newweb.na.descartes.com
- The Descartes Systems Group Inc. -
Issued by thawte SSL CA - G2
About this certificate
This digital certificate with serial number 49:f9:71:ad:da:dd:20:85:de:4c:0e:ad:99:c3:7f:e2 was issued on by thawte, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
The Descartes Systems Group Inc.
Organization:
The Descartes Systems Group Inc.
Organization unit: CITRIX
Organization unit: CITRIX
State / Province:
Ontario
Locality: Waterloo
Country: CA
Locality: Waterloo
Country: CA
thawte, Inc.
Organization:
thawte, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 49:f9:71:ad:da:dd:20:85:de:4c:0e:ad:99:c3:7f:e2Serial Number (int): 98328831296566416740320984483991093218
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: c2:4f:48:57:fc:d1:4f:9a:c0:5d:38:7d:0e:05:db:d9:2e:b5:52:60
Fingerprint (sha1): ad:11:d1:1b:72:e1:99:1c:64:4a:b9:c1:f7:ea:9e:77:ac:69:52:a4
Fingerprint (sha256): 05:b3:03:ea:f6:cf:01:13:42:00:12:36:d5:2e:6c:ed:35:ac:68:a1:fb:cb:bb:b0:69:c9:53:79:b7:da:5c:e2
Issuing Certificate URL: http://tj.symcb.com/tj.crt
Revocation information
OCSP Server: http://tj.symcd.comCRL Distribution Point: http://tj.symcb.com/tj.crl
Check the revocation status for certificate newweb.na.descartes.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for newweb.na.descartes.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
newweb.na.descartes.com
Other certificates including the domain name descartes.com
(limited to 100 certificates)
status.pipeimob.com.br
adfs.descartes.com
smartcompliance.descartes.com
fseuc-1a.freshservice.com
ecomm.descartes.com
status.markiiieb.com
status.sandsiv.com
status.ngxnetworks.com
foxtrot.status.descartes.com
*.testportal.descartes.com
shw.rmt.status.descartes.com
go-secure.descartes.com
shw.rmt.status.descartes.com
servicedesk.descartes.com
iq.syncd.tech
fmtracks.fmsend.net
*.gct.descartes.com
*.uk-updates.descartes.com
uca.descartes.com
newweb.na.descartes.com
status.us.premium.salusconnect.io
disponibilidade.activecorp.com.br
shw.rmt.status.descartes.com
custom.mindflash.com
status.quarklink.io
*.e-customs.descartes.com
*.uk-updates.descartes.com
status.5starcoms.net
globalcompliance.asia.descartes.com
webdgn.descartes.com
shw.rmt.status.descartes.com
taric.descartes.com
status.anywhere.asolvi.app
crm.descartes.com
globalcompliancetest.descartes.com
desktop.descartes.com
ondemand.descartes.com
shipmentwarehouse.descartes.com
status.sandsiv.com
fmtracks.fmsend.net
status.skynetexpress.com
*.podirect.descartes.com
fseuc-1a.freshservice.com
uca.descartes.com
TILES.APAC.DESCARTES.COM
firstspiritstatus.crownpeak.com
globalcompliancetest.descartes.com
servicedesk.helpforheroes.org.uk
globalcompliance.descartes.com
*.ap.descartes.com
status.mapworks.io
shw.rmt.status.descartes.com
itmtest.descartes.com
status.pipeimob.com.br
status.doccle.be
www.123.descartes.com
status.lenderdock.com
shw.rmt.status.descartes.com
www.descartes.com
status.sandsiv.com
shw.rmt.status.descartes.com
osm-tile.descartes.com
iq.syncd.tech
web.emea.descartes.com
webgc-stg.descartes.com
EDITRADEPREPROD.DESCARTES.COM
globalcompliance.descartes.com
ess.descartes.com
www.descartes.com
fmtracks.fmsend.net
SHIPMENTWAREHOUSE.DESCARTES.COM
status.nwtc.edu
telogis.descartes.com
ssp.descartes.com
status.5starcoms.net
www.descartes.com
webmail.descartes.com
smartcompliance.descartes.com
essqa.descartes.com
lp.descartes.com
iq.syncd.tech
fseuc-1a.freshservice.com
*.testportal.descartes.com
status.skynetexpress.com
shw.rmt.status.descartes.com
services.content.descartes.com
businesscompliance.descartes.com
*.myvan.descartes.com
statuspage.e2open.com
fmtracks.fmsend.net
fseuc-1a.freshservice.com
status.prokurio.com
*.routeplanner.descartes.com
staging.routing-and-scheduling.descartes.com
fseuc-1a.freshservice.com
status.sandsiv.com
status.zoho.uk
go-webedi.descartes.com
lp.descartes.com
webmail.descartes.com
adfs.descartes.com
smartcompliance.descartes.com
fseuc-1a.freshservice.com
ecomm.descartes.com
status.markiiieb.com
status.sandsiv.com
status.ngxnetworks.com
foxtrot.status.descartes.com
*.testportal.descartes.com
shw.rmt.status.descartes.com
go-secure.descartes.com
shw.rmt.status.descartes.com
servicedesk.descartes.com
iq.syncd.tech
fmtracks.fmsend.net
*.gct.descartes.com
*.uk-updates.descartes.com
uca.descartes.com
newweb.na.descartes.com
status.us.premium.salusconnect.io
disponibilidade.activecorp.com.br
shw.rmt.status.descartes.com
custom.mindflash.com
status.quarklink.io
*.e-customs.descartes.com
*.uk-updates.descartes.com
status.5starcoms.net
globalcompliance.asia.descartes.com
webdgn.descartes.com
shw.rmt.status.descartes.com
taric.descartes.com
status.anywhere.asolvi.app
crm.descartes.com
globalcompliancetest.descartes.com
desktop.descartes.com
ondemand.descartes.com
shipmentwarehouse.descartes.com
status.sandsiv.com
fmtracks.fmsend.net
status.skynetexpress.com
*.podirect.descartes.com
fseuc-1a.freshservice.com
uca.descartes.com
TILES.APAC.DESCARTES.COM
firstspiritstatus.crownpeak.com
globalcompliancetest.descartes.com
servicedesk.helpforheroes.org.uk
globalcompliance.descartes.com
*.ap.descartes.com
status.mapworks.io
shw.rmt.status.descartes.com
itmtest.descartes.com
status.pipeimob.com.br
status.doccle.be
www.123.descartes.com
status.lenderdock.com
shw.rmt.status.descartes.com
www.descartes.com
status.sandsiv.com
shw.rmt.status.descartes.com
osm-tile.descartes.com
iq.syncd.tech
web.emea.descartes.com
webgc-stg.descartes.com
EDITRADEPREPROD.DESCARTES.COM
globalcompliance.descartes.com
ess.descartes.com
www.descartes.com
fmtracks.fmsend.net
SHIPMENTWAREHOUSE.DESCARTES.COM
status.nwtc.edu
telogis.descartes.com
ssp.descartes.com
status.5starcoms.net
www.descartes.com
webmail.descartes.com
smartcompliance.descartes.com
essqa.descartes.com
lp.descartes.com
iq.syncd.tech
fseuc-1a.freshservice.com
*.testportal.descartes.com
status.skynetexpress.com
shw.rmt.status.descartes.com
services.content.descartes.com
businesscompliance.descartes.com
*.myvan.descartes.com
statuspage.e2open.com
fmtracks.fmsend.net
fseuc-1a.freshservice.com
status.prokurio.com
*.routeplanner.descartes.com
staging.routing-and-scheduling.descartes.com
fseuc-1a.freshservice.com
status.sandsiv.com
status.zoho.uk
go-webedi.descartes.com
lp.descartes.com
webmail.descartes.com
Certificate
The complete raw certificate details for newweb.na.descartes.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgIQSflxrdrdIIXeTA6tmcN/4jANBgkqhkiG9w0BAQsFADBB MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0 aGF3dGUgU1NMIENBIC0gRzIwHhcNMTUxMTAzMDAwMDAwWhcNMTgxMTAyMjM1OTU5 WjCBkDELMAkGA1UEBhMCQ0ExEDAOBgNVBAgMB09udGFyaW8xETAPBgNVBAcMCFdh dGVybG9vMSkwJwYDVQQKDCBUaGUgRGVzY2FydGVzIFN5c3RlbXMgR3JvdXAgSW5j LjEPMA0GA1UECwwGQ0lUUklYMSAwHgYDVQQDDBduZXd3ZWIubmEuZGVzY2FydGVz LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK1V0ot3hIsEe/1S lyB6/hYsVu6ls+jxzhkGyTZhxzmFTRIsOlqqBRI+wB+edw1DwbfBM/0PbxA6d5M4 0vILshrHZQFCafvAVEjQNXtcrBN611YhTkyLXSHVpwp4P32edqIr7fnB3mCFgeGJ EilZhYZaxUqYnPDg05JMkvu9Bdc7rR/8sYCT2TCVoL6JKtswV1PAFkMUKU+6SBoG vbX3pefluJI3vSONkdWRZH99QnFNM1kW+JQY6kOt7ZmVKTS3Dy3dfJKnezO9/rIh rmV+gjW6A8NvzVuWSIqHke8mEWbrK12mPb11+1iFiocGg9W9SslZzpOJ3kzc555R MylNo98CAwEAAaOCAXkwggF1MCIGA1UdEQQbMBmCF25ld3dlYi5uYS5kZXNjYXJ0 ZXMuY29tMAkGA1UdEwQCMAAwbgYDVR0gBGcwZTBjBgZngQwBAgIwWTAmBggrBgEF BQcCARYaaHR0cHM6Ly93d3cudGhhd3RlLmNvbS9jcHMwLwYIKwYBBQUHAgIwIwwh aHR0cHM6Ly93d3cudGhhd3RlLmNvbS9yZXBvc2l0b3J5MA4GA1UdDwEB/wQEAwIF oDAfBgNVHSMEGDAWgBTCT0hX/NFPmsBdOH0OBdvZLrVSYDArBgNVHR8EJDAiMCCg HqAchhpodHRwOi8vdGouc3ltY2IuY29tL3RqLmNybDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRw Oi8vdGouc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vdGouc3ltY2IuY29t L3RqLmNydDANBgkqhkiG9w0BAQsFAAOCAQEAHbdaq8V3oYB5ZiqHcqjGy8FmY/im +MEor9Kyje5i7IebgfGP1b319kEws6JIwopPWqLZxYY056LPWCCrNvzICK20GZ6e HMFfNFBI4n837LHR91QwDriGe1KIZZOAaqjgS3t/gSoV6qt2TLp3SvKdpzJnm4SM nu9pDvAB9RFmCInNNtb5Fcu/Z4yRhMEOTqDTXg5KjzYd9EahlPmtEYRwp3MV9PtB FJ/nnWH6du67ooKM0pBMLsL2EkBMStTu9Dzr4ZUOwgR3fIRQcJf1V1PPbS2Q5GgS ieCwQqtf623sVO3wpKdyYSWyBbhMtGzIldRC+L3ipICoA6s68Q5RspfKPA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVXSi3eEiwR7/VKXIHr+ FixW7qWz6PHOGQbJNmHHOYVNEiw6WqoFEj7AH553DUPBt8Ez/Q9vEDp3kzjS8guy GsdlAUJp+8BUSNA1e1ysE3rXViFOTItdIdWnCng/fZ52oivt+cHeYIWB4YkSKVmF hlrFSpic8ODTkkyS+70F1zutH/yxgJPZMJWgvokq2zBXU8AWQxQpT7pIGga9tfel 5+W4kje9I42R1ZFkf31CcU0zWRb4lBjqQ63tmZUpNLcPLd18kqd7M73+siGuZX6C NboDw2/NW5ZIioeR7yYRZusrXaY9vXX7WIWKhwaD1b1KyVnOk4neTNznnlEzKU2j 3wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 98328831296566416740320984483991093218 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte SSL CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-11-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-02 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Waterloo' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'The Descartes Systems Group Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'CITRIX' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'newweb.na.descartes.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21881547381896990213042883782626712706083865127033337579341119805001151846002982222283374005493529593978446800823714589597599499433321741342556218091283693366603418654064408713992960174612418652006814721246255585827567273997658496687097373679378286550428211807215870744473110825843969923097372488743937705792913137125285625974900482905641209565199181271440726198669020778553460830545440645513583839446103151844344972621837042519191956243072569302413945197091816904903195795622527731650371479787777876964978456930536176834679123903275571174234800157903585159414810990573224502403666179297234193782277868728175656018911 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'newweb.na.descartes.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c24f4857fcd14f9ac05d387d0e05dbd92eb55260 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crt' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001db75aabc577a18079662a8772a8c6cbc16663f8a6f8c128afd2b28dee62ec879b81f18fd5bdf5f64130b3a248c28a4f5aa2d9c58634e7a2cf5820ab36fcc808adb4199e9e1cc15f345048e27f37ecb1d1f754300eb8867b52886593806aa8e04b7b7f812a15eaab764cba774af29da732679b848c9eef690ef001f511660889cd36d6f915cbbf678c9184c10e4ea0d35e0e4a8f361df446a194f9ad118470a77315f4fb41149fe79d61fa76eebba2828cd2904c2ec2f612404c4ad4eef43cebe1950ec204777c84507097f55753cf6d2d90e4681289e0b042ab5feb6dec54edf0a4a7726125b205b84cb46cc895d442f8bde2a480a803ab3af10e51b297ca3c