vpn.berlin.thinkproject.com
Issued by Thawte TLS RSA CA G1
About this certificate
This digital certificate with serial number 07:d1:01:81:ca:69:7e:01:6d:3e:46:ca:fe:76:25:d7 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=vpn.berlin.thinkproject.com
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 07:d1:01:81:ca:69:7e:01:6d:3e:46:ca:fe:76:25:d7Serial Number (int): 10389816579414262315926129300303390167
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 30:79:e0:1b:63:74:1c:62:66:20:23:df:74:f0:df:c7:c2:0e:18:25
AuthorityKeyId: a5:8c:fe:32:cc:eb:0f:2c:d4:19:c6:08:b8:00:24:88:5d:c3:c5:b7
Fingerprint (sha1): f8:5f:59:db:f2:c3:07:5d:bc:38:2d:18:2d:1d:9f:39:79:e3:b2:40
Fingerprint (sha256): 29:9b:1f:fb:dc:75:68:ef:6b:cc:c4:5a:23:ce:3f:76:b4:5f:13:04:a5:26:bf:78:0b:b1:a9:cc:a3:9a:95:57
Issuing Certificate URL: http://cacerts.thawte.com/ThawteTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.thawte.comCRL Distribution Point: http://cdp.thawte.com/ThawteTLSRSACAG1.crl
Check the revocation status for certificate vpn.berlin.thinkproject.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for vpn.berlin.thinkproject.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
vpn.berlin.thinkproject.com
Other certificates including the domain name thinkproject.com
(limited to 100 certificates)
its-status.colby.edu
dns.sterda.com
*.thinkproject.com
lp.thinkproject.com
forticlient-status.forticloud.com
its-status.colby.edu
its-status.colby.edu
dns.sterda.com
its-status.colby.edu
its-status.colby.edu
forticlient-status.forticloud.com
status-internal-olmasvw6.thinkproject.com
*.testlab.thinkproject.com
status-internal-olmasvw6.thinkproject.com
dns.sterda.com
its-status.colby.edu
group.thinkproject.com
status-internal-olmasvw6.thinkproject.com
tp18.mediatack.info
forticlient-status.forticloud.com
its-status.colby.edu
its-status.colby.edu
its-status.colby.edu
forticlient-status.forticloud.com
status-internal-olmasvw6.thinkproject.com
*.service.thinkproject.com
forticlient-status.forticloud.com
*.hosting.thinkproject.com
its-status.colby.edu
sslvpn.thinkproject.com
tp18.mediatack.info
*.thinkproject.com
forticlient-status.forticloud.com
its-status.colby.edu
its-status.colby.edu
vpn.berlin.thinkproject.com
its-status.colby.edu
status-internal-olmasvw6.thinkproject.com
sslvpn.thinkproject.com
its-status.colby.edu
*.berlin.thinkproject.com
jumpa.thinkproject.com
its-status.colby.edu
sslvpn.thinkproject.com
its-status.colby.edu
status-internal-olmasvw6.thinkproject.com
*.thinkproject.com
its-status.colby.edu
dns.sterda.com
its-status.colby.edu
*.thinkproject.com
*.thinkproject.com
status-internal-olmasvw6.thinkproject.com
status-internal-olmasvw6.thinkproject.com
dns.sterda.com
status-internal-olmasvw6.thinkproject.com
*.hosting.thinkproject.com
status-internal-olmasvw6.thinkproject.com
*.thinkproject.com
its-status.colby.edu
status-internal-olmasvw6.thinkproject.com
its-status.colby.edu
its-status.colby.edu
its-status.colby.edu
service.thinkproject.com
its-status.colby.edu
dns.sterda.com
*.thinkproject.com
its-status.colby.edu
forticlient-status.forticloud.com
forticlient-status.forticloud.com
forticlient-status.forticloud.com
its-status.colby.edu
status-internal-olmasvw6.thinkproject.com
status-internal-olmasvw6.thinkproject.com
forticlient-status.forticloud.com
status-internal-olmasvw6.thinkproject.com
forticlient-status.forticloud.com
*.testlab.thinkproject.com
status-internal-olmasvw6.thinkproject.com
status-internal-olmasvw6.thinkproject.com
status-internal-olmasvw6.thinkproject.com
jumpb.thinkproject.com
its-status.colby.edu
group.thinkproject.com
forticlient-status.forticloud.com
its-status.colby.edu
thinkproject.com
status-internal-olmasvw6.thinkproject.com
forticlient-status.forticloud.com
its-status.colby.edu
its-status.colby.edu
its-status.colby.edu
status-internal-olmasvw6.thinkproject.com
its-status.colby.edu
its-status.colby.edu
its-status.colby.edu
status-internal-olmasvw6.thinkproject.com
its-status.colby.edu
dns.sterda.com
dns.sterda.com
*.thinkproject.com
lp.thinkproject.com
forticlient-status.forticloud.com
its-status.colby.edu
its-status.colby.edu
dns.sterda.com
its-status.colby.edu
its-status.colby.edu
forticlient-status.forticloud.com
status-internal-olmasvw6.thinkproject.com
*.testlab.thinkproject.com
status-internal-olmasvw6.thinkproject.com
dns.sterda.com
its-status.colby.edu
group.thinkproject.com
status-internal-olmasvw6.thinkproject.com
tp18.mediatack.info
forticlient-status.forticloud.com
its-status.colby.edu
its-status.colby.edu
its-status.colby.edu
forticlient-status.forticloud.com
status-internal-olmasvw6.thinkproject.com
*.service.thinkproject.com
forticlient-status.forticloud.com
*.hosting.thinkproject.com
its-status.colby.edu
sslvpn.thinkproject.com
tp18.mediatack.info
*.thinkproject.com
forticlient-status.forticloud.com
its-status.colby.edu
its-status.colby.edu
vpn.berlin.thinkproject.com
its-status.colby.edu
status-internal-olmasvw6.thinkproject.com
sslvpn.thinkproject.com
its-status.colby.edu
*.berlin.thinkproject.com
jumpa.thinkproject.com
its-status.colby.edu
sslvpn.thinkproject.com
its-status.colby.edu
status-internal-olmasvw6.thinkproject.com
*.thinkproject.com
its-status.colby.edu
dns.sterda.com
its-status.colby.edu
*.thinkproject.com
*.thinkproject.com
status-internal-olmasvw6.thinkproject.com
status-internal-olmasvw6.thinkproject.com
dns.sterda.com
status-internal-olmasvw6.thinkproject.com
*.hosting.thinkproject.com
status-internal-olmasvw6.thinkproject.com
*.thinkproject.com
its-status.colby.edu
status-internal-olmasvw6.thinkproject.com
its-status.colby.edu
its-status.colby.edu
its-status.colby.edu
service.thinkproject.com
its-status.colby.edu
dns.sterda.com
*.thinkproject.com
its-status.colby.edu
forticlient-status.forticloud.com
forticlient-status.forticloud.com
forticlient-status.forticloud.com
its-status.colby.edu
status-internal-olmasvw6.thinkproject.com
status-internal-olmasvw6.thinkproject.com
forticlient-status.forticloud.com
status-internal-olmasvw6.thinkproject.com
forticlient-status.forticloud.com
*.testlab.thinkproject.com
status-internal-olmasvw6.thinkproject.com
status-internal-olmasvw6.thinkproject.com
status-internal-olmasvw6.thinkproject.com
jumpb.thinkproject.com
its-status.colby.edu
group.thinkproject.com
forticlient-status.forticloud.com
its-status.colby.edu
thinkproject.com
status-internal-olmasvw6.thinkproject.com
forticlient-status.forticloud.com
its-status.colby.edu
its-status.colby.edu
its-status.colby.edu
status-internal-olmasvw6.thinkproject.com
its-status.colby.edu
its-status.colby.edu
its-status.colby.edu
status-internal-olmasvw6.thinkproject.com
its-status.colby.edu
dns.sterda.com
Certificate
The complete raw certificate details for vpn.berlin.thinkproject.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEyDCCA7CgAwIBAgIQB9EBgcppfgFtPkbK/nYl1zANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRUaGF3dGUgVExTIFJTQSBDQSBHMTAe Fw0xOTA1MDMwMDAwMDBaFw0yMTA1MDIxMjAwMDBaMCYxJDAiBgNVBAMTG3Zwbi5i ZXJsaW4udGhpbmtwcm9qZWN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBALI7RW9h1NJmq1yzmEuRAJIDWZZGM8/tKOtPETT63qREHbI/OP2MvTGw uDdZv7W7A2ZTGoUM3I6hryYmBY4BlQhJbj+EYcHgpnlWbIA9F1oOBYL7G9sWBgEq ajMIDVXI5B1B6nOQljWqwWYQmOAQUNMHOJSnCEI6aybJG5YNnaqWYGzy8JizuhzD Gt23+r9RulyrT2H6khVKaKMQ7rXlqlvrG5oiijpHi/05yLPyGMqdbIE/jQILq//y qMIEXFfZB3dCa/sIR9lf2TULMOiC60vUqsIBn6Dc898e0SOqcrDq0qGGC9NXL1cf Jn8tfWdx/rCiaNKE2sosWXqvlke1y/MCAwEAAaOCAbgwggG0MB8GA1UdIwQYMBaA FKWM/jLM6w8s1BnGCLgAJIhdw8W3MB0GA1UdDgQWBBQweeAbY3QcYmYgI9908N/H wg4YJTAmBgNVHREEHzAdght2cG4uYmVybGluLnRoaW5rcHJvamVjdC5jb20wDgYD VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNV HR8ENDAyMDCgLqAshipodHRwOi8vY2RwLnRoYXd0ZS5jb20vVGhhd3RlVExTUlNB Q0FHMS5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQIwKjAoBggrBgEFBQcCARYc aHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgEwcAYIKwYBBQUH AQEEZDBiMCQGCCsGAQUFBzABhhhodHRwOi8vc3RhdHVzLnRoYXd0ZS5jb20wOgYI KwYBBQUHMAKGLmh0dHA6Ly9jYWNlcnRzLnRoYXd0ZS5jb20vVGhhd3RlVExTUlNB Q0FHMS5jcnQwCQYDVR0TBAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG 9w0BAQsFAAOCAQEAkCcUqjI3f4aXPLyUiwqV10s/QM8WIDQDfw+a6tHEgHsUoRRs u5/cu4NmwQ/GODP6qmGWg/WEkqchipZSjVD/qDYdfgznvnxyo81gIdkfdf/b1Hsq pJWJVUWl0vJbKj+8hspGoOFi1JA5UH5rexjpy6gVLGWAzXfsjJj+mNnKHJ+at9B1 rZ4g2CITBTGQcvzgYcNS73bQQkdyIW5m2WNoebL+i44NTp5nbSA8ILL2SensK3sJ gDXut/plysJgH+5gj6CyzoIV8Evepbui9Zgmut6Lkut5c4ASTXSDYQ+xRKBSMqFP g3TazO77cWaqEMgSiOZ3DCHxbnrUuBox/zna5w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjtFb2HU0marXLOYS5EA kgNZlkYzz+0o608RNPrepEQdsj84/Yy9MbC4N1m/tbsDZlMahQzcjqGvJiYFjgGV CEluP4RhweCmeVZsgD0XWg4Fgvsb2xYGASpqMwgNVcjkHUHqc5CWNarBZhCY4BBQ 0wc4lKcIQjprJskblg2dqpZgbPLwmLO6HMMa3bf6v1G6XKtPYfqSFUpooxDuteWq W+sbmiKKOkeL/TnIs/IYyp1sgT+NAgur//KowgRcV9kHd0Jr+whH2V/ZNQsw6ILr S9SqwgGfoNzz3x7RI6pysOrSoYYL01cvVx8mfy19Z3H+sKJo0oTayixZeq+WR7XL 8wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10389816579414262315926129300303390167 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-05-02 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'vpn.berlin.thinkproject.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22499646017201797827362881696486825052623638987842310220746179719963089198591184331301091626452553654114616784878545952779636317451074698597141495358129078250180133774948479541005743497070097162072912520139797548458243917368501105415340338869339659247391444066300438728798190083254178891763899092692821371856392757417180493462242343667103398835399007367175029794324482565280345855472273594397171078988794860818338347731645243792589021463520857121351954397967763126960674951483072230708110684747244690000483787136652011312688895218416947688980187379206667689826287230429544914755050159812255527147167031167936519064563 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a58cfe32cceb0f2cd419c608b80024885dc3c5b7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3079e01b63741c62662023df74f0dfc7c20e1825 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (31 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vpn.berlin.thinkproject.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00902714aa32377f86973cbc948b0a95d74b3f40cf162034037f0f9aead1c4807b14a1146cbb9fdcbb8366c10fc63833faaa619683f58492a7218a96528d50ffa8361d7e0ce7be7c72a3cd6021d91f75ffdbd47b2aa495895545a5d2f25b2a3fbc86ca46a0e162d49039507e6b7b18e9cba8152c6580cd77ec8c98fe98d9ca1c9f9ab7d075ad9e20d8221305319072fce061c352ef76d0424772216e66d9636879b2fe8b8e0d4e9e676d203c20b2f649e9ec2b7b098035eeb7fa65cac2601fee608fa0b2ce8215f04bdea5bba2f59826bade8b92eb797380124d7483610fb144a05232a14f8374dacceefb7166aa10c81288e6770c21f16e7ad4b81a31ff39dae7