www.ricaud.com
Issued by GlobalSign Domain Validation CA - SHA256 - G2
About this certificate
This digital certificate with serial number 5c:bf:06:6f:f8:06:f7:70:e9:a5:da:c3 was issued on by GlobalSign nv-sa.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.ricaud.com,OU=Domain Control Validated,C=FR
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate has expire since
Certificate Details
Serial Number (hex): 5c:bf:06:6f:f8:06:f7:70:e9:a5:da:c3Serial Number (int): 28703556134769874130274998979
Serial Number lenght: 95 bits, 12 octets
SubjectKeyId: 0b:7a:5b:e0:88:47:ef:98:d7:74:a8:94:82:9d:bb:2e:20:a6:38:5d
AuthorityKeyId: ea:4e:7c:d4:80:2d:e5:15:81:86:26:8c:82:6d:c0:98:a4:cf:97:0f
Fingerprint (sha1): cf:b6:08:55:19:a0:15:03:24:5b:0a:c7:80:e1:64:c0:bd:57:16:dd
Fingerprint (sha256): 30:00:29:4a:b2:cf:66:35:a8:88:6a:22:22:46:97:01:5d:0b:9b:5d:c5:8b:c3:00:c6:58:3c:73:e1:39:1e:b4
Issuing Certificate URL: http://secure.globalsign.com/cacert/gsdomainvalsha2g2r1.crt
Revocation information
OCSP Server: http://ocsp2.globalsign.com/gsdomainvalsha2g2CRL Distribution Point: http://crl.globalsign.com/gs/gsdomainvalsha2g2.crl
Check the revocation status for certificate www.ricaud.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.ricaud.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.ricaud.com
ricaud.com
ricaud.com
Other certificates including the domain name ricaud.com
(limited to 100 certificates)
secure01.lithium.com
livedatainstant.ricaud.com
workbench-www.ricaud.com
livedatainstant.ricaud.com
services.yves-rocher.com
secure10.lithium.com
secure01.stage.lithium.com
secure01.lithium.com
www.ricaud.com
assets.ricaud.com
secure10.lithium.com
incapsula.com
secure10.lithium.com
secure01.stage.lithium.com
www.ricaud.com
secure01.stage.lithium.com
staging-www.ricaud.com
www.yves-rocher.com
survey.yves-rocher.fr
secure10.lithium.com
secure01.lithium.com
secure01.lithium.com
www.ricaud.com
contrib-www.ricaud.com
secure10.lithium.com
www.ricaud.com
secure01.lithium.com
www.ricaud.com
www.yves-rocher.com
secure10.lithium.com
secure01.stage.lithium.com
www.ricaud.com
assets.ricaud.com
workbench-www.ricaud.com
imperva.com
www.ricaud.com
secure01.stage.lithium.com
secure10.lithium.com
mo.ricaud.com
secure01.lithium.com
secure10.lithium.com
secure01.stage.lithium.com
secure-vpci.ricaud.com
secure10.lithium.com
incapsula.com
survey.yves-rocher.fr
workbench-www.ricaud.com
secure10.lithium.com
secure10.lithium.com
www.ricaud.com
incapsula.com
secure01.lithium.com
secure01.stage.lithium.com
survey.yves-rocher.fr
secure10.lithium.com
www-npe.yves-rocher.com
incapsula.com
secure10.lithium.com
secure10.lithium.com
survey.yves-rocher.fr
workbench-www.ricaud.com
incapsula.com
secure10.lithium.com
secure01.stage.lithium.com
www.ricaud.com
incapsula.com
workbench-www.ricaud.com
mo.ricaud.com
secure01.stage.lithium.com
secure01.stage.lithium.com
workbench-www.ricaud.com
secure01.stage.lithium.com
www-npe.yves-rocher.com
secure10.lithium.com
secure01.stage.lithium.com
secure10.lithium.com
www.yves-rocher.com
secure10.lithium.com
secure01.stage.lithium.com
secure01.stage.lithium.com
t.nl.yves-rocher.de
secure01.stage.lithium.com
incapsula.com
survey.yves-rocher.fr
imperva.com
www.ricaud.com
secure01.stage.lithium.com
contrib-www.ricaud.com
contrib-www.ricaud.com
secure01.stage.lithium.com
t.nl.yves-rocher.de
push.ricaud.com
secure10.lithium.com
secure01.stage.lithium.com
secure01.stage.lithium.com
secure01.lithium.com
secure-vpci.ricaud.com
secure01.stage.lithium.com
secure01.stage.lithium.com
secure01.stage.lithium.com
livedatainstant.ricaud.com
workbench-www.ricaud.com
livedatainstant.ricaud.com
services.yves-rocher.com
secure10.lithium.com
secure01.stage.lithium.com
secure01.lithium.com
www.ricaud.com
assets.ricaud.com
secure10.lithium.com
incapsula.com
secure10.lithium.com
secure01.stage.lithium.com
www.ricaud.com
secure01.stage.lithium.com
staging-www.ricaud.com
www.yves-rocher.com
survey.yves-rocher.fr
secure10.lithium.com
secure01.lithium.com
secure01.lithium.com
www.ricaud.com
contrib-www.ricaud.com
secure10.lithium.com
www.ricaud.com
secure01.lithium.com
www.ricaud.com
www.yves-rocher.com
secure10.lithium.com
secure01.stage.lithium.com
www.ricaud.com
assets.ricaud.com
workbench-www.ricaud.com
imperva.com
www.ricaud.com
secure01.stage.lithium.com
secure10.lithium.com
mo.ricaud.com
secure01.lithium.com
secure10.lithium.com
secure01.stage.lithium.com
secure-vpci.ricaud.com
secure10.lithium.com
incapsula.com
survey.yves-rocher.fr
workbench-www.ricaud.com
secure10.lithium.com
secure10.lithium.com
www.ricaud.com
incapsula.com
secure01.lithium.com
secure01.stage.lithium.com
survey.yves-rocher.fr
secure10.lithium.com
www-npe.yves-rocher.com
incapsula.com
secure10.lithium.com
secure10.lithium.com
survey.yves-rocher.fr
workbench-www.ricaud.com
incapsula.com
secure10.lithium.com
secure01.stage.lithium.com
www.ricaud.com
incapsula.com
workbench-www.ricaud.com
mo.ricaud.com
secure01.stage.lithium.com
secure01.stage.lithium.com
workbench-www.ricaud.com
secure01.stage.lithium.com
www-npe.yves-rocher.com
secure10.lithium.com
secure01.stage.lithium.com
secure10.lithium.com
www.yves-rocher.com
secure10.lithium.com
secure01.stage.lithium.com
secure01.stage.lithium.com
t.nl.yves-rocher.de
secure01.stage.lithium.com
incapsula.com
survey.yves-rocher.fr
imperva.com
www.ricaud.com
secure01.stage.lithium.com
contrib-www.ricaud.com
contrib-www.ricaud.com
secure01.stage.lithium.com
t.nl.yves-rocher.de
push.ricaud.com
secure10.lithium.com
secure01.stage.lithium.com
secure01.stage.lithium.com
secure01.lithium.com
secure-vpci.ricaud.com
secure01.stage.lithium.com
secure01.stage.lithium.com
secure01.stage.lithium.com
Certificate
The complete raw certificate details for www.ricaud.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHezCCBmOgAwIBAgIMXL8Gb/gG93DppdrDMA0GCSqGSIb3DQEBCwUAMGAxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcN MTYxMDEzMTIwNjE3WhcNMTcxMDE5MTM1MzAzWjBJMQswCQYDVQQGEwJGUjEhMB8G A1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRcwFQYDVQQDEw53d3cucmlj YXVkLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMrH2PjGxWyP WKgffPNruSG6dCrr7A5HL5RIZrPYMug4sL3eyHozVa0FqRK3G17in5fYqoPX8YEY ebeXQN05asj4ZzmXiq/IDtWO2Ttfa0uOTBwZQwjaXacqHzLXibHgkQDnntISmAjd LYjf61rvob3MIrlna1snu2WBFmPLXmI8r5PCrEcahJRs0fuqrxsEUWKhQVVaFWN1 rLFK82Ap9GzCMDvmjXsPqKzBnjEM8mo3WfWOYEoB0qe+tmIElD70jQg0GXpYGME7 ATf0oMQOzlz3kgsWMSTP9X8j/G7UZtcAn2V9kSZ7C+/y0Uj4jTovhBcwa6sup4HD JBtT7TXaJi8CAwEAAaOCBEowggRGMA4GA1UdDwEB/wQEAwIFoDCBlAYIKwYBBQUH AQEEgYcwgYQwRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5j b20vY2FjZXJ0L2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsGAQUFBzABhi1o dHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzIwVgYD VR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cu Z2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAw QwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9n c2RvbWFpbnZhbHNoYTJnMi5jcmwwJQYDVR0RBB4wHIIOd3d3LnJpY2F1ZC5jb22C CnJpY2F1ZC5jb20wHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1Ud DgQWBBQLelvgiEfvmNd0qJSCnbsuIKY4XTAfBgNVHSMEGDAWgBTqTnzUgC3lFYGG JoyCbcCYpM+XDzCCAm0GCisGAQQB1nkCBAIEggJdBIICWQJXAHUAVhQGmi/XwuzT 9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFXve+Y3wAABAMARjBEAiAJ8OL+P+My 7ZS6yY8ee6WcEtI2clZq1cxUxwROV9gDtwIgGxsgPLNFSXKK5N5iZ8fmq/jxpxfx vUJG6ktWppPohs8AdgDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+zAAA AVe975qcAAAEAwBHMEUCIEHYclnx5w9bOsvZty5SIQtLc55w1XJCgAXXLGbde/Hu AiEA+5Z9ACjkAu+qc6s1gqwzlqtS29Ic+ZmnWWDO5IleOjoAdgCkuQmQtBhYFIe7 E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAVe975m0AAAEAwBHMEUCIDlvWIONzM9k 9Wkah5J9SupQzhh8YB4N1bMfX6juNMfIAiEAhp6TNIdJVK8uhaa+GxX1B0yFgk60 L7akV/7nnUjDhBIAdgBo9pj4H2SCvjqM7rkoHUz8cVFdZ5PURNEKZ6y7T0/7xAAA AVe975puAAAEAwBHMEUCIQC6+nJxziNw51SrjUUOMb1gm3BaVV3KKzKJqAE84myy iAIgYN0/K+nZsJGC7tQsaqNUV8GnzwPZuXqKwfW9d3dCyAcAdgDuS723dc5guuFC aR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAVe9753uAAAEAwBHMEUCIGPFcXzzZQwP VVClQ8zKf3DFthdO0AmanXfcoZHIT2W9AiEAgT7rg3U/3KTFhIg2/6wyLJEPdQ4c iFwL/AlTj+MxR0kwDQYJKoZIhvcNAQELBQADggEBAGk6lh+afkTHuQnmZ2WtT4Uu pj888n3QD8k+IDmp2YF8CS8GjLhsmuQ9UzjovMOV5NSsyrM3/89qqTn6v+1DndXB 7+a5AFptAsUjrK8HSrEt4mseEHD7jX+6pbTpJjEaVOMACYwcys/UliY0QF09lkwI aa3Lq43ofWd8bndR7pcEYTUUSKJSAP7zFz4/R9LxTo/rD7zhbMjWGGFI+qzMNOiW zfodN2qiXCYw4CRhxbXUAExtOMWlzJJgcWcFefdGtq23PbZhKwEgpaaZLysVt1tb LG6Idv61OIWXyzfRrx0W5iVIuJX1CXnypT2N/r4vwZlj9WXIP1yaIpQkYZaqH90= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysfY+MbFbI9YqB9882u5 Ibp0KuvsDkcvlEhms9gy6Diwvd7IejNVrQWpErcbXuKfl9iqg9fxgRh5t5dA3Tlq yPhnOZeKr8gO1Y7ZO19rS45MHBlDCNpdpyofMteJseCRAOee0hKYCN0tiN/rWu+h vcwiuWdrWye7ZYEWY8teYjyvk8KsRxqElGzR+6qvGwRRYqFBVVoVY3WssUrzYCn0 bMIwO+aNew+orMGeMQzyajdZ9Y5gSgHSp762YgSUPvSNCDQZelgYwTsBN/SgxA7O XPeSCxYxJM/1fyP8btRm1wCfZX2RJnsL7/LRSPiNOi+EFzBrqy6ngcMkG1PtNdom LwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 28703556134769874130274998979 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Domain Validation CA - SHA256 - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-10-13 12:06:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-19 13:53:03 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.ricaud.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25598686101042755830514235399017589820226053601402333097156593802542876588425088983039572540973717069714648097216824645814752824014899204388230758490592077036145192329211667682005330286263214345011706865329855644707740941974079060647764233243799522505412851623437997890801699077121085079646717358104194221059027261966386404634211566647072499470152824831658747569885690949463542428481493959720380450181463835960118345362053069287669450652034187132570795522623818164785452925404228835744607375213998628085134254548659232258899917873912610709707199628392236548466955453196365800287119996019376758499908674712820768187951 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsdomainvalsha2g2r1.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsdomainvalsha2g2' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10 (globalsignDVPolicy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsdomainvalsha2g2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ricaud.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ricaud.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0b7a5be08847ef98d774a894829dbb2e20a6385d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ea4e7cd4802de5158186268c826dc098a4cf970f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (605 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (601 bytes) 02570075005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd00000157bdef98df0000040300463044022009f0e2fe3fe332ed94bac98f1e7ba59c12d23672566ad5cc54c7044e57d803b702201b1b203cb34549728ae4de6267c7e6abf8f1a717f1bd4246ea4b56a693e886cf007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc00000157bdef9a9c0000040300473045022041d87259f1e70f5b3acbd9b72e52210b4b739e70d572428005d72c66dd7bf1ee022100fb967d0028e402efaa73ab3582ac3396ab52dbd21cf999a75960cee4895e3a3a007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000157bdef99b400000403004730450220396f58838dcccf64f5691a87927d4aea50ce187c601e0dd5b31f5fa8ee34c7c8022100869e9334874954af2e85a6be1b15f5074c85824eb42fb6a457fee79d48c3841200760068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc400000157bdef9a6e0000040300473045022100bafa7271ce2370e754ab8d450e31bd609b705a555dca2b3289a8013ce26cb288022060dd3f2be9d9b09182eed42c6aa35457c1a7cf03d9b97a8ac1f5bd777742c807007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000157bdef9dee0000040300473045022063c5717cf3650c0f5550a543ccca7f70c5b6174ed0099a9d77dca191c84f65bd022100813eeb83753fdca4c5848836ffac322c910f750e1c885c0bfc09538fe3314749 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00693a961f9a7e44c7b909e66765ad4f852ea63f3cf27dd00fc93e2039a9d9817c092f068cb86c9ae43d5338e8bcc395e4d4accab337ffcf6aa939fabfed439dd5c1efe6b9005a6d02c523acaf074ab12de26b1e1070fb8d7fbaa5b4e926311a54e300098c1ccacfd4962634405d3d964c0869adcbab8de87d677c6e7751ee970461351448a25200fef3173e3f47d2f14e8feb0fbce16cc8d6186148faaccc34e896cdfa1d376aa25c2630e02461c5b5d4004c6d38c5a5cc926071670579f746b6adb73db6612b0120a5a6992f2b15b75b5b2c6e8876feb5388597cb37d1af1d16e62548b895f50979f2a53d8dfebe2fc19963f565c83f5c9a2294246196aa1fdd