mdmemail.bilfinger.net

- Bilfinger SE -

Issued by thawte SSL CA - G2

About this certificate

This digital certificate with serial number 70:c7:f8:69:d8:c9:89:31:91:fd:61:16:1b:fc:b6:cf was issued on by thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificates issued after 1 July 2016 but prior to 1 March 2018 MUST have a Validity Period no greater than 39 months. (BRs: 6.3.2)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Bilfinger SE

Organization: Bilfinger SE
Organization unit: IT
State / Province: Baden-Wuerttemberg
Locality: Mannheim
Country: DE

thawte, Inc.

Organization: thawte, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 70:c7:f8:69:d8:c9:89:31:91:fd:61:16:1b:fc:b6:cf
Serial Number (int): 149911841026390182165095904875372132047
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: c2:4f:48:57:fc:d1:4f:9a:c0:5d:38:7d:0e:05:db:d9:2e:b5:52:60

Fingerprint (sha1): 14:b7:c2:70:89:83:5c:97:07:b2:78:93:14:19:16:a6:e3:91:2d:1c
Fingerprint (sha256): 23:4b:23:4d:44:a4:7b:53:83:35:4a:2c:5a:58:9d:96:75:96:f5:4b:da:ea:00:b3:0f:9d:9e:68:3e:b7:47:a1

Issuing Certificate URL: http://tj.symcb.com/tj.crt

Revocation information

OCSP Server: http://tj.symcd.com
CRL Distribution Point: http://tj.symcb.com/tj.crl

Check the revocation status for certificate mdmemail.bilfinger.net

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mdmemail.bilfinger.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mdmemail.bilfinger.net

Other certificates including the domain name bilfinger.net

(limited to 100 certificates)
mdm.bilfinger.net
proarc.bilfinger.net
auth.bilfinger.net
standards.bilfinger.net
wms.bilfinger.net
sd-is-usa.bilfinger.net
mdmemailqa.bilfinger.net
*.spa.bilfinger.net
iscloud.bilfinger.net
filebox2.bilfinger.net
auth.bilfinger.net
vpn.evry.com
q14-cc.sap.bilfinger.net
csi-sts.bbps.bilfinger.net
whl.bilfinger.net
medialibrary.bilfinger.net
envicloud.bilfinger.net
filebox.bilfinger.net
knowledgetest.bilfinger.net
asp.bilfinger.net
sharepoint.bilfinger.net
wdsc14.sap.bilfinger.net
mdmqa.bilfinger.net
fscloud.bilfinger.net
ssrs-proxy.auth.bilfinger.net
mycitrix.bilfinger.net
login.bilfinger.net
fscloud.bilfinger.net
oos.bilfinger.net
i-doit.bilfinger.net
lync.bilfinger.net
bea.bilfinger.net
vpn.evry.com
bld.bilfinger.net
templogin.bilfinger.net
betriebsvereinbarung-informationssysteme.bilfinger.net
login.bilfinger.net
wdsp14.sap.bilfinger.net
mdmemail.bilfinger.net
storefrontqa.bilfinger.net
academy-elearning-test.bilfinger.net
di1-cc.sap.bilfinger.net
*.bilfinger.com
teams.bilfinger.net
bi.bilfinger.net
ssc-service-reporting.bilfinger.net
wdsq14.sap.bilfinger.net
jabis.bilfinger.net
fscloud.bilfinger.net
mycitrixqa.bilfinger.net
autodiscover.bilfinger.net
mclug.bilfinger.net
*.shield.bilfinger.net
mdm.bilfinger.net
di3-cc.sap.bilfinger.net
academy.bilfinger.net
edge.bilfinger.net
pmo.bilfinger.net
bsfm-ftp.bilfinger.net
csi-sts.bbps.bilfinger.net
*.bilfinger.com
medialibrary.bilfinger.net
*.cloudapps.bilfinger.net
applications.bilfinger.net
webapps.bilfinger.net
my.bilfinger.net
mdm.bilfinger.net
mdmqa.bilfinger.net
webapps.bilfinger.net
p14-cc.sap.bilfinger.net
academy-elearning.bilfinger.net
csi-sts.bb.bilfinger.net
academy.bilfinger.net
filebox2.bilfinger.net
*.nav.bilfinger.net
mycitrix.bilfinger.net
teams.bilfinger.net
find.bilfinger.net
csi-sts.bb.bilfinger.net
siem.bilfinger.net
mclut.bilfinger.net
*.cloudappsqa.bilfinger.net
academy-test.bilfinger.net
www.identify-fs.bilfinger.com
login.bilfinger.net
iscloud.bilfinger.net
csi-sts.bhr.bilfinger.net
envicloud.bilfinger.net
gtc.bilfinger.net
filebox2.bilfinger.net
gcp-apps.bilfinger.net
q17-cc.sap.bilfinger.net
puma.bilfinger.net
academy.bilfinger.net
nsg.bilfinger.net
i-doit-test.bilfinger.net
vpn.evry.com
filebox.bilfinger.net
*.gcp-apps.bilfinger.net
bmcloud.bilfinger.net

Certificate

The complete raw certificate details for mdmemail.bilfinger.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIQcMf4adjJiTGR/WEWG/y2zzANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTYxMjA4MDAwMDAwWhcNMjAwMzA4MjM1OTU5
WjCBgjELMAkGA1UEBhMCREUxGzAZBgNVBAgMEkJhZGVuLVd1ZXJ0dGVtYmVyZzER
MA8GA1UEBwwITWFubmhlaW0xFTATBgNVBAoMDEJpbGZpbmdlciBTRTELMAkGA1UE
CwwCSVQxHzAdBgNVBAMMFm1kbWVtYWlsLmJpbGZpbmdlci5uZXQwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOS/n9G3ASeLba/rP/CFIm9vgkaNXBGzN/
/NaCVjCjrEnqEMXEzSOatQFBDuRRnv5l4zyKqFRZifgtzazwMlROrcxoHZvtjtA3
YBFv0PVNRvqC88FAORaNWrlPumTgrw0gWIk0kumsHMyJoKp9VdTryKUwop+Qiq8P
k1ATk/qXCjCJKk5rqh00pD7M74FL8Q+VaV8/GCMRLb/oN/18wsqKSf9wwxAJom0j
QzmPVD0e9PvJJJ/HFYbEJvAOoMjwbNYukBhk0WwuZJBvdB7tzPZW3TJO36k5jsdj
2hn1b3pWIAL6v+VL9+mQeoBStnSMeKaLmCuVfDBAcRZhaVHYFlL7AgMBAAGjggGN
MIIBiTAhBgNVHREEGjAYghZtZG1lbWFpbC5iaWxmaW5nZXIubmV0MAkGA1UdEwQC
MAAwbgYDVR0gBGcwZTBjBgZngQwBAgIwWTAmBggrBgEFBQcCARYaaHR0cHM6Ly93
d3cudGhhd3RlLmNvbS9jcHMwLwYIKwYBBQUHAgIwIwwhaHR0cHM6Ly93d3cudGhh
d3RlLmNvbS9yZXBvc2l0b3J5MA4GA1UdDwEB/wQEAwIFoDAfBgNVHSMEGDAWgBTC
T0hX/NFPmsBdOH0OBdvZLrVSYDArBgNVHR8EJDAiMCCgHqAchhpodHRwOi8vdGou
c3ltY2IuY29tL3RqLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
VwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vdGouc3ltY2QuY29t
MCYGCCsGAQUFBzAChhpodHRwOi8vdGouc3ltY2IuY29tL3RqLmNydDATBgorBgEE
AdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsK3ogkiGNY3ZI/ajOTi4
Iw0I3Se5YKbnz3aV+xRnvjhMOsD+QCwXcxvdgIGNEkVbbh7VquQPwFO/aaEJMt1+
Gn/CdDlFgb2eNN4cn/b9h7o/l4D7yC7vjleaiTsp/W3pPeaRiN297Y7HSGc4q5cZ
RXLpTSpXj8BecbEbZGdr6dK7s7grAhPE1eX8Abm5X0MxyF7a4uAzUTQw1d0TeUz7
f/7LjopWNRZ/rFuHEvR17+iXtas4mSk/ZlON4c3Yr5VnXeQ7RfWu/Q9RC3aqLbEF
aR4CSqGHfts1yh6RkR5lAWwKsE7oup19XQjrgmOT2FaOeUpGAFMRXft1Wv2iQ9yM
UA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkv5/RtwEni22v6z/whS
Jvb4JGjVwRszf/zWglYwo6xJ6hDFxM0jmrUBQQ7kUZ7+ZeM8iqhUWYn4Lc2s8DJU
Tq3MaB2b7Y7QN2ARb9D1TUb6gvPBQDkWjVq5T7pk4K8NIFiJNJLprBzMiaCqfVXU
68ilMKKfkIqvD5NQE5P6lwowiSpOa6odNKQ+zO+BS/EPlWlfPxgjES2/6Df9fMLK
ikn/cMMQCaJtI0M5j1Q9HvT7ySSfxxWGxCbwDqDI8GzWLpAYZNFsLmSQb3Qe7cz2
Vt0yTt+pOY7HY9oZ9W96ViAC+r/lS/fpkHqAUrZ0jHimi5grlXwwQHEWYWlR2BZS
+wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 149911841026390182165095904875372132047
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte SSL CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-12-08 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-08 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Baden-Wuerttemberg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Mannheim'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bilfinger SE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'mdmemail.bilfinger.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26042556240566159643958388435016486402159096916941050497519989732823190834869290624944692176367894020323815016011940865403754676917787102562487899470257312735763872382200837119746405316002566711771787768997497648264639697076223200702220662491206119824155844670152731728561663629506867354555127849008602106177404930803968447978107846166813824775326032109205766282709869560110518714409507593420498848505164652730982706184321184754237999834461046949026962540564990730003836755199409059208165447006359657080611421594556953142777324182328412650277858998144433799751101164781432136693575430613645876628332283636822425621243
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mdmemail.bilfinger.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c24f4857fcd14f9ac05d387d0e05dbd92eb55260
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b0ade8824886358dd923f6a33938b8230d08dd27b960a6e7cf7695fb1467be384c3ac0fe402c17731bdd80818d12455b6e1ed5aae40fc053bf69a10932dd7e1a7fc274394581bd9e34de1c9ff6fd87ba3f9780fbc82eef8e579a893b29fd6de93de69188ddbded8ec7486738ab97194572e94d2a578fc05e71b11b64676be9d2bbb3b82b0213c4d5e5fc01b9b95f4331c85edae2e033513430d5dd13794cfb7ffecb8e8a5635167fac5b8712f475efe897b5ab3899293f66538de1cdd8af95675de43b45f5aefd0f510b76aa2db105691e024aa1877edb35ca1e91911e65016c0ab04ee8ba9d7d5d08eb826393d8568e794a460053115dfb755afda243dc8c50