sophie-show.stefanini.com

- Stefanini, Inc. -

Issued by GlobalSign RSA OV SSL CA 2018

About this certificate

This digital certificate with serial number 51:dd:4d:0d:10:64:34:64:3c:13:41:15 was issued on by GlobalSign nv-sa.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Apple recommends that certificates be issued with a maximum validity of 397 days. TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC should not have a validity period greater than 397 days (https://support.apple.com/en-us/HT211025)

Stefanini, Inc.

Organization: Stefanini, Inc.
State / Province: Michigan
Locality: Southfield
Country: US

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate has expire since

Certificate Details

Serial Number (hex): 51:dd:4d:0d:10:64:34:64:3c:13:41:15
Serial Number (int): 25335822264871764142610137365
Serial Number lenght: 95 bits, 12 octets

SubjectKeyId: 97:b1:c9:09:0b:d0:7f:97:44:30:67:90:7e:ab:f0:3f:bf:7e:d7:9c
AuthorityKeyId: f8:ef:7f:f2:cd:78:67:a8:de:6f:8f:24:8d:88:f1:87:03:02:b3:eb

Fingerprint (sha1): 13:8e:94:10:3a:f0:c7:18:30:48:e2:5f:55:f0:f1:a2:e3:9b:a2:5e
Fingerprint (sha256): 0d:36:1c:fc:b1:6c:78:61:45:86:48:a4:78:29:77:ea:fa:5c:43:62:87:2a:91:c2:57:72:1d:ce:03:77:3f:8e

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt

Revocation information

OCSP Server: http://ocsp.globalsign.com/gsrsaovsslca2018
CRL Distribution Point: http://crl.globalsign.com/gsrsaovsslca2018.crl

Check the revocation status for certificate sophie-show.stefanini.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sophie-show.stefanini.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sophie-show.stefanini.com

Other certificates including the domain name stefanini.com

(limited to 100 certificates)
aodctraining.stefanini.com
goodman-sd.stefanini.com
evoqua-sd-dev.stefanini.com
customurl.konviva.com.br
genchat.stefanini.com
essdbo.stefanini.com
lss-servicedesk.stefanini.com
essd.stefanini.com
lss-servicedesk.stefanini.com
essd.stefanini.com
chat-usapi.stefanini.com
otrs.stefanini.com
puratos-sd.stefanini.com
novaintranet.stefanini.com
nodavpn.stefanini.com
customurl.konviva.com.br
sophie-jcrew-dev.stefanini.com
goodman-reporting.stefanini.com
dl.stefanini.com
sophie-infineum.stefanini.com
sophie-devry.stefanini.com
realtime.stefanini.com
goodman-sd.stefanini.com
essd.stefanini.com
webmail.techteam.com
interno.stefanini.com
customurl.konviva.com.br
sophie-loblaw.stefanini.com
sip.stefanini.com
stefanini-acd-us.stefanini.com
go.stefanini.com
workplace.stefanini.com
customurl.konviva.com.br
eapps.stefanini.com
alex-alcoa-dev.stefanini.com
go.stefanini.com
sophie-show.stefanini.com
customurl.konviva.com.br
eapp.stefanini.com
customurl.konviva.com.br
sophie-cnhi.stefanini.com
lss-dev.stefanini.com
sophie-cnhi-dev.stefanini.com
woodward.stefanini.com
conteudos.stefanini.com
analytics.stefanini.com
epassword.stefanini.com
grc.stefanini.com
novaintranet.stefanini.com
chat-us3.stefanini.com
customurl.konviva.com.br
analytics.stefanini.com
customurl.konviva.com.br
materiais.stefanini.com
customurl.konviva.com.br
epassword.stefanini.com
nam-wlc.stefanini.com
webmail.techteam.com
evoqua-sd.stefanini.com
sophie-demo.stefanini.com
swgservicedesk.stefanini.com
news.stefanini.com
sophiedemoinsurance.app.stefanini.com
customurl.konviva.com.br
Kit-cnhi-dev.stefanini.com
essd.stefanini.com
eportal.stefanini.com
eportal.stefanini.com
swgservicedeskdev.stefanini.com
servicedesk.stefanini.com
1ssl.konviva.com.br
customurl.konviva.com.br
*.stefanini.com
servicedeskportal.stefanini.com
emkt.stefanini.com
essd.stefanini.com
customurl.konviva.com.br
infineumdev.stefanini.com
*.stefanini.com
customurl.konviva.com.br
sophie-meritor-dev.stefanini.com
lss-supportauto.stefanini.com
sophie-devry-dev.stefanini.com
edata.stefanini.com
lss-reporting.stefanini.com
next.stefanini.com
sophie-adtalem-dev.stefanini.com
customurl.konviva.com.br
lss-servicedesk-eu.stefanini.com
sophie-solvay-dev.stefanini.com
sdbot-infineum.stefanini.com
sophie-devry-dev.stefanini.com
infineumcatalog.stefanini.com
mkt.stefanini.com
marketing.stefanini.com
wwe-nam.stefanini.com
chat-eu2.stefanini.com
lss-supportauto.stefanini.com
infineum-proc-dev.stefanini.com
trace.stefanini.com

Certificate

The complete raw certificate details for sophie-show.stefanini.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIMUd1NDRBkNGQ8E0EVMA0GCSqGSIb3DQEBCwUAMFAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSYwJAYDVQQDEx1H
bG9iYWxTaWduIFJTQSBPViBTU0wgQ0EgMjAxODAeFw0yMTEyMDYxMzA2MTJaFw0y
MzAxMDcxMzA2MTJaMHMxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhNaWNoaWdhbjET
MBEGA1UEBxMKU291dGhmaWVsZDEYMBYGA1UEChMPU3RlZmFuaW5pLCBJbmMuMSIw
IAYDVQQDExlzb3BoaWUtc2hvdy5zdGVmYW5pbmkuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAze45D5OsG8UlvU2fHkLcxPN4iR6K4gv0MQhXAP0C
GfZyeDAk2bSz1Xpm8F2IfUCp2IcpKw326rljPCa4xyXbBcthL6NE9MZwNCVfTG6x
tZkr6u4Njs5y1Hd0S4hVJskwDRVP6j9H8mSipZ4K40wwBK6eXuWYXpC62YcZRNnz
n3wU9ulPqRKdpZ0POtsdyLr7Acdyh2NTLvsMwIy0TY8v2YNLrD4JhI5+J0hLIK7f
DigfBjyNuQRiiAvGTAuCbmto3cjDUt+8mSGTGJFePjzSaqsh2k2v9RZG9DQjOpqg
ZZ62CREqQeQa+14RLsmwwewnCpdz0mxnCX8bJSgo14xNdQIDAQABo4IB4zCCAd8w
DgYDVR0PAQH/BAQDAgWgMIGOBggrBgEFBQcBAQSBgTB/MEQGCCsGAQUFBzAChjho
dHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc3JzYW92c3NsY2Ey
MDE4LmNydDA3BggrBgEFBQcwAYYraHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20v
Z3Nyc2FvdnNzbGNhMjAxODBWBgNVHSAETzBNMEEGCSsGAQQBoDIBFDA0MDIGCCsG
AQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAI
BgZngQwBAgIwCQYDVR0TBAIwADA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3Js
Lmdsb2JhbHNpZ24uY29tL2dzcnNhb3Zzc2xjYTIwMTguY3JsMCQGA1UdEQQdMBuC
GXNvcGhpZS1zaG93LnN0ZWZhbmluaS5jb20wHQYDVR0lBBYwFAYIKwYBBQUHAwEG
CCsGAQUFBwMCMB8GA1UdIwQYMBaAFPjvf/LNeGeo3m+PJI2I8YcDArPrMB0GA1Ud
DgQWBBSXsckJC9B/l0QwZ5B+q/A/v37XnDATBgorBgEEAdZ5AgQDAQH/BAIFADAN
BgkqhkiG9w0BAQsFAAOCAQEABA8MRyyh+zS48pIHszN49ACv+eAJUGJwkQkfLYUQ
LSL2u8y/BxLiNNKxedLXQyXWlWKHVN207w/pxSRsjavFSQTw76AwtRrflBkpXj2X
FVwBweqxCO3g+8+hvCY5kzcA11vDQuKJVICritIEGP5I4pYOpfhvmH++LnnODuK8
o7UU5MgYbFYUh+7U1H7UHV2EXiUPpi3v0Fk8NGRe/gvZRNzxg5pzYw2UjmNQ2vKY
l05XtHIfAx2UWVF+u7+E/0guGnZACEWaOJRLvxhIkC46TFg6pFuwTPoWqX/4WddK
1LsEEb6nNKcKLvPgfF7J7ilQ5l4eG9+LMGIjiOOfpagytA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAze45D5OsG8UlvU2fHkLc
xPN4iR6K4gv0MQhXAP0CGfZyeDAk2bSz1Xpm8F2IfUCp2IcpKw326rljPCa4xyXb
BcthL6NE9MZwNCVfTG6xtZkr6u4Njs5y1Hd0S4hVJskwDRVP6j9H8mSipZ4K40ww
BK6eXuWYXpC62YcZRNnzn3wU9ulPqRKdpZ0POtsdyLr7Acdyh2NTLvsMwIy0TY8v
2YNLrD4JhI5+J0hLIK7fDigfBjyNuQRiiAvGTAuCbmto3cjDUt+8mSGTGJFePjzS
aqsh2k2v9RZG9DQjOpqgZZ62CREqQeQa+14RLsmwwewnCpdz0mxnCX8bJSgo14xN
dQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 25335822264871764142610137365
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign RSA OV SSL CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-06 13:06:12 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-07 13:06:12 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Michigan'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Southfield'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Stefanini, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sophie-show.stefanini.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25996324605285419617826146729206025348103769709301428952950184345442148024562311543403411687514119097887266744125776643780261690152308898926583905997058285813005510802476208118118932490998239922253483042623012405553103077600665680764831350727224201795784017441397855022277584995850761467874891869593375140916413804542470321320966101484070809141801445584907308929415579432621615452135153849144568114781290025511346930166208760623160089136759379830561638376385187964238904129033593811875563276341879870736426698452916894354219043588925695384495658349920075217438391062674954132397826715676829030147591341600771157020021
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.globalsign.com/gsrsaovsslca2018'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gsrsaovsslca2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sophie-show.stefanini.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f8ef7ff2cd7867a8de6f8f248d88f1870302b3eb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							97b1c9090bd07f97443067907eabf03fbf7ed79c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00040f0c472ca1fb34b8f29207b33378f400aff9e00950627091091f2d85102d22f6bbccbf0712e234d2b179d2d74325d695628754ddb4ef0fe9c5246c8dabc54904f0efa030b51adf9419295e3d97155c01c1eab108ede0fbcfa1bc2639933700d75bc342e2895480ab8ad20418fe48e2960ea5f86f987fbe2e79ce0ee2bca3b514e4c8186c561487eed4d47ed41d5d845e250fa62defd0593c34645efe0bd944dcf1839a73630d948e6350daf298974e57b4721f031d9459517ebbbf84ff482e1a764008459a38944bbf1848902e3a4c583aa45bb04cfa16a97ff859d74ad4bb0411bea734a70a2ef3e07c5ec9ee2950e65e1e1bdf8b30622388e39fa5a832b4