uk.tiffany.com

- Tiffany and Company -

Issued by Verizon Akamai SureServer CA G14-SHA2

About this certificate

This digital certificate with serial number 14:65:9c:15:44:82:be:12:e7:be:ce:76:ff:11:ba:45:ce:0e:4f:20 was issued on by Verizon Enterprise Solutions.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • When the id-ad-caIssuers accessMethod is used, at least one instance SHOULD specify an accessLocation that is an HTTP or LDAP URI (RFC 5280: 4.2.2.1)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

Tiffany and Company

Organization: Tiffany and Company
Organization unit: Information technology
State / Province: NJ
Locality: Parsippany
Country: US

Verizon Enterprise Solutions

Organization: Verizon Enterprise Solutions
Organization unit: Cybertrust
Locality: Amsterdam
Country: NL

This certificate has expire since

Certificate Details

Serial Number (hex): 14:65:9c:15:44:82:be:12:e7:be:ce:76:ff:11:ba:45:ce:0e:4f:20
Serial Number (int): 116445787435129800820779725361041156495054360352
Serial Number lenght: 157 bits, 20 octets

SubjectKeyId: df:20:e0:df:f0:59:49:35:82:1d:6a:06:e0:9e:27:3c:37:0c:af:11
AuthorityKeyId: f8:bd:fa:af:73:77:c6:c7:1b:f9:4b:4d:11:a7:d1:33:af:af:72:11

Fingerprint (sha1): cf:b6:67:66:ae:20:fe:52:0d:e1:e1:f1:81:b6:c8:28:a9:a4:11:01
Fingerprint (sha256): 07:13:36:5e:ee:08:74:47:89:96:2e:23:01:bc:4c:5e:f5:6d:2e:18:1e:2a:83:ab:df:bd:c6:02:99:8f:3c:28

Issuing Certificate URL: https://cacert.a.omniroot.com/vassg142.crt
Issuing Certificate URL: https://cacert.a.omniroot.com/vassg142.der

Revocation information

OCSP Server: http://vassg142.ocsp.omniroot.com
CRL Distribution Point: http://vassg142.crl.omniroot.com/vassg142.crl

Check the revocation status for certificate uk.tiffany.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for uk.tiffany.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

uk.tiffany.com

Other certificates including the domain name tiffany.com

(limited to 100 certificates)
appointments.tiffany.com
neo.tiffany.com
cara.tiffany.com
media.tiffany.com
www.tiffany.com
pa.tiffany.com
international.tiffany.com
subscribe.tiffany.com
ukukcacs02.tiffany.com
dev3.edev.tiffany.com
neo.tiffany.com
media.tiffany.com
san-002.ceros.com
qa2-aem.tiffany.com
uk.tiffany.com
qa2-aem.tiffany.com
www.tiffany.com
leapfrog-ssl-9.gcs-web.com
subscribe.tiffany.com
pkb.tiffany.com
www.tiffany.es
www.tiffany.com
neo.tiffany.com
san-002.ceros.com
www.tiffany.com
fonts.tiffany.com
appfront.tiffany.com
api.tiffany.com
www.tiffany.es
qa3-aem.tiffany.com
subscribe.tiffany.com
www.tiffany.com
sts.tiffany.com
san-002.ceros.com
media.tiffany.com
cara.tiffany.com
secure5s.scene7.com
subscribe.tiffany.com
san-002.ceros.com
mi.tiffany.com
san-002.ceros.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
uk.tiffany.com
neo.tiffany.com
www.pa.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
sstats.be.tiffany.com
ps2b.tiffany.com
sstats.tiffany.com
sts.tiffany.com
cybebrark.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
san-002.ceros.com
tconsacsp04.tiffany.com
leapfrog-ssl-9.gcs-web.com
subscribe.tiffany.com
adobeconsole-qa.tiffany.com
qa-cara.tiffany.com
san-002.ceros.com
ps2b.tiffany.com
hk-payment.tiffany.com
mail.tiffany.com
leapfrog-ssl-9.gcs-web.com
mail.tiffany.com
ukukcacs01.tiffany.com
connect.tiffany.com
www.tiffany.com
sftp.tiffany.com
connect.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
ukukcacs02.tiffany.com
t.tco.tiffany.com
neo.tiffany.com
media.tiffany.com
ringfinder-stage.tiffany.com
tco.tiffany.com
www.tiffany.com
www.pa.tiffany.com
qa-api.tiffany.com
sts.tiffany.com
qa1-aem.tiffany.com
test1.edev.tiffany.com
mail.tiffany.com
qa-api.tiffany.com
www.estore-tco.com
qa1-aem.tiffany.com
appfront.tiffany.com
san-002.ceros.com
san-002.ceros.com
www.estore-tco.com
sstats.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
sftp.tiffany.com
leapfrog-ssl-9.gcs-web.com
www.tiffany.com
www.qa1.tiffany.com
enroll.tiffany.com

Certificate

The complete raw certificate details for uk.tiffany.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIUFGWcFUSCvhLnvs52/xG6Rc4OTyAwDQYJKoZIhvcNAQEL
BQAwgY0xCzAJBgNVBAYTAk5MMRIwEAYDVQQHEwlBbXN0ZXJkYW0xJTAjBgNVBAoT
HFZlcml6b24gRW50ZXJwcmlzZSBTb2x1dGlvbnMxEzARBgNVBAsTCkN5YmVydHJ1
c3QxLjAsBgNVBAMTJVZlcml6b24gQWthbWFpIFN1cmVTZXJ2ZXIgQ0EgRzE0LVNI
QTIwHhcNMTUwODEwMjAyMDIwWhcNMTYwODEwMjAyMDE4WjCBhzELMAkGA1UEBhMC
VVMxCzAJBgNVBAgTAk5KMRMwEQYDVQQHEwpQYXJzaXBwYW55MRwwGgYDVQQKExNU
aWZmYW55IGFuZCBDb21wYW55MR8wHQYDVQQLExZJbmZvcm1hdGlvbiB0ZWNobm9s
b2d5MRcwFQYDVQQDEw51ay50aWZmYW55LmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANItiOLE73uO1w5XwwmklkEWce+6bXhVDgfFHMCYG6WxzWtG
Qm2aBKa15m+8hBi61YvqQxcE4RcoAp50Ijfj/x1cJJC+qQt4/FQCSgxHrwdux+Iz
0JYHT4pGmMI1QKvMxDRR4zSQtye7kBh958bcswC6VLZK3Wu5/yoUsTb5eTMn4YTs
tgLGo8GhEj7SGKmtU5SZBC66eUZvDCygDC5oUyblLyTTXLfkGVzvexbU112lJATc
Lx7Et8C03Mki/2kDNp6nfor4F7tdyUfl6Az5yKzio/wcf0F/gEubgKJJzAx2aZpA
7C87r21B6qgMBJa4CQhnhgDwigU6imBk40FUuHUCAwEAAaOCAdwwggHYMAwGA1Ud
EwEB/wQCMAAwTAYDVR0gBEUwQzBBBgkrBgEEAbE+ATIwNDAyBggrBgEFBQcCARYm
aHR0cHM6Ly9zZWN1cmUub21uaXJvb3QuY29tL3JlcG9zaXRvcnkwga8GCCsGAQUF
BwEBBIGiMIGfMC0GCCsGAQUFBzABhiFodHRwOi8vdmFzc2cxNDIub2NzcC5vbW5p
cm9vdC5jb20wNgYIKwYBBQUHMAKGKmh0dHBzOi8vY2FjZXJ0LmEub21uaXJvb3Qu
Y29tL3Zhc3NnMTQyLmNydDA2BggrBgEFBQcwAoYqaHR0cHM6Ly9jYWNlcnQuYS5v
bW5pcm9vdC5jb20vdmFzc2cxNDIuZGVyMBkGA1UdEQQSMBCCDnVrLnRpZmZhbnku
Y29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwHwYDVR0jBBgwFoAU+L36r3N3xscb+UtNEafRM6+vchEwPgYDVR0fBDcwNTAz
oDGgL4YtaHR0cDovL3Zhc3NnMTQyLmNybC5vbW5pcm9vdC5jb20vdmFzc2cxNDIu
Y3JsMB0GA1UdDgQWBBTfIODf8FlJNYIdagbgnic8NwyvETANBgkqhkiG9w0BAQsF
AAOCAQEAozlWiYMSKHKMKvuDASOeNnvaEdRNfLmAtlTL6bAIgtXx6b/e97+r5KDN
wWu1VMFzha7vN/tTyvocrvmplCaPwNnv4Y+W+NifE5l6SQ1Y4lFnuWf68F76k9Ij
XBIyyIb59vz2bDe2pagdwNFlwFijXvC/kalyG3NSS3PeVcfdez+WF/k/XldEEqqS
z91gY5Tplb84z/9HFLkCbLouC5Iaxyl6NE0Tb05+2Qd/24zSgOXd92U5v4dnUd08
jTdDZlov5zTfKhID2O7Hp/WHoni95DVzXXi0pJ1RImPXqdT576vu0hKxX9nm1AAY
aGpnAM0nrAxDeSBC2EjCPC+y9PtGKw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0i2I4sTve47XDlfDCaSW
QRZx77pteFUOB8UcwJgbpbHNa0ZCbZoEprXmb7yEGLrVi+pDFwThFygCnnQiN+P/
HVwkkL6pC3j8VAJKDEevB27H4jPQlgdPikaYwjVAq8zENFHjNJC3J7uQGH3nxtyz
ALpUtkrda7n/KhSxNvl5MyfhhOy2AsajwaESPtIYqa1TlJkELrp5Rm8MLKAMLmhT
JuUvJNNct+QZXO97FtTXXaUkBNwvHsS3wLTcySL/aQM2nqd+ivgXu13JR+XoDPnI
rOKj/Bx/QX+AS5uAoknMDHZpmkDsLzuvbUHqqAwElrgJCGeGAPCKBTqKYGTjQVS4
dQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 116445787435129800820779725361041156495054360352
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amsterdam'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Verizon Enterprise Solutions'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cybertrust'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Verizon Akamai SureServer CA G14-SHA2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-08-10 20:20:20 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-08-10 20:20:18 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NJ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Parsippany'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tiffany and Company'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Information technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'uk.tiffany.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26532498045356192841601790459921239492742786675689225011854371301875364171028162430350396009493525990676617927093095426087491948969381909096313740137369179131455236156023013530809082950792796221550048961199421007549591852970790821806348578252281173706597262964567247648543900634985199833411568265535632659954514568122807792354203485985726803566540939339888073614748684874053675345538903856631744806325765089275605420660608004261741348102305951426508180482669722722386694438093689206812439703151316844242741905951079225338383992081422184194315212719549312528176981951461488821134657174048976620448707626370849064663157
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6334.1.50
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.omniroot.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (162 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://vassg142.ocsp.omniroot.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'https://cacert.a.omniroot.com/vassg142.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'https://cacert.a.omniroot.com/vassg142.der'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uk.tiffany.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f8bdfaaf7377c6c71bf94b4d11a7d133afaf7211
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://vassg142.crl.omniroot.com/vassg142.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							df20e0dff0594935821d6a06e09e273c370caf11
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a3395689831228728c2afb8301239e367bda11d44d7cb980b654cbe9b00882d5f1e9bfdef7bfabe4a0cdc16bb554c17385aeef37fb53cafa1caef9a994268fc0d9efe18f96f8d89f13997a490d58e25167b967faf05efa93d2235c1232c886f9f6fcf66c37b6a5a81dc0d165c058a35ef0bf91a9721b73524b73de55c7dd7b3f9617f93f5e574412aa92cfdd606394e995bf38cfff4714b9026cba2e0b921ac7297a344d136f4e7ed9077fdb8cd280e5ddf76539bf876751dd3c8d3743665a2fe734df2a1203d8eec7a7f587a278bde435735d78b4a49d512263d7a9d4f9efabeed212b15fd9e6d40018686a6700cd27ac0c43792042d848c23c2fb2f4fb462b