buf.lemonde.fr

Issued by Gandi Standard SSL CA 2

About this certificate

This digital certificate with serial number 75:10:b8:cf:ce:bf:7d:cc:2e:2e:e9:30:f3:54:a4:3f was issued on by Gandi.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=buf.lemonde.fr

Gandi

Organization: Gandi
State / Province: Paris
Locality: Paris
Country: FR

This certificate will expire on

Certificate Details

Serial Number (hex): 75:10:b8:cf:ce:bf:7d:cc:2e:2e:e9:30:f3:54:a4:3f
Serial Number (int): 155606500684153837648895283795099690047
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: b4:4f:04:5e:c7:ce:4c:e0:16:36:c4:29:eb:59:12:83:7d:9d:ad:77
AuthorityKeyId: b3:90:a7:d8:c9:af:4e:cd:61:3c:9f:7c:ad:5d:7f:41:fd:69:30:ea

Fingerprint (sha1): dc:50:8c:c9:b4:ad:12:17:10:f4:65:e0:94:52:3b:3a:68:e9:a3:56
Fingerprint (sha256): 09:bc:56:38:7c:71:a6:f9:f3:e6:a7:ec:d0:a1:d5:49:8c:95:95:4e:15:39:d2:6b:29:4d:ae:09:1a:17:40:20

Issuing Certificate URL: http://crt.usertrust.com/GandiStandardSSLCA2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.usertrust.com/GandiStandardSSLCA2.crl

Check the revocation status for certificate buf.lemonde.fr

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for buf.lemonde.fr

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

buf.lemonde.fr
www.buf.lemonde.fr

Other certificates including the domain name lemonde.fr

(limited to 100 certificates)
dns-vetting1-jeffg-noah.map.fastly.net
festival-montreal.lemonde.fr
boutique.lemonde.fr
us-paris.eu
www.atanar.net
binette-et-jardin.com
educations.com
formation-professionnelle.lemonde.fr
lettres-modeles.com
s2.shared.global.fastly.net
scienceatstake.com
lesclesdedemain.lemonde.fr
s2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
moncompte.lemonde.fr
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
dicocitations.lemonde.fr
www.atanar.net
dns-vetting1-jeffg-noah.map.fastly.net
s2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
bienecrire.com
s2.shared.global.fastly.net
www.modele-lettre.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
www.atanar.net
s2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
dns-vetting1i.map.fastly.net
anglais.lemonde.fr
s2.shared.global.fastly.net
lettres-modeles.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
*.lemonde.fr
dns-vetting1-jeffg-noah.map.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
paroles2chansons.lemonde.fr
buf.lemonde.fr
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
us-paris.eu
s2.shared.global.fastly.net
dicocitations.lemonde.fr
s2.shared.global.fastly.net
lettres-modeles.com
binette-et-jardin.com
dns-vetting1-jeffg-noah.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
scienceatstake.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
progresser-orthographe.lemonde.fr
dns-vetting1-jeffg-noah.map.fastly.net
voyage-canada.lemonde.fr
bienecrire.com
buf.lemonde.fr
lemonde.fr
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
portail.lemonde.fr
s2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
bienecrire.com
dns-vetting1-jeffg-noah.map.fastly.net
scienceatstake.com
dns-vetting1-jeffg-noah.map.fastly.net
ipe.ivitrack.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
abosh.lemonde.fr
*.lemonde.fr
dns-vetting1-jeffg-noah.map.fastly.net
us-paris.eu
s2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
binette-et-jardin.com
dns-vetting1i.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
moncompte.lemonde.fr
dns-vetting1i.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
*.theme-a.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
us-paris.eu
s2.shared.global.fastly.net

Certificate

The complete raw certificate details for buf.lemonde.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGOTCCBSGgAwIBAgIQdRC4z86/fcwuLukw81SkPzANBgkqhkiG9w0BAQsFADBf
MQswCQYDVQQGEwJGUjEOMAwGA1UECBMFUGFyaXMxDjAMBgNVBAcTBVBhcmlzMQ4w
DAYDVQQKEwVHYW5kaTEgMB4GA1UEAxMXR2FuZGkgU3RhbmRhcmQgU1NMIENBIDIw
HhcNMjMwNzI0MDAwMDAwWhcNMjQwNzI0MjM1OTU5WjAZMRcwFQYDVQQDEw5idWYu
bGVtb25kZS5mcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANMsrcj9
qEZ+Cju/siFym5KPp+JnTue9xGwdq8M1axlJw9/vGeQRoLGm/mPH5+31uN5Rgzu0
zPSnN01E2qkZgVl6JDGkJRBvY619NlxqYjrCFFeQ8cAmPxABub0PxQKDiMxp1AaZ
g5J7iAnKu5r31BMbUFLKTedIrILEY8ZGeYabig0J8vzG6Nlj2QzaKtGnRyHhe07+
JA90StVhA7DkjVZmP7FNm1Y9/L9dr7i+TR3BX2XjDxi1fwQ6driUSxmoqgCfwenb
+8igu78mqAWri7BDiRc2AnMX/UagjXjh4YPZ36iwSXCFSjbIBtvkMwlE2mlMCxpr
2QKw63n2ShQum+0CAwEAAaOCAzUwggMxMB8GA1UdIwQYMBaAFLOQp9jJr07NYTyf
fK1df0H9aTDqMB0GA1UdDgQWBBS0TwRex85M4BY2xCnrWRKDfZ2tdzAOBgNVHQ8B
Af8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwSwYDVR0gBEQwQjA2BgsrBgEEAbIxAQICGjAnMCUGCCsGAQUFBwIBFhlo
dHRwczovL2Nwcy51c2VydHJ1c3QuY29tMAgGBmeBDAECATBBBgNVHR8EOjA4MDag
NKAyhjBodHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vR2FuZGlTdGFuZGFyZFNTTENB
Mi5jcmwwcwYIKwYBBQUHAQEEZzBlMDwGCCsGAQUFBzAChjBodHRwOi8vY3J0LnVz
ZXJ0cnVzdC5jb20vR2FuZGlTdGFuZGFyZFNTTENBMi5jcnQwJQYIKwYBBQUHMAGG
GWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wLQYDVR0RBCYwJIIOYnVmLmxlbW9u
ZGUuZnKCEnd3dy5idWYubGVtb25kZS5mcjCCAXwGCisGAQQB1nkCBAIEggFsBIIB
aAFmAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGJiDfs1gAA
BAMARzBFAiA2iccZ/jhbWsfOoG75SANYczZgPFQbVBEDyDJVUCs7yQIhAMUTwdlS
A8nP6H38sto1yEInEtrjlXW8jX57voG6cIgIAHUA2ra/az+1tiKfm8K7XGvocJFx
bLtRhIU0vaQ9MEjX+6sAAAGJiDftKQAABAMARjBEAiBof7qkAxCUqmnO+XUqxjRb
eKCdqQ+KAcGiw7W+XYJxRQIgEOdBBaE1UK1z8MSe9AfKxBFAyD/fqBSGlA0XHqdZ
dZMAdQDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYmIN+z9AAAE
AwBGMEQCIE95JqTW/zNwDscJOF3I/en1toTEiUJ/EUZSrqOr/vvBAiBKxig83bDU
/RJyD3J18YCRDqSoB44FluU/LGhd7Y4vSjANBgkqhkiG9w0BAQsFAAOCAQEAZqTn
bqBNFZ1IJvNQ1XOMSSh2PvWqR2UMB3I/wpAycFwcLK632rUtPVDBrsVZRK7WGf+M
IsBxXeEWVkBXiADD3kXWOGxR1GILV2spffxt0+vUCsgVsDAagO2rEgTNxexzPPJ8
7yKJKuXm1hPkwLnx7xoZ0FzeZmX0M+hMz3AI0Sllsh5yjEr3By7X/jXRYC4QuTba
+XHXrj8wZ6a+ipwxfztRwC712j6cih8NJ+tjbEKzjkXHaSXI55kRGTNy1IFUkQF2
oNOTwjRCFLMN2L3kxflTJIeaUbuZCfKQzeFicFuqAGMqNdL5886r8kuJg/3kHp49
4sF3R83LjYiIvlC6YQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yytyP2oRn4KO7+yIXKb
ko+n4mdO573EbB2rwzVrGUnD3+8Z5BGgsab+Y8fn7fW43lGDO7TM9Kc3TUTaqRmB
WXokMaQlEG9jrX02XGpiOsIUV5DxwCY/EAG5vQ/FAoOIzGnUBpmDknuICcq7mvfU
ExtQUspN50isgsRjxkZ5hpuKDQny/Mbo2WPZDNoq0adHIeF7Tv4kD3RK1WEDsOSN
VmY/sU2bVj38v12vuL5NHcFfZeMPGLV/BDp2uJRLGaiqAJ/B6dv7yKC7vyaoBauL
sEOJFzYCcxf9RqCNeOHhg9nfqLBJcIVKNsgG2+QzCUTaaUwLGmvZArDrefZKFC6b
7QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 155606500684153837648895283795099690047
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Paris'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Paris'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi Standard SSL CA 2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-24 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-24 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'buf.lemonde.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26658314308992214273861334986509948760469899801325568407898956863791794709889307923483284288718876690308264453491522875223888858552494336920556110600300234597004872782169249194682413962027569644390484656125789341679450803753619441392493444948544772713087072917832780515537820680055892223995663792226722925900124832525504461281184918508245657633406209722777805649820863169910105153477775513380146765589054394945600666027857989957466815339520585133948264202046552229835800321414520729077678142761576417979636179107520728467655815112591542118518617267916317862420880712286533275027996172647899650251253001936236176120813
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b390a7d8c9af4ecd613c9f7cad5d7f41fd6930ea
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b44f045ec7ce4ce01636c429eb5912837d9dad77
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.26
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/GandiStandardSSLCA2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/GandiStandardSSLCA2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'buf.lemonde.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.buf.lemonde.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							016600760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a74000001898837ecd6000004030047304502203689c719fe385b5ac7cea06ef94803587336603c541b541103c83255502b3bc9022100c513c1d95203c9cfe87dfcb2da35c8422712dae39575bc8d7e7bbe81ba708808007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab000001898837ed2900000403004630440220687fbaa4031094aa69cef9752ac6345b78a09da90f8a01c1a2c3b5be5d827145022010e74105a13550ad73f0c49ef407cac41140c83fdfa81486940d171ea7597593007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001898837ecfd000004030046304402204f7926a4d6ff33700ec709385dc8fde9f5b684c489427f114652aea3abfefbc102204ac6283cddb0d4fd12720f7275f180910ea4a8078e0596e53f2c685ded8e2f4a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0066a4e76ea04d159d4826f350d5738c4928763ef5aa47650c07723fc29032705c1c2caeb7dab52d3d50c1aec55944aed619ff8c22c0715de1165640578800c3de45d6386c51d4620b576b297dfc6dd3ebd40ac815b0301a80edab1204cdc5ec733cf27cef22892ae5e6d613e4c0b9f1ef1a19d05cde6665f433e84ccf7008d12965b21e728c4af7072ed7fe35d1602e10b936daf971d7ae3f3067a6be8a9c317f3b51c02ef5da3e9c8a1f0d27eb636c42b38e45c76925c8e79911193372d48154910176a0d393c2344214b30dd8bde4c5f95324879a51bb9909f290cde162705baa00632a35d2f9f3ceabf24b8983fde41e9e3de2c17747cdcb8d8888be50ba61