www.hanau.ihk.de

- IHK Hanau-Gelnhausen-Schluechtern -

Issued by thawte SSL CA - G2

About this certificate

This digital certificate with serial number 30:ef:30:d2:15:70:22:3a:58:63:fd:07:6c:23:87:17 was issued on by thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

IHK Hanau-Gelnhausen-Schluechtern

Organization: IHK Hanau-Gelnhausen-Schluechtern
State / Province: Hessen
Locality: Hanau
Country: DE

thawte, Inc.

Organization: thawte, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 30:ef:30:d2:15:70:22:3a:58:63:fd:07:6c:23:87:17
Serial Number (int): 65044892947075635513078642888663074583
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: c2:4f:48:57:fc:d1:4f:9a:c0:5d:38:7d:0e:05:db:d9:2e:b5:52:60

Fingerprint (sha1): 7f:c7:a5:cf:07:70:c7:74:fc:41:73:8e:85:52:2d:8a:32:f2:1c:59
Fingerprint (sha256): 05:af:7d:1e:08:ea:dc:ab:85:bb:b3:73:6e:54:82:f0:29:06:a6:73:17:e9:ff:d8:a7:77:d5:49:48:a1:08:c8

Issuing Certificate URL: http://tj.symcb.com/tj.crt

Revocation information

OCSP Server: http://tj.symcd.com
CRL Distribution Point: http://tj.symcb.com/tj.crl

Check the revocation status for certificate www.hanau.ihk.de

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.hanau.ihk.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.hanau.ihk.de

Other certificates including the domain name ihk.de

(limited to 100 certificates)
cdn01.blog.ostwestfalen.ihk.de
ihkdigital.services.ihk.de
coburg.ihk.de
webmail.ihk.de
coburg.ihk.de
gemeinsam.niederrhein.ihk.de
bildung2.gfi.ihk.de
www.pruefungen.ostwestfalen.ihk.de
www.weingarten.ihk.de
events.wuerzburg.ihk.de
www.saarland.ihk.de
www.offenbach.ihk.de
ostwestfalen.ihk.de
tixxt.kiel.ihk.de
ostwestfalen.ihk.de
zq-digitalekompetenz.schwaben.ihk.de
vdi.hannover.ihk.de
adrprintsrv.gfi.ihk.de
box.wuerzburg.ihk.de
videokonferenz.ihk.de
unternehmen.gera.ihk.de
www.going-international.ihk.de
tagesspiegel.kiosk.plus
offenbach.ihk.de
profile.ihk.de
www.vergabe.ihk.de
vstdbv3.ihk.de
vpn.heilbronn.ihk.de
seleinfo.ihk.de
videokonferenz.kassel.ihk.de
regensburg.ihk.de
ostwestfalen.ihk.de
magazine.suncoastergroup.com
proxy1.juris.ihk.de
vergabe.ihk.de
evadatenarchiv.ihk.de
ostwestfalen.ihk.de
frankfurt-main.ihk.de
berlin.ihk.de
ostwestfalen.ihk.de
xihkpilotws.gfi.ihk.de
www.hanau.ihk.de
cert.ihk.de
www.services.abnahme.usbdb.ihk.de
gemeinsam.niederrhein.ihk.de
ecofinder.ihk.de
www.unternehmen.darmstadt.ihk.de
*.webmail.ihk.de
*.gfi.ihk.de
webservices.dresden.ihk.de
nas.kiel.ihk.de
cyber.frankfurt-main.ihk.de
webservices.dresden.ihk.de
pao.berlin.ihk.de
coburg.ihk.de
impulsnetzwerk.ihk.de
ihk.de
owi.ostwestfalen.ihk.de
frankfurt-main.ihk.de
sse.cottbus.ihk.de
ausbildung.darmstadt.ihk.de
zq-digitalekompetenz.schwaben.ihk.de
magdeburg.ihk.de
wireless1.ihk.de
www.frankfurt-main.ihk.de
ausgabe.vstdbv3.ihk.de
mainau.wuerzburg.ihk.de
www.pruefungen.ostwestfalen.ihk.de
stats.ostwestfalen.ihk.de
wlan.muenchen.ihk.de
pruefung.ihk.de
*.schwaben.ihk.de
webservices.dresden.ihk.de
unternehmen.gera.ihk.de
muenchen.ihk.de
quickplace.ihk.de
cyber.frankfurt-main.ihk.de
geoinfo.ihk.de
cloud.karlsruhe.ihk.de
ihk-sh.de
bonn.ihk.de
adrprintsrv.gfi.ihk.de
www.aachen.ihk.de
dataoutputservices.gfi.ihk.de
wis.ihk.de
karlsruhe.ihk.de
veranstaltung.mittlerer-niederrhein.ihk.de
connect.darmstadt.ihk.de
ostwestfalen.ihk.de
wm.ihk.de
www.pruefungen.ostwestfalen.ihk.de
proxy1.beck.ihk.de
cert.ihk.de
cottbus.ihk.de
mx01.ihk.de
kiosk.der-kleine-georg.de
www.dresden.ihk.de
ve-register.ihk.de
traveler.konstanz.ihk.de
login3.ihk.de

Certificate

The complete raw certificate details for www.hanau.ihk.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGrzCCBZegAwIBAgIQMO8w0hVwIjpYY/0HbCOHFzANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTYxMTI5MDAwMDAwWhcNMTkxMTI5MjM1OTU5
WjB1MQswCQYDVQQGEwJERTEPMA0GA1UECAwGSGVzc2VuMQ4wDAYDVQQHDAVIYW5h
dTEqMCgGA1UECgwhSUhLIEhhbmF1LUdlbG5oYXVzZW4tU2NobHVlY2h0ZXJuMRkw
FwYDVQQDDBB3d3cuaGFuYXUuaWhrLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA3fHCf08eX2s78RKmWqa4Sx7XtZNS4LzhZVHcTcbR5DVhuCH40q1V
Gjxd+Fh2x5cMuHnfQ5z+9u+SF17bVaIPAFXMLW9JFoGV0aaGdynD7FVhGOl7YRTg
WM8Ug6wPijHRwHciQxiv3MqeJgAALfoisH9DGhAJN5y/hzZ8rI2khersWD+wDxMO
Ew3X1ShIgN1jH2z5Qi7Fku4fT94OQQrVnSaNQiuUX+wagQBLn25P76fWpHuEY8F2
6mmE86ZD0HTqLOSQ/S8wE5MzXhUU/2/mDtCUJZBMNhbglka9A+HSdg1goCo9ePNY
LcU5BM3C7sU8X678a3da80EN2oKdphUCgQIDAQABo4IDbTCCA2kwGwYDVR0RBBQw
EoIQd3d3LmhhbmF1Lmloay5kZTAJBgNVHRMEAjAAMG4GA1UdIARnMGUwYwYGZ4EM
AQICMFkwJgYIKwYBBQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzMC8G
CCsGAQUFBwICMCMMIWh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vcmVwb3NpdG9yeTAO
BgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUwk9IV/zRT5rAXTh9DgXb2S61UmAw
KwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3RqLnN5bWNiLmNvbS90ai5jcmwwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFcGCCsGAQUFBwEBBEswSTAfBggr
BgEFBQcwAYYTaHR0cDovL3RqLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDov
L3RqLnN5bWNiLmNvbS90ai5jcnQwggH3BgorBgEEAdZ5AgQCBIIB5wSCAeMB4QB1
AN3rHSt6DU+mIIuBrYFocH4ujp0B1VyIjT0RxM227L7MAAABWLCCsssAAAQDAEYw
RAIgP96hv+A6LI/jmwFrOqQQo9Q0FXNDe0Q1UkeQUpji71cCIHX+GNS/ynC8/bHa
/ni+nQyY0PiDNCTFOvN9Jb4bREjcAHcA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiD
AMR7iXqo/csAAAFYsIKzFgAABAMASDBGAiEAqrAD1oo3Qp1cRxmKYL3e7NFi3Cq7
3c4sKPRRWltP9TgCIQD+zJf+uO4qF3mXDM0dIB9Oak+xOqfYWhbfTUgSEtIWJgB2
ALx44d/F9jxoRkkzTaEPoV8JeWkgCcCBtPP2kX8+2bilAAABWLCCs8EAAAQDAEcw
RQIgX2F+RczDCJDqyn9KYTVv4SB7NPVd1jc/F09NVNrLvEcCIQDSnsmZhomSQ81/
P+QyBKsxf4fVe8vXCXIGxPmlju5+uAB3AKS5CZC0GFgUh7sTosxncAo8NZgE+Rvf
uON3zQ7IDdwQAAABWLCCsu4AAAQDAEgwRgIhAPNnu+ryb4tKva3rybM/nxcSZ5Bt
wttG2pXMmSQkpwFtAiEA7ZLP3MpZosSUVjYRSvBCMoP25p9LqElGNfLsQlErfO0w
DQYJKoZIhvcNAQELBQADggEBAEac1j9i9E+alMYZ60DiaGXPRmcO0BwDVY3UIQfz
LleYuVwEpJ09ad6b0AGUdYLKg+llGkPDErqu2gypUuwLEMa3JDEDOKltnkDm5q9C
OMEft79px0LfwzJS5q5rj5G8r14yWHe9W+49xAhP4UriL0bjBqbNQeXB68sbwfel
iXsTH2B0Kw8drKZwAeWKz3QKCkiWATYDop5h1jZoaJO7IdYj7zCvvfrFl1NXHrkp
npSbq4W8ir0Sc2fg70Pt2Jwd55fNVIzO6cekCEWANs6gbxrnhYKsh54+pGeE/0s3
CEtaV+/d1XAvFVlX5Kr8kpbjZrt2Z08p/eASLYB1eJtR25w=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fHCf08eX2s78RKmWqa4
Sx7XtZNS4LzhZVHcTcbR5DVhuCH40q1VGjxd+Fh2x5cMuHnfQ5z+9u+SF17bVaIP
AFXMLW9JFoGV0aaGdynD7FVhGOl7YRTgWM8Ug6wPijHRwHciQxiv3MqeJgAALfoi
sH9DGhAJN5y/hzZ8rI2khersWD+wDxMOEw3X1ShIgN1jH2z5Qi7Fku4fT94OQQrV
nSaNQiuUX+wagQBLn25P76fWpHuEY8F26mmE86ZD0HTqLOSQ/S8wE5MzXhUU/2/m
DtCUJZBMNhbglka9A+HSdg1goCo9ePNYLcU5BM3C7sU8X678a3da80EN2oKdphUC
gQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 65044892947075635513078642888663074583
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte SSL CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-11-29 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-29 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Hessen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Hanau'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'IHK Hanau-Gelnhausen-Schluechtern'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.hanau.ihk.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28017881575977734487582961981351468589063622532003542936183067579902913056927060121849862030299693831697383796220469542637502542169411311174117033923322344582910598967017135333294871790749884421250853893394040889684424341617004338051881666558925772162475929947700193577014627021379049794308556820624321445612189362742520642711938184626163989133650369004600383719909766717229594663079114147735616060267344951790881557408677031264005497357940671230473894627563439212750477097222511927540703085394993994660013283529577732855235641071381133036673248395715934432934033619600328161888562069953690621032916005196960948880001
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hanau.ihk.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c24f4857fcd14f9ac05d387d0e05dbd92eb55260
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes)
							01e1007500ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc00000158b082b2cb000004030046304402203fdea1bfe03a2c8fe39b016b3aa410a3d4341573437b44355247905298e2ef57022075fe18d4bfca70bcfdb1dafe78be9d0c98d0f8833424c53af37d25be1b4448dc007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000158b082b3160000040300483046022100aab003d68a37429d5c47198a60bddeecd162dc2abbddce2c28f4515a5b4ff538022100fecc97feb8ee2a1779970ccd1d201f4e6a4fb13aa7d85a16df4d481212d21626007600bc78e1dfc5f63c684649334da10fa15f0979692009c081b4f3f6917f3ed9b8a500000158b082b3c1000004030047304502205f617e45ccc30890eaca7f4a61356fe1207b34f55dd6373f174f4d54dacbbc47022100d29ec99986899243cd7f3fe43204ab317f87d57bcbd7097206c4f9a58eee7eb8007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000158b082b2ee0000040300483046022100f367bbeaf26f8b4abdadebc9b33f9f171267906dc2db46da95cc992424a7016d022100ed92cfdcca59a2c4945636114af0423283f6e69f4ba8494635f2ec42512b7ced
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00469cd63f62f44f9a94c619eb40e26865cf46670ed01c03558dd42107f32e5798b95c04a49d3d69de9bd001947582ca83e9651a43c312baaeda0ca952ec0b10c6b724310338a96d9e40e6e6af4238c11fb7bf69c742dfc33252e6ae6b8f91bcaf5e325877bd5bee3dc4084fe14ae22f46e306a6cd41e5c1ebcb1bc1f7a5897b131f60742b0f1daca67001e58acf740a0a4896013603a29e61d636686893bb21d623ef30afbdfac59753571eb9299e949bab85bc8abd127367e0ef43edd89c1de797cd548ccee9c7a408458036cea06f1ae78582ac879e3ea46784ff4b37084b5a57efddd5702f155957e4aafc9296e366bb76674f29fde0122d8075789b51db9c