saagie.com
Issued by Gandi Standard SSL CA 2
About this certificate
This digital certificate with serial number ee:06:44:57:d6:c8:ee:b5:d1:b6:71:23:00:63:c6:f7 was issued on by Gandi.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage contains an inefficient encoding wherein the number of 'unused bits' is declared to be 5, but it should be 7. Raw Bytes: [3 2 5 128], Raw Binary: [00000011 00000010 00000101 10000000] RFC 5280 Section 4.2.1.3 describes the value of a KeyUsage to be a DER encoded BitString, which itself defines that all trailing 0 bits be counted as being "unused". (Where ITU-T Rec. X.680 | ISO/IEC 8824-1, 21.7, applies, the bitstring shall have all trailing 0 bits removed before it is encoded.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=saagie.com,OU=Domain Control Validated+OU=Gandi Standard SSL
Gandi
Organization:
Gandi
State / Province:
Paris
Locality: Paris
Country: FR
Locality: Paris
Country: FR
This certificate has expire since
Certificate Details
Serial Number (hex): ee:06:44:57:d6:c8:ee:b5:d1:b6:71:23:00:63:c6:f7Serial Number (int): 316388802941137078314349223229975152375
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 2e:34:1f:7a:70:a9:16:fa:33:49:e2:10:c7:c7:54:57:13:b1:d8:b7
AuthorityKeyId: b3:90:a7:d8:c9:af:4e:cd:61:3c:9f:7c:ad:5d:7f:41:fd:69:30:ea
Fingerprint (sha1): cb:d4:fd:16:58:4e:ee:69:0d:09:63:95:94:85:10:5e:ae:af:2f:bf
Fingerprint (sha256): 1e:60:50:16:88:ac:b9:49:a1:45:27:9b:38:76:49:5f:a2:05:74:c0:3d:a1:4a:c3:a3:98:96:89:50:e8:a0:5e
Issuing Certificate URL: http://crt.usertrust.com/GandiStandardSSLCA2.crt
Revocation information
OCSP Server: http://ocsp.usertrust.comCRL Distribution Point: http://crl.usertrust.com/GandiStandardSSLCA2.crl
Check the revocation status for certificate saagie.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for saagie.com
Public Key Algorithm
ECDSA
Key Size
256
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
saagie.com
Other certificates including the domain name saagie.com
(limited to 100 certificates)
777bpce76.saagie.com
777bpce76.saagie.com
edp.status.cheetahces.com
www.saagie.com
bp1054598.saagie.com
bp890869.saagie.com
cloud-marketplace.status.broadcom.com
7.fail
bp1054598.saagie.com
bp1054598.saagie.com
saagie.com
dlpcloud.status.symantec.com
777bpce76.saagie.com
bp890869.saagie.com
app-status.cloudsign.jp
publiccloudovhbouyguesdtp.saagie.com
7.fail
777bpce76.saagie.com
hello.mcvserverlab.com
bp1054598.saagie.com
cloud-marketplace.status.broadcom.com
cloud-marketplace.status.broadcom.com
777bpce76.saagie.com
777bpce76.saagie.com
bp1054598.saagie.com
777bpce76.saagie.com
publiccloudovhbouyguesdtp.saagie.com
7.fail
777bpce76.saagie.com
app-status.cloudsign.jp
bp1054598.saagie.com
bp1054598.saagie.com
dlpcloud.status.symantec.com
dlpcloud.status.symantec.com
777bpce76.saagie.com
777bpce76.saagie.com
bp1054598.saagie.com
bp890869.saagie.com
bp1054598.saagie.com
bp1054598.saagie.com
bp1054598.saagie.com
ara.status.marketplace.syncier.com
hello.mcvserverlab.com
777bpce76.saagie.com
bp890869.saagie.com
publiccloudovhbouyguesdtp.saagie.com
bp890869.saagie.com
odxstatus.mambu.com
777bpce76.saagie.com
777bpce76.saagie.com
publiccloudovhbouyguesdtp.saagie.com
bp890869.saagie.com
7.fail
777bpce76.saagie.com
odxstatus.mambu.com
bp1054598.saagie.com
dew23ru98r2949283r9d.profitbricks.de
bp890869.saagie.com
cloud-marketplace.status.broadcom.com
777bpce76.saagie.com
bp890869.saagie.com
bp890869.saagie.com
bp1054598.saagie.com
saagie.com
hello.mcvserverlab.com
bp1054598.saagie.com
bp1054598.saagie.com
bp1054598.saagie.com
bp890869.saagie.com
7.fail
dlpcloud.status.symantec.com
dew23ru98r2949283r9d.profitbricks.de
bankjagostatus.mambu.com
777bpce76.saagie.com
cloud-marketplace.status.broadcom.com
dew23ru98r2949283r9d.profitbricks.de
publiccloudovhbouyguesdtp.saagie.com
dlpcloud.status.symantec.com
bp890869.saagie.com
777bpce76.saagie.com
bp890869.saagie.com
app-status.cloudsign.jp
bp890869.saagie.com
777bpce76.saagie.com
dew23ru98r2949283r9d.profitbricks.de
7.fail
blog.saagie.com
7.fail
publiccloudovhbouyguesdtp.saagie.com
odxstatus.mambu.com
bp1054598.saagie.com
bp1054598.saagie.com
bp890869.saagie.com
bp890869.saagie.com
777bpce76.saagie.com
bp1054598.saagie.com
cloud-marketplace.status.broadcom.com
publiccloudovhbouyguesdtp.saagie.com
edp.status.cheetahces.com
dlpcloud.status.symantec.com
777bpce76.saagie.com
edp.status.cheetahces.com
www.saagie.com
bp1054598.saagie.com
bp890869.saagie.com
cloud-marketplace.status.broadcom.com
7.fail
bp1054598.saagie.com
bp1054598.saagie.com
saagie.com
dlpcloud.status.symantec.com
777bpce76.saagie.com
bp890869.saagie.com
app-status.cloudsign.jp
publiccloudovhbouyguesdtp.saagie.com
7.fail
777bpce76.saagie.com
hello.mcvserverlab.com
bp1054598.saagie.com
cloud-marketplace.status.broadcom.com
cloud-marketplace.status.broadcom.com
777bpce76.saagie.com
777bpce76.saagie.com
bp1054598.saagie.com
777bpce76.saagie.com
publiccloudovhbouyguesdtp.saagie.com
7.fail
777bpce76.saagie.com
app-status.cloudsign.jp
bp1054598.saagie.com
bp1054598.saagie.com
dlpcloud.status.symantec.com
dlpcloud.status.symantec.com
777bpce76.saagie.com
777bpce76.saagie.com
bp1054598.saagie.com
bp890869.saagie.com
bp1054598.saagie.com
bp1054598.saagie.com
bp1054598.saagie.com
ara.status.marketplace.syncier.com
hello.mcvserverlab.com
777bpce76.saagie.com
bp890869.saagie.com
publiccloudovhbouyguesdtp.saagie.com
bp890869.saagie.com
odxstatus.mambu.com
777bpce76.saagie.com
777bpce76.saagie.com
publiccloudovhbouyguesdtp.saagie.com
bp890869.saagie.com
7.fail
777bpce76.saagie.com
odxstatus.mambu.com
bp1054598.saagie.com
dew23ru98r2949283r9d.profitbricks.de
bp890869.saagie.com
cloud-marketplace.status.broadcom.com
777bpce76.saagie.com
bp890869.saagie.com
bp890869.saagie.com
bp1054598.saagie.com
saagie.com
hello.mcvserverlab.com
bp1054598.saagie.com
bp1054598.saagie.com
bp1054598.saagie.com
bp890869.saagie.com
7.fail
dlpcloud.status.symantec.com
dew23ru98r2949283r9d.profitbricks.de
bankjagostatus.mambu.com
777bpce76.saagie.com
cloud-marketplace.status.broadcom.com
dew23ru98r2949283r9d.profitbricks.de
publiccloudovhbouyguesdtp.saagie.com
dlpcloud.status.symantec.com
bp890869.saagie.com
777bpce76.saagie.com
bp890869.saagie.com
app-status.cloudsign.jp
bp890869.saagie.com
777bpce76.saagie.com
dew23ru98r2949283r9d.profitbricks.de
7.fail
blog.saagie.com
7.fail
publiccloudovhbouyguesdtp.saagie.com
odxstatus.mambu.com
bp1054598.saagie.com
bp1054598.saagie.com
bp890869.saagie.com
bp890869.saagie.com
777bpce76.saagie.com
bp1054598.saagie.com
cloud-marketplace.status.broadcom.com
publiccloudovhbouyguesdtp.saagie.com
edp.status.cheetahces.com
dlpcloud.status.symantec.com
Certificate
The complete raw certificate details for saagie.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgIRAO4GRFfWyO610bZxIwBjxvcwDQYJKoZIhvcNAQELBQAw XzELMAkGA1UEBhMCRlIxDjAMBgNVBAgTBVBhcmlzMQ4wDAYDVQQHEwVQYXJpczEO MAwGA1UEChMFR2FuZGkxIDAeBgNVBAMTF0dhbmRpIFN0YW5kYXJkIFNTTCBDQSAy MB4XDTE5MDgyOTAwMDAwMFoXDTIwMDgyOTIzNTk1OVowVTEhMB8GA1UECxMYRG9t YWluIENvbnRyb2wgVmFsaWRhdGVkMRswGQYDVQQLExJHYW5kaSBTdGFuZGFyZCBT U0wxEzARBgNVBAMTCnNhYWdpZS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC AAQ4ZxyP2GyOw/GXKp05BanRniG83FyUL7MJO9Ld/WWsuKLUld72oIAqbb3+5Jgn R7v72xM2L1ItI+BG/MKs4N1/o4ICpDCCAqAwHwYDVR0jBBgwFoAUs5Cn2MmvTs1h PJ98rV1/Qf1pMOowHQYDVR0OBBYEFC40H3pwqRb6M0niEMfHVFcTsdi3MA4GA1Ud DwEB/wQEAwIFgDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr BgEFBQcDAjBLBgNVHSAERDBCMDYGCysGAQQBsjEBAgIaMCcwJQYIKwYBBQUHAgEW GWh0dHBzOi8vY3BzLnVzZXJ0cnVzdC5jb20wCAYGZ4EMAQIBMEEGA1UdHwQ6MDgw NqA0oDKGMGh0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9HYW5kaVN0YW5kYXJkU1NM Q0EyLmNybDBzBggrBgEFBQcBAQRnMGUwPAYIKwYBBQUHMAKGMGh0dHA6Ly9jcnQu dXNlcnRydXN0LmNvbS9HYW5kaVN0YW5kYXJkU1NMQ0EyLmNydDAlBggrBgEFBQcw AYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAVBgNVHREEDjAMggpzYWFnaWUu Y29tMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUAsh4FzIuizYogTodm+Su5iiUg Z2va+nDnsklTLe+LkF4AAAFs3iSWuAAABAMARjBEAiAZUFCXfWmPlowrJ9slx3kz 9EKppU3fxYtD8rziwV0MggIgYn7BQdO/dDWqfs0XzVsUj3nm89WtVc5PiMMt1Xk8 ydEAdgBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAWzeJJbbAAAE AwBHMEUCIBIO94OaJUSVHeoFAzB3LHKFu1dMrpw2FyIXe45raovmAiEAtZIGfD2N R5IhEncQUSfYxUuVunyfizZIgrYgKcMhbvswDQYJKoZIhvcNAQELBQADggEBAHzZ k6IpB7OIh+ApDHFMcMIsD0TyLeCUPJO/ZdO2cEZ+skm8HR7ab2MymgzqNkUMqWto 9f36ik7JUa+ZIG8yn+cVI09VkuLieGcM1QYRvYjzC/55EmhEm6Y6LMTiArb1lonO i0BrIq2eF0Kfv7Ov7Z7j7quw0rSLWe8abQ5THcUG8O8InPK4t9p+Q4BcZEdzIlvB x52JkflvCC0dkEhPHKleOccuGyj64unkr6pj6AtVUMSXM2mA2PiMNdo1YJz7Ci7O jISBGqqQ3n1B+c7Jz27sBZOOavXFIPt2swH2rHWY3edSmt4BsN/dburOlgiktFyx oXFV0vBWSN+u7SyS3Fg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEOGccj9hsjsPxlyqdOQWp0Z4hvNxc lC+zCTvS3f1lrLii1JXe9qCAKm29/uSYJ0e7+9sTNi9SLSPgRvzCrODdfw== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 316388802941137078314349223229975152375 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Paris' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Paris' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi Standard SSL CA 2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-29 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-29 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi Standard SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'saagie.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey) . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1) . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits) 000438671c8fd86c8ec3f1972a9d3905a9d19e21bcdc5c942fb3093bd2ddfd65acb8a2d495def6a0802a6dbdfee4982747bbfbdb13362f522d23e046fcc2ace0dd7f . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b390a7d8c9af4ecd613c9f7cad5d7f41fd6930ea . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2e341f7a70a916fa3349e210c7c7545713b1d8b7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 0580 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.26 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/GandiStandardSSLCA2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/GandiStandardSSLCA2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'saagie.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016cde2496b800000403004630440220195050977d698f968c2b27db25c77933f442a9a54ddfc58b43f2bce2c15d0c820220627ec141d3bf7435aa7ecd17cd5b148f79e6f3d5ad55ce4f88c32dd5793cc9d10076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016cde2496db00000403004730450220120ef7839a2544951dea050330772c7285bb574cae9c361722177b8e6b6a8be6022100b592067c3d8d4792211277105127d8c54b95ba7c9f8b364882b62029c3216efb . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007cd993a22907b38887e0290c714c70c22c0f44f22de0943c93bf65d3b670467eb249bc1d1eda6f63329a0cea36450ca96b68f5fdfa8a4ec951af99206f329fe715234f5592e2e278670cd50611bd88f30bfe791268449ba63a2cc4e202b6f59689ce8b406b22ad9e17429fbfb3afed9ee3eeabb0d2b48b59ef1a6d0e531dc506f0ef089cf2b8b7da7e43805c644773225bc1c79d8991f96f082d1d90484f1ca95e39c72e1b28fae2e9e4afaa63e80b5550c497336980d8f88c35da35609cfb0a2ece8c84811aaa90de7d41f9cec9cf6eec05938e6af5c520fb76b301f6ac7598dde7529ade01b0dfdd6eeace9608a4b45cb1a17155d2f05648dfaeed2c92dc58