assets.teleflora.com

- Teleflora LLC -

Issued by Thawte RSA CA 2018

About this certificate

This digital certificate with serial number 07:f5:71:58:2d:ce:da:d7:4c:c9:09:3f:84:35:27:a8 was issued on by DigiCert Inc.

With 16 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Teleflora LLC

Organization: Teleflora LLC
Organization unit: EBusiness
State / Province: California
Locality: Los Angeles
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 07:f5:71:58:2d:ce:da:d7:4c:c9:09:3f:84:35:27:a8
Serial Number (int): 10579007599375855381613582212306118568
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: a0:7c:be:23:4a:6b:e9:86:8c:b3:f4:c9:45:5e:0b:90:17:e3:82:8f
AuthorityKeyId: a3:c8:5e:65:54:e5:30:78:c1:05:ea:07:0a:6a:59:cc:b9:fe:de:5a

Fingerprint (sha1): b3:05:de:b0:3d:b4:cc:48:ba:23:5f:ce:0e:4d:22:70:1f:8a:f1:8e
Fingerprint (sha256): 2f:fc:34:e5:32:05:41:7e:35:40:4d:6d:6b:34:a2:b1:56:c6:99:2f:c1:1d:49:66:86:d7:28:2d:7b:60:43:ce

Issuing Certificate URL: http://cacerts.thawte.com/ThawteRSACA2018.crt

Revocation information

OCSP Server: http://status.thawte.com
CRL Distribution Point: http://cdp.thawte.com/ThawteRSACA2018.crl

Check the revocation status for certificate assets.teleflora.com

16

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for assets.teleflora.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

assets.teleflora.com
images.shopflowers.net
assets.petals.com.au
assets.stage.teleflora.com
qa15-assets.teleflora.com
assets.stage.eflorist.com
assets.eflorist.com
assets.integration.eflorist.com
stg-assets.teleflora.com
stg-images.shopflowers.net
din15-assets.teleflora.com
assets.qa.eflorist.com
stg-assets.petals.com.au
stg-assets.eflorist.com
integration-assets.teleflora.com
assets.qa.teleflora.com

Other certificates including the domain name teleflora.com

(limited to 100 certificates)
stg.orderinterface.teleflora.com
san.cloudinary.com
www.teleflora.com
m-dfs.teleflora.com
autodiscover.teleflora.com
san.cloudinary.com
altiris.teleflora.com
s5-san.cloudinary.com
*.teleflora.com
san.cloudinary.com
m-mkconnections.teleflora.com
*.din15.teleflora.com
m-savings.teleflora.com
*.dev.teleflora.com
cloudinary-pin-sni.map.fastly.net
stg.mydoveapp.teleflora.com
m-savings.teleflora.com
m-frontierairlines.teleflora.com
s5-san.cloudinary.com
s1-cloudinary-pin-sni.map.fastly.net
s1-sni.cloudinary.com
s5-san.cloudinary.com
*.teleflora.com
m-employeeorder.teleflora.com
estgweb.teleflora.com
estgweb.teleflora.com
www.teleflora.com
san.cloudinary.com
webmail.teleflora.com
assets.teleflora.com
assets.teleflora.com
s5-san.cloudinary.com
s5-cloudinary-pin.map.fastly.net
cloudinary-pin-sni.map.fastly.net
fr.teleflora.com
s5-san.cloudinary.com
blog.teleflora.com
s5-cloudinary-pin.map.fastly.net
m-amtrak.teleflora.com
cloudinary-pin-sni.map.fastly.net
san.cloudinary.com
www.teleflora.com
s5-cloudinary-pin.map.fastly.net
assets.teleflora.com
homemade.teleflora.com
tws.teleflora.com
e.p.teleflora.com
s5-cloudinary-pin.map.fastly.net
san.cloudinary.com
san.cloudinary.com
m-amtrak.teleflora.com
*.teleflora.com
twsstg.teleflora.com
s5-san.cloudinary.com
posimages.teleflora.com
cloudinary-pin-sni.map.fastly.net
s5-san.cloudinary.com
s5-san.cloudinary.com
assets.teleflora.com
cloudinary-pin-sni.map.fastly.net
posimages.teleflora.com
san.cloudinary.com
s1-cloudinary-pin-sni.map.fastly.net
m-perkopolis.teleflora.com
*.qa.teleflora.com
cloudinary-pin-sni.map.fastly.net
san.cloudinary.com
fr.teleflora.com
s1-cloudinary-pin-sni.map.fastly.net
cloudinary-pin-sni.map.fastly.net
cloudinary-pin-sni.map.fastly.net
s5-san.cloudinary.com
m-unionplus.teleflora.com
m-savings.teleflora.com
www.aafes.teleflora.com
blog.teleflora.com
s5-san.cloudinary.com
san.cloudinary.com
m-gettington.teleflora.com
cloudinary-pin-sni.map.fastly.net
s5-san.cloudinary.com
cloudinary-pin-sni.map.fastly.net
*.teleflora.com
omnistats.teleflora.com
m-jcpenney.teleflora.com
dvm03.dev.teleflora.com
s5-cloudinary-pin.map.fastly.net
san.cloudinary.com
san.cloudinary.com
san.cloudinary.com
estgweb.teleflora.com
san.cloudinary.com
stg.mobilesolutions.teleflora.com
fr.teleflora.com
m-hawaiianmiles.teleflora.com
san.cloudinary.com
m-perks.teleflora.com
www.teleflora.com
assets.teleflora.com
s5-san.cloudinary.com

Certificate

The complete raw certificate details for assets.teleflora.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGrzCCBZegAwIBAgIQB/VxWC3O2tdMyQk/hDUnqDANBgkqhkiG9w0BAQsFADBc
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMRswGQYDVQQDExJUaGF3dGUgUlNBIENBIDIwMTgwHhcN
MTkwMzIxMDAwMDAwWhcNMjAwNDEwMTIwMDAwWjCBgzELMAkGA1UEBhMCVVMxEzAR
BgNVBAgTCkNhbGlmb3JuaWExFDASBgNVBAcTC0xvcyBBbmdlbGVzMRYwFAYDVQQK
Ew1UZWxlZmxvcmEgTExDMRIwEAYDVQQLEwlFQnVzaW5lc3MxHTAbBgNVBAMTFGFz
c2V0cy50ZWxlZmxvcmEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwq42zIs0s0VHZVxjuAgsAj3zEP/2Bc/TtNvVgSYx23a6rM7MvisqNxv8VhP0
tLxHjjU6zz+FFtN2XNiL8g2y4JbkqgxD9feFwFk6GTKjcb6pL57T7H/fD8+CLrHt
fd9Kd/jEWIvtEH8Sl62tculhg3cYKXXRXsuCbkyKq0+kafg4ynpgxqOAB9SmMM3g
i1/hl2sMhnwK4o+SIjTwVmqAZDx1USc44WXxnPCUqoMUGcjISqsk2TZvqku3JiOJ
Pn/OdAakU3t4Jt5UAsEDMnz8PoVs3X6Vm3CkaUvzgJ6nOeizO3KHlEgUU4+GV01I
xVQM/iUSuQWMi9SdrJSujrXkdQIDAQABo4IDQzCCAz8wHwYDVR0jBBgwFoAUo8he
ZVTlMHjBBeoHCmpZzLn+3lowHQYDVR0OBBYEFKB8viNKa+mGjLP0yUVeC5AX44KP
MIIBsQYDVR0RBIIBqDCCAaSCFGFzc2V0cy50ZWxlZmxvcmEuY29tghZpbWFnZXMu
c2hvcGZsb3dlcnMubmV0ghRhc3NldHMucGV0YWxzLmNvbS5hdYIaYXNzZXRzLnN0
YWdlLnRlbGVmbG9yYS5jb22CGXFhMTUtYXNzZXRzLnRlbGVmbG9yYS5jb22CGWFz
c2V0cy5zdGFnZS5lZmxvcmlzdC5jb22CE2Fzc2V0cy5lZmxvcmlzdC5jb22CH2Fz
c2V0cy5pbnRlZ3JhdGlvbi5lZmxvcmlzdC5jb22CGHN0Zy1hc3NldHMudGVsZWZs
b3JhLmNvbYIac3RnLWltYWdlcy5zaG9wZmxvd2Vycy5uZXSCGmRpbjE1LWFzc2V0
cy50ZWxlZmxvcmEuY29tghZhc3NldHMucWEuZWZsb3Jpc3QuY29tghhzdGctYXNz
ZXRzLnBldGFscy5jb20uYXWCF3N0Zy1hc3NldHMuZWZsb3Jpc3QuY29tgiBpbnRl
Z3JhdGlvbi1hc3NldHMudGVsZWZsb3JhLmNvbYIXYXNzZXRzLnFhLnRlbGVmbG9y
YS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
BQcDAjA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY2RwLnRoYXd0ZS5jb20vVGhh
d3RlUlNBQ0EyMDE4LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsG
AQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjBv
BggrBgEFBQcBAQRjMGEwJAYIKwYBBQUHMAGGGGh0dHA6Ly9zdGF0dXMudGhhd3Rl
LmNvbTA5BggrBgEFBQcwAoYtaHR0cDovL2NhY2VydHMudGhhd3RlLmNvbS9UaGF3
dGVSU0FDQTIwMTguY3J0MAkGA1UdEwQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAw
DQYJKoZIhvcNAQELBQADggEBAK+8YedwEZN7naQxh1ASzLjAEDc93cFi+h08IKaT
aceMKLEHkyhTV1yyURDoG/mNKJX/AzbXKjaFTWz5HUmVc74eMxt44d5IdPNXhTqL
qXgDfUxb0MEjwghNg2VRcBM/3lG3JP7akXxazxEl0lSO4Gsp/8UqN+pCHdwJngrs
1haUtGedy/H4MK5+n0eljUqCNySvmugqKQoNnIxy9Ftw/7xbcd+JnZxWIu/9cHYp
sOPhcs7YVZlOPwmkHxu4QeHQDjQVQR8HvAzKWUocedmgpdD3ktNxdgy/X0Kgb3lE
62eBflD0667iL876lP80tW6i1Vrpb0PX4548Hk1EXGnccLQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwq42zIs0s0VHZVxjuAgs
Aj3zEP/2Bc/TtNvVgSYx23a6rM7MvisqNxv8VhP0tLxHjjU6zz+FFtN2XNiL8g2y
4JbkqgxD9feFwFk6GTKjcb6pL57T7H/fD8+CLrHtfd9Kd/jEWIvtEH8Sl62tculh
g3cYKXXRXsuCbkyKq0+kafg4ynpgxqOAB9SmMM3gi1/hl2sMhnwK4o+SIjTwVmqA
ZDx1USc44WXxnPCUqoMUGcjISqsk2TZvqku3JiOJPn/OdAakU3t4Jt5UAsEDMnz8
PoVs3X6Vm3CkaUvzgJ6nOeizO3KHlEgUU4+GV01IxVQM/iUSuQWMi9SdrJSujrXk
dQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10579007599375855381613582212306118568
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-21 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-10 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Los Angeles'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Teleflora LLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'EBusiness'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'assets.teleflora.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24576139317546994414740845011523829553865590017055858308662774287504446089046009988248120527203035242859549463755167017067730153206681152253399657230499094599326668376379650798307949597314940404185510430759737463330549774693977258596489670418223111892544470316614359391108720640038219012823018180381010842408957659560725383231657501441090136653999297599223646012813306546066739942485330943002392776195351320894635369510719459001675449570856393042930367194681134509659000499104933543367721332207883238936975308681490373763281647409981870551435259767385562551570470251934122401091319343689219175590064504958299330176117
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a3c85e6554e53078c105ea070a6a59ccb9fede5a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a07cbe234a6be9868cb3f4c9455e0b9017e3828f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (424 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.teleflora.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images.shopflowers.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.petals.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.stage.teleflora.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa15-assets.teleflora.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.stage.eflorist.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.eflorist.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.integration.eflorist.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg-assets.teleflora.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg-images.shopflowers.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'din15-assets.teleflora.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.qa.eflorist.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg-assets.petals.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg-assets.eflorist.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'integration-assets.teleflora.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.qa.teleflora.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00afbc61e77011937b9da431875012ccb8c010373dddc162fa1d3c20a69369c78c28b107932853575cb25110e81bf98d2895ff0336d72a36854d6cf91d499573be1e331b78e1de4874f357853a8ba978037d4c5bd0c123c2084d83655170133fde51b724feda917c5acf1125d2548ee06b29ffc52a37ea421ddc099e0aecd61694b4679dcbf1f830ae7e9f47a58d4a823724af9ae82a290a0d9c8c72f45b70ffbc5b71df899d9c5622effd707629b0e3e172ced855994e3f09a41f1bb841e1d00e3415411f07bc0cca594a1c79d9a0a5d0f792d371760cbf5f42a06f7944eb67817e50f4ebaee22fcefa94ff34b56ea2d55ae96f43d7e39e3c1e4d445c69dc70b4