corpidc-app20.corp.lafargeone.net

- Lafarge -

Issued by thawte SSL CA - G2

About this certificate

This digital certificate with serial number 1b:07:14:7d:60:91:2f:b8:35:d9:98:90:f0:92:84:f4 was issued on by thawte, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Lafarge

Organization: Lafarge
Organization unit: ToIP
State / Province: Paris
Locality: Paris
Country: FR

thawte, Inc.

Organization: thawte, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 1b:07:14:7d:60:91:2f:b8:35:d9:98:90:f0:92:84:f4
Serial Number (int): 35925917545800940214252334805922514164
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: c2:4f:48:57:fc:d1:4f:9a:c0:5d:38:7d:0e:05:db:d9:2e:b5:52:60

Fingerprint (sha1): a8:58:9a:56:cc:3a:20:85:91:c1:80:ea:70:3c:ad:51:ce:3b:48:0d
Fingerprint (sha256): 0a:7a:a9:cd:6e:9c:e5:90:be:a8:61:cb:7c:ff:ed:23:1d:b2:34:2b:9f:a0:08:64:2b:b5:95:3d:a2:f7:04:a8

Issuing Certificate URL: http://tj.symcb.com/tj.crt

Revocation information

OCSP Server: http://tj.symcd.com
CRL Distribution Point: http://tj.symcb.com/tj.crl

Check the revocation status for certificate corpidc-app20.corp.lafargeone.net

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for corpidc-app20.corp.lafargeone.net

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

videoguest.lafarge.com
corpidc-app20.corp.lafargeone.net

Other certificates including the domain name lafargeone.net

(limited to 100 certificates)
corpidc-app20.corp.lafargeone.net
amaulb01.am.dev.lafargeone.net
corpidc-app20.corp.lafargeone.net
citrix.am.lafargeone.net
citrix.am.lafargeone.net
corpidc-app22.lafarge.com
amatabpd000.am.lafargeone.net
citrixqa.am.qua.lafargeone.net
amaulb01.am.dev.lafargeone.net
corpidc-app20.corp.lafargeone.net
citrix.am.lafargeone.net
amapscvip500.am.lafargeone.net
amapscvip000.am.lafargeone.net
corpidc-app22.lafarge.com
citrixqa.am.qua.lafargeone.net

Certificate

The complete raw certificate details for corpidc-app20.corp.lafargeone.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG6TCCBdGgAwIBAgIQGwcUfWCRL7g12ZiQ8JKE9DANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTYxMDA0MDAwMDAwWhcNMTcxMTA1MjM1OTU5
WjB6MQswCQYDVQQGEwJGUjEOMAwGA1UECAwFUGFyaXMxDjAMBgNVBAcMBVBhcmlz
MRAwDgYDVQQKDAdMYWZhcmdlMQ0wCwYDVQQLDARUb0lQMSowKAYDVQQDDCFjb3Jw
aWRjLWFwcDIwLmNvcnAubGFmYXJnZW9uZS5uZXQwggIiMA0GCSqGSIb3DQEBAQUA
A4ICDwAwggIKAoICAQC4ZqzquoB/MOZTl99gB94LFuHL3fO08/49rqQQAyxTPsAe
9dQwY/cWOzKMAe1aLI/N1cPDrxAVQNgHq+HRfrq/kZ+QsS+qUaV/Q+m0QHnau1FN
CLVrmivYAZWEQH3VhGxnHR15+9hk0zymcDbwOyR/WUZPghLETuMlbTNqRR3r/VeT
U+2H14iEtIUzXcyRndOLmFT9zWl69Xdo0xDCRmcbqZ6IzNoJtAoTYVscYwCf5Qsp
pBjPy/3O9gVvekscrTlPZ5koucEz4eU4X+fNMKv/X/btsJDEAwzjj2P+SDWvzPxi
g5MsdXLGjLVG8MTU+sGomGZFhqhcbSFFKS6ie8rQGq3OLBygWTU5oCKl/0ykCazY
z0KBsvNpsMO+XimBElE8VQjr3yETg19kEB0AtqpGaddEJ+Rpy0u6YMdaolhGwzX+
no2uoR2dXsWWOusbCIZlold19vYXkrWijo5mFlsQ0A+JZ2eJYqj5uJmM0pGQ3zkc
2LhmBotXsRxoTUDQOAMHflukhhiZrqAKI/NkUKUrqaEETr6YoubC/A98/9llAuWn
VqDuSkh9U0tz4n57r1QEiLafsCUrDreTpN3DK5zA1T6oV/EF7po3m37C58PMrhBx
n2A7ixJBi+VuZvUh/eXtDMtTsCv/Bjr/5SFQtk/WgaGqEnmBnWWLIRBaSnKR9QID
AQABo4ICojCCAp4wRAYDVR0RBD0wO4IWdmlkZW9ndWVzdC5sYWZhcmdlLmNvbYIh
Y29ycGlkYy1hcHAyMC5jb3JwLmxhZmFyZ2VvbmUubmV0MAkGA1UdEwQCMAAwbgYD
VR0gBGcwZTBjBgZngQwBAgIwWTAmBggrBgEFBQcCARYaaHR0cHM6Ly93d3cudGhh
d3RlLmNvbS9jcHMwLwYIKwYBBQUHAgIwIwwhaHR0cHM6Ly93d3cudGhhd3RlLmNv
bS9yZXBvc2l0b3J5MA4GA1UdDwEB/wQEAwIFoDAfBgNVHSMEGDAWgBTCT0hX/NFP
msBdOH0OBdvZLrVSYDArBgNVHR8EJDAiMCCgHqAchhpodHRwOi8vdGouc3ltY2Iu
Y29tL3RqLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwVwYIKwYB
BQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vdGouc3ltY2QuY29tMCYGCCsG
AQUFBzAChhpodHRwOi8vdGouc3ltY2IuY29tL3RqLmNydDCCAQMGCisGAQQB1nkC
BAIEgfQEgfEA7wB2AN3rHSt6DU+mIIuBrYFocH4ujp0B1VyIjT0RxM227L7MAAAB
V46LsjoAAAQDAEcwRQIhAKw829e+MvpHamQyNiEKcj4a5LpS40Xt9CIZv/GNCnSS
AiAVa90ccZyM9+rgBQzHycRV0YLjT+ItZyd5w4dmf67pHQB1AGj2mPgfZIK+Oozu
uSgdTPxxUV1nk9RE0QpnrLtPT/vEAAABV46LsmYAAAQDAEYwRAIgV+3iUDBcb6iR
PMOR4ub1upvgzjIL+xI8qVxYFmgqKdACIBTnbFinVXFrebvXTpLdQZH4nfNxnkJ0
JzBXcYKWKCy5MA0GCSqGSIb3DQEBCwUAA4IBAQAX5Gj+2UaVbD8Pmo8bqBuAqd/U
u8SPIBgsBHmwDv4dbh6dancZEJ/UJw5XNZF7uQrRKLxPY5Xw0NUjB6F6iOMx/pCJ
UQ61IpS57OBGXbqu9eAkHhklPftDixHdVvviTzxShw5sj2Z5vT536Zfg3Fu52tcW
8Hc2QCKZ56SAKLmM/Pp84RgFo47TiIzZscTjf2DVZvdOS+TketSZNB5PIVWeur0c
Ge9q1IyuDEtS2nj+CnB266QvZqU0Ext2aCf/SNjD1u61gEdqXnpoLbAGizToCDaX
XVySYvkCGRcbiTpAKnKOHKwU1tTzVGaIFhmhkGsnQUeIYhVDuYXjKCXVw2Vt
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuGas6rqAfzDmU5ffYAfe
Cxbhy93ztPP+Pa6kEAMsUz7AHvXUMGP3FjsyjAHtWiyPzdXDw68QFUDYB6vh0X66
v5GfkLEvqlGlf0PptEB52rtRTQi1a5or2AGVhEB91YRsZx0defvYZNM8pnA28Dsk
f1lGT4ISxE7jJW0zakUd6/1Xk1Pth9eIhLSFM13MkZ3Ti5hU/c1pevV3aNMQwkZn
G6meiMzaCbQKE2FbHGMAn+ULKaQYz8v9zvYFb3pLHK05T2eZKLnBM+HlOF/nzTCr
/1/27bCQxAMM449j/kg1r8z8YoOTLHVyxoy1RvDE1PrBqJhmRYaoXG0hRSkuonvK
0BqtziwcoFk1OaAipf9MpAms2M9CgbLzabDDvl4pgRJRPFUI698hE4NfZBAdALaq
RmnXRCfkactLumDHWqJYRsM1/p6NrqEdnV7FljrrGwiGZaJXdfb2F5K1oo6OZhZb
ENAPiWdniWKo+biZjNKRkN85HNi4ZgaLV7EcaE1A0DgDB35bpIYYma6gCiPzZFCl
K6mhBE6+mKLmwvwPfP/ZZQLlp1ag7kpIfVNLc+J+e69UBIi2n7AlKw63k6Tdwyuc
wNU+qFfxBe6aN5t+wufDzK4QcZ9gO4sSQYvlbmb1If3l7QzLU7Ar/wY6/+UhULZP
1oGhqhJ5gZ1liyEQWkpykfUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 35925917545800940214252334805922514164
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte SSL CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-10-04 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-05 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Paris'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Paris'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Lafarge'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ToIP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'corpidc-app20.corp.lafargeone.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 752290755850653965862795305860824427884081871529859442499899588114950741083339371026047105250524981583789593383061295595343890814808037588870126861888428129222479673197137349721770073498332381038421651276681028996843281991180283222680632202959972099007006805155312240538802124582258096771631130739392013880363515163284989459802476700873822756633834242103299311501842004676392532444007919402490237713638126409817180647657423315962956436411480885070018026668605431016518667588740410564451837085709311453401368349201657971655721156843599087617802330304303333033112910408508052781716634159834011458612641394933891811066145242091801986082474204505464397095391643208940039125361247743158337692565654174332567579717529722397260777667316549124749861228219184632099209432186984624153143391636612343943932938467056540047658797184339688250117350541878557897426060282962430516901639880104128329152312776770216892700864003010099165428824185307400919699371631368953074538032786507224779861084202737138430031263107525385601834664141946868170081579954748248256343038237049228161109011068187819278432433204733914799382188737483655601682372381165556587308575745758851268590334370663778634467986263331854275742053837200505220074877026735106533983687157
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'videoguest.lafarge.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corpidc-app20.corp.lafargeone.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c24f4857fcd14f9ac05d387d0e05dbd92eb55260
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc000001578e8bb23a0000040300473045022100ac3cdbd7be32fa476a643236210a723e1ae4ba52e345edf42219bff18d0a74920220156bdd1c719c8cf7eae0050cc7c9c455d182e34fe22d672779c387667faee91d00750068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc4000001578e8bb2660000040300463044022057ede250305c6fa8913cc391e2e6f5ba9be0ce320bfb123ca95c5816682a29d0022014e76c58a755716b79bbd74e92dd4191f89df3719e4274273057718296282cb9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0017e468fed946956c3f0f9a8f1ba81b80a9dfd4bbc48f20182c0479b00efe1d6e1e9d6a7719109fd4270e5735917bb90ad128bc4f6395f0d0d52307a17a88e331fe9089510eb52294b9ece0465dbaaef5e0241e19253dfb438b11dd56fbe24f3c52870e6c8f6679bd3e77e997e0dc5bb9dad716f07736402299e7a48028b98cfcfa7ce11805a38ed3888cd9b1c4e37f60d566f74e4be4e47ad499341e4f21559ebabd1c19ef6ad48cae0c4b52da78fe0a7076eba42f66a534131b766827ff48d8c3d6eeb580476a5e7a682db0068b34e80836975d5c9262f90219171b893a402a728e1cac14d6d4f35466881619a1906b27414788621543b985e32825d5c3656d