ap.bar.ch.glencore.net

- Glencore International AG -

Issued by Thawte RSA CA 2018

About this certificate

This digital certificate with serial number 06:63:f8:7f:ec:e3:9e:83:34:82:67:44:31:24:73:fc was issued on by DigiCert Inc.

With 17 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Glencore International AG

Organization: Glencore International AG
Organization unit: IT
State / Province: Zug
Locality: Baar
Country: CH

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 06:63:f8:7f:ec:e3:9e:83:34:82:67:44:31:24:73:fc
Serial Number (int): 8494445536576425131584799077801686012
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 62:5c:79:64:0e:ad:0d:5a:ad:a2:29:fd:f5:48:c4:a1:59:9d:d4:9f
AuthorityKeyId: a3:c8:5e:65:54:e5:30:78:c1:05:ea:07:0a:6a:59:cc:b9:fe:de:5a

Fingerprint (sha1): ef:75:8f:8d:d2:53:56:1d:64:73:ef:61:67:20:25:6a:4a:96:74:76
Fingerprint (sha256): 04:8b:f6:50:5e:f9:2f:38:27:50:2b:53:3b:85:04:c2:8b:df:16:c0:0b:d5:d5:bf:1f:6e:c9:dd:31:a6:d5:6e

Issuing Certificate URL: http://cacerts.thawte.com/ThawteRSACA2018.crt

Revocation information

OCSP Server: http://status.thawte.com
CRL Distribution Point: http://cdp.thawte.com/ThawteRSACA2018.crl

Check the revocation status for certificate ap.bar.ch.glencore.net

17

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ap.bar.ch.glencore.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ap.bar.ch.glencore.net
sip.glencore-ca.com
sip.glencore-us.com
sip.glencore.ca
sip.glencore.co.uk
sip.glencore.co.za
sip.glencore.com
sip.glencore.com.au
sip.glencore.com.sg
sip.glencore.no
sip.glencore.us
sip.glencore.de
sip.glencore.es
sip.hgstorageint.com
sip.koniambonickel.nc
sip.stshipping.com
webconf.bar.ch.glencore.net

Other certificates including the domain name glencore.net

(limited to 100 certificates)
ap.syd.au.glencore.net
testmyid.ch.glencore.net
*.de.glencore.net
b2b.stg.cl.glencore.net
ucb-sam.glencore.com
mail.nam.glencore.net
UCB-AUS.glencore.com
*.pe.glencore.net
www.glencore.com
afenav.ldn.gb.glencore.net
ap.bar.ch.glencore.net
sfbext.mtl.ca.glencore.net
connect.eur.glencore.net
helpme.glencore.net
ap.mtl.ca.glencore.net
emm-admin.glencore.net
fileshare.ca.glencore.net
www.glencore.com
edw.ldn.gb.glencore.net
acb-eur.glencore.com
sts.glencore.net
connect.ktg.cd.glencore.net
helpme.glencore.net
*.au.glencore.net
static-test.glencore.net
www.glencore.com
www.glencore.com
groupmobility.glencore.net
sfbext.ch.glencore.net
fileshare.ca.glencore.net
usti.cz.glencore.net
sfbext.bar.ch.glencore.net
connect.eur.glencore.net
*.ca.glencore.net
UCA-NAM.glencore.com
ap.zrh.ch.glencore.net
*.za.glencore.net
emm-device-test.glencore.net
glccmg.glencore.net
b2b.krs.no.glencore.net
*.glencore.net
mail.eur.glencore.net
www.glencore.com
helpme.glencore.net
adfs.glencore.net
*.za.glencore.net
UCB-ZAF.glencore.com
induction.coal.au.glencore.net
UCB-EUR.glencore.com
b2b.stg.cl.glencore.net
bienvenueccr.mtl.ca.glencore.net
*.za.glencore.net
sfbext.zrh.ch.glencore.net
connect.sas.ar.glencore.net
UCB-NAM.glencore.com
*.br.glencore.net
b2b.stg.cl.glencore.net
*.sg.glencore.net
ewac1.ldn.gb.glencore.net
sfbext.bar.ch.glencore.net
b2b.aus.glencore.net
uca-eur.glencore.com
myid.ch.glencore.net
*.au.glencore.net
bienvenueccr.mtl.ca.glencore.net
ap.bar.ch.glencore.net
ewac2.ldn.gb.glencore.net
formations.rag.ca.glencore.net
www.glencore.com
GLCPT1CMG.GLENCORE.NET
connect.spd.br.glencore.net
usti.cz.glencore.net
sc-test.glencore.net
www.glencore.com
helpme.glencore.net
b2b.stg.cl.glencore.net
www.glencore.com
sfbext.zrh.ch.glencore.net
*.br.glencore.net
*.sam.glencore.net
*.cn.glencore.net
acs.bne.au.glencore.net
UCA-ZAF.glencore.com
helpme.glencore.net
ap.bar.ch.glencore.net
helpme.glencore.net
ap.bar.ch.glencore.net
sfbext.sng.sg.glencore.net
www.glencore.com
connect.mak.ph.glencore.net
*.ca.glencore.net
ap.mtl.ca.glencore.net
UCB-SAM.glencore.com
perthview.per.au.glencore.net
edw-test.ldn.gb.glencore.net
ecms-demo.glencore.net
*.za.glencore.net
www.glencore.com
ucb-eur.glencore.com
*.sg.glencore.net

Certificate

The complete raw certificate details for ap.bar.ch.glencore.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGXDCCBUSgAwIBAgIQBmP4f+zjnoM0gmdEMSRz/DANBgkqhkiG9w0BAQsFADBc
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMRswGQYDVQQDExJUaGF3dGUgUlNBIENBIDIwMTgwHhcN
MTkwMzA0MDAwMDAwWhcNMjAwMjE5MTIwMDAwWjB8MQswCQYDVQQGEwJDSDEMMAoG
A1UECBMDWnVnMQ0wCwYDVQQHEwRCYWFyMSIwIAYDVQQKExlHbGVuY29yZSBJbnRl
cm5hdGlvbmFsIEFHMQswCQYDVQQLEwJJVDEfMB0GA1UEAxMWYXAuYmFyLmNoLmds
ZW5jb3JlLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANDuop9E
WoMkqBJXKcIOKke4w+mH73g8e0UVyB3VAD0cGdjcZpEpeEUSakbfAG8kiUSJloeY
+d7gn6VAm3KOI5CHxgZmBY5S/XZjvPFO5iNl86Sj9mPRIJYBNCs0yIQ1LAma7xwO
JAVC44BuX12iQ0LyYjnkJ5bMbr46Xf5GIkMXab/46wI0aO8W69ldvZsancuX7D6e
2Dvfr8Ya+vg6oAuu+SURMK7F8iYv3igOBdSGIOtEuz+kvoR9fRmFzu+z6odFC2d6
g4302CvCDo5C1jWutluqU6TzMjUe2cG/w3OfIkop6EW0Xe7KlPOJJ81ZdkrqiloI
PA8/JiscpP4mI3UCAwEAAaOCAvgwggL0MB8GA1UdIwQYMBaAFKPIXmVU5TB4wQXq
BwpqWcy5/t5aMB0GA1UdDgQWBBRiXHlkDq0NWq2iKf31SMShWZ3UnzCCAWYGA1Ud
EQSCAV0wggFZghZhcC5iYXIuY2guZ2xlbmNvcmUubmV0ghNzaXAuZ2xlbmNvcmUt
Y2EuY29tghNzaXAuZ2xlbmNvcmUtdXMuY29tgg9zaXAuZ2xlbmNvcmUuY2GCEnNp
cC5nbGVuY29yZS5jby51a4ISc2lwLmdsZW5jb3JlLmNvLnphghBzaXAuZ2xlbmNv
cmUuY29tghNzaXAuZ2xlbmNvcmUuY29tLmF1ghNzaXAuZ2xlbmNvcmUuY29tLnNn
gg9zaXAuZ2xlbmNvcmUubm+CD3NpcC5nbGVuY29yZS51c4IPc2lwLmdsZW5jb3Jl
LmRlgg9zaXAuZ2xlbmNvcmUuZXOCFHNpcC5oZ3N0b3JhZ2VpbnQuY29tghVzaXAu
a29uaWFtYm9uaWNrZWwubmOCEnNpcC5zdHNoaXBwaW5nLmNvbYIbd2ViY29uZi5i
YXIuY2guZ2xlbmNvcmUubmV0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NkcC50
aGF3dGUuY29tL1RoYXd0ZVJTQUNBMjAxOC5jcmwwTAYDVR0gBEUwQzA3BglghkgB
hv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQ
UzAIBgZngQwBAgIwbwYIKwYBBQUHAQEEYzBhMCQGCCsGAQUFBzABhhhodHRwOi8v
c3RhdHVzLnRoYXd0ZS5jb20wOQYIKwYBBQUHMAKGLWh0dHA6Ly9jYWNlcnRzLnRo
YXd0ZS5jb20vVGhhd3RlUlNBQ0EyMDE4LmNydDAJBgNVHRMEAjAAMBMGCisGAQQB
1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCbh692EeMkII8DDFvPFaBT
Crbb2rcl6jLtkQCljVKnKE4F0ul46G1+vdlRu4IhqBViiwwe8OD4Ir7ov9XdbvXj
fe/mfVsd65rgxjm8UzkA3WlkpauxA8+wS2/LHLpSpBdWMrRYo8aEjcdWEf07QEYs
ccBei1Nu5hwCUBWCihDU7rRJ1EQjRkIVI9Jklr+x02kn4lILshyHPOitxKCmdqMc
5YqgJc1bEYij+0SyRw+f+MTt9+sOSevvqE31+DsqE8C61mHCxbdnRvzhFjYPoCGF
3b6LzqEyvFXI6zlOqwAWzeZde1f8aStH2e5ccSssXnAjZr4GdYYSTg0IAHmM+ZIt
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0O6in0RagySoElcpwg4q
R7jD6YfveDx7RRXIHdUAPRwZ2NxmkSl4RRJqRt8AbySJRImWh5j53uCfpUCbco4j
kIfGBmYFjlL9dmO88U7mI2XzpKP2Y9EglgE0KzTIhDUsCZrvHA4kBULjgG5fXaJD
QvJiOeQnlsxuvjpd/kYiQxdpv/jrAjRo7xbr2V29mxqdy5fsPp7YO9+vxhr6+Dqg
C675JREwrsXyJi/eKA4F1IYg60S7P6S+hH19GYXO77Pqh0ULZ3qDjfTYK8IOjkLW
Na62W6pTpPMyNR7Zwb/Dc58iSinoRbRd7sqU84knzVl2SuqKWgg8Dz8mKxyk/iYj
dQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8494445536576425131584799077801686012
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-04 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-19 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zug'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Baar'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Glencore International AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ap.bar.ch.glencore.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26375242856949354278206310872524672606171088073457550605557977395715916137734352245891677556847044387170885682656562140380459461640904239022988726685770937236403868047678169865461544202177637603168335683021852736401663888296577669833539662864339016922230147407158054326341390672729979214081850993290390053513485994248544705690144265926583807860749569776573818629858428213497665575487253355528136646721011888782606778339081267996366417438701543160319121379286762936982972345370211346571122308218203394074129877727081361406439186679078189518134220082823273733484108382991993965082341291165767758530982707918478204347253
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a3c85e6554e53078c105ea070a6a59ccb9fede5a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							625c79640ead0d5aada229fdf548c4a1599dd49f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (349 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ap.bar.ch.glencore.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.glencore-ca.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.glencore-us.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.glencore.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.glencore.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.glencore.co.za'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.glencore.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.glencore.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.glencore.com.sg'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.glencore.no'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.glencore.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.glencore.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.glencore.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.hgstorageint.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.koniambonickel.nc'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.stshipping.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webconf.bar.ch.glencore.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009b87af7611e324208f030c5bcf15a0530ab6dbdab725ea32ed9100a58d52a7284e05d2e978e86d7ebdd951bb8221a815628b0c1ef0e0f822bee8bfd5dd6ef5e37defe67d5b1deb9ae0c639bc533900dd6964a5abb103cfb04b6fcb1cba52a4175632b458a3c6848dc75611fd3b40462c71c05e8b536ee61c025015828a10d4eeb449d4442346421523d26496bfb1d36927e2520bb21c873ce8adc4a0a676a31ce58aa025cd5b1188a3fb44b2470f9ff8c4edf7eb0e49ebefa84df5f83b2a13c0bad661c2c5b76746fce116360fa02185ddbe8bcea132bc55c8eb394eab0016cde65d7b57fc692b47d9ee5c712b2c5e702366be067586124e0d0800798cf9922d