kenhonda.okwave.jp

- OKWave -

Issued by SECOM Passport for Web SR 2.0 CA

About this certificate

This digital certificate with serial number 4e:09:29:31:b1:d2:bd:de was issued on by SECOM Trust Systems CO.,LTD..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

OKWave

Organization: OKWave
Organization unit: System Dept.
State / Province: Tokyo
Locality: Shibuya-ku
Country: JP

SECOM Trust Systems CO.,LTD.

Organization: SECOM Trust Systems CO.,LTD.
Country: JP

This certificate has expire since

Certificate Details

Serial Number (hex): 4e:09:29:31:b1:d2:bd:de
Serial Number (int): 5623070903162289630
Serial Number lenght: 63 bits, 8 octets

SubjectKeyId: d7:0a:28:bb:13:9f:f0:02:18:f0:d3:c2:28:d7:b4:aa:00:d2:54:1c
AuthorityKeyId: 30:9a:00:57:99:44:63:6b:c9:b2:f2:3d:8d:83:6b:3b:d7:9d:ef:64

Fingerprint (sha1): 32:6c:8c:43:2a:0b:c1:3d:60:0d:ce:f0:91:9a:c7:56:40:fb:ec:01
Fingerprint (sha256): 0c:eb:28:b3:15:c5:53:2a:48:e6:38:67:13:60:02:f9:cc:fe:5f:45:d4:b4:49:9a:74:87:83:da:b1:a3:43:52


Revocation information

OCSP Server: http://sr20.ocsp.secomtrust.net
CRL Distribution Point: http://repo1.secomtrust.net/spcpp/pfw/pfwsr2ca/fullcrl.crl

Check the revocation status for certificate kenhonda.okwave.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for kenhonda.okwave.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

kenhonda.okwave.jp

Other certificates including the domain name okwave.jp

(limited to 100 certificates)
kenhonda.okwave.jp
okguide.okwave.jp
admin.dev03.gratica.okwave.jp
dev03.gratica.okwave.jp
m.okbiz.okwave.jp
mobile.okwave.jp
admin-test.ai.okbiz.okwave.jp
dev01.gratica.lab.dev.okwave.jp
gazo.okwave.jp
okexperts.okwave.jp
bizcs.stg.aws.okwave.jp
seank.okwave.jp
secure-demo.okbiz.okwave.jp
dev03.gratica.okwave.jp
kenhonda.okwave.jp
*.stg.aws.okwave.jp
kenhonda.okwave.jp
secure.okbiz.okwave.jp
admin.dev03.gratica.okwave.jp
kenhonda.okwave.jp
ok7.okwave.jp
admin.gratica.okwave.jp
dev03.gratica.okwave.jp
cdn.gazo.okwave.jp
dev02.gratica.lab.dev.okwave.jp
*.okwave.jp
secure.okfaq.okwave.jp
gratica.okwave.jp
sso.okbiz.okwave.jp
dev02.gratica.okwave.jp
admin.dev03.gratica.okwave.jp
konmari.okwave.jp
secure-test.okbiz.okwave.jp
service.okwave.jp
dev04.gratica.okwave.jp
secure-test.okbiz.okwave.jp
kw.lab.dev.okwave.jp
secure.webapi.okwave.jp
assets.konmari.okwave.jp
assets.konmari.okwave.jp
ssl3.okwave.jp
dev04.gratica.okwave.jp
*.okwave.jp
okgaia.okwave.jp
admin.dev03.gratica.okwave.jp
konmari.okwave.jp
m.okbiz.okwave.jp
okguide.okwave.jp
okstars.okwave.jp
m.okbiz.okwave.jp
dev03.gratica.okwave.jp
*.okwave.jp
baseball.okwave.jp
secure.okfaq.okwave.jp
oketter.okwave.jp
okauth.okwave.jp
okwave.jp
okwave.jp
mobile.dev.okwave.jp
dev02.gratica.lab.dev.okwave.jp
secure-test.okbiz.okwave.jp
dev03.gratica.okwave.jp
admin.stg02.gratica.okwave.jp
secure.okbiz.okwave.jp
gazo.okwave.jp
okauth.netricoh.okwave.jp
okbizcs.okwave.jp
zatsugaku.okwave.jp
gratica.okwave.jp
ssl2.okwave.jp
*.okwave.jp
dev02.gratica.lab.dev.okwave.jp
okguide.okwave.jp
dev03.gratica.okwave.jp
dev.baseball.okwave.jp
konmari.okwave.jp
secure-test.okbiz.okwave.jp
secure.webapi.okwave.jp
sp.dev.okwave.jp
secure.okbiz.okwave.jp
mobile.okwave.jp
dev01.gratica.lab.dev.okwave.jp
okauth.askdoctors.okwave.jp
dev04.gratica.okwave.jp
*.okwave.jp
dev01.gratica.lab.dev.okwave.jp
dev03.gratica.okwave.jp
stg02.gratica.okwave.jp
sp.dev.okwave.jp
okwave.jp
dev02.gratica.lab.dev.okwave.jp
konmari.okwave.jp
okwave.jp
mobile.okwave.jp
service.okwave.jp
zatsugaku.okwave.jp
staffblog.okwave.jp
dev03.gratica.okwave.jp
dev01.gratica.okwave.jp
service.okwave.jp

Certificate

The complete raw certificate details for kenhonda.okwave.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgIITgkpMbHSvd4wDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UE
BhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKTAn
BgNVBAMTIFNFQ09NIFBhc3Nwb3J0IGZvciBXZWIgU1IgMi4wIENBMB4XDTE0MDUx
NTAyMzEwNFoXDTE4MDYwODE0NTk1OVowdzELMAkGA1UEBhMCSlAxDjAMBgNVBAgT
BVRva3lvMRMwEQYDVQQHEwpTaGlidXlhLWt1MQ8wDQYDVQQKEwZPS1dhdmUxFTAT
BgNVBAsTDFN5c3RlbSBEZXB0LjEbMBkGA1UEAxMSa2VuaG9uZGEub2t3YXZlLmpw
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiLhpDtQW0VqLCIlVf8d
xUOHPCQ0CggSQU9n0z+XWZHb1h9D/h0t3Gv8uNXB//JTpRhZgFN76/UN1mrFQbbK
jrotyb1FmrevBqreJC8s6+4wWiXm+cVASX1Nl6CRyrHfeyaCvME+jOad8nnLx1lg
ZgJN9P0znQ0Bs6X91dtx4V8z0JMRL/APCo0hmFug53v+iG6k61Pkc+v0+uf9TV56
JH5/NBoqRTQAotynFTy064Auj36recYJz0gBE9HfldfSkWVrr76esMknkSO2BjaO
tmAQdHcNvqcGmUiZTPoU2i3cE0C4cIKpNdknBLJ6vNaTNdVhfnyMRstE5H443/Km
gQIDAQABo4IBfjCCAXowDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUF
BwMBMB0GA1UdDgQWBBTXCii7E5/wAhjw08Io17SqANJUHDAfBgNVHSMEGDAWgBQw
mgBXmURja8my8j2Ng2s7153vZDAdBgNVHREEFjAUghJrZW5ob25kYS5va3dhdmUu
anAwVwYDVR0gBFAwTjBMBgoqgwiMmxtkhWUBMD4wPAYIKwYBBQUHAgEWMGh0dHBz
Oi8vcmVwbzEuc2Vjb210cnVzdC5uZXQvc3BjcHAvcGZ3L3Bmd3NyMmNhLzBLBgNV
HR8ERDBCMECgPqA8hjpodHRwOi8vcmVwbzEuc2Vjb210cnVzdC5uZXQvc3BjcHAv
cGZ3L3Bmd3NyMmNhL2Z1bGxjcmwuY3JsMDsGCCsGAQUFBwEBBC8wLTArBggrBgEF
BQcwAYYfaHR0cDovL3NyMjAub2NzcC5zZWNvbXRydXN0Lm5ldDARBglghkgBhvhC
AQEEBAMCBkAwDQYJKoZIhvcNAQEFBQADggEBAJjd0COfrH/5dEKKzy2OtS+fXRuP
52DCTi00NPzhy+PhRb2LWd0ugUI7b0O/Hlo3DYv6JJ67uCEYKgQTH789oRVcYqNm
gmey7qJD3fLrhKCb5LLadOzzkF8MkVZ10hbB0ZPrfnMY/Jf1rSGLI2hDJGsohzKw
KvZNA85ci/K7xJiXZYkdoW5Hrjx2s89W7KtosWFsEYnQPRUQoPtarArJHh+Ivg2/
pAqz4j5am/3ILx/Tl1i85pnj+ip3bHbeWVrvZfCltfZ/s/MDEGl+7+525kcrxDMK
hHir1GUJROgm98136w96ANYnhwEUWDvPLdKtxge8ug74tShbJpfvLvu5s+s=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiLhpDtQW0VqLCIlVf8d
xUOHPCQ0CggSQU9n0z+XWZHb1h9D/h0t3Gv8uNXB//JTpRhZgFN76/UN1mrFQbbK
jrotyb1FmrevBqreJC8s6+4wWiXm+cVASX1Nl6CRyrHfeyaCvME+jOad8nnLx1lg
ZgJN9P0znQ0Bs6X91dtx4V8z0JMRL/APCo0hmFug53v+iG6k61Pkc+v0+uf9TV56
JH5/NBoqRTQAotynFTy064Auj36recYJz0gBE9HfldfSkWVrr76esMknkSO2BjaO
tmAQdHcNvqcGmUiZTPoU2i3cE0C4cIKpNdknBLJ6vNaTNdVhfnyMRstE5H443/Km
gQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5623070903162289630
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Trust Systems CO.,LTD.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Passport for Web SR 2.0 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-05-15 02:31:04 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-06-08 14:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tokyo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Shibuya-ku'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'OKWave'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'System Dept.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kenhonda.okwave.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25012385048726217720598133400750137383685585278901349172124850119048926060650227022849806542830554558103395245147710059099438597000249350311617159843052516684248275281437447078230044109840129467858906703733967217016017820962747309444822412878045336776868873612281167401407687861386174084843875006407449242113713003426559385211940076946454248205230761223381571394667253677526015331341816719980831999076047949411175294453502123578810076621459032130137012348843341186862022762384366970359854052469322572582885275834304040828773329377330910490001813969908540961567119731896638071292174021818930441802585501381684242851457
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d70a28bb139ff00218f0d3c228d7b4aa00d2541c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 309a00579944636bc9b2f23d8d836b3bd79def64
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kenhonda.okwave.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.392.200091.100.741.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repo1.secomtrust.net/spcpp/pfw/pfwsr2ca/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repo1.secomtrust.net/spcpp/pfw/pfwsr2ca/fullcrl.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://sr20.ocsp.secomtrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113730.1.1 (netscape-cert-type)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2 bits)
							0640
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0098ddd0239fac7ff974428acf2d8eb52f9f5d1b8fe760c24e2d3434fce1cbe3e145bd8b59dd2e81423b6f43bf1e5a370d8bfa249ebbb821182a04131fbf3da1155c62a3668267b2eea243ddf2eb84a09be4b2da74ecf3905f0c915675d216c1d193eb7e7318fc97f5ad218b236843246b288732b02af64d03ce5c8bf2bbc4989765891da16e47ae3c76b3cf56ecab68b1616c1189d03d1510a0fb5aac0ac91e1f88be0dbfa40ab3e23e5a9bfdc82f1fd39758bce699e3fa2a776c76de595aef65f0a5b5f67fb3f30310697eefee76e6472bc4330a8478abd4650944e826f7cd77eb0f7a00d627870114583bcf2dd2adc607bcba0ef8b5285b2697ef2efbb9b3eb