www.kiesli.nl

Issued by COMODO RSA Domain Validation Secure Server CA

About this certificate

This digital certificate with serial number a1:c4:da:dd:e3:d4:92:2b:3b:00:95:21:8d:d9:a7:e2 was issued on by COMODO CA Limited.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.kiesli.nl,OU=Domain Control Validated+OU=EssentialSSL

COMODO CA Limited

Organization: COMODO CA Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): a1:c4:da:dd:e3:d4:92:2b:3b:00:95:21:8d:d9:a7:e2
Serial Number (int): 215027836650871873235447630802514978786
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 0e:34:43:63:8e:78:9d:44:aa:ad:a2:7b:63:cd:6c:59:ec:11:6b:d6
AuthorityKeyId: 90:af:6a:3a:94:5a:0b:d8:90:ea:12:56:73:df:43:b4:3a:28:da:e7

Fingerprint (sha1): de:c1:4d:a9:b6:bf:a3:bc:7f:a6:2e:d5:c8:e6:e7:7d:8e:ee:ad:79
Fingerprint (sha256): 00:0d:71:15:d2:cb:69:ec:c2:a3:2d:43:ba:13:48:0a:2d:27:fb:42:34:c5:d8:da:0d:ff:0f:df:2f:9d:12:45

Issuing Certificate URL: http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.comodoca.com
CRL Distribution Point: http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl

Check the revocation status for certificate www.kiesli.nl

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.kiesli.nl

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.kiesli.nl
kiesli.nl

Other certificates including the domain name kiesli.nl

(limited to 100 certificates)
www.kiesli.nl
kiesli.nl
www.kiesli.nl
www.kiesli.nl
kiesli.nl
www.kiesli.nl
www.kiesli.nl
kiesli.nl
www.kiesli.nl
kiesli.nl
www.kiesli.nl
www.kiesli.nl

Certificate

The complete raw certificate details for www.kiesli.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgIRAKHE2t3j1JIrOwCVIY3Zp+IwDQYJKoZIhvcNAQELBQAw
gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
Q0EwHhcNMTYxMTIyMDAwMDAwWhcNMTcxMTIyMjM1OTU5WjBSMSEwHwYDVQQLExhE
b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFTATBgNVBAsTDEVzc2VudGlhbFNTTDEW
MBQGA1UEAxMNd3d3LmtpZXNsaS5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
AgoCggIBAPi6FYD8FSLms85AMkowesNgOYBdQV1CRTUSoQgdLmruj7BdecvjtEyv
46YWkzYL3x/qCptWqQwupDuwXnJ1j+y7d1MeWi6z5ALU0kIl2b6w1YB2dp4f0bBZ
5rvbA02HV2T7nI0tp2g2OPh40Cuf1QoKEyPvkXe6++lLtvRxd/aj9kly40QsE3PB
Rt1kWsgV5c6suLIhjx8PQ4cR+zp/WYwYpdoPu2bVCwq4bG0rjBLNQZeLZO/LEI0X
R8py+Jb/8ZpDApf1kVo6SAbouxFQ9b6pZmxPgzWTcer30ABIGqvjfVKJO2ZBIDsS
ceG9UfXMB/0/2PbE5QwwDklFiEyOrxYap2Npy0HrZhlOWSMWPZEyyBhEtA8CwDWZ
fguYHk1Ys8BhmZAQl2nth6p27CXojtKsDQIiiRDs3E0bjjk5Ypeh08kcP+OT/3Rg
UAJciCc70E24MXfgyV9leABeiFVKWVyMppMcT4IZxH4/9k1G8VSM5aaaorQdNMqG
DkCwO8sQODEFoqCaU3AH9Pw+y7SgVQUCsxUSLStUrxx7Pr7r3hHtDBmMgYWX9kF8
q4a1mBh7imxMu56Cuo6ddhDwVSJzorvc1a0SSA1dy/umY9gcJuvAHY92iNY71xU/
qGT01lYN2/uBSwNY4DYf8nsOiEBnroJzsz9sMOVYcfy3rdNkF71bAgMBAAGjggHV
MIIB0TAfBgNVHSMEGDAWgBSQr2o6lFoL2JDqElZz30O0Oija5zAdBgNVHQ4EFgQU
DjRDY454nUSqraJ7Y81sWewRa9YwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1UdIARIMEYwOgYL
KwYBBAGyMQECAgcwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2Rv
LmNvbS9DUFMwCAYGZ4EMAQIBMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly9jcmwu
Y29tb2RvY2EuY29tL0NPTU9ET1JTQURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2
ZXJDQS5jcmwwgYUGCCsGAQUFBwEBBHkwdzBPBggrBgEFBQcwAoZDaHR0cDovL2Ny
dC5jb21vZG9jYS5jb20vQ09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNl
cnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29t
MCMGA1UdEQQcMBqCDXd3dy5raWVzbGkubmyCCWtpZXNsaS5ubDANBgkqhkiG9w0B
AQsFAAOCAQEAWJqp2cSI9PpLbUxCESkuIOKijxxuvBxev5GN1B9oCvrqs9VCpdwB
QUGGBQ9is9fUHQHRSun0+05/GkSqn4ro+kHJqMRWDnInPoR5LPxcMedwq4lAF8D+
IpPJcOpKujFADz5Kr4gKhWIQNKHKpIj68gO2xUghteRQCoypvCYLrcEhiI8Pz8DX
Tqswj1hmz39hhosv1CZT/D3XjXpz7zKcYRf1JjlpFk7DcbygcnTxroI5InFMzhHg
+l8+lobqrNq/FENJSMFnphs2mFERhywUzE2OK1KVYWoJp/9ZINMU3wP4MpDTFwn+
jcPhbAyKCeMYmP5aa6UgY6Xj0QCgJ3vUBA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA+LoVgPwVIuazzkAySjB6
w2A5gF1BXUJFNRKhCB0uau6PsF15y+O0TK/jphaTNgvfH+oKm1apDC6kO7BecnWP
7Lt3Ux5aLrPkAtTSQiXZvrDVgHZ2nh/RsFnmu9sDTYdXZPucjS2naDY4+HjQK5/V
CgoTI++Rd7r76Uu29HF39qP2SXLjRCwTc8FG3WRayBXlzqy4siGPHw9DhxH7On9Z
jBil2g+7ZtULCrhsbSuMEs1Bl4tk78sQjRdHynL4lv/xmkMCl/WRWjpIBui7EVD1
vqlmbE+DNZNx6vfQAEgaq+N9Uok7ZkEgOxJx4b1R9cwH/T/Y9sTlDDAOSUWITI6v
FhqnY2nLQetmGU5ZIxY9kTLIGES0DwLANZl+C5geTVizwGGZkBCXae2HqnbsJeiO
0qwNAiKJEOzcTRuOOTlil6HTyRw/45P/dGBQAlyIJzvQTbgxd+DJX2V4AF6IVUpZ
XIymkxxPghnEfj/2TUbxVIzlppqitB00yoYOQLA7yxA4MQWioJpTcAf0/D7LtKBV
BQKzFRItK1SvHHs+vuveEe0MGYyBhZf2QXyrhrWYGHuKbEy7noK6jp12EPBVInOi
u9zVrRJIDV3L+6Zj2Bwm68Adj3aI1jvXFT+oZPTWVg3b+4FLA1jgNh/yew6IQGeu
gnOzP2ww5Vhx/Let02QXvVsCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 215027836650871873235447630802514978786
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO RSA Domain Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-11-22 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-22 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'EssentialSSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.kiesli.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1014717183885815165760562143424850956642776331976355396159890621937715995175150325629091333955760395750755778356971576816676242907909709988543604071926568250615463570227902471654147125902895006969615695761138904749561612362337665033906779724296138551058887765084614492019620623931853305115975504808148387562321794277574474525082064234820585917498670284499988655580179146171142909711638701526181529929613571230443736670962996504698986164955796058434967736486843801179848533199276081685462761217288314107928316227496628885435342219637645695853558269584882370408329920278173383721363237934291800066681959764311866834296741619860277502505704172055348693191572553307836068062500246284425063708730592092664856436268009446494174000651958663556158063189636626771109836330682028627984902154181160072518552299642142047948741597441474250692889866980086285139616598328224638539802490737972939643764502785544459234542400783702857683966379887743988700762772076502617217417504436328420176119401740912119076102084782294279291637126203946821161598605055151197376733972033409167172190384630574647380266950131768320746344408676762530370548168236315268654275207886683010859808904977873171022800305767529280293903689024556158187301626612755960756725857627
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 90af6a3a945a0bd890ea125673df43b43a28dae7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0e3443638e789d44aaada27b63cd6c59ec116bd6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (77 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kiesli.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kiesli.nl'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00589aa9d9c488f4fa4b6d4c4211292e20e2a28f1c6ebc1c5ebf918dd41f680afaeab3d542a5dc01414186050f62b3d7d41d01d14ae9f4fb4e7f1a44aa9f8ae8fa41c9a8c4560e72273e84792cfc5c31e770ab894017c0fe2293c970ea4aba31400f3e4aaf880a85621034a1caa488faf203b6c54821b5e4500a8ca9bc260badc121888f0fcfc0d74eab308f5866cf7f61868b2fd42653fc3dd78d7a73ef329c6117f5263969164ec371bca07274f1ae823922714cce11e0fa5f3e9686eaacdabf14434948c167a61b36985111872c14cc4d8e2b5295616a09a7ff5920d314df03f83290d31709fe8dc3e16c0c8a09e31898fe5a6ba52063a5e3d100a0277bd404