*.vaillant-group.com

Issued by GlobalSign GCC R6 AlphaSSL CA 2023

About this certificate

This digital certificate with serial number 5a:60:6b:9d:48:7d:eb:75:0a:a3:ee:f6 was issued on by GlobalSign nv-sa.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=*.vaillant-group.com

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate will expire on

Certificate Details

Serial Number (hex): 5a:60:6b:9d:48:7d:eb:75:0a:a3:ee:f6
Serial Number (int): 27970215957180137241181417206
Serial Number lenght: 95 bits, 12 octets

SubjectKeyId: d6:c3:19:da:ad:fe:a3:03:ed:2c:f0:08:fa:91:7d:c4:c7:f2:71:d2
AuthorityKeyId: bd:05:b7:f3:8a:93:3c:73:cb:79:fa:0f:85:12:a1:77:96:18:91:74

Fingerprint (sha1): 10:bd:f2:3f:cb:24:78:64:dd:6a:bb:75:06:92:e3:85:02:95:ef:4c
Fingerprint (sha256): 04:9c:88:4b:83:79:5e:4a:3d:f0:98:6c:9b:b3:b9:8e:27:84:e1:ef:57:5d:bd:b3:8a:64:7e:0a:40:34:fe:d8

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsgccr6alphasslca2023.crt

Revocation information

OCSP Server: http://ocsp.globalsign.com/gsgccr6alphasslca2023
CRL Distribution Point: http://crl.globalsign.com/gsgccr6alphasslca2023.crl

Check the revocation status for certificate *.vaillant-group.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.vaillant-group.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.vaillant-group.com
vaillant-group.com

Other certificates including the domain name vaillant-group.com

(limited to 100 certificates)
wrm3.vaillant-group.com
sip.eb-com.com
vstart.vaillant-group.com
*.gorecord.vaillant-group.com
pool04.eb-com.com
ga.vaillant-group.com
*.vaillant-group.com
cn-shanghai-800b.vaillant-group.com
ga.vaillant-group.com
access.vaillant-group.com
jobs.vaillant-group.com
supplierquality.vaillant-group.com
*.vaillant-group.com
gb-vaillant-cssp-stage.vaillant-group.com
*.dia.vaillant-group.com
sip.eb-com.com
sync.vaillant-group.com
pool04.eb-com.com
sip.eb-com.com
jobs.vaillant-group.com
prometheus.apidev-dev.azure.vaillant-group.com
pool04.eb-com.com
www.vaillant.com
mdm.vaillant-group.com
mender.prod.azure.vaillant-group.com
akamai-san150.exacttarget.com
sync.vaillant-group.com
pool04.eb-com.com
jobs.vaillant-group.com
mailcrypt.vaillant-group.com
pool04.eb-com.com
pool04.eb-com.com
*.sslvpn.vaillant-group.com
sip.eb-com.com
san-18-s50.tlsprovisioning.exacttarget.com
sip.eb-com.com
www.vaillant.lt
www.vaillant.com
groupnet.vaillant-group.com
webshare.vaillant-group.com
sip.eb-com.com
tsbc-uk-be2.vaillant-group.com
ldaps.vaillant-group.com
groupspace.vaillant-group.com
www.vaillant-group.com
www.vaillant.com
dk-vaillant-cssp-stage.vaillant-group.com
mdm.vaillant-group.com
be-vaillant-cssp-stage.vaillant-group.com
pool04.eb-com.com
mdm.vaillant-group.com
vstart.vaillant-group.com
grafana.apidev-dev.azure.vaillant-group.com
pool04.eb-com.com
jira.vaillant-group.com
merchandising.vaillant-group.com
be-vaillant-cssp-stage.vaillant-group.com
www.vaillant.lt
vstart.vaillant-group.com
*.vaillant-group.com
akamai-san150.exacttarget.com
sip.eb-com.com
pool04.eb-com.com
sip.eb-com.com
awb.consent-portal-dev.azure.vaillant-group.com
sip.eb-com.com
www.vaillant.com
pool04.eb-com.com
at-vaillant-cssp-stage.vaillant-group.com
webshare.vaillant-group.com
mailcrypt.vaillant-group.com
futureclima.ziggu.app
jobs.vaillant-group.com
*.sslvpn.vaillant-group.com
pool04.eb-com.com
vaillant-demo.bee2bee.vaillant-group.com
sip.eb-com.com
jira.vaillant-group.com
jira-test.vaillant-group.com
vstart.vaillant-group.com
sds.vaillant-group.com
pool04.eb-com.com
vstart.vaillant-group.com
t04int01.vaillant-group.com
sip.eb-com.com
pool04.eb-com.com
*.gorecord.vaillant-group.com
*.vaillant-group.com
pool04.eb-com.com
sentry2.vaillant-group.com
sip.eb-com.com
*.gorecord.vaillant-group.com
teamshare.vaillant-group.com
pool04.eb-com.com
pool04.eb-com.com
sip.eb-com.com
sip.eb-com.com
sip.eb-com.com
sip.eb-com.com
be-bulex-cssp-stage.vaillant-group.com

Certificate

The complete raw certificate details for *.vaillant-group.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGcDCCBVigAwIBAgIMWmBrnUh963UKo+72MA0GCSqGSIb3DQEBCwUAMFUxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSswKQYDVQQDEyJH
bG9iYWxTaWduIEdDQyBSNiBBbHBoYVNTTCBDQSAyMDIzMB4XDTI0MDIwNjEwMjUy
MloXDTI1MDMwOTEwMjUyMVowHzEdMBsGA1UEAwwUKi52YWlsbGFudC1ncm91cC5j
b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV3jOPC7kLJafMwIzS
uCHLiNaKwRl0VGusyZ0/TYotK9upLyPs8fQOoOf0sK12OMynlmGttFb5KfjmZ+Pm
hcTI4vsY2sz1KPsVvA6yPF1Ug5it8v0ynev316KHbbq23tbFZskbdSmqb8dz57+5
EPBjeH3Fd67QyGjWkGk8adqC8LdrdWVhRwtWW3AgFcs3zIOLt3LVUfKJTivzlsNs
L5/pHf36Fni6+6fGdv5lMmjLTLJSEQZ01BC7Rb6oepEN2KWMkK3hw9wyEbn0yB17
fsZYwnkEyfh0xCn5zzeZC18PNf1BywAE1GuDGp4rtOGHEHd7L9EWvjEc6rxW8R2W
+To3AgMBAAGjggN0MIIDcDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADCB
mQYIKwYBBQUHAQEEgYwwgYkwSQYIKwYBBQUHMAKGPWh0dHA6Ly9zZWN1cmUuZ2xv
YmFsc2lnbi5jb20vY2FjZXJ0L2dzZ2NjcjZhbHBoYXNzbGNhMjAyMy5jcnQwPAYI
KwYBBQUHMAGGMGh0dHA6Ly9vY3NwLmdsb2JhbHNpZ24uY29tL2dzZ2NjcjZhbHBo
YXNzbGNhMjAyMzBXBgNVHSAEUDBOMAgGBmeBDAECATBCBgorBgEEAaAyCgEDMDQw
MgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRv
cnkvMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20v
Z3NnY2NyNmFscGhhc3NsY2EyMDIzLmNybDAzBgNVHREELDAqghQqLnZhaWxsYW50
LWdyb3VwLmNvbYISdmFpbGxhbnQtZ3JvdXAuY29tMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBS9BbfzipM8c8t5+g+FEqF3lhiRdDAd
BgNVHQ4EFgQU1sMZ2q3+owPtLPAI+pF9xMfycdIwggF/BgorBgEEAdZ5AgQCBIIB
bwSCAWsBaQB3AKLjCuRF772tm3447Udnd1PXgluElNcrXhssxLlQpEfnAAABjX3z
ezEAAAQDAEgwRgIhALRYAt2aJoeQJkbP6Zzt2wbQxIYnruMK0rLS7mAqvL3tAiEA
8k1I2smf/yyxTdDLJD3Dcj7kegNVbXHTgfk/zF0ZUwoAdQBOdaMnXJoQwzhbbNTf
P1LrHfDgjhuNacCx+mSxYpo53wAAAY19834OAAAEAwBGMEQCIGF9FyOEvBRGyJFb
6URhc9tfHztypbQ6vy9Z5QpVE6k/AiAVCvp2DbYDLZQNXT/fMm0IQ8LRSth52hrW
N/8ggsB7DgB3AOCSs/wMHcjnaDYf3mG5lk0KUngZinLWcsSwTaVtb1QEAAABjX3z
e/UAAAQDAEgwRgIhAP9OARJ+bRBGq/5I7EewCs45Qp1GC9lB8krFTbW5aKPzAiEA
oZPRIBbBpUjj5dgRfJVS5w9xq6ktOHw/LfySj1McY+swDQYJKoZIhvcNAQELBQAD
ggEBAAkVukhlUpiuzE/fM3J4EIS8JcTUoPvwl8p6/Xs8rawuYlZvIwWt16GpmnzL
qlQOAVMyBGBWLaseQ3BmtFxYcXs0zDlZEv6N2leYAzbsniFZiPwj0pysZ57QPzpH
/Vpf5PNEKU/0epoE8OD1i0zEJShfPH1qLFnlqaTM2AkI049r21zxwF2dLXVDpcp9
AWCgGUx+JVMot4jZyVjXbdz5CAwqm6jSpFTzCu0cj+DK4QEhbyp/HvoQB/AY4JLp
pmBSk7lZTMJCaDTsI7+aY+UUl6yKwgQXxh6Mdu95egXRc6xWgZ1M40aBvWqvN4ss
Cmv0O8xcECNTtOe4VTeZ7ID0TfA=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld4zjwu5CyWnzMCM0rgh
y4jWisEZdFRrrMmdP02KLSvbqS8j7PH0DqDn9LCtdjjMp5ZhrbRW+Sn45mfj5oXE
yOL7GNrM9Sj7FbwOsjxdVIOYrfL9Mp3r99eih226tt7WxWbJG3Upqm/Hc+e/uRDw
Y3h9xXeu0Mho1pBpPGnagvC3a3VlYUcLVltwIBXLN8yDi7dy1VHyiU4r85bDbC+f
6R39+hZ4uvunxnb+ZTJoy0yyUhEGdNQQu0W+qHqRDdiljJCt4cPcMhG59Mgde37G
WMJ5BMn4dMQp+c83mQtfDzX9QcsABNRrgxqeK7ThhxB3ey/RFr4xHOq8VvEdlvk6
NwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 27970215957180137241181417206
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign GCC R6 AlphaSSL CA 2023'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-06 10:25:22 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-09 10:25:21 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.vaillant-group.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18919079034789742427416800702870987330674248739893850201105683727350104902159569584131969613335579895449774261819620345097061914337419548532288443597787651276640524685262020659710949834936499549756404692655930194700195735878852055177990129912613585170259460825484269756615418481381329544706097967247966232024860510367396207134165290226089987467889372139907961323484924942741056192123812306870804783465332883569549871018116197593117017050574339913077736822230109653375362368158481197377574077377914557231735235004572293126618438839473374400046615037294775387122182372572147097787893324981858356437304822642286584740407
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (140 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsgccr6alphasslca2023.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.globalsign.com/gsgccr6alphasslca2023'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.10.1.3
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gsgccr6alphasslca2023.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.vaillant-group.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vaillant-group.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bd05b7f38a933c73cb79fa0f8512a17796189174
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d6c319daadfea303ed2cf008fa917dc4c7f271d2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007700a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018d7df37b310000040300483046022100b45802dd9a2687902646cfe99ceddb06d0c48627aee30ad2b2d2ee602abcbded022100f24d48dac99fff2cb14dd0cb243dc3723ee47a03556d71d381f93fcc5d19530a0075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d7df37e0e00000403004630440220617d172384bc1446c8915be9446173db5f1f3b72a5b43abf2f59e50a5513a93f0220150afa760db6032d940d5d3fdf326d0843c2d14ad879da1ad637ff2082c07b0e007700e092b3fc0c1dc8e768361fde61b9964d0a5278198a72d672c4b04da56d6f54040000018d7df37bf50000040300483046022100ff4e01127e6d1046abfe48ec47b00ace39429d460bd941f24ac54db5b968a3f3022100a193d12016c1a548e3e5d8117c9552e70f71aba92d387c3f2dfc928f531c63eb
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000915ba48655298aecc4fdf3372781084bc25c4d4a0fbf097ca7afd7b3cadac2e62566f2305add7a1a99a7ccbaa540e0153320460562dab1e437066b45c58717b34cc395912fe8dda57980336ec9e215988fc23d29cac679ed03f3a47fd5a5fe4f344294ff47a9a04f0e0f58b4cc425285f3c7d6a2c59e5a9a4ccd80908d38f6bdb5cf1c05d9d2d7543a5ca7d0160a0194c7e255328b788d9c958d76ddcf9080c2a9ba8d2a454f30aed1c8fe0cae101216f2a7f1efa1007f018e092e9a6605293b9594cc2426834ec23bf9a63e51497ac8ac20417c61e8c76ef797a05d173ac56819d4ce34681bd6aaf378b2c0a6bf43bcc5c102353b4e7b8553799ec80f44df0