EV SSL/TLS Certificate for www.lotto-bw.de Issued to Staatliche Toto-Lotto GmbH

Certificate is witin its validity period

Issued by DigiCert Inc (Thawte EV RSA CA G2)

About the www.lotto-bw.de EV SSL/TLS Certificate

This certificate with serial number 07:50:f9:f2:1b:33:fd:55:df:08:df:8e:20:d7:58:0c for www.lotto-bw.de was issued on by DigiCert Inc.

With 6 subject alternative names, this certificate can be used to secure multiple FQDNs. This EV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this EV SSL/TLS Certificate review for www.lotto-bw.de provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

DigiCert Inc

Organization: DigiCert Inc
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 07:50:f9:f2:1b:33:fd:55:df:08:df:8e:20:d7:58:0c
Serial Number (int): 9725049220802781863255765932337223692
Serial Number Length: 123 bits, 16 octets

Subject Key Identifier: a8:35:76:98:68:8f:9a:cc:bb:e8:54:af:a8:84:5b:28:8c:5e:fc:bf
Authority Key Identifier: 6c:2e:e4:61:b4:c3:b9:bd:f0:ca:ad:a6:c1:68:7a:b8:d4:cc:1d:a0

Fingerprint (SHA-1): b6:9a:ab:f1:69:95:07:26:d9:c1:62:f1:91:ca:8b:27:62:44:96:d2
Fingerprint (SHA-256): d8:81:11:b5:ee:a9:70:c3:52:c3:1c:20:88:4a:8a:ef:c4:61:11:02:75:67:90:5e:85:6a:c1:ea:9f:90:b3:77

Issuing Certificate URL: http://cacerts.digicert.com/ThawteEVRSACAG2.crt

Revocation Information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ThawteEVRSACAG2.crl
CRL Distribution Point: http://crl4.digicert.com/ThawteEVRSACAG2.crl

Check the revocation status for certificate www.lotto-bw.de
6
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.lotto-bw.de

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

www.lotto-bw.de
lotto-bw.de
facebook.lotto-bw.de
games.lotto-bw.de
geschaeftsbericht.lotto-bw.de
wartung.lotto-bw.de

X.509 Certificate

The complete raw X.509 certificate details for www.lotto-bw.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHkDCCBnigAwIBAgIQB1D58hsz/VXfCN+OINdYDDANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRwwGgYDVQQDExNU
aGF3dGUgRVYgUlNBIENBIEcyMB4XDTI0MDcyNTAwMDAwMFoXDTI1MDgxMTIzNTk1
OVowggEEMRMwEQYLKwYBBAGCNzwCAQMTAkRFMSMwIQYLKwYBBAGCNzwCAQIMEkJh
ZGVuLVfDvHJ0dGVtYmVyZzEaMBgGCysGAQQBgjc8AgEBEwlTdHV0dGdhcnQxHTAb
BgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRAwDgYDVQQFEwdIUkIgOTE3MQsw
CQYDVQQGEwJERTEbMBkGA1UECAwSQmFkZW4tV8O8cnR0ZW1iZXJnMRIwEAYDVQQH
EwlTdHV0dGdhcnQxIzAhBgNVBAoTGlN0YWF0bGljaGUgVG90by1Mb3R0byBHbWJI
MRgwFgYDVQQDEw93d3cubG90dG8tYncuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDj2tMFuGPpGuvi1ckKvUOH+KfWepFNbWpHCosFHCOHLdsBydV/
YNFfKSFT0eYqF8GqP2JYPZJXml2s2N+HvZywHm44H37aVQxhVPwKda7VKMjJNsIB
++6JaDRLyUFNGD/zyWlWDAOMg0gQW6CM599252pooydr/eC1FdZpzZEDDU+WhcKv
/2zMaUT8bpeZZtJ0lB1gilbCBNRgn91VE/NlWANjiICSHbOZlT1rcBAQf5o3FIzP
8OdQnCOXE8E+MvYFSzHMutETeaAT+YgG/zqnBMCSUcfys/SqIs8OxdMYoNQTftl7
IkNjDDUWr/a7Jydb5TNvYeJVWCVbl2pyNTjdAgMBAAGjggO8MIIDuDAfBgNVHSME
GDAWgBRsLuRhtMO5vfDKrabBaHq41MwdoDAdBgNVHQ4EFgQUqDV2mGiPmsy76FSv
qIRbKIxe/L8wgYQGA1UdEQR9MHuCD3d3dy5sb3R0by1idy5kZYILbG90dG8tYncu
ZGWCFGZhY2Vib29rLmxvdHRvLWJ3LmRlghFnYW1lcy5sb3R0by1idy5kZYIdZ2Vz
Y2hhZWZ0c2JlcmljaHQubG90dG8tYncuZGWCE3dhcnR1bmcubG90dG8tYncuZGUw
SgYDVR0gBEMwQTALBglghkgBhv1sAgEwMgYFZ4EMAQEwKTAnBggrBgEFBQcCARYb
aHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwcQYDVR0fBGowaDAyoDCgLoYsaHR0
cDovL2NybDMuZGlnaWNlcnQuY29tL1RoYXd0ZUVWUlNBQ0FHMi5jcmwwMqAwoC6G
LGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9UaGF3dGVFVlJTQUNBRzIuY3JsMHEG
CCsGAQUFBwEBBGUwYzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQu
Y29tMDsGCCsGAQUFBzAChi9odHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vVGhh
d3RlRVZSU0FDQUcyLmNydDAMBgNVHRMBAf8EAjAAMIIBfgYKKwYBBAHWeQIEAgSC
AW4EggFqAWgAdgAS8U40vVNyTIQGGcOPP3oT+Oe1YoeInG0wBYTr5YYmOgAAAZDp
gmCBAAAEAwBHMEUCIH/jy2nz5CuKOKAFaDcxRoVBwh1CsnTB5GBPQEb0tpQ2AiEA
+oi8NOePSKv784dY1qig2fymfrL0k49cvr++1pS/RQwAdgB9WR4S4XgqexxhZ3xe
/fjQh1wUoE6VnrkDL9kOjC55uAAAAZDpgl/+AAAEAwBHMEUCICUiG/Qq3inF6e08
6V6S7iQ2r6h9H6MBSxBJPrPiNkpSAiEAiErSlPl/zfklLam69xv0VEOexj/zt0op
dRoTH4UCNpgAdgDm0jFjQHeMwRBBBtdxuc7B0kD2loSG+7qHMh39HjeOUAAAAZDp
gmANAAAEAwBHMEUCIGKwXySv4Dv4dlrOv4TQJh2dMXZA/StrdCELTQcLnFqSAiEA
y1mBXdM/oHdL+fyoAEVtc/4qdg0HfoBf8TYEbO2VIuMwDQYJKoZIhvcNAQELBQAD
ggEBAGEezLDI7c9LptDRCws7SEkbiHOau04PdS4zR4sBn9Qza7qcYaR9XAZapxYu
wsjjcWOTJoGQVWLuCjI3Z6seKKYkSqZ6qYFAtUeTSqjrrCgfqaU6/y5t94HUlA4x
sIQqmU9p3xw38VnEe1L4X40V4hL7C7KxrIaQkjUrN24RWeJY7tTqzuWlB3R2j8Hk
kXRtA/q+6IJvKhsYS9jfx4rmoXLbBHW5JOE+IbboYUnUeTl0A2MXvmhJK2k7GP5D
RiGodtIQhNkYaH0OlV8b7XJA0rAdVphN2KjacAA+XuaHWXyufbPe7n23+d4eeY4f
68WjbtDvFPDREtuos1vjt3GjLiA=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49rTBbhj6Rrr4tXJCr1D
h/in1nqRTW1qRwqLBRwjhy3bAcnVf2DRXykhU9HmKhfBqj9iWD2SV5pdrNjfh72c
sB5uOB9+2lUMYVT8CnWu1SjIyTbCAfvuiWg0S8lBTRg/88lpVgwDjINIEFugjOff
dudqaKMna/3gtRXWac2RAw1PloXCr/9szGlE/G6XmWbSdJQdYIpWwgTUYJ/dVRPz
ZVgDY4iAkh2zmZU9a3AQEH+aNxSMz/DnUJwjlxPBPjL2BUsxzLrRE3mgE/mIBv86
pwTAklHH8rP0qiLPDsXTGKDUE37ZeyJDYww1Fq/2uycnW+Uzb2HiVVglW5dqcjU4
3QIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 9725049220802781863255765932337223692
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte EV RSA CA G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-25 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-11 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Baden-Württemberg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Stuttgart'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HRB 917'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Baden-Württemberg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Stuttgart'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Staatliche Toto-Lotto GmbH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.lotto-bw.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28764001514323293897032718222738694373095611710203497129018339297168649354395809248237116526066566202209145194780737860012123005183563737329045893571746452228409177920568459597570668294817567751057019840904738491300313427291792451283420689522479977751036375540976601448557494278875410845504716076867598049247791123957691511301917071825705843734663941033550230793780929725901575306721715834157905419742892225987096770077332440136157102813221092796079832678233213960163609258978539315798640622117700737990699259397497240260454791622510572643449677070032787785409975584913196307093396936242429545759533359065875256522973
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6c2ee461b4c3b9bdf0caada6c1687ab8d4cc1da0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a8357698688f9accbbe854afa8845b288c5efcbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (125 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lotto-bw.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lotto-bw.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'facebook.lotto-bw.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'games.lotto-bw.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'geschaeftsbericht.lotto-bw.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wartung.lotto-bw.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ThawteEVRSACAG2.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ThawteEVRSACAG2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (101 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/ThawteEVRSACAG2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							016800760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000190e9826081000004030047304502207fe3cb69f3e42b8a38a005683731468541c21d42b274c1e4604f4046f4b69436022100fa88bc34e78f48abfbf38758d6a8a0d9fca67eb2f4938f5cbebfbed694bf450c0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b800000190e9825ffe0000040300473045022025221bf42ade29c5e9ed3ce95e92ee2436afa87d1fa3014b10493eb3e2364a52022100884ad294f97fcdf9252da9baf71bf454439ec63ff3b74a29751a131f85023698007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e5000000190e982600d0000040300473045022062b05f24afe03bf8765acebf84d0261d9d317640fd2b6b74210b4d070b9c5a92022100cb59815dd33fa0774bf9fca800456d73fe2a760d077e805ff136046ced9522e3
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00611eccb0c8edcf4ba6d0d10b0b3b48491b88739abb4e0f752e33478b019fd4336bba9c61a47d5c065aa7162ec2c8e37163932681905562ee0a323767ab1e28a6244aa67aa98140b547934aa8ebac281fa9a53aff2e6df781d4940e31b0842a994f69df1c37f159c47b52f85f8d15e212fb0bb2b1ac869092352b376e1159e258eed4eacee5a50774768fc1e491746d03fabee8826f2a1b184bd8dfc78ae6a172db0475b924e13e21b6e86149d4793974036317be68492b693b18fe434621a876d21084d918687d0e955f1bed7240d2b01d56984dd8a8da70003e5ee687597cae7db3deee7db7f9de1e798e1febc5a36ed0ef14f0d112dba8b35be3b771a32e20