credit.api.tietoevry.com

- Tietoevry Oyj -

Issued by Thawte TLS RSA CA G1

About this certificate

This digital certificate with serial number 02:3a:07:b0:1b:dc:de:06:d1:a6:23:d7:fb:0b:a0:de was issued on by DigiCert Inc.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Tietoevry Oyj

Organization: Tietoevry Oyj
Locality: ESPOO
Country: FI

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 02:3a:07:b0:1b:dc:de:06:d1:a6:23:d7:fb:0b:a0:de
Serial Number (int): 2959765139011787257116765190246605022
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 15:dd:3d:8e:14:99:c4:44:25:9b:46:a3:4d:e8:57:25:6e:df:10:83
AuthorityKeyId: a5:8c:fe:32:cc:eb:0f:2c:d4:19:c6:08:b8:00:24:88:5d:c3:c5:b7

Fingerprint (sha1): 03:57:73:0c:81:38:4b:e8:58:8f:25:47:4f:56:ad:b2:01:93:c8:73
Fingerprint (sha256): 09:6a:50:ce:60:e1:43:d2:74:e6:63:9c:4b:0f:a8:4a:7a:a7:b1:d5:96:d5:a5:58:28:4b:76:7e:cf:f1:c9:a6

Issuing Certificate URL: http://cacerts.thawte.com/ThawteTLSRSACAG1.crt

Revocation information

OCSP Server: http://status.thawte.com
CRL Distribution Point: http://cdp.thawte.com/ThawteTLSRSACAG1.crl

Check the revocation status for certificate credit.api.tietoevry.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for credit.api.tietoevry.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

credit.api.tietoevry.com

Other certificates including the domain name tietoevry.com

(limited to 100 certificates)
analytics.service.tieto.com
traefik.nextgendevops.tietoevry.com
backoffice-company.main.bauid.tietoevry.com
*.jpproject1.dev.devops.tietoevry.com
dashboard.nextgendevops.tietoevry.com
minio.chronos.tietoevry.com
apm.tietoevry.com
pile-turner.ci.chronos.tietoevry.com
*.tds-mvp18.dev.devops.tietoevry.com
chat-preview.tietoevry.com
test2.chronos.tietoevry.com
credit.api.tietoevry.com
apps.pasfin-qa.energydev.tietoevry.com
identity.bauid.tietoevry.com
live.experimental.chronos.tietoevry.com
sni.cloudflaressl.com
brand.tietoevry.com
*.test-api-test.stage.devops.tietoevry.com
temperature-store.security.nextgendevops.tietoevry.com
oneportal.tietoevry.com
message.tietoevry.com
*.petovsam.dev.devops.tietoevry.com
rancher.bauid.tietoevry.com
pile-turner.ci.stable.chronos.tietoevry.com
bix.tietoevry.com
se.wpa.tietoevry.com
cas.tietoevry.com
pile-turner.demo3.chronos.tietoevry.com
jenkinsdemo.nextgendevops.tietoevry.com
*.jkproject.dev.devops.tietoevry.com
cportal.service.tieto.com
cs-campaign.tietoevry.com
*.sandbox.dev.devops.tietoevry.com
vamui-preprod-tds.vam-saas.tietoevry.com
customer-experience.tieto.com
live.nightly.chronos.tietoevry.com
ui-components.stage.nextgendevops.tietoevry.com
temperature-store.security.nextgendevops.tietoevry.com
chat-preview.tietoevry.com
pre-prod-placeholder.cloud.tietoevry.com
status.test2.chronos.tietoevry.com
monitoring.chronos.tietoevry.com
lifecare-app.service.tietoevry.com
*.ls-project.dev.devops.tietoevry.com
testtest.ru.tietoevry.com
*.jkproject.dev.devops.tietoevry.com
lama.chronos.tietoevry.com
status.staging.stable.chronos.tietoevry.com
pile-turner.test3.chronos.tietoevry.com
www.tietoevry.com
*.tietoevry.com
*.demo3.chronos.tietoevry.com
dmapi.service.tietoevry.com
backoffice-bauid.test1.bauid.tietoevry.com
create.tietoevry.com
napfin.tietoevry.com
aggregation.api.tietoevry.com
lifecare-app.service.tietoevry.com
terpqa.tietoevry.com
bmo-vam-test.cloud.tietoevry.com
*.dpm.tietoevry.com
jenkins.nextgendevops.tietoevry.com
*.prod.chronos.tietoevry.com
pile-turner.stable.chronos.tietoevry.com
portal-employee.test2.bauid.tietoevry.com
status.test3.chronos.tietoevry.com
alertmanager.chronos.tietoevry.com
*.jkproject.dev.devops.tietoevry.com
status.nightly.chronos.tietoevry.com
sni.cloudflaressl.com
ru.tietoevry.com
staging.stable.chronos.tietoevry.com
pile-turner.demo1.chronos.tietoevry.com
*.test-api-test.stage.devops.tietoevry.com
view2.tietoevry.com
prometheus.chronos.tietoevry.com
lama.chronos.tietoevry.com
ar2020.tietoevry.com
lifecare-api.service.tietoevry.com
napind.tietoevry.com
*.tds-mvp10.test1.devops.tietoevry.com
tietoevry.com
rancher.maas.int.tietoevry.com
*.test-api-test.stage.devops.tietoevry.com
status.test1.chronos.tietoevry.com
temperature-store.e2e.nextgendevops.tietoevry.com
pile-turner.nightly.chronos.tietoevry.com
ci.stable.chronos.tietoevry.com
monitoring.chronos.tietoevry.com
banking.tietoevry.com
demo3.chronos.tietoevry.com
sonarqube.nextgendevops.tietoevry.com
sni.cloudflaressl.com
temperature-ui.e2e.nextgendevops.tietoevry.com
qa.chronos.tietoevry.com
bmo-ftp-test.cloud.tietoevry.com
ci.chronos.tietoevry.com
*.test-api-test.stage.devops.tietoevry.com
ar.tietoevry.com
demo.archiving.tietoevry.com

Certificate

The complete raw certificate details for credit.api.tietoevry.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgIQAjoHsBvc3gbRpiPX+wug3jANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRUaGF3dGUgVExTIFJTQSBDQSBHMTAe
Fw0yNDAxMDkwMDAwMDBaFw0yNTAxMDgyMzU5NTlaMFgxCzAJBgNVBAYTAkZJMQ4w
DAYDVQQHEwVFU1BPTzEWMBQGA1UEChMNVGlldG9ldnJ5IE95ajEhMB8GA1UEAxMY
Y3JlZGl0LmFwaS50aWV0b2V2cnkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAweaALsT1GHz0Kr5i/uNAbP/vOgT9iPRtcMETty2XQpY9G2SqAQk/
Yat3G5Z4JdDJjJ7TeURX5G0PucgMv1iwMioxjsb4Uf3AIW3SCSMOmxSIgqoM9wuj
lzRmpfkT5BkQwEoPfraGh5ZBEsOMw+D84z2n+BVvJYnE9Lvcbg9VOIZPnT7zjttb
aDSwU6zuMp/D4IQEmCftkBAQTmplB8YxBv26B8nSij3r8cxivB72xz2TZbYQJHc5
mdY5wIA/QfZ2OkTHFAg9wr9CeIjEmpatB2U0ttX/DcaNeMcAggQxACRT1wpcKtCG
tFLgmeKn6NcubVWuwA2QhhqjFNBVWq7L8QIDAQABo4IDFzCCAxMwHwYDVR0jBBgw
FoAUpYz+MszrDyzUGcYIuAAkiF3DxbcwHQYDVR0OBBYEFBXdPY4UmcREJZtGo03o
VyVu3xCDMCMGA1UdEQQcMBqCGGNyZWRpdC5hcGkudGlldG9ldnJ5LmNvbTA+BgNV
HSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2lj
ZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY2RwLnRoYXd0ZS5j
b20vVGhhd3RlVExTUlNBQ0FHMS5jcmwwcAYIKwYBBQUHAQEEZDBiMCQGCCsGAQUF
BzABhhhodHRwOi8vc3RhdHVzLnRoYXd0ZS5jb20wOgYIKwYBBQUHMAKGLmh0dHA6
Ly9jYWNlcnRzLnRoYXd0ZS5jb20vVGhhd3RlVExTUlNBQ0FHMS5jcnQwDAYDVR0T
AQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHcATnWjJ1yaEMM4W2zU
3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGM7pZBdgAABAMASDBGAiEAo5w4TeLI3kk2
NeIZxaHBqsDQO7dRWiY9u3Az5pihOaQCIQCRQM6CXZReHpaNuvbtJnifIyuDKQUG
baHcNoWOX/4YGwB2AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAAB
jO6WQccAAAQDAEcwRQIhAM6Iqb3Um0PxoYj8H50L/TEJH9MIfHIE7WdGCEcAKzeN
AiA/I5CcDv3wxwZE/VY84rNEg8wHn9TWd+oUTDofapU7MAB1AH1ZHhLheCp7HGFn
fF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABjO6WQasAAAQDAEYwRAIgYoHJ7ktvP/rr
qPSmNrjsOYJqjHIzeQKF36T2YxbcKjECICfe3gKsKuus8t1OA3ShtoD5J0u3CGsE
tp9BfKMeRtIDMA0GCSqGSIb3DQEBCwUAA4IBAQCdP4T4gSg1zXusFVESBNf2zVI4
XJ4ROzrsDuOGDZCuKKe1Jkq/EDd3bxDahT5zynHD3Sph41LEtJbbFj+l7bEfgDEz
psNSITNA2MoqJEWqwxn5OpYdrvcDsLfMIpWfj/nxNal3vcrOasW4osw0OLN34B4Y
cqd3K7QAiDr3MV1SLra8bf/oije/R6b7IUqJCx2RwadLoJbSZPSylk1B3H8GU7kw
r3KM5BVxD7q9VDfH6gq/KZhWNnRd+AfggpLXiwdDwvYm7JwN0mfbPc3vVNQXN99z
VmF0+ebB+dHNWaJoo7QXcbzyXi39OVAnfl147hnxYwlLhehAcHeJSMEo3B+I
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweaALsT1GHz0Kr5i/uNA
bP/vOgT9iPRtcMETty2XQpY9G2SqAQk/Yat3G5Z4JdDJjJ7TeURX5G0PucgMv1iw
Mioxjsb4Uf3AIW3SCSMOmxSIgqoM9wujlzRmpfkT5BkQwEoPfraGh5ZBEsOMw+D8
4z2n+BVvJYnE9Lvcbg9VOIZPnT7zjttbaDSwU6zuMp/D4IQEmCftkBAQTmplB8Yx
Bv26B8nSij3r8cxivB72xz2TZbYQJHc5mdY5wIA/QfZ2OkTHFAg9wr9CeIjEmpat
B2U0ttX/DcaNeMcAggQxACRT1wpcKtCGtFLgmeKn6NcubVWuwA2QhhqjFNBVWq7L
8QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 2959765139011787257116765190246605022
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte TLS RSA CA G1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-09 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-08 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ESPOO'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tietoevry Oyj'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'credit.api.tietoevry.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24477656996667553915040939085861495242843708702470729717264028318433771696171243637693560163829828373663250385289308949722629202973382715894717288751940597102481648807104565724626174453528387097708208301440082411495119127720238566862385141130926112575060874790453244428279367691042759757262825666887606571565320520243211084460280114549966490794668509396902860234267626002316932972432497112967312643625324128000283110826651698608697627650400267454137387772653977787821020790195106540654903851537921029004217445743672688204811648030082394681692320017865823808404552236217278762829794194201933037586603228009335817686001
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a58cfe32cceb0f2cd419c608b80024885dc3c5b7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							15dd3d8e1499c444259b46a34de857256edf1083
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'credit.api.tietoevry.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteTLSRSACAG1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteTLSRSACAG1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018cee9641760000040300483046022100a39c384de2c8de493635e219c5a1c1aac0d03bb7515a263dbb7033e698a139a40221009140ce825d945e1e968dbaf6ed26789f232b832905066da1dc36858e5ffe181b0076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018cee9641c70000040300473045022100ce88a9bdd49b43f1a188fc1f9d0bfd31091fd3087c7204ed67460847002b378d02203f23909c0efdf0c70644fd563ce2b34483cc079fd4d677ea144c3a1f6a953b300075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018cee9641ab000004030046304402206281c9ee4b6f3ffaeba8f4a636b8ec39826a8c7233790285dfa4f66316dc2a31022027dede02ac2aebacf2dd4e0374a1b680f9274bb7086b04b69f417ca31e46d203
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009d3f84f8812835cd7bac15511204d7f6cd52385c9e113b3aec0ee3860d90ae28a7b5264abf1037776f10da853e73ca71c3dd2a61e352c4b496db163fa5edb11f803133a6c352213340d8ca2a2445aac319f93a961daef703b0b7cc22959f8ff9f135a977bdcace6ac5b8a2cc3438b377e01e1872a7772bb400883af7315d522eb6bc6dffe88a37bf47a6fb214a890b1d91c1a74ba096d264f4b2964d41dc7f0653b930af728ce415710fbabd5437c7ea0abf29985636745df807e08292d78b0743c2f626ec9c0dd267db3dcdef54d41737df73566174f9e6c1f9d1cd59a268a3b41771bcf25e2dfd3950277e5d78ee19f163094b85e84070778948c128dc1f88