aplinfo.apl.com

- CMA CGM -

Issued by Thawte RSA CA 2018

About this certificate

This digital certificate with serial number 07:02:c2:01:66:9e:f5:bd:ef:4f:68:6f:c1:94:fe:06 was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

CMA CGM

Organization: CMA CGM
Organization unit: CMA CGM
State / Province: Bouches-du-Rhone
Locality: Marseille
Country: FR

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 07:02:c2:01:66:9e:f5:bd:ef:4f:68:6f:c1:94:fe:06
Serial Number (int): 9318915462662393468653651516051488262
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 28:ac:23:a2:f9:da:0f:6c:40:4f:a6:32:a7:46:d1:4c:52:8f:b6:e0
AuthorityKeyId: a3:c8:5e:65:54:e5:30:78:c1:05:ea:07:0a:6a:59:cc:b9:fe:de:5a

Fingerprint (sha1): 1d:b0:77:3e:d3:ec:30:b1:33:ca:de:ac:f9:a0:7e:49:ae:62:1d:10
Fingerprint (sha256): 29:17:e1:02:33:ac:f0:75:ab:f7:5a:01:06:a3:f6:fd:a5:b9:5d:4d:08:b3:45:5c:bb:c2:cf:47:e2:15:9f:18

Issuing Certificate URL: http://cacerts.thawte.com/ThawteRSACA2018.crt

Revocation information

OCSP Server: http://status.thawte.com
CRL Distribution Point: http://cdp.thawte.com/ThawteRSACA2018.crl

Check the revocation status for certificate aplinfo.apl.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for aplinfo.apl.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

aplinfo.apl.com

Other certificates including the domain name apl.com

(limited to 100 certificates)
www.quantil.com
iap.apl.com
agentvpn.apl.com
*.apl.com
www.apl.com
gem.apl.com
webmail.apl.com
cma-cgm.com
survey.apl.com
www.quantil.com
www.quantil.com
usvpn.apl.com
sip-service.apl.com
survey.apl.com
lift.apl.com
sip-service.apl.com
officewebapps-external.apl.com
officewebapps-external.apl.com
lift.apl.com
tariff.apl.com
survey.apl.com
interchange-stg.apl.com
lyncpool01.d1.ad.apl.com
*.apl.com
sip-service.apl.com
homeport.apl.com
homeport.apl.com
aplinfo.apl.com
sgvpn2.apl.com
www.apl.com
voyage.apl.com
www.quantil.com
info.apl.com
homeport8.apl.com
snxncexpecl01.apac.apl.com
interchange-stg.apl.com
survey.apl.com
identity.apl.com
aplweb.apl.com
homeport.apl.com
mobile.apl.com
interchange-int.apl.com
www.apl.com
gem.apl.com
www.quantil.com
aplinfo.apl.com
www.quantil.com
apl.com
rbitgem.apl.com
apl.com
*.apl.com
interchange.apl.com
lift.apl.com
fson.apl.com
tariff.apl.com
voyage.apl.com
*.apl.com
webmail.apl.com
www.apl.com
homeport.apl.com
snxncexpecl01.apac.apl.com
*.apl.com
*.apl.com
www.apl.com
www.apl.com
lift.apl.com
ubusiness.apl.com
interchange.apl.com
homeport.apl.com
www.apl.com
homeport.apl.com
rbitgem.apl.com
www.apl.com
www.quantil.com
www.apl.com
www.apl.com
www.apl.com
officewebapps-external.apl.com
iap.apl.com
www.apl.com
officewebapps-internal.apl.com
webmail.apl.com
www.quantil.com
cma-cgm.com
www.apl.com
www.apl.com
cf-tariff.apl.com
sgvpn.apl.com
cma-cgm.com
aplinfo.apl.com
ocspool1.d1.ad.apl.com
homeport.apl.com
*.apl.com
fson.apl.com
homeport.apl.com
gccvat.apl.com
agentvpn.apl.com
webmail.apl.com
iam.apl.com
*.apl.com

Certificate

The complete raw certificate details for aplinfo.apl.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGeTCCBWGgAwIBAgIQBwLCAWae9b3vT2hvwZT+BjANBgkqhkiG9w0BAQsFADBc
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMRswGQYDVQQDExJUaGF3dGUgUlNBIENBIDIwMTgwHhcN
MTgwNzA5MDAwMDAwWhcNMjAwNzA4MTIwMDAwWjB6MQswCQYDVQQGEwJGUjEZMBcG
A1UECBMQQm91Y2hlcy1kdS1SaG9uZTESMBAGA1UEBxMJTWFyc2VpbGxlMRAwDgYD
VQQKEwdDTUEgQ0dNMRAwDgYDVQQLEwdDTUEgQ0dNMRgwFgYDVQQDEw9hcGxpbmZv
LmFwbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMZtIKctCk
KYp+5RqjfAX91VrLoasWPfRiiDwgYrjChmdlqt+ZEF1Febp7z9ztTbXMet/XIdsT
/AoQXHh9rrTn4sVV1m38S1MH2pX7QbAABAok9GY6dei5AQ89gV3ctFF7WGMUua/2
xGmw7QZSJNZyYYLn44QYWcEJH3xGktUPGMhKIPHASLUBKnOsDVa8PJGoT+0yJKlt
ao0JXeWGn/EzzqDLUbvcFugJ6BE+N5VNLlXuJ+9EFvqANqHvTH4B0+EF/IeEhxmi
klLPDArNKHKF5wvoqs08CCUy71BSyCPU+JHq7ochShCEGE/ICWLdLqYvkJdkx1kq
DIJCORYsOMmjAgMBAAGjggMXMIIDEzAfBgNVHSMEGDAWgBSjyF5lVOUweMEF6gcK
alnMuf7eWjAdBgNVHQ4EFgQUKKwjovnaD2xAT6Yyp0bRTFKPtuAwGgYDVR0RBBMw
EYIPYXBsaW5mby5hcGwuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NkcC50
aGF3dGUuY29tL1RoYXd0ZVJTQUNBMjAxOC5jcmwwTAYDVR0gBEUwQzA3BglghkgB
hv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQ
UzAIBgZngQwBAgIwbwYIKwYBBQUHAQEEYzBhMCQGCCsGAQUFBzABhhhodHRwOi8v
c3RhdHVzLnRoYXd0ZS5jb20wOQYIKwYBBQUHMAKGLWh0dHA6Ly9jYWNlcnRzLnRo
YXd0ZS5jb20vVGhhd3RlUlNBQ0EyMDE4LmNydDAJBgNVHRMEAjAAMIIBfgYKKwYB
BAHWeQIEAgSCAW4EggFqAWgAdwCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80O
yA3cEAAAAWR+CfbkAAAEAwBIMEYCIQCLRmnS73CUt8OxznqjEsnCB+xF/yit0ttY
1o+1lqB/zAIhAJ+5z48d0g6URavTeL9hD/w/clJyjaor1Egh15Gq0MTMAHUAh3W/
51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFkfgn3uQAABAMARjBEAiAl
g19NkAuFoMBnIQHf4qHNA9VGqsofm1WOhrnD+u+XBwIgEGhp7kfyyfftSO/3EfKN
uRqKUbesW1aSZRP3x22pi8EAdgDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJ
eqj9ywAAAWR+Cfe9AAAEAwBHMEUCIGjJJd7sOna9UZEt0H3PZM7IC9r6VqcUj4bJ
F2S5sMO6AiEA4exSxto4UmCmlyY+EDV/bcbo61YBmgbg9WFJ1ODqPG0wDQYJKoZI
hvcNAQELBQADggEBAANcdrkvk4xYVp5k8LW4o4PJE5d2fE+BbRg9i/SlylVvXy5x
qZ4aWUHIb/FcF5OAJGMAD3GziQpVCtOF6oLd5Yc7faMMouwlllnoMnHYGrq/7gvg
0O+YmVqvUBXKPnR5yjwgME7kSjoqdweHhK/pIMDpvgBPZDbLM7guGtbbJY7gh+Zk
WoPfAxRaDHEf1S61ekQJQQmJYVXVZ+Fb0+QPahihsyEIRQ3vVhpYfhqoO8RMKGW0
SdIg8ZptyFGSfrVHBeDF8W4WEoizd3zbxdlJ7oJBMSWPUmucBEflWzhErs/0Xib8
FXh0Y8exx5lVLeDoC/bjHJMhTDfr7PAED7MCf1A=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGbSCnLQpCmKfuUao3wF
/dVay6GrFj30Yog8IGK4woZnZarfmRBdRXm6e8/c7U21zHrf1yHbE/wKEFx4fa60
5+LFVdZt/EtTB9qV+0GwAAQKJPRmOnXouQEPPYFd3LRRe1hjFLmv9sRpsO0GUiTW
cmGC5+OEGFnBCR98RpLVDxjISiDxwEi1ASpzrA1WvDyRqE/tMiSpbWqNCV3lhp/x
M86gy1G73BboCegRPjeVTS5V7ifvRBb6gDah70x+AdPhBfyHhIcZopJSzwwKzShy
hecL6KrNPAglMu9QUsgj1PiR6u6HIUoQhBhPyAli3S6mL5CXZMdZKgyCQjkWLDjJ
owIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 9318915462662393468653651516051488262
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-09 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-07-08 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bouches-du-Rhone'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Marseille'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CMA CGM'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CMA CGM'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aplinfo.apl.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25803316877499513308304797093105124820765880033078328074602760870796754232971180421444932227644846666151499730503987292516311283290110263529892794524752784458553234051189912894445034962794122190346582923573899808304583379352609011208240119081538549873829263446824675377175935165522173994676569301488328658252571652865679051950157503991206793685997134205267308767740914271360343514174603560293863642739958365167429683791457047699443010531202269042569319089529145837884775314807271538527688153410523791020028001266795740770124883273773764027105603298974719266410030398803861345833342737970649494246930636146739470977443
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a3c85e6554e53078c105ea070a6a59ccb9fede5a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							28ac23a2f9da0f6c404fa632a746d14c528fb6e0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aplinfo.apl.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc10000001647e09f6e400000403004830460221008b4669d2ef7094b7c3b1ce7aa312c9c207ec45ff28add2db58d68fb596a07fcc0221009fb9cf8f1dd20e9445abd378bf610ffc3f7252728daa2bd44821d791aad0c4cc0075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f000001647e09f7b90000040300463044022025835f4d900b85a0c0672101dfe2a1cd03d546aaca1f9b558e86b9c3faef97070220106869ee47f2c9f7ed48eff711f28db91a8a51b7ac5b56926513f7c76da98bc1007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb000001647e09f7bd0000040300473045022068c925deec3a76bd51912dd07dcf64cec80bdafa56a7148f86c91764b9b0c3ba022100e1ec52c6da385260a697263e10357f6dc6e8eb56019a06e0f56149d4e0ea3c6d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00035c76b92f938c58569e64f0b5b8a383c91397767c4f816d183d8bf4a5ca556f5f2e71a99e1a5941c86ff15c1793802463000f71b3890a550ad385ea82dde5873b7da30ca2ec259659e83271d81ababfee0be0d0ef98995aaf5015ca3e7479ca3c20304ee44a3a2a77078784afe920c0e9be004f6436cb33b82e1ad6db258ee087e6645a83df03145a0c711fd52eb57a44094109896155d567e15bd3e40f6a18a1b32108450def561a587e1aa83bc44c2865b449d220f19a6dc851927eb54705e0c5f16e161288b3777cdbc5d949ee824131258f526b9c0447e55b3844aecff45e26fc15787463c7b1c799552de0e80bf6e31c93214c37ebecf0040fb3027f50