It's taken the trailing bracket as part of the url - try this.

There isn't any compromised "part". Some certificates were fraudulently signed, and they've since been revoked (and, as far as I'm aware, have never actually been seen in use). If the browser is handling the CRLs properly then the certificates will be flagged as invalid. The only level above this is to flag the issuing certificate as invalid, in which case you automatically distrust every single certificate they have issued (or will issue in future). In the case of the large CAs (like Comodo) this is just not a workable option.

Admittedly, this is not an ideal solution and there are lots of people talking about replacements for the current SSL setup. Unfortunately nobody seems to have come up with a solution that's acceptable.