www.vachok.ru

Issued by GlobalSign Domain Validation CA - SHA256 - G2

About this certificate

This digital certificate with serial number 76:7e:67:4f:c9:52:72:31:1c:16:78:b5 was issued on by GlobalSign nv-sa.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:

  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

www.vachok.ru

Organization unit: Domain Control Validated
Country: RU

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate has expire since

Certificate Details

Serial Number (hex): 76:7e:67:4f:c9:52:72:31:1c:16:78:b5
Serial Number (int): 36672043687737461687012718773
Serial Number lenght: 95 bits, 12 octets

SubjectKeyId: 5a:71:09:fc:99:ba:1f:e0:7d:a0:b9:75:66:4e:4f:37:1b:ad:f2:f0
AuthorityKeyId: ea:4e:7c:d4:80:2d:e5:15:81:86:26:8c:82:6d:c0:98:a4:cf:97:0f

Fingerprint (sha1): 18:aa:d5:04:ae:86:7a:45:05:58:1c:63:a5:58:13:30:6c:ab:cb:e8
Fingerprint (sha256): 00:17:dc:e5:78:a4:f7:02:13:bd:fc:ff:a7:2a:fd:68:62:50:02:0e:eb:29:51:7e:fb:40:2f:74:68:7c:a6:6f

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsdomainvalsha2g2r1.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsdomainvalsha2g2
CRL Distribution Point: http://crl.globalsign.com/gs/gsdomainvalsha2g2.crl

Check the revocation status for certificate www.vachok.ru

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.vachok.ru


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.vachok.ru
vachok.ru

Other certificates including the domain name vachok.ru

(limited to 100 certificates)

Certificate

The complete raw certificate details for www.vachok.ru in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIeDCCB2CgAwIBAgIMdn5nT8lScjEcFni1MA0GCSqGSIb3DQEBCwUAMGAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcN
MTcwNzA0MTgwNDU1WhcNMTgwNzA1MTgwNDU1WjBIMQswCQYDVQQGEwJSVTEhMB8G
A1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRYwFAYDVQQDEw13d3cudmFj
aG9rLnJ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAt9PqtICkQKgL
na9LZdfGecT5HINPA1Yl0Ieg+tI7vD0J0pSfCaLAizH/1yqWqXnAgv8KlIkfxbDJ
GZPLxaRBkFQmAgL0vMw4R0Cu6ZRluW3giCqPRsr3rwsohVcPN8edX4z+RZ9RuHwt
xbvaZqxIWyjgeAVfTYKpz7/vUgGAEWSdI5zqb3agnDgRs7JR6p1RvKr7M7M1Yuv0
sMmLUYZWK1PA89QDCAQNpqk8TgnXg85Y48/A85lU1sMZxQknAxjbzt3cj+E0yryV
xVpzZE0TqlXwnkigEfqUhAFN7suX+Dxu0/qHIY9dj22VJbFHsEK2HSgmfZFWE2ij
gpZI2wAlCuB7kqpufhi5DrLKYlrQiDE67SBqlsw8M/ezS5+FLl2O0IfneV7Czxx8
1q1arDnJsEj2MVHNDa/9rjkuYiYj3rRgwLnkfCNet7NsM6V0yUf3lX2/JPo9LF/s
khamq+06YTVZV7NQBAna9OYTsGk65X41WBffgJrcBpmPA0UJbmMOXx7pj6smnBuv
EPQX2e9ju2fjuulIMi8657enf3d3G7qHuGprfSJ/PtCsSeCfvq4CFoI1xlDla/fN
oKOOPxzOG8VZ8e4/KVRNqIFjhFDdH94JTDuQpjuY8Mf+X/J5RWevn6MjFIMQtZmN
AYbOuIwiGrkD9I+8PdzcNCH+36nd8hECAwEAAaOCBEgwggREMA4GA1UdDwEB/wQE
AwIFoDCBlAYIKwYBBQUHAQEEgYcwgYQwRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1
cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZG9tYWludmFsc2hhMmcycjEuY3J0
MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21h
aW52YWxzaGEyZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcC
ARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EM
AQIBMAkGA1UdEwQCMAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9i
YWxzaWduLmNvbS9ncy9nc2RvbWFpbnZhbHNoYTJnMi5jcmwwIwYDVR0RBBwwGoIN
d3d3LnZhY2hvay5ydYIJdmFjaG9rLnJ1MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjAdBgNVHQ4EFgQUWnEJ/Jm6H+B9oLl1Zk5PNxut8vAwHwYDVR0jBBgw
FoAU6k581IAt5RWBhiaMgm3AmKTPlw8wggJtBgorBgEEAdZ5AgQCBIICXQSCAlkC
VwB1AN3rHSt6DU+mIIuBrYFocH4ujp0B1VyIjT0RxM227L7MAAABXQ7GzxQAAAQD
AEYwRAIgR6lWYAKb3k9wFjESrXe6VbbCVDLQOfQTtOZrWlLJbD0CIC6A5LfgAvLo
dViiZry9GUZTrJtJlsHlTOBW1tgJfrbFAHUAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZ
EVzA75SYVdaJ0N0AAAFdDsbPKgAABAMARjBEAiAu0wx2qb5QfPg5oTRfEEJmT2Jx
/n+p6sLB3KD/d8VufAIgcg8vZY9JkraLwEi5jozpaMfZ0xqqITGpSL+h5GJNWUQA
dgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAV0OxtIuAAAEAwBH
MEUCIQCPQvuwD4fgupDBJlFH8RjDv0XmvkTOjCorM9a8g6U4WwIgTAz8QPTlsf/J
0SKJonZyk5LTQUSBGZbwKB7vkTo19JAAdwC72d+8H4pxtZOUI5eqkntHOFeVCqtS
6BqQlmQ2jh7RhQAAAV0OxtLVAAAEAwBIMEYCIQDrnwMKuAXmJ87LqiVZHF5FZkvM
ZzdUF2D0d29gMNYBbAIhAPzeb4yqxMoiZarv8JSS34xKu/oUVQsINRuTzqT3V1CR
AHYA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFdDsbVBQAABAMA
RzBFAiAoOHqT3bVU67LCCjp/WmYUOtwwJbsvTXM/lQES9ENfhAIhANs2gOZ3cnoj
ovFI2wVr7lysZmLS2O6j+08xGXS3RYUgMA0GCSqGSIb3DQEBCwUAA4IBAQASkA0r
6jiPqVfgM2eLGVWJTH/Nj0Pj4j4oRQTx7R0fp/6+zhFaYrlOiIfn5WBQPuPztmsU
Tvzs1fIkC+ipDUyzLV2xU6jW/cZ1yDNZSfB/cEsUYntRD1H33qPyOxAZKGgY8Ago
f+yPG0uUVIJAPwhWJLAZTYJ4mMcvWKnJNpj6VIGXepU3dl8OriASyXUL0Ei4987l
242AfCtZ73rFGMkGY9jaGL+fITDMV87VHT2B+gzaKJmpNypL5XrLcyBaXF676LsV
YQURdx+PKVhLDLhe8WwcUJReSuA3RSFk6ZTUjbHnkFJBInq0LL1hBrhAd4ufk8tx
Jc8VcVC0W2+nbB8z
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAt9PqtICkQKgLna9LZdfG
ecT5HINPA1Yl0Ieg+tI7vD0J0pSfCaLAizH/1yqWqXnAgv8KlIkfxbDJGZPLxaRB
kFQmAgL0vMw4R0Cu6ZRluW3giCqPRsr3rwsohVcPN8edX4z+RZ9RuHwtxbvaZqxI
WyjgeAVfTYKpz7/vUgGAEWSdI5zqb3agnDgRs7JR6p1RvKr7M7M1Yuv0sMmLUYZW
K1PA89QDCAQNpqk8TgnXg85Y48/A85lU1sMZxQknAxjbzt3cj+E0yryVxVpzZE0T
qlXwnkigEfqUhAFN7suX+Dxu0/qHIY9dj22VJbFHsEK2HSgmfZFWE2ijgpZI2wAl
CuB7kqpufhi5DrLKYlrQiDE67SBqlsw8M/ezS5+FLl2O0IfneV7Czxx81q1arDnJ
sEj2MVHNDa/9rjkuYiYj3rRgwLnkfCNet7NsM6V0yUf3lX2/JPo9LF/skhamq+06
YTVZV7NQBAna9OYTsGk65X41WBffgJrcBpmPA0UJbmMOXx7pj6smnBuvEPQX2e9j
u2fjuulIMi8657enf3d3G7qHuGprfSJ/PtCsSeCfvq4CFoI1xlDla/fNoKOOPxzO
G8VZ8e4/KVRNqIFjhFDdH94JTDuQpjuY8Mf+X/J5RWevn6MjFIMQtZmNAYbOuIwi
GrkD9I+8PdzcNCH+36nd8hECAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 36672043687737461687012718773
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Domain Validation CA - SHA256 - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-07-04 18:04:55 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-05 18:04:55 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RU'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.vachok.ru'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 749951994074114856944202611312766108933859084863410892401810781674381548370185833436451906810189779756518733233623558406905920378152224222154050258143191674963301605308801973858248143242825196390422051182685807866104194514216827227587492937950065131510423717912410875124092089327012574339133764310728111443432921881059146573951317106634017888772648502257598961221354238541892784438484080477069474188952887994694925762485842791894215612682807039180052370357223615075999278155389840678926590217884235392693524988380777268799518463832936935517386762535346770290041768059880126222525211357249260492875767123004027323954323619288333859317616376539504630360553496464654032270193599471750853064737295230701426793127579609509320966757280488470057651742185076818720768419359967997409864587514762290598969618770195363580203959870602851002166419466818236072194248924057506676223660085709367556004712661667864319936460143809421551048229190732276508947081421821636231797007288470571244198588744654050305280721237362212093402095850517030303661522129654281854221012590365695648647482462275241267151197669377779212068324124243344179305914255476125528365595597014006684230228945055299004305321639557756593616495431199479361717391481671677532824269329
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsdomainvalsha2g2r1.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsdomainvalsha2g2'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10 (globalsignDVPolicy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsdomainvalsha2g2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.vachok.ru'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vachok.ru'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5a7109fc99ba1fe07da0b975664e4f371badf2f0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ea4e7cd4802de5158186268c826dc098a4cf970f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (605 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (601 bytes)
							0257007500ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015d0ec6cf140000040300463044022047a95660029bde4f70163112ad77ba55b6c25432d039f413b4e66b5a52c96c3d02202e80e4b7e002f2e87558a266bcbd194653ac9b4996c1e54ce056d6d8097eb6c50075005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd0000015d0ec6cf2a000004030046304402202ed30c76a9be507cf839a1345f1042664f6271fe7fa9eac2c1dca0ff77c56e7c0220720f2f658f4992b68bc048b98e8ce968c7d9d31aaa2131a948bfa1e4624d5944007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015d0ec6d22e00000403004730450221008f42fbb00f87e0ba90c1265147f118c3bf45e6be44ce8c2a2b33d6bc83a5385b02204c0cfc40f4e5b1ffc9d12289a276729392d34144811996f0281eef913a35f490007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000015d0ec6d2d50000040300483046022100eb9f030ab805e627cecbaa25591c5e45664bcc6737541760f4776f6030d6016c022100fcde6f8caac4ca2265aaeff09492df8c4abbfa14550b08351b93cea4f7575091007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000015d0ec6d5050000040300473045022028387a93ddb554ebb2c20a3a7f5a66143adc3025bb2f4d733f950112f4435f84022100db3680e677727a23a2f148db056bee5cac6662d2d8eea3fb4f311974b7458520
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0012900d2bea388fa957e033678b1955894c7fcd8f43e3e23e284504f1ed1d1fa7febece115a62b94e8887e7e560503ee3f3b66b144efcecd5f2240be8a90d4cb32d5db153a8d6fdc675c8335949f07f704b14627b510f51f7dea3f23b1019286818f008287fec8f1b4b945482403f085624b0194d827898c72f58a9c93698fa5481977a9537765f0eae2012c9750bd048b8f7cee5db8d807c2b59ef7ac518c90663d8da18bf9f2130cc57ced51d3d81fa0cda2899a9372a4be57acb73205a5c5ebbe8bb15610511771f8f29584b0cb85ef16c1c50945e4ae037452164e994d48db1e7905241227ab42cbd6106b840778b9f93cb7125cf157150b45b6fa76c1f33