offerte-heracomm.gruppohera.it

- HERA SPA -

Issued by Thawte RSA CA 2018

About this certificate

This digital certificate with serial number 0a:9f:a6:55:37:38:77:e9:c1:a1:76:41:0a:f0:42:f4 was issued on by DigiCert Inc.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

HERA SPA

Organization: HERA SPA
State / Province: Bologna
Locality: Bologna
Country: IT

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:9f:a6:55:37:38:77:e9:c1:a1:76:41:0a:f0:42:f4
Serial Number (int): 14121228789834157871461282032150135540
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: ab:f2:22:34:86:3e:8c:09:25:e8:39:3e:c2:e7:ab:ad:a0:a0:84:4e
AuthorityKeyId: a3:c8:5e:65:54:e5:30:78:c1:05:ea:07:0a:6a:59:cc:b9:fe:de:5a

Fingerprint (sha1): e1:e9:68:00:43:15:13:1e:89:eb:7e:82:99:15:b7:c7:8e:30:8c:7b
Fingerprint (sha256): 17:06:b2:8f:4f:9a:16:04:35:91:ec:b3:0c:62:37:43:6f:56:3b:26:b3:25:cb:41:c2:96:ee:ee:2f:6a:9a:c0

Issuing Certificate URL: http://cacerts.thawte.com/ThawteRSACA2018.crt

Revocation information

OCSP Server: http://status.thawte.com
CRL Distribution Point: http://cdp.thawte.com/ThawteRSACA2018.crl

Check the revocation status for certificate offerte-heracomm.gruppohera.it

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for offerte-heracomm.gruppohera.it

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

offerte-heracomm.gruppohera.it
offerte.heracomm.com
offerte-amga.gruppohera.it
offerte-amga.heracomm.com
offerte-cmvenergia.gruppohera.it
offerte-cmvenergia.heracomm.com

Other certificates including the domain name gruppohera.it

(limited to 100 certificates)
heureka.gruppohera.it
*.gruppohera.it
gepeweb.gruppohera.it
heureka.gruppohera.it
incapsula.com
*.mobility.gruppohera.it
akamai-san122.exacttarget.com
incapsula.com
incapsula.com
incapsula.com
heureka.gruppohera.it
incapsula.com
*.gruppohera.it
incapsula.com
incapsula.com
heureka.gruppohera.it
akamai-san122.exacttarget.com
incapsula.com
webmail.gruppohera.it
heureka.gruppohera.it
heraricarica.gruppohera.it
offerte-heracomm.gruppohera.it
akamai-san122.exacttarget.com
ragazzi.gruppohera.it
indicienergetici.gruppohera.it
www.gruppohera.it
incapsula.com
incapsula.com
pasemplice-tst.gruppohera.it
incapsula.com
incapsula.com
mobile.gruppohera.it
incapsula.com
sts.gruppohera.it
eng.gruppohera.it
indicienergetici.gruppohera.it
incapsula.com
incapsula.com
incapsula.com
eng.gruppohera.it
incapsula.com
incapsula.com
incapsula.com
indicienergetici.gruppohera.it
incapsula.com
incapsula.com
www.gruppohera.it
incapsula.com
www.minidot.be
heureka.gruppohera.it
servizionline.gruppohera.it
www.gruppohera.it
heracomm.gruppohera.it
incapsula.com
offerte-heracomm.gruppohera.it
*.gruppohera.it
akamai-san122.exacttarget.com
sip.gruppohera.it
www.admin.k-9access.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
heracomm2.gruppohera.it
incapsula.com
heracomm.gruppohera.it
sts.gruppohera.it
servizionline.gruppohera.it
incapsula.com
click.contatti.gruppohera.it
incapsula.com
*.gruppohera.it
www.gruppohera.it
servizionline.gruppohera.it
akamai-san122.exacttarget.com
incapsula.com
ragazzi.gruppohera.it
app.paymytable.com
incapsula.com
incapsula.com
*.gruppohera.it
incapsula.com
incapsula.com
*.mobility.gruppohera.it
sts.gruppohera.it
heracomm2.gruppohera.it
*.gruppohera.it
incapsula.com
heraricarica.gruppohera.it
incapsula.com
heracomm.gruppohera.it
sts.gruppohera.it
beam.gruppohera.it
heracomm.gruppohera.it
incapsula.com
games.gruppohera.it
beam.gruppohera.it

Certificate

The complete raw certificate details for offerte-heracomm.gruppohera.it in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIQCp+mVTc4d+nBoXZBCvBC9DANBgkqhkiG9w0BAQsFADBc
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMRswGQYDVQQDExJUaGF3dGUgUlNBIENBIDIwMTgwHhcN
MTkwNjA2MDAwMDAwWhcNMjAwNjA1MTIwMDAwWjBtMQswCQYDVQQGEwJJVDEQMA4G
A1UECBMHQm9sb2duYTEQMA4GA1UEBxMHQm9sb2duYTERMA8GA1UEChMISEVSQSBT
UEExJzAlBgNVBAMTHm9mZmVydGUtaGVyYWNvbW0uZ3J1cHBvaGVyYS5pdDCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALjEWiXnz3XdLOuJ9yFsXEQvxZcv
vI/eTbkZyML50uqOW+t07yv/1p+WaVqFikQoZQ/BpY2MF6Izw5qs6DYIRS9ViRNR
caI86rTvvBHpcNwBKWNMI2SlF9/5INM3Yj2k9deMbug8b5DcmunkWGkYGddNDZHV
wmXIrCAJpVZeBSplm+pikjP0e8tB21Hu1voicYVzxK5jfahYY50fEt5iuljdNaC4
3PxH9n6jq2bAaWsHokxLvnYPvWByq+KgcMxB7wR4dOCsljJAsX534yqzl9CCnGk+
kv+0d3yDe9ZE9IJt+mdNajwMEu7TijYJ2K2nYhhH7qdh093VMMJkwRe/t2UCAwEA
AaOCAkwwggJIMB8GA1UdIwQYMBaAFKPIXmVU5TB4wQXqBwpqWcy5/t5aMB0GA1Ud
DgQWBBSr8iI0hj6MCSXoOT7C56utoKCETjCBuwYDVR0RBIGzMIGwgh5vZmZlcnRl
LWhlcmFjb21tLmdydXBwb2hlcmEuaXSCFG9mZmVydGUuaGVyYWNvbW0uY29tghpv
ZmZlcnRlLWFtZ2EuZ3J1cHBvaGVyYS5pdIIZb2ZmZXJ0ZS1hbWdhLmhlcmFjb21t
LmNvbYIgb2ZmZXJ0ZS1jbXZlbmVyZ2lhLmdydXBwb2hlcmEuaXSCH29mZmVydGUt
Y212ZW5lcmdpYS5oZXJhY29tbS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8v
Y2RwLnRoYXd0ZS5jb20vVGhhd3RlUlNBQ0EyMDE4LmNybDBMBgNVHSAERTBDMDcG
CWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5j
b20vQ1BTMAgGBmeBDAECAjBvBggrBgEFBQcBAQRjMGEwJAYIKwYBBQUHMAGGGGh0
dHA6Ly9zdGF0dXMudGhhd3RlLmNvbTA5BggrBgEFBQcwAoYtaHR0cDovL2NhY2Vy
dHMudGhhd3RlLmNvbS9UaGF3dGVSU0FDQTIwMTguY3J0MAkGA1UdEwQCMAAwEwYK
KwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAEayTJBe+izYIg28
On9lALKBjgqkALyjZKESQFamqBhFo0QqEoRZqu9AO5Tc0ziHkrzydPaWQIxqOdV5
eeUO39dDSYU1eBlq+LN4C6sEqq8pD43XhqHEPO6eD+zNR9UNLSV3GLXDjLtxZYBG
W88PqgBhbB310uPLfbFFjKdWYGvYGE6vPECgL5pkkdu1jCculCEWlz4aR9JUi+xA
FzDu6pPbIdXRMq3M5F1qAzVE0j/mLSlqRj2HxenIEfDYmu0bTQ1S8LvGSoJj71RE
v2dOtKX2Z/rPLX53kv0BtlPjDWLfniOGtjcqHfwwqfzRgvIXYYjubHhnf2ZBoPaE
aO6YKes=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMRaJefPdd0s64n3IWxc
RC/Fly+8j95NuRnIwvnS6o5b63TvK//Wn5ZpWoWKRChlD8GljYwXojPDmqzoNghF
L1WJE1FxojzqtO+8Eelw3AEpY0wjZKUX3/kg0zdiPaT114xu6DxvkNya6eRYaRgZ
100NkdXCZcisIAmlVl4FKmWb6mKSM/R7y0HbUe7W+iJxhXPErmN9qFhjnR8S3mK6
WN01oLjc/Ef2fqOrZsBpaweiTEu+dg+9YHKr4qBwzEHvBHh04KyWMkCxfnfjKrOX
0IKcaT6S/7R3fIN71kT0gm36Z01qPAwS7tOKNgnYradiGEfup2HT3dUwwmTBF7+3
ZQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 14121228789834157871461282032150135540
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-05 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bologna'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bologna'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HERA SPA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'offerte-heracomm.gruppohera.it'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23324672963140272601121572963984554304252865835671048744199864227288624374528812603994643618267571573244500041020743993905842876102485018872584324953155170236445377920014683108740988860047423920551632211616102581510184959444643508975328094074199715854746101254035977286726698578526118581634269786649187406577958456428861133206711189072720459004577841519714324332479672679737238540446877428143009487634506877589228798159191693519978736515922356764774095311905661676923768894200970770672603924480768622216292686741752528716663297183704612824885393239345559448945561447556944233276147036685892787935702969222009859323749
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a3c85e6554e53078c105ea070a6a59ccb9fede5a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							abf22234863e8c0925e8393ec2e7abada0a0844e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (179 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'offerte-heracomm.gruppohera.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'offerte.heracomm.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'offerte-amga.gruppohera.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'offerte-amga.heracomm.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'offerte-cmvenergia.gruppohera.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'offerte-cmvenergia.heracomm.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0046b24c905efa2cd8220dbc3a7f6500b2818e0aa400bca364a1124056a6a81845a3442a128459aaef403b94dcd3388792bcf274f696408c6a39d57979e50edfd74349853578196af8b3780bab04aaaf290f8dd786a1c43cee9e0feccd47d50d2d257718b5c38cbb716580465bcf0faa00616c1df5d2e3cb7db1458ca756606bd8184eaf3c40a02f9a6491dbb58c272e942116973e1a47d2548bec401730eeea93db21d5d132adcce45d6a033544d23fe62d296a463d87c5e9c811f0d89aed1b4d0d52f0bbc64a8263ef5444bf674eb4a5f667facf2d7e7792fd01b653e30d62df9e2386b6372a1dfc30a9fcd182f2176188ee6c78677f6641a0f68468ee9829eb