www.service-client.veoliaeau.fr

- VEOLIA ENVIRONNEMENT TECHNOLOGIES FRANCE -

Issued by Thawte SGC CA - G2

About this certificate

This digital certificate with serial number 26:c6:38:29:b7:c3:e8:ff:4f:bf:36:19:75:85:13:c5 was issued on by Thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Compliant certificates must not encode explicitTest as an IA5String (RFC 6818: 3)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Compliant certificates should use the utf8string encoding for explicitText (RFC 6818: 3)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
  • Subscriber Certificate: extKeyUsage values other than id-kp-serverAuth, id-kp-clientAuth, and id-kp-emailProtection SHOULD NOT be present. (BRs: 7.1.2.3)

VEOLIA ENVIRONNEMENT TECHNOLOGIES FRANCE

Organization: VEOLIA ENVIRONNEMENT TECHNOLOGIES FRANCE
State / Province: Val-de-Marne
Locality: SAINT MAURICE
Country: FR

Thawte, Inc.

Organization: Thawte, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 26:c6:38:29:b7:c3:e8:ff:4f:bf:36:19:75:85:13:c5
Serial Number (int): 51539877737981764249996424897062310853
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: 24:c0:c0:a4:49:3c:52:0b:12:d8:92:0c:51:d1:87:a7:4d:54:75:2c

Fingerprint (sha1): ad:1d:e8:f2:5e:23:11:42:9a:9a:a6:a3:c4:83:8d:a9:82:30:31:aa
Fingerprint (sha256): 25:91:3e:b0:2f:89:1a:95:45:1b:29:9f:f9:9c:29:0c:8f:a9:f2:04:e6:1a:bb:52:01:74:d9:bf:b4:7d:08:bc

Issuing Certificate URL: http://td.symcb.com/td.crt

Revocation information

OCSP Server: http://td.symcd.com
CRL Distribution Point: http://td.symcb.com/td.crl

Check the revocation status for certificate www.service-client.veoliaeau.fr

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.service-client.veoliaeau.fr

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication
Netscape Server-Gated Cryptography

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.service-client.veoliaeau.fr

Other certificates including the domain name veoliaeau.fr

(limited to 100 certificates)
www.service-client.veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
www.service-client.veoliaeau.fr
veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
extranet.veoliaeau.fr
extranet.veoliaeau.fr
pp.service-client.veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr
veoliaeau.fr
extranet.veoliaeau.fr
www.service-client.veoliaeau.fr
www.service-client.veoliaeau.fr
www.service-client.veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
veoliaeau.fr
veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
www.canalo.veoliaeau.fr
extranet.veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
www.canalo.veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
extranet.veoliaeau.fr
extranet.veoliaeau.fr
www.service-client.veoliaeau.fr
www.service-client.veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr

Certificate

The complete raw certificate details for www.service-client.veoliaeau.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgIQJsY4KbfD6P9PvzYZdYUTxTANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMRswGQYDVQQDExJU
aGF3dGUgU0dDIENBIC0gRzIwHhcNMTQwNzI5MDAwMDAwWhcNMTYwNzI4MjM1OTU5
WjCBmTELMAkGA1UEBhMCRlIxFTATBgNVBAgTDFZhbC1kZS1NYXJuZTEWMBQGA1UE
BxQNU0FJTlQgTUFVUklDRTExMC8GA1UEChQoVkVPTElBIEVOVklST05ORU1FTlQg
VEVDSE5PTE9HSUVTIEZSQU5DRTEoMCYGA1UEAxQfd3d3LnNlcnZpY2UtY2xpZW50
LnZlb2xpYWVhdS5mcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOYA
OXRyMbeE1NlGIuzKfq+KZHn9TILWWUkqgrhF8RkC3V92nWumtbaXF24ax7LZpKho
ds/JFio0mSaPHbR6P9ONfn+nB77g+unfavHIfpPKJOo4BOrR4y837S3hiDtO9oHm
VYQKSqpkwbRGzxrIRFfinKIdMcZzcV46R9RLsMUeCGj5XSeykkaSAm4+WpaQJSWc
xQ0IgFpo029+nQxtD5StktSNpprkY78Zb+7ftZstztr3TYbo4LXpZff5+ILa2pd4
KeM8HEq81d8D7Vtjq6LKd2peDBmjXd4kNto+txuCupP3emsrppvcd0ckPLF7DfcD
O+ZlRMH5TZvjjjcWiE8CAwEAAaOCAYMwggF/MCoGA1UdEQQjMCGCH3d3dy5zZXJ2
aWNlLWNsaWVudC52ZW9saWFlYXUuZnIwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMC
BaAwZQYDVR0gBF4wXDBaBgpghkgBhvhFAQc2MEwwIwYIKwYBBQUHAgEWF2h0dHBz
Oi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkWF2h0dHBzOi8vZC5zeW1j
Yi5jb20vcnBhMB8GA1UdIwQYMBaAFCTAwKRJPFILEtiSDFHRh6dNVHUsMCsGA1Ud
HwQkMCIwIKAeoByGGmh0dHA6Ly90ZC5zeW1jYi5jb20vdGQuY3JsMCgGA1UdJQQh
MB8GCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBMFcGCCsGAQUFBwEBBEsw
STAfBggrBgEFBQcwAYYTaHR0cDovL3RkLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYa
aHR0cDovL3RkLnN5bWNiLmNvbS90ZC5jcnQwDQYJKoZIhvcNAQELBQADggEBAGN/
Roscm75kpmsL6BEinzWNM+AbrMheCPs5AnLdc6QSFAPGqTe24hD8Oyu8Dq0PaUb0
slwA9U9auaEF6D1USm0p7dtNzCizAwH8yY5kQJBu+7oj8JgyoSEUQzwiOYwyFpLq
9VLdYrvKQzGRN/XVdXLSr+gAw+dYOoDRwV4/CTvyTlC2uFTbt4NriPTEYjDUEJl3
ePJAo2N/bRUiyAF7zvv1SBKwZu9gW4s486jG9AElbgGqMFc7N1/UQkipKc4JZ5wT
IA1ciPTNlDADFFTdqLSAQ0qSJB+ZRQjcXAVhOh/Wo3oS77l5XDR28dGFaEsxWUzu
DIedWHX9SQF+jNr664Y=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gA5dHIxt4TU2UYi7Mp+
r4pkef1MgtZZSSqCuEXxGQLdX3ada6a1tpcXbhrHstmkqGh2z8kWKjSZJo8dtHo/
041+f6cHvuD66d9q8ch+k8ok6jgE6tHjLzftLeGIO072geZVhApKqmTBtEbPGshE
V+Kcoh0xxnNxXjpH1EuwxR4IaPldJ7KSRpICbj5alpAlJZzFDQiAWmjTb36dDG0P
lK2S1I2mmuRjvxlv7t+1my3O2vdNhujgtell9/n4gtral3gp4zwcSrzV3wPtW2Or
osp3al4MGaNd3iQ22j63G4K6k/d6ayumm9x3RyQ8sXsN9wM75mVEwflNm+OONxaI
TwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 51539877737981764249996424897062310853
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte SGC CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-07-29 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-07-28 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Val-de-Marne'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'SAINT MAURICE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'VEOLIA ENVIRONNEMENT TECHNOLOGIES FRANCE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'www.service-client.veoliaeau.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29034920814268081361250188430566807222224320473239261034213053429873872544968418949956573441956282241760815365048645092362408255549950650807388139061481904960065328614315685921724614338732959813904469671996251105660540770598471410759215149047555138394455395192600107781298724504405624709402498783414479908186675444763822801759653482180674684989858680206853415107420251729134053950933428249122435815363085090741602964618227316320531808054146593306063371700026426373091835857745300391930867597314019453603968665659048942053220053553866554123465003262530444823902509268369779160845936533497886260634548903979117798918223
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (35 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.service-client.veoliaeau.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (94 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://d.symcb.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://d.symcb.com/rpa'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 24c0c0a4493c520b12d8920c51d187a74d54752c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://td.symcb.com/td.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113730.4.1 (serverGatedCrypto)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://td.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://td.symcb.com/td.crt'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00637f468b1c9bbe64a66b0be811229f358d33e01bacc85e08fb390272dd73a4121403c6a937b6e210fc3b2bbc0ead0f6946f4b25c00f54f5ab9a105e83d544a6d29eddb4dcc28b30301fcc98e6440906efbba23f09832a12114433c22398c321692eaf552dd62bbca43319137f5d57572d2afe800c3e7583a80d1c15e3f093bf24e50b6b854dbb7836b88f4c46230d410997778f240a3637f6d1522c8017bcefbf54812b066ef605b8b38f3a8c6f401256e01aa30573b375fd44248a929ce09679c13200d5c88f4cd9430031454dda8b480434a92241f994508dc5c05613a1fd6a37a12efb9795c3476f1d185684b31594cee0c879d5875fd49017e8cdafaeb86