shop.nivea.de
Issued by Thawte DV SSL CA
About this certificate
This digital certificate with serial number 2a:26:42:34:bf:e8:01:d0:cf:ad:40:e3:70:67:3c:83 was issued on by Thawte, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=shop.nivea.de,OU=Go to https://www.thawte.com/repository/index.html+OU=Thawte SSL123 certificate+OU=Domain Validated
Thawte, Inc.
Organization:
Thawte, Inc.
Organization unit: Domain Validated SSL
Organization unit: Domain Validated SSL
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 2a:26:42:34:bf:e8:01:d0:cf:ad:40:e3:70:67:3c:83Serial Number (int): 56026225921881198104119031553761688707
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: ab:44:e4:5d:ec:83:c7:d9:c0:85:9f:f7:e1:c6:97:90:b0:8c:3f:98
Fingerprint (sha1): 5d:53:7e:af:c5:09:b0:c0:e4:b8:1b:5b:63:98:2b:58:3f:8e:48:65
Fingerprint (sha256): 1d:19:31:a4:74:58:22:da:ee:40:5b:55:a5:0f:02:fd:40:51:89:b0:b6:b8:ce:30:77:e7:cc:f2:ca:37:28:20
Issuing Certificate URL: http://svr-dv-aia.thawte.com/ThawteDV.cer
Revocation information
OCSP Server: http://ocsp.thawte.comCRL Distribution Point: http://svr-dv-crl.thawte.com/ThawteDV.crl
Check the revocation status for certificate shop.nivea.de
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for shop.nivea.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
shop.nivea.de
Other certificates including the domain name nivea.de
(limited to 100 certificates)
Beiersdorf Aktiengesellschaft
chiosco.flp.ch
www.glamitalia.com
autodiscover.epaper-poonen.neuer-bund-verlag.de
magazin.nivea.de
kiosk.citytipp.org
www.nivea.de
magazin.ferienmagazin-deutschland.de
nivea.de
chiosco.flp.ch
nivea.de
ref-ci-brands.nivea.de
dialog.nivea.de
webkiosk.die-bank.de
akamai-san204.exacttarget.com
magazine.arbeit-und-arbeitsrecht.de
www.nivea.de
dialog.nivea.de
nivea.de
www.nivea.de
brochures.hilliard.com
akamai-san204.exacttarget.com
az-cdn-test.nivea.de
epaper.chili-peppers.de
shop.nivea.de
kiosk.astrosofa.com
autodiscover.epaper-poonen.neuer-bund-verlag.de
fall-magazine.robinsonlightingandbath.com
publikationen.kmu.org
magazine.arbeit-und-arbeitsrecht.de
nivea.de
preview.nivea.de
magazine.arbeit-und-arbeitsrecht.de
kiosk.seniorenreisen.de
akamai-san204.exacttarget.com
neubau-projekte.vr-immoservice-mainfranken.de
magazin.ferienmagazin-deutschland.de
blaetterkatalog.andrees-angelreisen.de
dialog.nivea.de
www.nivea.de
www.nivea.de
www.podworko.nivea.pl
webkiosk.die-bank.de
fall-magazine.robinsonlightingandbath.com
www.nivea.de
www.sblaettle.at
ext14.nivea.de
ext14.nivea.de
social.nivea.de
www.nivea.de
www.nivea.de
akamai-san204.exacttarget.com
www.podworko.nivea.pl
m.nivea.de
kiosk.velototal.de
www.nivea.de
dialog.nivea.de
nivea.com.tr
cloud.newsletter.nivea.de
nivea.de
nivea.de
neubau-projekte.vr-immoservice-mainfranken.de
dialog.nivea.de
bhuat.nivea.de
kiosk.seniorenreisen.de
kiosk.flp.at
www.nivea.de
www.sblaettle.at
brochures.hilliard.com
chiosco.flp.ch
nivea.de
nivea.de
magazine.arbeit-und-arbeitsrecht.de
social.nivea.de
magazin.plusperfekt.de
brochures.hilliard.com
epaper.immobilienboerse-ag.ch
az.nivea.de
kiosk.seniorenreisen.de
nivea.de
nivea.de
Beiersdorf Aktiengesellschaft
kiosk.seniorenreisen.de
app-service.nivea.de
nivea.de
bhuat.nivea.de
webkiosk.die-bank.de
kiosk.flp.at
kiosk.flp.de
www.nivea.de
*.app-service.nivea.de
nivea.de
shop.nivea.de
www.podworko.nivea.pl
nivea.com.tr
brochures.hilliard.com
kiosk.flp.de
www.nivea.de
nivea.de
kiosk.flp.at
chiosco.flp.ch
www.glamitalia.com
autodiscover.epaper-poonen.neuer-bund-verlag.de
magazin.nivea.de
kiosk.citytipp.org
www.nivea.de
magazin.ferienmagazin-deutschland.de
nivea.de
chiosco.flp.ch
nivea.de
ref-ci-brands.nivea.de
dialog.nivea.de
webkiosk.die-bank.de
akamai-san204.exacttarget.com
magazine.arbeit-und-arbeitsrecht.de
www.nivea.de
dialog.nivea.de
nivea.de
www.nivea.de
brochures.hilliard.com
akamai-san204.exacttarget.com
az-cdn-test.nivea.de
epaper.chili-peppers.de
shop.nivea.de
kiosk.astrosofa.com
autodiscover.epaper-poonen.neuer-bund-verlag.de
fall-magazine.robinsonlightingandbath.com
publikationen.kmu.org
magazine.arbeit-und-arbeitsrecht.de
nivea.de
preview.nivea.de
magazine.arbeit-und-arbeitsrecht.de
kiosk.seniorenreisen.de
akamai-san204.exacttarget.com
neubau-projekte.vr-immoservice-mainfranken.de
magazin.ferienmagazin-deutschland.de
blaetterkatalog.andrees-angelreisen.de
dialog.nivea.de
www.nivea.de
www.nivea.de
www.podworko.nivea.pl
webkiosk.die-bank.de
fall-magazine.robinsonlightingandbath.com
www.nivea.de
www.sblaettle.at
ext14.nivea.de
ext14.nivea.de
social.nivea.de
www.nivea.de
www.nivea.de
akamai-san204.exacttarget.com
www.podworko.nivea.pl
m.nivea.de
kiosk.velototal.de
www.nivea.de
dialog.nivea.de
nivea.com.tr
cloud.newsletter.nivea.de
nivea.de
nivea.de
neubau-projekte.vr-immoservice-mainfranken.de
dialog.nivea.de
bhuat.nivea.de
kiosk.seniorenreisen.de
kiosk.flp.at
www.nivea.de
www.sblaettle.at
brochures.hilliard.com
chiosco.flp.ch
nivea.de
nivea.de
magazine.arbeit-und-arbeitsrecht.de
social.nivea.de
magazin.plusperfekt.de
brochures.hilliard.com
epaper.immobilienboerse-ag.ch
az.nivea.de
kiosk.seniorenreisen.de
nivea.de
nivea.de
Beiersdorf Aktiengesellschaft
kiosk.seniorenreisen.de
app-service.nivea.de
nivea.de
bhuat.nivea.de
webkiosk.die-bank.de
kiosk.flp.at
kiosk.flp.de
www.nivea.de
*.app-service.nivea.de
nivea.de
shop.nivea.de
www.podworko.nivea.pl
nivea.com.tr
brochures.hilliard.com
kiosk.flp.de
www.nivea.de
nivea.de
kiosk.flp.at
Certificate
The complete raw certificate details for shop.nivea.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE4jCCA8qgAwIBAgIQKiZCNL/oAdDPrUDjcGc8gzANBgkqhkiG9w0BAQUFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMR0wGwYDVQQLExRE b21haW4gVmFsaWRhdGVkIFNTTDEZMBcGA1UEAxMQVGhhd3RlIERWIFNTTCBDQTAe Fw0xMjExMjIwMDAwMDBaFw0xNTAxMjEyMzU5NTlaMIGUMTswOQYDVQQLEzJHbyB0 byBodHRwczovL3d3dy50aGF3dGUuY29tL3JlcG9zaXRvcnkvaW5kZXguaHRtbDEi MCAGA1UECxMZVGhhd3RlIFNTTDEyMyBjZXJ0aWZpY2F0ZTEZMBcGA1UECxMQRG9t YWluIFZhbGlkYXRlZDEWMBQGA1UEAxQNc2hvcC5uaXZlYS5kZTCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAM79jziB+o2A/tgVhYsj66t/HahFLk1MCX4P sVpUHZKreot9jk+NnE3TJSoiUvri4MuNpJVAjpd/b/xLfRH5e+iCbLR86Y1ne1IU ijzPvRXJyoi1rWQgqMOrOtM0pPaQXAIZ/wJ4jDBQyzsaeNAucfy+MAOXbH0vdef7 bDjEcgiBykU5+RWiLatdIO7nEGfG2LjSpIyv2yrmG4rgFCig0ryAH+4pt9apqCCU M542SRr446TWz9TWfiKCTS5BnwmZb0NEFXJYdmg1hR+oz69ZM5f8xlhpu1KaTcM/ 1Q+L9zvambaarpIJuaZevVh0PcCE0HLXP1tf1+FwTN0YG9R9UJcCAwEAAaOCAWMw ggFfMBgGA1UdEQQRMA+CDXNob3Aubml2ZWEuZGUwCQYDVR0TBAIwADA6BgNVHR8E MzAxMC+gLaArhilodHRwOi8vc3ZyLWR2LWNybC50aGF3dGUuY29tL1RoYXd0ZURW LmNybDBBBgNVHSAEOjA4MDYGCmCGSAGG+EUBBzYwKDAmBggrBgEFBQcCARYaaHR0 cHM6Ly93d3cudGhhd3RlLmNvbS9jcHMwHwYDVR0jBBgwFoAUq0TkXeyDx9nAhZ/3 4caXkLCMP5gwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr BgEFBQcDAjBpBggrBgEFBQcBAQRdMFswIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3Nw LnRoYXd0ZS5jb20wNQYIKwYBBQUHMAKGKWh0dHA6Ly9zdnItZHYtYWlhLnRoYXd0 ZS5jb20vVGhhd3RlRFYuY2VyMA0GCSqGSIb3DQEBBQUAA4IBAQAk6zqXkvl7YZHe kl71FZfxyQNkRw++PPvGjrw/thEyx0OccnqwFu6SoQ7jrNu7QXDuaSd5cqA4Bebn mas4Naiuw4JNSdeJdkKDmtkBHY6D8AEeJ36B7uJNJzojPkqBNc6cDC7KBb2ozNaI pFABx4L9MNrViPPvE5I8h6PSGdVg6AZY3w7/9hl+elqJVWnlEiWg/V9nqDvx+6dY OhZH4FfQcu9aYUybuIgSZ5MJl5ACmrX7qwpVmz5DIflSqPAG8+HLtsSNEQ6ALc7N hmenVj/2e3bGKR0+DUGOkB2airJvOFkf14fMShhSU+M+Wjz/1qKvsHxZDb2ziM5l RX7+8ZSm -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzv2POIH6jYD+2BWFiyPr q38dqEUuTUwJfg+xWlQdkqt6i32OT42cTdMlKiJS+uLgy42klUCOl39v/Et9Efl7 6IJstHzpjWd7UhSKPM+9FcnKiLWtZCCow6s60zSk9pBcAhn/AniMMFDLOxp40C5x /L4wA5dsfS915/tsOMRyCIHKRTn5FaItq10g7ucQZ8bYuNKkjK/bKuYbiuAUKKDS vIAf7im31qmoIJQznjZJGvjjpNbP1NZ+IoJNLkGfCZlvQ0QVclh2aDWFH6jPr1kz l/zGWGm7UppNwz/VD4v3O9qZtpqukgm5pl69WHQ9wITQctc/W1/X4XBM3Rgb1H1Q lwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 56026225921881198104119031553761688707 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte DV SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-11-22 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-01-21 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go to https://www.thawte.com/repository/index.html' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte SSL123 certificate' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'shop.nivea.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26130125650868362625944046617454986417196122963450803512801332843332642287036968262730482665274830448934046263045783206777339801518116625349847671065051067325883919890293397254564030772358669645931433404112590704601312255727259354905657220323171553831298944641369529790395151025289922702100857310464403464910580673897814953508090393867815599243691806388162972274931351193247717010551806630759613031865861399247831326245156762836709106097029791021580413915895053911659993457448444319388116228807721788634588979126902868304333213701680476130998146967505037757651815074926962943261767345328645237183730734280114928701591 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.nivea.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-dv-crl.thawte.com/ThawteDV.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ab44e45dec83c7d9c0859ff7e1c69790b08c3f98 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (93 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-dv-aia.thawte.com/ThawteDV.cer' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0024eb3a9792f97b6191de925ef51597f1c90364470fbe3cfbc68ebc3fb61132c7439c727ab016ee92a10ee3acdbbb4170ee69277972a03805e6e799ab3835a8aec3824d49d7897642839ad9011d8e83f0011e277e81eee24d273a233e4a8135ce9c0c2eca05bda8ccd688a45001c782fd30dad588f3ef13923c87a3d219d560e80658df0efff6197e7a5a895569e51225a0fd5f67a83bf1fba7583a1647e057d072ef5a614c9bb888126793099790029ab5fbab0a559b3e4321f952a8f006f3e1cbb6c48d110e802dcecd8667a7563ff67b76c6291d3e0d418e901d9a8ab26f38591fd787cc4a185253e33e5a3cffd6a2afb07c590dbdb388ce65457efef194a6