f7245aceb86a09f70f07403e7b5ef643ac41ed92e50b3a5012974ce1ea03dab8007700b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000185c1e9384800000403004830460221008b99f9934f74cc77b2fc37f212b10a785c4a77ffe21d1d877bace43feb0e75e0022100ab9921f013923430ac61024691d0f16a72899ee59a221e63385c55d24f7b84b6007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000185c1e93806000004030048304602210097bc294c7b5d4f5cf941073867a37b3d06b6ad7456ead10b8d097d8d81953ecb022100835f4b7bab0ddbadba1d6ee1e6e9aa4f8dac2c1ca07700f393ab8eaed0ca856f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 001fc00a09289ba8a7b23a946c5f00b11070229a257f314bea671fdf5571c23bdd5b40a9cd5ea817ff86ec17ce2d92a58feafb83b2787639eafcf97c25462e589bf9e0be1b16a2c02ceef3b3dae2b0a27b3b628b647dbf8a11b6f66ef1ab7c67367ec1f5b901167fedd7c3b09960f43d921e533fbc64421bb05886d229c7e939102265d9b80b6c4569f6faa69e05b7dcebe86fa91b7e4fbb2c8bb28677154db157fa27b0662a697138f95398fb2f8a729171c2c4edc2c415d6bf01ce2d5431f19e71b4bafafca99c3431f85c8c664a28d076dfcbfd2201c18f78434bd83870c6ac16057b256bb741995ad5371a2ade7879a18887780792de16b251fc1d8324f88f548510767ab3ea95b8922aa4d6779d8b6181073d2b44a3b892d9d81ddabde9da74b06bc57056393fa3f077487f18df5e3bc916832f94ca3b2117082891f54a7ae59e6a2a770e9c92f8c653fb2aeee5b19cb47ee51b11c0aace95733f82e93d0a3d09cc0f1e04c8142a0d7ff32196cf67e2294c765777eec5415bce7fade745cecaf4a14088bdbe07c3ccd825ea5057ebd9c2444cd7f7081d677ebcc229bc78b051b725805b516117aa0d0e90441eeaf6db0cd1bedc39ef01ced50f7627c7e966e6e7e92cd726cba8016e41394a6c528e5d700262079fb5a74d9c05d7fd0c798fd08e0ca247c09e4232523929dd791a13891c920aa167454c0b1785daa21db5ef