secure.fia.org

- Futures Industry Association -

Issued by thawte SSL CA - G2

About this certificate

This digital certificate with serial number 15:d3:13:ac:20:d3:8a:c5:3f:dd:22:75:c2:a8:ed:c4 was issued on by thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Futures Industry Association

Organization: Futures Industry Association
Organization unit: Communications
State / Province: District of Columbia
Locality: Washington
Country: US

thawte, Inc.

Organization: thawte, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 15:d3:13:ac:20:d3:8a:c5:3f:dd:22:75:c2:a8:ed:c4
Serial Number (int): 29009761551819762783210823848978607556
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: c2:4f:48:57:fc:d1:4f:9a:c0:5d:38:7d:0e:05:db:d9:2e:b5:52:60

Fingerprint (sha1): 19:9b:7e:66:be:4b:f8:ae:39:f1:4e:17:39:f2:01:b4:80:d0:c0:7c
Fingerprint (sha256): 2f:77:85:33:66:5d:b5:b9:57:d3:8f:66:8f:6c:19:e1:44:b9:88:db:48:e5:89:a8:11:fb:6e:89:28:55:ac:37

Issuing Certificate URL: http://tj.symcb.com/tj.crt

Revocation information

OCSP Server: http://tj.symcd.com
CRL Distribution Point: http://tj.symcb.com/tj.crl

Check the revocation status for certificate secure.fia.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for secure.fia.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

secure.fia.org

Other certificates including the domain name fia.org

(limited to 100 certificates)
it.uahs.arizona.edu
*.fia.org
fia.org
*.fia.org
hub.meed.com
good.gsm.cornell.edu
webmail.fia.org
club.kjzz.org
secure.fia.org
host2.openminds.com
local3599.com
dmist-standards.org
secure.fia.org
2fadmin.govdelivery.com
fia.org
agd.nebrwesleyan.edu
inside.gc.cuny.edu
fia.org
secure.fia.org
2fadmin.govdelivery.com
secure.fia.org
international.dev.oceana.org
dg-0035-c25fe2a.client-tls.adestra.com
dmist-standards.org
sters.us
cloudapp-eu.appcelerator.com
fia.org
secure.fia.org
intranet.olivecrest.org
dmist-standards.org
cms.legacy.com
fia.org
fia.org
d7.cmc.edu
agenslotgacor.gsm.cornell.edu
info-dev.calperformances.org
internal.gcir.org
5732322821275648-fe4.pantheonsite.io
webmail.fia.org
dmist-standards.org
d7.cmc.edu
cetys.udesa.edu.ar
online.fia.org
international.research.ucsb.edu
cetys.udesa.edu.ar
dmist-standards.org
csc.arizona.edu
csc.arizona.edu
international.research.ucsb.edu
agd.nebrwesleyan.edu
dmist-standards.org
secure.fia.org
csc.arizona.edu
international.dev.oceana.org
webmail.fia.org
fia.org
international.dev.oceana.org
coins.rutgers.edu
ipv6.earthjustice.org
design-engineering.princeton.edu
cetys.udesa.edu.ar
gws-uat.earthjustice.org
access.fia.org
2fadmin.govdelivery.com
agd.nebrwesleyan.edu
host2.cenmi.org
fia.org
fia.org
connect.iadb.org
d7store.juilliard.edu
international.dev.oceana.org
info.vcfa.edu
5732322821275648-fe4.pantheonsite.io
2fadmin.govdelivery.com
5643172898144256-fe4.pantheonsite.io
cmmb-portal.cmmb.org
info-dev.calperformances.org
internetcouncil.nacha.org
international.dev.oceana.org
access.fia.org
connect.iadb.org
fia.org
international.dev.oceana.org
covid.usmle.org
csc.arizona.edu
fia.org
infonet.fia.org
cloudapp.appcelerator.com
webhost1.fia.org
*.fia.org
covid.usmle.org
autodiscover.fia.org
fia.org
5732322821275648-fe4.pantheonsite.io
httpbin.earthjustice.org
internal.gcir.org
dg-0035-c25fe2a.client-tls.adestra.com
fia.org
csc.arizona.edu
agenslotgacor.gsm.cornell.edu

Certificate

The complete raw certificate details for secure.fia.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgIQFdMTrCDTisU/3SJ1wqjtxDANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTUxMDE1MDAwMDAwWhcNMTUxMjIzMjM1OTU5
WjCBmjELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlh
MRMwEQYDVQQHDApXYXNoaW5ndG9uMSUwIwYDVQQKDBxGdXR1cmVzIEluZHVzdHJ5
IEFzc29jaWF0aW9uMRcwFQYDVQQLDA5Db21tdW5pY2F0aW9uczEXMBUGA1UEAwwO
c2VjdXJlLmZpYS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW
2r/+oKHo26dCTl2B7pI7hft5GqyNjvhrdOwYSvVKv5a9awN3kXb5qztgCsnWq1as
TDynKdCRzLkgW8mStmt9NmL1waHg0+EA4Lu7wxY6BVbCAjJB6sWUw6IE0QmH9ChO
teWP6t70orbCmL2ISiAJGDJ69Ibb29zUbm25S7aCw1asvZsg01GnS6viJRXMjbOx
U4Q0XQt8RaMiuOoyxsvNOvzBr+cnGAHwAgNlF2xMitPXw1YBa4GBfxVrx57vnRya
EQELSbZPRznNyPw6BW+GxdpJTRsGDVZgs4Y9UbjiwMjwvO3qv0Z5ficJPWtqiULx
vwuvzmp62p+Y493qmuSdAgMBAAGjggFwMIIBbDAZBgNVHREEEjAQgg5zZWN1cmUu
ZmlhLm9yZzAJBgNVHRMEAjAAMG4GA1UdIARnMGUwYwYGZ4EMAQICMFkwJgYIKwYB
BQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzMC8GCCsGAQUFBwICMCMM
IWh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vcmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMC
BaAwHwYDVR0jBBgwFoAUwk9IV/zRT5rAXTh9DgXb2S61UmAwKwYDVR0fBCQwIjAg
oB6gHIYaaHR0cDovL3RqLnN5bWNiLmNvbS90ai5jcmwwHQYDVR0lBBYwFAYIKwYB
BQUHAwEGCCsGAQUFBwMCMFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0
cDovL3RqLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3RqLnN5bWNiLmNv
bS90ai5jcnQwDQYJKoZIhvcNAQELBQADggEBAJQ6K87dn5B5v9BHJbD1yUQXK7FK
tutuRPqd8Wk2brkNQKIqjMB+1np0QrhSJ2fKggC9rZiq3QxDukTL/hIvKbitce0G
I03DZzKXW4vExO8k02zMtIcAfDrhiyJ8Our8yx2uHHJthmdG94jkG+Ns9dX6J1vN
BaAC/9qe8I22e2eHt3aPZlxrlqblBwBPpPZddGno0DLR2YQ2JOG5O+9TwJnhkml4
9YqIrSOwiOmAcui3vqDYS1DXvE4cs4au7q4bRj7EQzS9nn+pi1CIEKDF9XcepnY3
tNlyi2hHNSW/f+DRQQcxswVgVQlsVB2YuoPUUBMl2/qBaRJgnJDVyh6NjIM=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tq//qCh6NunQk5dge6S
O4X7eRqsjY74a3TsGEr1Sr+WvWsDd5F2+as7YArJ1qtWrEw8pynQkcy5IFvJkrZr
fTZi9cGh4NPhAOC7u8MWOgVWwgIyQerFlMOiBNEJh/QoTrXlj+re9KK2wpi9iEog
CRgyevSG29vc1G5tuUu2gsNWrL2bINNRp0ur4iUVzI2zsVOENF0LfEWjIrjqMsbL
zTr8wa/nJxgB8AIDZRdsTIrT18NWAWuBgX8Va8ee750cmhEBC0m2T0c5zcj8OgVv
hsXaSU0bBg1WYLOGPVG44sDI8Lzt6r9GeX4nCT1raolC8b8Lr85qetqfmOPd6prk
nQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 29009761551819762783210823848978607556
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte SSL CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-10-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-12-23 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'District of Columbia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Washington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Futures Industry Association'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Communications'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'secure.fia.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27122866897765838727932091546281857950705093482213923421231272783722365357795176827018458782570171913078798974806581673098955332181116038059499959855857210264852277629363914681308146745197986990721173214899474189207088620422390976226040971663269479660790557118339241398830023874464732814919539959054153301028699361299593019609341477391106716431659819879595366617409386187854725308770545760870897287260134471614555200122363272991994598544521600940719608195069120185403407856509581690604244057480354055971064648584006578007639238482776681137856857781068163301224179083467302540717885321252266940065515470714609096909981
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.fia.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c24f4857fcd14f9ac05d387d0e05dbd92eb55260
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crt'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00943a2bcedd9f9079bfd04725b0f5c944172bb14ab6eb6e44fa9df169366eb90d40a22a8cc07ed67a7442b8522767ca8200bdad98aadd0c43ba44cbfe122f29b8ad71ed06234dc36732975b8bc4c4ef24d36cccb487007c3ae18b227c3aeafccb1dae1c726d866746f788e41be36cf5d5fa275bcd05a002ffda9ef08db67b6787b7768f665c6b96a6e507004fa4f65d7469e8d032d1d9843624e1b93bef53c099e1926978f58a88ad23b088e98072e8b7bea0d84b50d7bc4e1cb386aeeeae1b463ec44334bd9e7fa98b508810a0c5f5771ea67637b4d9728b68473525bf7fe0d1410731b3056055096c541d98ba83d4501325dbfa816912609c90d5ca1e8d8c83