sps-bcm.finance.swisslife.ch

- Swiss Life AG -

Issued by thawte Extended Validation SSL CA

About this certificate

This digital certificate with serial number 3c:b4:28:94:8b:a0:40:5d:47:d0:61:20:46:79:fe:4c was issued on by thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Swiss Life AG

Company registration number: CH-020.5.901.324-6
Organization: Swiss Life AG
Organization unit: CHIFB
State / Province: Zurich
Locality: Zurich
Country: CH

thawte, Inc.

Organization: thawte, Inc.
Organization unit: Terms of use at https://www.thawte.com/cps (c)06
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 3c:b4:28:94:8b:a0:40:5d:47:d0:61:20:46:79:fe:4c
Serial Number (int): 80689116246995567973784985186713861708
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: cd:32:e2:f2:5d:25:47:02:aa:8f:79:4b:32:ee:03:99:fd:30:49:d1

Fingerprint (sha1): 23:b2:aa:47:c5:93:c1:26:9c:97:e4:a7:ab:d7:7e:7b:4a:54:e5:60
Fingerprint (sha256): 03:0a:3d:a4:14:52:0d:b7:ee:84:8d:23:9c:4c:46:b3:aa:da:67:95:d4:00:15:34:73:87:f6:9e:5d:f3:ed:8e

Issuing Certificate URL: http://crl.thawte.com/ThawteEVCA2006.cer

Revocation information

OCSP Server: http://ocsp.thawte.com
CRL Distribution Point: http://crl.thawte.com/ThawteEVCA2006.crl

Check the revocation status for certificate sps-bcm.finance.swisslife.ch

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sps-bcm.finance.swisslife.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sps-bcm.finance.swisslife.ch

Other certificates including the domain name swisslife.ch

(limited to 100 certificates)
*.f2c-b.swisslife.ch
mi.swisslife.ch
vpn.finance.swisslife.ch
standorte.swisslife.ch
immopulse.swisslife.ch
sps.uat.finance.swisslife.ch
vote.swisslife.ch
sps-bcm.finance.swisslife.ch
events.biggestfantour.com
secure07.lithium.com
mydesk.swisslife.ch
berufsleben.swisslife.ch
ras.swisslife.ch
wahlensst.swisslife.ch
kvg.swisslife.ch
mylife-apps.swisslife.ch
secure04.stage.lithium.com
tax.swisslife.ch
berufsleben.swisslife.ch
entry.swisslife.ch
mis-q.swisslife.ch
secure08.lithium.com
sportclub.swisslife.ch
secure08.lithium.com
mis-q.swisslife.ch
immopulse.swisslife.ch
secure07.lithium.com
secure07.lithium.com
apps.uat.finance.swisslife.ch
*.entry.swisslife.ch
secure04.stage.lithium.com
events.biggestfantour.com
wwf.swisslife.ch
slwebext.swisslife.ch
mylife-sms.swisslife.ch
jobs.marugame-seimen.com
mylife-ucm-bcm.swisslife.ch
pwd.swisslife.ch
mail.swisslife.ch
*.wafcez-uat.swisslife.ch
mylife-bcm.swisslife.ch
*.f2c-uat.swisslife.ch
wlanldap.swisslife.ch
*.f2c-c.swisslife.ch
secure04.stage.lithium.com
sps.uat.finance.swisslife.ch
ras-s.swisslife.ch
vpn.finance.swisslife.ch
mylife-apps-sms.swisslife.ch
*.entry.swisslife.ch
calculator.swisslife.ch
mail2.swisslife.ch
secure08.lithium.com
sftppublic.swisslife.ch
wlanldap.swisslife.ch
mylife-sso-uat.swisslife.ch
immopulse.swisslife.ch
*.wafcez-uat.swisslife.ch
video.swisslife.ch
wlanldap.swisslife.ch
entry.swisslife.ch
magazin.swisslife.ch
secure04.stage.lithium.com
www.swisslife.ch
mi-q.swisslife.ch
sps.finance.swisslife.ch
secure04.stage.lithium.com
kundenpanel.swisslife.ch
secure07.lithium.com
secure04.stage.lithium.com
mis.swisslife.ch
www-d.swisslife.ch
wahlensl2s.swisslife.ch
mylife-ts.swisslife.ch
sftp.swisslife.ch
secure08.lithium.com
*.apps.sps.st.finance.swisslife.ch
entry-vpn.swisslife.ch
ts.st.finance.swisslife.ch
wahlenbasis.swisslife.ch
signon.swisslife.ch
partner.swisslife.ch
secure04.stage.lithium.com
*.patch-fimu.swisslife.ch
kundenpanel.swisslife.ch
*.apps.sps.st.finance.swisslife.ch
wohnvorsorge.swisslife.ch
*.wafcez.swisslife.ch
secure08.lithium.com
wendungen.swisslife.ch
secure04.stage.lithium.com
*.fimu.swisslife.ch
secure04.stage.lithium.com
immosearch.swisslife.ch
secure04.stage.lithium.com
answers-embed.campusfederal.org.pagescdn.com
hrdbint.swisslife.ch
mi.swisslife.ch
slfs1.swisslife.ch
*.a.portals.swisslife.ch

Certificate

The complete raw certificate details for sps-bcm.finance.swisslife.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgIQPLQolIugQF1H0GEgRnn+TDANBgkqhkiG9w0BAQUFADCB
izELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE5MDcGA1UECxMw
VGVybXMgb2YgdXNlIGF0IGh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzIChjKTA2
MSowKAYDVQQDEyF0aGF3dGUgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTU0wgQ0EwHhcN
MTMwMjEyMDAwMDAwWhcNMTUwMjEyMjM1OTU5WjCBzzETMBEGCysGAQQBgjc8AgED
EwJDSDEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xFjAUBgNVBAoUDVN3
aXNzIExpZmUgQUcxGzAZBgNVBAUTEkNILTAyMC41LjkwMS4zMjQtNjELMAkGA1UE
BhMCQ0gxDzANBgNVBAgTBlp1cmljaDEPMA0GA1UEBxQGWnVyaWNoMQ4wDAYDVQQL
FAVDSElGQjElMCMGA1UEAxQcc3BzLWJjbS5maW5hbmNlLnN3aXNzbGlmZS5jaDCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALZ+2lb6H0mH23nMTaAQhRoS
SYf2sJNl7pxI2eGZ77YgPlv8IXgW0UpjRONeeajce+T/jhVMQRmlsXsntetg+eEV
+IiwQe8SXPgclOnjejWXt2PmrHgQqytlcQYD/DBfeISwMpdqnAMGf7UM8gWUYwdF
pjnxxyeYeCNHgcXuno9lfiJ5pfUjuU3K5ZG9A5PmjCONO1pXF7L4hB4u995c5yYd
uag1zVptPWnUSVL9JU4/YfL/XBkfmGTg7jRnXZPb0DhkJyss2JE5k7PBtI+1SGSz
8+iVXMOBslumrHS4h0R8T5ePazkTsfBeOLoFrtjbI/pTFwf+4kNKAY3buPlwTIsC
AwEAAaOCAXEwggFtMCcGA1UdEQQgMB6CHHNwcy1iY20uZmluYW5jZS5zd2lzc2xp
ZmUuY2gwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwOQYDVR0fBDIwMDAuoCyg
KoYoaHR0cDovL2NybC50aGF3dGUuY29tL1RoYXd0ZUVWQ0EyMDA2LmNybDBCBgNV
HSAEOzA5MDcGC2CGSAGG+EUBBzABMCgwJgYIKwYBBQUHAgEWGmh0dHBzOi8vd3d3
LnRoYXd0ZS5jb20vY3BzMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAf
BgNVHSMEGDAWgBTNMuLyXSVHAqqPeUsy7gOZ/TBJ0TBoBggrBgEFBQcBAQRcMFow
IgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnRoYXd0ZS5jb20wNAYIKwYBBQUHMAKG
KGh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVFVkNBMjAwNi5jZXIwDQYJKoZI
hvcNAQEFBQADggEBAC0IGeZ1wCLVYIrDmpHNFdD1EpuRbevQtekMAOnsN2vajUyc
9CTV+KwS1be5x6wcnaN2gu5qUisIAFSmgtw4TlgQV6Z6NcRXJqMXGX0BKvUHi5Vn
fvcIPrphr7cy/esS4ogpCEHshbYlmORFg1/7t6tEi3YOO1Dt8ti/OmnRrepxUbSq
AQZFLTYOS3GB5zLtxGqvABUl+LE407DxhdQlB0SFKOrnLcfCPxAmtolr1YS4sI3O
XN2OlB2lIs9dOR93arp2OWTGLnQ7e2i/N3cuL1sEazyjSoXSV8u493iwERqeEDL6
Ch1oDgkcEGznF9NwC+6SpC77eLdUSHdOQARJMSg=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtn7aVvofSYfbecxNoBCF
GhJJh/awk2XunEjZ4ZnvtiA+W/wheBbRSmNE4155qNx75P+OFUxBGaWxeye162D5
4RX4iLBB7xJc+ByU6eN6NZe3Y+aseBCrK2VxBgP8MF94hLAyl2qcAwZ/tQzyBZRj
B0WmOfHHJ5h4I0eBxe6ej2V+Inml9SO5Tcrlkb0Dk+aMI407WlcXsviEHi733lzn
Jh25qDXNWm09adRJUv0lTj9h8v9cGR+YZODuNGddk9vQOGQnKyzYkTmTs8G0j7VI
ZLPz6JVcw4GyW6asdLiHRHxPl49rOROx8F44ugWu2Nsj+lMXB/7iQ0oBjdu4+XBM
iwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 80689116246995567973784985186713861708
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Terms of use at https://www.thawte.com/cps (c)06'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte Extended Validation SSL CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-02-12 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-02-12 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Swiss Life AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH-020.5.901.324-6'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zurich'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Zurich'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'CHIFB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'sps-bcm.finance.swisslife.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23037924995116686225201879029616191579880684382748619996637765984676886123050688654347599411663467608792203436634829949660325987093977394366908093042655051698190482352789683435244081045806276208338515838342701571110999837420037522519983197743219964669848486002493685120624661421662021168190748036064030080842891032927853870633412838401562495794625722849933664159850477842479338103444668665697780645922146474781596261836396107163990390266984858013069039861093205241284443947016483166502136466277666075995018550877991618357598340418931890554883618252290068527525612231960969413016644609630629452151836098444336487746699
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sps-bcm.finance.swisslife.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.thawte.com/ThawteEVCA2006.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (59 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.48.1 (Thawte EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName cd32e2f25d254702aa8f794b32ee0399fd3049d1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.thawte.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.thawte.com/ThawteEVCA2006.cer'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002d0819e675c022d5608ac39a91cd15d0f5129b916debd0b5e90c00e9ec376bda8d4c9cf424d5f8ac12d5b7b9c7ac1c9da37682ee6a522b080054a682dc384e581057a67a35c45726a317197d012af5078b95677ef7083eba61afb732fdeb12e288290841ec85b62598e445835ffbb7ab448b760e3b50edf2d8bf3a69d1adea7151b4aa0106452d360e4b7181e732edc46aaf001525f8b138d3b0f185d42507448528eae72dc7c23f1026b6896bd584b8b08dce5cdd8e941da522cf5d391f776aba763964c62e743b7b68bf37772e2f5b046b3ca34a85d257cbb8f778b0111a9e1032fa0a1d680e091c106ce717d3700bee92a42efb78b75448774e4004493128