firewall.kicherer.de

- Friedrich Kicherer GmbH & Co. KG -

Issued by GlobalSign Organization Validation CA - SHA256 - G2

About this certificate

This digital certificate with serial number 11:21:15:34:35:36:54:28:06:86:de:d8:a7:4c:a7:0a:d8:f2 was issued on by GlobalSign nv-sa.

With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DNSNames must have a valid TLD. (BRs: 3.2.2.4)
  • 2 DNS name(s) are bare public suffixes: exserver2, exserver The domain SHOULD NOT have a bare public suffix (awslabs certlint)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Friedrich Kicherer GmbH & Co. KG

Organization: Friedrich Kicherer GmbH & Co. KG
Organization unit: IT
State / Province: Baden-Wuerttemberg
Locality: Ellwangen
Country: DE

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate has expire since

Certificate Details

Serial Number (hex): 11:21:15:34:35:36:54:28:06:86:de:d8:a7:4c:a7:0a:d8:f2
Serial Number (int): 1492166363814935364229254021764088177809650
Serial Number lenght: 141 bits, 18 octets

SubjectKeyId: af:fe:bd:e6:d4:9a:d2:9b:53:9f:08:ad:9f:14:e3:fd:df:84:2b:ec
AuthorityKeyId: 96:de:61:f1:bd:1c:16:29:53:1c:c0:cc:7d:3b:83:00:40:e6:1a:7c

Fingerprint (sha1): 91:a6:c5:5d:30:6e:30:54:f7:8a:03:73:3c:1b:3a:aa:21:14:1e:bc
Fingerprint (sha256): 11:f8:48:da:7b:81:63:bf:36:d1:d2:5a:44:f7:c6:4f:97:58:4a:a3:fb:72:cc:56:d7:a5:26:61:2b:c5:26:bc

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsorganizationvalsha2g2
CRL Distribution Point: http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl

Check the revocation status for certificate firewall.kicherer.de

13

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for firewall.kicherer.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

firewall.kicherer.de
exserver.kicherer.local
autodiscover.kicherer.de
exserver2.kicherer.local
exserver2
kicherer.de
web.kicherer.de
exserver
mail.kicherer.local
web.kicherer.local
mail.kicherer.de
logon.kicherer.de
adfs.kicherer.de

Other certificates including the domain name kicherer.de

(limited to 100 certificates)
kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
firewall.kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
firewall.kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer-home.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
forms.kicherer.de
*.kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
kicherer.de
*.kicherer.de
kicherer-home.de
kicherer-home.de
kicherer.de
kicherer.de
*.kicherer.de
kicherer.de

Certificate

The complete raw certificate details for firewall.kicherer.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGSjCCBTKgAwIBAgISESEVNDU2VCgGht7Yp0ynCtjyMA0GCSqGSIb3DQEBCwUA
MGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYD
VQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hB
MjU2IC0gRzIwHhcNMTUwNTEzMTMyNzA4WhcNMTUxMDIxMTQyMDI3WjCBmTELMAkG
A1UEBhMCREUxGzAZBgNVBAgTEkJhZGVuLVd1ZXJ0dGVtYmVyZzESMBAGA1UEBxMJ
RWxsd2FuZ2VuMQswCQYDVQQLEwJJVDEtMCsGA1UECgwkRnJpZWRyaWNoIEtpY2hl
cmVyIEdtYkggJmFtcDsgQ28uIEtHMR0wGwYDVQQDExRmaXJld2FsbC5raWNoZXJl
ci5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKq7qaHNFF06vH0u
BPiD/uw2eNSfrofg02tNQThn+0EeozS97Xj6Ucb1PE6VtYvssA9xX+YHuGXGQdg8
sADcfYSk3vbDkeFKmdGasqKl//dSsKAL6VTCJePEkj/KL0ZBQSt9tsvXZytGG2+A
r9omOM7iwJBxbadi0+k2RDXtljdcHY+FCOqhTRIVBLHlM9R6+KGIDTOBXlVBpWcF
EVZahbnZjpG5arTDC39DzVzyluM/U4pBasA0riQmSSHB0VlmPdxFFz8b/rU0NLMT
f94VuqbO+CGetwRHbX6g1zBXG56DATPsl6EUw6ONtbjxyG6JW8RnONgDoLbaTXll
yOM9GxUCAwEAAaOCArwwggK4MA4GA1UdDwEB/wQEAwIFoDBJBgNVHSAEQjBAMD4G
BmeBDAECAjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNv
bS9yZXBvc2l0b3J5LzCCAQEGA1UdEQSB+TCB9oIUZmlyZXdhbGwua2ljaGVyZXIu
ZGWCF2V4c2VydmVyLmtpY2hlcmVyLmxvY2FsghhhdXRvZGlzY292ZXIua2ljaGVy
ZXIuZGWCGGV4c2VydmVyMi5raWNoZXJlci5sb2NhbIIJZXhzZXJ2ZXIyggtraWNo
ZXJlci5kZYIPd2ViLmtpY2hlcmVyLmRlgghleHNlcnZlcoITbWFpbC5raWNoZXJl
ci5sb2NhbIISd2ViLmtpY2hlcmVyLmxvY2FsghBtYWlsLmtpY2hlcmVyLmRlghFs
b2dvbi5raWNoZXJlci5kZYIQYWRmcy5raWNoZXJlci5kZTAJBgNVHRMEAjAAMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBJBgNVHR8EQjBAMD6gPKA6hjho
dHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzL2dzb3JnYW5pemF0aW9udmFsc2hh
MmcyLmNybDCBoAYIKwYBBQUHAQEEgZMwgZAwTQYIKwYBBQUHMAKGQWh0dHA6Ly9z
ZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzb3JnYW5pemF0aW9udmFsc2hh
MmcycjEuY3J0MD8GCCsGAQUFBzABhjNodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5j
b20vZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIwHQYDVR0OBBYEFK/+vebUmtKbU58I
rZ8U4/3fhCvsMB8GA1UdIwQYMBaAFJbeYfG9HBYpUxzAzH07gwBA5hp8MA0GCSqG
SIb3DQEBCwUAA4IBAQAZ9BMcIWIWM1K/SIChMMsS2HEI3+VsPsGbMGTZjN/NDatw
g2vlZQaVrRtBJWhzuIao4TAsK2PapoznZhXaI+TnEZOrJn20JcIq+oFj98ELEI3A
CSJnZq6L0hCmpAp2GxmUwOkywx7iv6EHqprVRLyx9BYEbzWalwQXNu5RLqLDF34t
v+6+JhtxQdEFN1NPDrhACyi/Yuhc8Rqvfs525iRWx5h+C+5uBfALhvQDTSRx5Qma
de/OYzdAQTqEbYN6dDdzn/JACo1dANGTnJkzb9CBIQx2uSZd0JlXPhk+e+mHwW5P
KPEZKvkH16DRnNzCOqRfyzCnT9/jTe5ExDYdYaRl
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrupoc0UXTq8fS4E+IP+
7DZ41J+uh+DTa01BOGf7QR6jNL3tePpRxvU8TpW1i+ywD3Ff5ge4ZcZB2DywANx9
hKTe9sOR4UqZ0ZqyoqX/91KwoAvpVMIl48SSP8ovRkFBK322y9dnK0Ybb4Cv2iY4
zuLAkHFtp2LT6TZENe2WN1wdj4UI6qFNEhUEseUz1Hr4oYgNM4FeVUGlZwURVlqF
udmOkblqtMMLf0PNXPKW4z9TikFqwDSuJCZJIcHRWWY93EUXPxv+tTQ0sxN/3hW6
ps74IZ63BEdtfqDXMFcbnoMBM+yXoRTDo421uPHIbolbxGc42AOgttpNeWXI4z0b
FQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1492166363814935364229254021764088177809650
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Organization Validation CA - SHA256 - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-05-13 13:27:08 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-10-21 14:20:27 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Baden-Wuerttemberg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ellwangen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Friedrich Kicherer GmbH & Co. KG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'firewall.kicherer.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21553051733694787938108939980465025225978686576690751710884269029733556862278932273603883358097302382631039540691530959611562548901344263305300593398746779886017566040192140705406415993334600031732638241128812795607605979002795702757235357852048176316180084766202926059878307288600243648521374920459784798688205689554801659661477036854624902063420282422070564925936234579569682886336541114746273405144888565854553433965681220779549501484151092543272961566696355616301872161445642299553353089686411371688494207973570141627493075755648986770316827641874598356568087001852286913409334703326851670100937120636664152922901
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (249 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'firewall.kicherer.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'exserver.kicherer.local'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.kicherer.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'exserver2.kicherer.local'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'exserver2'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kicherer.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'web.kicherer.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'exserver'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.kicherer.local'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'web.kicherer.local'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.kicherer.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'logon.kicherer.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'adfs.kicherer.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (147 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsorganizationvalsha2g2'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							affebde6d49ad29b539f08ad9f14e3fddf842bec
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 96de61f1bd1c1629531cc0cc7d3b830040e61a7c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0019f4131c2162163352bf4880a130cb12d87108dfe56c3ec19b3064d98cdfcd0dab70836be5650695ad1b41256873b886a8e1302c2b63daa68ce76615da23e4e71193ab267db425c22afa8163f7c10b108dc009226766ae8bd210a6a40a761b1994c0e932c31ee2bfa107aa9ad544bcb1f416046f359a97041736ee512ea2c3177e2dbfeebe261b7141d10537534f0eb8400b28bf62e85cf11aaf7ece76e62456c7987e0bee6e05f00b86f4034d2471e5099a75efce633740413a846d837a7437739ff2400a8d5d00d1939c99336fd081210c76b9265dd099573e193e7be987c16e4f28f1192af907d7a0d19cdcc23aa45fcb30a74fdfe34dee44c4361d61a465