www.bestel.kogenate.nl
Issued by AlphaSSL CA - SHA256 - G2
About this certificate
This digital certificate with serial number 13:a8:77:d8:fc:d6:29:09:63:95:42:bb was issued on by GlobalSign nv-sa.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.bestel.kogenate.nl,OU=Domain Control Validated,C=BE
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate has expire since
Certificate Details
Serial Number (hex): 13:a8:77:d8:fc:d6:29:09:63:95:42:bbSerial Number (int): 6083880688627789879041147579
Serial Number lenght: 93 bits, 12 octets
SubjectKeyId: dd:0a:bf:ec:f0:0d:db:4a:55:9b:6a:c4:2e:50:a5:05:32:50:e9:08
AuthorityKeyId: f5:cd:d5:3c:08:50:f9:6a:4f:3a:b7:97:da:56:83:e6:69:d2:68:f7
Fingerprint (sha1): c9:fb:c3:b9:e7:88:cf:fd:06:53:0b:0e:65:97:6d:90:ad:79:0e:eb
Fingerprint (sha256): 03:a4:64:72:d8:88:c7:5f:0f:7b:f8:df:ec:5d:b5:ca:4c:2d:03:af:9d:40:47:08:75:bf:45:eb:18:e3:c5:87
Issuing Certificate URL: http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt
Revocation information
OCSP Server: http://ocsp2.globalsign.com/gsalphasha2g2CRL Distribution Point: http://crl2.alphassl.com/gs/gsalphasha2g2.crl
Check the revocation status for certificate www.bestel.kogenate.nl
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.bestel.kogenate.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.bestel.kogenate.nl
bestel.kogenate.nl
bestel.kogenate.nl
Other certificates including the domain name kogenate.nl
(limited to 100 certificates)
www.bestel.kogenate.nl
legaplus.bayer.de
www.radiologie.bayer.de
bestel.kogenate.nl
legaplus.bayer.de
legaplus.bayer.de
legaplus.bayer.de
www.radiologie.bayer.de
legaplus.bayer.de
legaplus.bayer.de
legaplus.bayer.de
www.radiologie.bayer.de
www.radiologie.bayer.de
www.kogenate.nl
www.kogenate.nl
bestel.kogenate.nl
www.radiologie.bayer.de
legaplus.bayer.de
legaplus.bayer.de
legaplus.bayer.de
www.radiologie.bayer.de
www.radiologie.bayer.de
www.radiologie.bayer.de
legaplus.bayer.de
legaplus.bayer.de
www.radiologie.bayer.de
www.bestel.kogenate.nl
bestel.kogenate.nl
www.radiologie.bayer.de
www.kogenate.nl
legaplus.bayer.de
www.radiologie.bayer.de
www.radiologie.bayer.de
www.bestel.kogenate.nl
legaplus.bayer.de
bestel.kogenate.nl
legaplus.bayer.de
www.radiologie.bayer.de
bestel.kogenate.nl
legaplus.bayer.de
legaplus.bayer.de
legaplus.bayer.de
www.radiologie.bayer.de
legaplus.bayer.de
legaplus.bayer.de
legaplus.bayer.de
www.radiologie.bayer.de
www.radiologie.bayer.de
www.kogenate.nl
www.kogenate.nl
bestel.kogenate.nl
www.radiologie.bayer.de
legaplus.bayer.de
legaplus.bayer.de
legaplus.bayer.de
www.radiologie.bayer.de
www.radiologie.bayer.de
www.radiologie.bayer.de
legaplus.bayer.de
legaplus.bayer.de
www.radiologie.bayer.de
www.bestel.kogenate.nl
bestel.kogenate.nl
www.radiologie.bayer.de
www.kogenate.nl
legaplus.bayer.de
www.radiologie.bayer.de
www.radiologie.bayer.de
www.bestel.kogenate.nl
legaplus.bayer.de
bestel.kogenate.nl
Certificate
The complete raw certificate details for www.bestel.kogenate.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHcTCCBlmgAwIBAgIME6h32PzWKQljlUK7MA0GCSqGSIb3DQEBCwUAMEwxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE2MTExNjE0NDAzM1oXDTE3MTIw NTExMzk0NlowUTELMAkGA1UEBhMCQkUxITAfBgNVBAsTGERvbWFpbiBDb250cm9s IFZhbGlkYXRlZDEfMB0GA1UEAxMWd3d3LmJlc3RlbC5rb2dlbmF0ZS5ubDCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMjOt/YgMB3Y4zi6cG/1MBFgfij Fg0JeL49qvANeBVBrKvccefMDGUp0RgwkThYT+KoaohObPrIMy5XrKXr66qje3vL kwlwDjmOMckIemnB80XHU06qoupyBbXarmdgxyq7KLDq5snYimGQEEKws5J0m/HN JDw6llFXNpTowmkK1vQFbYKSVf+GvCZxf1X+0xwJFcaZ6MMxAL/WeDH2aI/Ibwlw DuiO0unpqCNCNxvQINRF3KQx3KSZbWbpq5osN8w5kibt2P53tRHtcEkb8CTQmXG1 jXQiEikSYhtGelSrT/Na3iW3KvYy/SQUFAf6ELZoKG8a/E4NHmZnASIgGzcCAwEA AaOCBEwwggRIMA4GA1UdDwEB/wQEAwIFoDCBiQYIKwYBBQUHAQEEfTB7MEIGCCsG AQUFBzAChjZodHRwOi8vc2VjdXJlMi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dzYWxw aGFzaGEyZzJyMS5jcnQwNQYIKwYBBQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxz aWduLmNvbS9nc2FscGhhc2hhMmcyMFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0 MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0 b3J5LzAIBgZngQwBAgEwCQYDVR0TBAIwADA+BgNVHR8ENzA1MDOgMaAvhi1odHRw Oi8vY3JsMi5hbHBoYXNzbC5jb20vZ3MvZ3NhbHBoYXNoYTJnMi5jcmwwNQYDVR0R BC4wLIIWd3d3LmJlc3RlbC5rb2dlbmF0ZS5ubIISYmVzdGVsLmtvZ2VuYXRlLm5s MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU3Qq/7PAN 20pVm2rELlClBTJQ6QgwHwYDVR0jBBgwFoAU9c3VPAhQ+WpPOreX2laD5mnSaPcw ggJuBgorBgEEAdZ5AgQCBIICXgSCAloCWAB3AN3rHSt6DU+mIIuBrYFocH4ujp0B 1VyIjT0RxM227L7MAAABWG2VDuwAAAQDAEgwRgIhANNovZDwJ9vu4D6i6s1lqswX zGbkLOlWC3pLzmay0ZJmAiEAg2uQFX0kq+Go6lwPA5cmpFQ4Hn/wDStsYUAHpXux tdkAdgBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAVhtlRG/AAAE AwBHMEUCIAcAzWa97S2yBavqcCJPeOs2lE8YkuFeFCO3CN7AiYC6AiEAkynLsmzW 5BlCIzDDJ4XUU8rcFSEk5+k+fSpBd4kp0fYAdgBo9pj4H2SCvjqM7rkoHUz8cVFd Z5PURNEKZ6y7T0/7xAAAAVhtlRHZAAAEAwBHMEUCIAHBRmFJs8ooB2/bMZiQjf2e q6JNnkvH6Yz4O2/8GO4bAiEAmo1pIgBHTvHVS0sFlvvVNlBTJVLXE6UV5EZR+aVq w6AAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAVhtlRLOAAAE AwBHMEUCIQDex0NRdUiUuIBdVF5b/mDGJqrJHUYtLvrwT5F2O7P2EAIgVqVFDzlY T1sbrnU259CXXGQuRHKhRkYsPYKJxyA5vlEAdQDuS723dc5guuFCaR+r4Z5mow9+ X7By2IMAxHuJeqj9ywAAAVhtlRUDAAAEAwBGMEQCIC83VDpV1U4V8btV0DI0QIiV Urxdmz1X0EjvEH8N0LqFAiAOrXGAUgp3G/z94oEkv02fao5uc1mXt4jBBgNl2Gf+ wTANBgkqhkiG9w0BAQsFAAOCAQEAMw8XmNOFoP2BSlTE4cIXy0K5Dx0xGdA2ZWYM nbzSifpeL6QbDRJAOT3f32BDMwV0oxzOuU2IGo6tJlN+WshNCmgrBJ1d52xM2YLA w3gawJXvl1f7+Vhdl7tnG4NWg8+F/XLKF5k50VKZS7icVYOzzxMGXp01iPZ42VF2 RaawRKSiegNlzIlhV2jKZ/XWETAfkI6dB53E5ig7Gtw5NcaOyRl+EDJ2QhFT7bNW Q5xoUJmMWOOiLBohEjoYXmSfDSgvHU3F5jQh/HtkLGKl1L3Dt4mqI1o1+weVsYZu z4gBAppS1H+ucKGh2RMVwdti40CQlsnUkmy5dI78CT/NuaSlSA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyM639iAwHdjjOLpwb/U wEWB+KMWDQl4vj2q8A14FUGsq9xx58wMZSnRGDCROFhP4qhqiE5s+sgzLlespevr qqN7e8uTCXAOOY4xyQh6acHzRcdTTqqi6nIFtdquZ2DHKrsosOrmydiKYZAQQrCz knSb8c0kPDqWUVc2lOjCaQrW9AVtgpJV/4a8JnF/Vf7THAkVxpnowzEAv9Z4MfZo j8hvCXAO6I7S6emoI0I3G9Ag1EXcpDHcpJltZumrmiw3zDmSJu3Y/ne1Ee1wSRvw JNCZcbWNdCISKRJiG0Z6VKtP81reJbcq9jL9JBQUB/oQtmgobxr8Tg0eZmcBIiAb NwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6083880688627789879041147579 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AlphaSSL CA - SHA256 - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-11-16 14:40:33 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-12-05 11:39:46 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.bestel.kogenate.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22614029138616567881079443107456714305309784970450463444327254871167564960449107681512686352071186723905943592839833401040438566573325397227456088664915970277014568719520508432390610164287994773620839001569457891797431068555354554742086718185810733190835892412573232083774411087541784493357063361587949103248165269688507668737561627830353333505059038966365301902547453978781392521720332315216992575698153981414896372707442502289274268173936862483964298682436776483732041340756468562574996114116056641768576760338674982650250435027032068190664240890703040698487402680190197168393575090724717370320865608220320813030199 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (125 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsalphasha2g2' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10.10 (Domain Validation Certificates Policy - AlphaSSL) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl2.alphassl.com/gs/gsalphasha2g2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bestel.kogenate.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bestel.kogenate.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) dd0abfecf00ddb4a559b6ac42e50a5053250e908 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f5cdd53c0850f96a4f3ab797da5683e669d268f7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (606 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (602 bytes) 0258007700ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc000001586d950eec0000040300483046022100d368bd90f027dbeee03ea2eacd65aacc17cc66e42ce9560b7a4bce66b2d19266022100836b90157d24abe1a8ea5c0f039726a454381e7ff00d2b6c614007a57bb1b5d90076005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd000001586d9511bf000004030047304502200700cd66bded2db205abea70224f78eb36944f1892e15e1423b708dec08980ba0221009329cbb26cd6e419422330c32785d453cadc152124e7e93e7d2a41778929d1f600760068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc4000001586d9511d90000040300473045022001c1466149b3ca28076fdb3198908dfd9eaba24d9e4bc7e98cf83b6ffc18ee1b0221009a8d692200474ef1d54b4b0596fbd53650532552d713a515e44651f9a56ac3a0007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc10000001586d9512ce0000040300473045022100dec74351754894b8805d545e5bfe60c626aac91d462d2efaf04f91763bb3f610022056a5450f39584f5b1bae7536e7d0975c642e4472a146462c3d8289c72039be51007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb000001586d951503000004030046304402202f37543a55d54e15f1bb55d0323440889552bc5d9b3d57d048ef107f0dd0ba8502200ead7180520a771bfcfde28124bf4d9f6a8e6e735997b788c1060365d867fec1 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00330f1798d385a0fd814a54c4e1c217cb42b90f1d3119d03665660c9dbcd289fa5e2fa41b0d1240393ddfdf6043330574a31cceb94d881a8ead26537e5ac84d0a682b049d5de76c4cd982c0c3781ac095ef9757fbf9585d97bb671b835683cf85fd72ca179939d152994bb89c5583b3cf13065e9d3588f678d9517645a6b044a4a27a0365cc89615768ca67f5d611301f908e9d079dc4e6283b1adc3935c68ec9197e103276421153edb356439c6850998c58e3a22c1a21123a185e649f0d282f1d4dc5e63421fc7b642c62a5d4bdc3b789aa235a35fb0795b1866ecf8801029a52d47fae70a1a1d91315c1db62e3409096c9d4926cb9748efc093fcdb9a4a548