www.shop.ekom21.de

- ekom21 - KGRZ Hessen K.d.oe.R. -

Issued by GlobalSign Organization Validation CA - G2

About this certificate

This digital certificate with serial number 11:21:80:26:80:3a:ff:7e:4c:87:94:3e:0b:31:3a:9f:d2:97 was issued on by GlobalSign nv-sa.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

ekom21 - KGRZ Hessen K.d.oe.R.

Organization: ekom21 - KGRZ Hessen K.d.oe.R.
Organization unit: IT Operations
State / Province: Hessen
Locality: Giessen
Country: DE

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate has expire since

Certificate Details

Serial Number (hex): 11:21:80:26:80:3a:ff:7e:4c:87:94:3e:0b:31:3a:9f:d2:97
Serial Number (int): 1492308520039878989898878930468070607540887
Serial Number lenght: 141 bits, 18 octets

SubjectKeyId: 46:00:35:6f:41:17:79:70:69:45:12:5e:60:2c:57:70:4d:52:7b:5c
AuthorityKeyId: 5d:46:b2:8d:c4:4b:74:1c:bb:ed:f5:73:b6:3a:b7:38:8f:75:9e:7e

Fingerprint (sha1): 56:22:07:ba:a8:c3:6d:11:94:65:49:d4:18:a0:f9:3e:39:a5:d6:6d
Fingerprint (sha256): 19:d3:da:c2:d5:33:d3:10:51:53:27:ab:3a:95:fc:ec:54:93:ad:bc:a1:10:80:f6:8d:60:b3:2b:ff:04:69:9b

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsorganizationvalg2.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsorganizationvalg2
CRL Distribution Point: http://crl.globalsign.com/gs/gsorganizationvalg2.crl

Check the revocation status for certificate www.shop.ekom21.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.shop.ekom21.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.shop.ekom21.de
shop.ekom21.de

Other certificates including the domain name ekom21.de

(limited to 100 certificates)
*.rwf-prod.intern.ekom21.de
memcg.ekom21.de
openwebfm-khr.intern.ekom21.de
*.ekom21.de
portal-civ-test.ekom21.de
domicil21-mz.intern.ekom21.de
nala.intern.ekom21.de
wkz.ekom21.de
wlan.ekom21.de
portal-civ-test.ekom21.de
ecm21.intern.ekom21.de
domicil21-mz.intern.ekom21.de
kis.intern.ekom21.de
webmail.ekom21.de
vvd.ekom21.de
hedocsv37.intern.ekom21.de
aqb.ekom21.de
oos.ekom21.de
owi21togo.intern.ekom21.de
adt.ekom21.de
loga-bd-prod-lai.intern.ekom21.de
*.rwf-qs.intern.ekom21.de
civ-hel.intern.ekom21.de
webkita-zelv-qs.ekom21.de
*.ekom21.de
civ-demo.ekom21.de
pushint.avisca.ekom21.de
bpm21-test.intern.ekom21.de
secure.ekom21.de
votemanager-hessen.ekom21.de
efinanz-oze-qs.ekom21.de
efinanz.intern.ekom21.de
www.ekom21.de
curalit21.intern.ekom21.de
openwebfm-kwf-qs.intern.ekom21.de
portal-cor.ekom21.de
hcme01.intern.ekom21.de
kis.intern.ekom21.de
vois-ekom21.intern.ekom21.de
portal-civ-qs.ekom21.de
stellen.ekom21.de
xewo21-webservice.intern.ekom21.de
gewerbe.ekom21.de
ecm21-qs.intern.ekom21.de
ema21-webservice.intern.ekom21.de
hcmc01.intern.ekom21.de
*.ekom21.de
fe21.intern.ekom21.de
gnhdbv3.ekom21.de
dms21-kil.intern.ekom21.de
adt.ekom21.de
www.shop.ekom21.de
rim.ekom21.de
bpm21.intern.ekom21.de
adt21qs.intern.ekom21.de
www.shop.ekom21.de
domicil21.intern.ekom21.de
ozg.ekom21.de
zeit21.ekom21.de
domicil21-mz-qs.intern.ekom21.de
portal-civ-hel-qs.ekom21.de
citrix.lwv.ekom21.de
esina21.intern.ekom21.de
fe21.intern.ekom21.de
civ-hzd-qs.intern.ekom21.de
portal-civ-hel-qs.ekom21.de
kundenzufriedenheit-itops.ekom21.de
webkita.ekom21.de
zema21.intern.ekom21.de
teamsites.ekom21.de
prm21-qs.intern.ekom21.de
antragsportal-fm.ekom21.de
migewa.ekom21.de
fe21reports.intern.ekom21.de
zaehlerportal-civ.ekom21.de
owi21oa.ekom21.de
kai2web.intern.ekom21.de
loga-bd-prod.intern.ekom21.de
fernwartung.ekom21.de
owi21oa.ekom21.de
kis-dev.intern.ekom21.de
vois-spiegel.intern.ekom21.de
zema21.intern.ekom21.de
zeit21.ekom21.de
ebot-qs.ekom21.de
sozabis-anwtest.lwv.ekom21.de
portal-civ.ekom21.de
citrix21.ekom21.de
webmail.ekom21.de
tevis-qs.ekom21.de
dvdv-he.ekom21.de
zda.intern.ekom21.de
zeit21-qs.intern.ekom21.de
prm21.intern.ekom21.de
logaweb-pro9.intern.ekom21.de
civento21zm.intern.ekom21.de
*.ekom21.de
fe21-qs.intern.ekom21.de
owi21oatest.ekom21.de
owa.ekom21.de

Certificate

The complete raw certificate details for www.shop.ekom21.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISESGAJoA6/35Mh5Q+CzE6n9KXMA0GCSqGSIb3DQEBBQUA
MF0xCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTMwMQYD
VQQDEypHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gRzIw
HhcNMTIxMTMwMTY0NTA2WhcNMTYwMTA2MTAxMzU2WjCBjjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkhlc3NlbjEQMA4GA1UEBxMHR2llc3NlbjEWMBQGA1UECxMNSVQg
T3BlcmF0aW9uczEnMCUGA1UEChMeZWtvbTIxIC0gS0dSWiBIZXNzZW4gSy5kLm9l
LlIuMRswGQYDVQQDExJ3d3cuc2hvcC5la29tMjEuZGUwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDpYRJLRix8ziowry5c1h/ZDSBxjLfB64xqHl2FI/cr
TKs7bd791r5YCdYPj/3DCua6a8P/QACgUJScRIC8HxX/9psP+/Jw5O6tw18sU5iy
vT8bYx5CJiDWHWab/zLdQjGOfj3V+p6u9K50dhVJMMPV3f3vBrQfdjSHVsS2m9mW
A+JCoE2ALiz8BqYKj+DCZPaymk/c+yxotJ/qKHu1Y61J6z33LtnpsFs+7NMCbUSQ
SPHXt6ruGiar6gskQl3Qdh84uru11a/6X4mUEwicKWesP8BUOgIuo7RwXqwKaTa4
/gjfR3m7LL2bR5U4s5+z6wa2HJ2Mf1ICyZx1WKmoJR0VAgMBAAGjggHbMIIB1zAO
BgNVHQ8BAf8EBAMCBaAwTAYDVR0gBEUwQzBBBgkrBgEEAaAyARQwNDAyBggrBgEF
BQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wLQYD
VR0RBCYwJIISd3d3LnNob3AuZWtvbTIxLmRlgg5zaG9wLmVrb20yMS5kZTAJBgNV
HRMEAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBFBgNVHR8EPjA8
MDqgOKA2hjRodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzL2dzb3JnYW5pemF0
aW9udmFsZzIuY3JsMIGWBggrBgEFBQcBAQSBiTCBhjBHBggrBgEFBQcwAoY7aHR0
cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvZ3Nvcmdhbml6YXRpb252
YWxnMi5jcnQwOwYIKwYBBQUHMAGGL2h0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNv
bS9nc29yZ2FuaXphdGlvbnZhbGcyMB0GA1UdDgQWBBRGADVvQRd5cGlFEl5gLFdw
TVJ7XDAfBgNVHSMEGDAWgBRdRrKNxEt0HLvt9XO2Orc4j3WefjANBgkqhkiG9w0B
AQUFAAOCAQEAGVXoNZbZQKQS4ZbZc840clRHbBIUL9dWEebcSD4KV1CdHPylkQVu
kAgpaLRBoOhnU0vrlJlFyB2lheDG7//V1vc6US2F+/i1f+ZYJiRyw4awAkk1TIsc
+nAQLANGPRrILID190i5Y8iGVganUChwMDk4CjB2b6ZR3cowoT9AosIc2WHKGOSr
0NH/qgL8CUWK0a7c6E47rsoWlIXtlslQYrMtZ1WpQHfW2I8fKK8kJc2TyZ3ZoU8d
xHcPNl5GUUrXHBDL41jOUXySC8YGFMjq8OX05DAZ2oc2Sal3W3OycDv7kh/Pg4Y9
/a1z4bWq28nmzVxUcCg6zuVHKt65DGNgjQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6WESS0YsfM4qMK8uXNYf
2Q0gcYy3weuMah5dhSP3K0yrO23e/da+WAnWD4/9wwrmumvD/0AAoFCUnESAvB8V
//abD/vycOTurcNfLFOYsr0/G2MeQiYg1h1mm/8y3UIxjn491fqervSudHYVSTDD
1d397wa0H3Y0h1bEtpvZlgPiQqBNgC4s/AamCo/gwmT2sppP3PssaLSf6ih7tWOt
Ses99y7Z6bBbPuzTAm1EkEjx17eq7homq+oLJEJd0HYfOLq7tdWv+l+JlBMInCln
rD/AVDoCLqO0cF6sCmk2uP4I30d5uyy9m0eVOLOfs+sGthydjH9SAsmcdVipqCUd
FQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1492308520039878989898878930468070607540887
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Organization Validation CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-11-30 16:45:06 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-01-06 10:13:56 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hessen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Giessen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT Operations'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ekom21 - KGRZ Hessen K.d.oe.R.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.shop.ekom21.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29461392778610469457765135898117392968673106348861425010486314834790224992194884441662587953294919105539367429607495513249979589985897149540916940614308572953461183175395099282973241478619386828498763834631137541537891252932579851292754143146196067885647626000236190393328886038293896540291093550819387254751580107185584009863246928672291760632143929816731859328610602884312432323936174723885536249258527183912533850212404214642060872052432105073745781462172569805179412415864921191935611099427729009801345809654534001873067816200517270894140977391205075010611837802659895215418142333855922748571789359353056574381333
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.shop.ekom21.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.ekom21.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsorganizationvalg2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (137 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsorganizationvalg2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsorganizationvalg2'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4600356f411779706945125e602c57704d527b5c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5d46b28dc44b741cbbedf573b63ab7388f759e7e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001955e83596d940a412e196d973ce347254476c12142fd75611e6dc483e0a57509d1cfca591056e90082968b441a0e867534beb949945c81da585e0c6efffd5d6f73a512d85fbf8b57fe658262472c386b00249354c8b1cfa70102c03463d1ac82c80f5f748b963c8865606a75028703039380a30766fa651ddca30a13f40a2c21cd961ca18e4abd0d1ffaa02fc09458ad1aedce84e3baeca169485ed96c95062b32d6755a94077d6d88f1f28af2425cd93c99dd9a14f1dc4770f365e46514ad71c10cbe358ce517c920bc60614c8eaf0e5f4e43019da873649a9775b73b2703bfb921fcf83863dfdad73e1b5aadbc9e6cd5c5470283acee5472adeb90c63608d