www.toulouse-pyrenees.veoliaeau.fr

- VEOLIA ENVIRONNEMENT -

Issued by thawte SSL CA - G2

About this certificate

This digital certificate with serial number 15:27:c9:48:f6:fb:5d:7e:8b:30:dc:63:7d:5e:34:0e was issued on by thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

VEOLIA ENVIRONNEMENT

Organization: VEOLIA ENVIRONNEMENT
Organization unit: VEOLIA ENVIRONNEMENT
State / Province: Paris
Locality: PARIS
Country: FR

thawte, Inc.

Organization: thawte, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 15:27:c9:48:f6:fb:5d:7e:8b:30:dc:63:7d:5e:34:0e
Serial Number (int): 28120370034161320932456735438972793870
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: c2:4f:48:57:fc:d1:4f:9a:c0:5d:38:7d:0e:05:db:d9:2e:b5:52:60

Fingerprint (sha1): fd:76:d3:30:cf:83:cd:31:bd:3f:ce:c0:67:fe:18:96:c6:eb:90:55
Fingerprint (sha256): 1c:69:75:a0:e3:b3:cb:7a:14:0e:00:d9:97:d6:d2:65:44:08:f6:0f:9a:d2:7f:a8:a5:18:7b:65:71:2e:43:68

Issuing Certificate URL: http://tj.symcb.com/tj.crt

Revocation information

OCSP Server: http://tj.symcd.com
CRL Distribution Point: http://tj.symcb.com/tj.crl

Check the revocation status for certificate www.toulouse-pyrenees.veoliaeau.fr

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.toulouse-pyrenees.veoliaeau.fr

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.toulouse-pyrenees.veoliaeau.fr

Other certificates including the domain name veoliaeau.fr

(limited to 100 certificates)
www.service-client.veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
www.service-client.veoliaeau.fr
veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
extranet.veoliaeau.fr
extranet.veoliaeau.fr
pp.service-client.veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr
veoliaeau.fr
extranet.veoliaeau.fr
www.service-client.veoliaeau.fr
www.service-client.veoliaeau.fr
www.service-client.veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
veoliaeau.fr
veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
www.canalo.veoliaeau.fr
extranet.veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
www.canalo.veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
extranet.veoliaeau.fr
extranet.veoliaeau.fr
www.service-client.veoliaeau.fr
www.service-client.veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr

Certificate

The complete raw certificate details for www.toulouse-pyrenees.veoliaeau.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgIQFSfJSPb7XX6LMNxjfV40DjANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTcwNzI1MDAwMDAwWhcNMTgwOTIzMjM1OTU5
WjCBmDELMAkGA1UEBhMCRlIxDjAMBgNVBAgMBVBhcmlzMQ4wDAYDVQQHDAVQQVJJ
UzEdMBsGA1UECgwUVkVPTElBIEVOVklST05ORU1FTlQxHTAbBgNVBAsMFFZFT0xJ
QSBFTlZJUk9OTkVNRU5UMSswKQYDVQQDDCJ3d3cudG91bG91c2UtcHlyZW5lZXMu
dmVvbGlhZWF1LmZyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrga
w/ScOgsOhld+dgSLU9VRra14spdRjmUUdpGcXXZok8ui6gtPTQ60KNl5lyn0AgTf
ivgiLIyL7tEd2aLeUlD7zVHePtMb1rp2nI4kbIJ+c/0Bf+Roxu7K7GcJQvnV4YuW
z4PqWJ1cD6K9Fmg6hCHeS8vXVmqHEVSYK9rELN81O6cKgV3BSgFS6o0slKQfQxpd
tYn+RarVGCURHbiiNN93MfvYP+spYXNOHbfCM2RaHdfgAKBodh+QaPprM/pYnhJK
TDwyemV/v5rLuTgNdVJ1+vE5CFBg//JIygiwqSI45DcmVcceW0HkAfgfVWvg0V0N
cQK/ImAVmqMgarNPGQIDAQABo4ICjDCCAogwLQYDVR0RBCYwJIIid3d3LnRvdWxv
dXNlLXB5cmVuZWVzLnZlb2xpYWVhdS5mcjAJBgNVHRMEAjAAMG4GA1UdIARnMGUw
YwYGZ4EMAQICMFkwJgYIKwYBBQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20v
Y3BzMC8GCCsGAQUFBwICMCMMIWh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vcmVwb3Np
dG9yeTAOBgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUwk9IV/zRT5rAXTh9DgXb
2S61UmAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3RqLnN5bWNiLmNvbS90ai5j
cmwwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFcGCCsGAQUFBwEBBEsw
STAfBggrBgEFBQcwAYYTaHR0cDovL3RqLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYa
aHR0cDovL3RqLnN5bWNiLmNvbS90ai5jcnQwggEEBgorBgEEAdZ5AgQCBIH1BIHy
APAAdgDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+zAAAAV15h2AOAAAE
AwBHMEUCIQCBKiMS+zaL1K2uSIrgLXMda2EGc56A/UhOUWsorwi32gIgZtGuHYcF
Ehdus9shc+c/2BNYHHHux252sDmKqPil/ZYAdgCkuQmQtBhYFIe7E6LMZ3AKPDWY
BPkb37jjd80OyA3cEAAAAV15h2AaAAAEAwBHMEUCIDUcLgs7oG7vxh/1edqr5cqV
oTrMOI5cahjRCLmVNG+bAiEAulbdovRqX1TWJmf+RLbs17sD7zIgSEIrhqCgHOj5
4cEwDQYJKoZIhvcNAQELBQADggEBACSoxMZVTGow+DpEShN7PvsTINHJ43nNM/yt
4pASXbzRjz4saJHKx25jQDDPizz5MyBmQP2RVL3cZifdY5QDeypsocexoEnJ/m1O
JUDkzzE5JYz64S+6uygvzJaG0efReO6HTlt0U+lVPvec2Mc6ERzKB1rEB7H+9ckR
MZ537cNJkX6YeiJNpEAHY+LtIpI2nw1AvzJxYJ8uLoh3ysoQXQI4aWvfYqwSA629
AZXuC8lb8fl5O3i/BklgAi5n5Q5eLL4QOvvNaN35NdsEYqvexXCg5rKi32Stt4Gc
udwsoJhxVp5xSda2+kjjj7wiVlRWSSG/1bUpQM/m0ghBwEL/4Bw=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrgaw/ScOgsOhld+dgSL
U9VRra14spdRjmUUdpGcXXZok8ui6gtPTQ60KNl5lyn0AgTfivgiLIyL7tEd2aLe
UlD7zVHePtMb1rp2nI4kbIJ+c/0Bf+Roxu7K7GcJQvnV4YuWz4PqWJ1cD6K9Fmg6
hCHeS8vXVmqHEVSYK9rELN81O6cKgV3BSgFS6o0slKQfQxpdtYn+RarVGCURHbii
NN93MfvYP+spYXNOHbfCM2RaHdfgAKBodh+QaPprM/pYnhJKTDwyemV/v5rLuTgN
dVJ1+vE5CFBg//JIygiwqSI45DcmVcceW0HkAfgfVWvg0V0NcQK/ImAVmqMgarNP
GQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 28120370034161320932456735438972793870
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte SSL CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-07-25 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-23 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Paris'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'PARIS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'VEOLIA ENVIRONNEMENT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'VEOLIA ENVIRONNEMENT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.toulouse-pyrenees.veoliaeau.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25590922941619079266116932348753633303344699151442617806465517599966815371743098003870219048779285291076598372681662532673587069682397708186242586202143371273567752049579715538924041231251802010739995284696029140495960386725419128450063812834493171511255240342309012532711726755844401272085421326277391653266130626572726722877668849384017323325647941698375652693900436522311350029296877769137645822125045096555508504477912153757340829543457899765802070761523075743268813317773794548507384138479123172046684435686520690738743777745875619896073661071457388360478735920312274498576093729135604641223146549575256772923161
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.toulouse-pyrenees.veoliaeau.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c24f4857fcd14f9ac05d387d0e05dbd92eb55260
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015d7987600e0000040300473045022100812a2312fb368bd4adae488ae02d731d6b6106739e80fd484e516b28af08b7da022066d1ae1d870512176eb3db2173e73fd813581c71eec76e76b0398aa8f8a5fd96007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015d7987601a00000403004730450220351c2e0b3ba06eefc61ff579daabe5ca95a13acc388e5c6a18d108b995346f9b022100ba56dda2f46a5f54d62667fe44b6ecd7bb03ef322048422b86a0a01ce8f9e1c1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0024a8c4c6554c6a30f83a444a137b3efb1320d1c9e379cd33fcade290125dbcd18f3e2c6891cac76e634030cf8b3cf933206640fd9154bddc6627dd6394037b2a6ca1c7b1a049c9fe6d4e2540e4cf3139258cfae12fbabb282fcc9686d1e7d178ee874e5b7453e9553ef79cd8c73a111cca075ac407b1fef5c911319e77edc349917e987a224da4400763e2ed2292369f0d40bf3271609f2e2e8877caca105d0238696bdf62ac1203adbd0195ee0bc95bf1f9793b78bf064960022e67e50e5e2cbe103afbcd68ddf935db0462abdec570a0e6b2a2df64adb7819cb9dc2ca09871569e7149d6b6fa48e38fbc225654564921bfd5b52940cfe6d20841c042ffe01c