aisportal.mpo.cz
Issued by Thawte RSA CA 2018
About this certificate
This digital certificate with serial number 06:06:1c:22:d9:3c:1e:49:d0:85:1f:42:17:a8:57:21 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=aisportal.mpo.cz
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 06:06:1c:22:d9:3c:1e:49:d0:85:1f:42:17:a8:57:21Serial Number (int): 8007092424318057647994385277617985313
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: e4:c1:15:31:cf:52:f8:7f:a5:5e:a5:8d:ed:7f:3a:a2:4b:c8:11:2c
AuthorityKeyId: a3:c8:5e:65:54:e5:30:78:c1:05:ea:07:0a:6a:59:cc:b9:fe:de:5a
Fingerprint (sha1): 77:59:6b:7c:6d:e5:83:30:a8:63:9e:bf:5b:16:6d:2f:b0:69:a0:67
Fingerprint (sha256): 30:1b:19:80:50:c7:b5:36:d7:e7:dc:2f:94:fb:c0:9e:e4:9f:b2:cd:6a:36:08:d1:7b:3a:35:8e:ca:7f:50:dc
Issuing Certificate URL: http://cacerts.thawte.com/ThawteRSACA2018.crt
Revocation information
OCSP Server: http://status.thawte.comCRL Distribution Point: http://cdp.thawte.com/ThawteRSACA2018.crl
Check the revocation status for certificate aisportal.mpo.cz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for aisportal.mpo.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
aisportal.mpo.cz
www.aisportal.mpo.cz
www.aisportal.mpo.cz
Other certificates including the domain name mpo.cz
(limited to 100 certificates)
druhotnasurovina.mpo.cz
druhotnasurovina.mpo.cz
adfs.mpo.cz
www.mpo.cz
miss.mpo.cz
trio.mpo.cz
cafe.mpo.cz
monitoring.mpo.cz
mis.mpo.cz
druhotnasurovina.mpo.cz
druhotnasurovina.cz
cafe.mpo.cz
registr.mpo.cz
druhotnasurovina.mpo.cz
monitoring.mpo.cz
monitoring.mpo.cz
foreigners.mpo.cz
aimapa.mpo.cz
vykazy.mpo.cz
activesync.mpo.cz
monitoring.mpo.cz
trio.mpo.cz
cafe.mpo.cz
aisportal.mpo.cz
adfs.mpo.cz
monitoring.mpo.cz
aisportal.mpo.cz
monitoring.mpo.cz
vykazy.mpo.cz
foreigners.mpo.cz
druhotnasurovina.mpo.cz
adfs.mpo.cz
foreigners.mpo.cz
druhotnasurovina.cz
ais.mpo.cz
blockchain.mpo.cz
www.mpo.gov.cz
druhotnasurovina.mpo.cz
trio.mpo.cz
aimapa.mpo.cz
druhotnasurovina.cz
mapi.mpo.cz
www.mpo.cz
monitoring.mpo.cz
registr.mpo.cz
mpo.cz
www.mpo.cz
foreigners.mpo.cz
cafe.mpo.cz
trios.mpo.cz
adfs.mpo.cz
foreigners.mpo.cz
foreigners.mpo.cz
cafe.mpo.cz
druhotnasurovina.mpo.cz
cafe.mpo.cz
foreigners.mpo.cz
miss.mpo.cz
autodiscover.mpo.cz
www.mpo.cz
ews.mpo.cz
druhotnasurovina.mpo.cz
aimapa.mpo.cz
trio.mpo.cz
monitoring.mpo.cz
trio.mpo.cz
monitoring.mpo.cz
druhotnasurovina.cz
elisportal.mpo.cz
druhotnasurovina.cz
vykazy.mpo.cz
monitoring.mpo.cz
foreigners.mpo.cz
miss.mpo.cz
spintra.mpo.cz
foreigners.mpo.cz
www.mpo.cz
druhotnasurovina.cz
mis.mpo.cz
druhotnasurovina.cz
druhotnasurovina.cz
homeoffice.mpo.cz
tip.mpo.cz
miss.mpo.cz
druhotnasurovina.cz
monitoring.mpo.cz
foreigners.mpo.cz
monitoring.mpo.cz
vykazy.mpo.cz
owa.mpo.cz
cafe.mpo.cz
cafe.mpo.cz
vykazy.mpo.cz
trio.mpo.cz
blockchain.mpo.cz
www.mpo.cz
druhotnasurovina.cz
monitoring.mpo.cz
forms.mpo.cz
druhotnasurovina.mpo.cz
adfs.mpo.cz
www.mpo.cz
miss.mpo.cz
trio.mpo.cz
cafe.mpo.cz
monitoring.mpo.cz
mis.mpo.cz
druhotnasurovina.mpo.cz
druhotnasurovina.cz
cafe.mpo.cz
registr.mpo.cz
druhotnasurovina.mpo.cz
monitoring.mpo.cz
monitoring.mpo.cz
foreigners.mpo.cz
aimapa.mpo.cz
vykazy.mpo.cz
activesync.mpo.cz
monitoring.mpo.cz
trio.mpo.cz
cafe.mpo.cz
aisportal.mpo.cz
adfs.mpo.cz
monitoring.mpo.cz
aisportal.mpo.cz
monitoring.mpo.cz
vykazy.mpo.cz
foreigners.mpo.cz
druhotnasurovina.mpo.cz
adfs.mpo.cz
foreigners.mpo.cz
druhotnasurovina.cz
ais.mpo.cz
blockchain.mpo.cz
www.mpo.gov.cz
druhotnasurovina.mpo.cz
trio.mpo.cz
aimapa.mpo.cz
druhotnasurovina.cz
mapi.mpo.cz
www.mpo.cz
monitoring.mpo.cz
registr.mpo.cz
mpo.cz
www.mpo.cz
foreigners.mpo.cz
cafe.mpo.cz
trios.mpo.cz
adfs.mpo.cz
foreigners.mpo.cz
foreigners.mpo.cz
cafe.mpo.cz
druhotnasurovina.mpo.cz
cafe.mpo.cz
foreigners.mpo.cz
miss.mpo.cz
autodiscover.mpo.cz
www.mpo.cz
ews.mpo.cz
druhotnasurovina.mpo.cz
aimapa.mpo.cz
trio.mpo.cz
monitoring.mpo.cz
trio.mpo.cz
monitoring.mpo.cz
druhotnasurovina.cz
elisportal.mpo.cz
druhotnasurovina.cz
vykazy.mpo.cz
monitoring.mpo.cz
foreigners.mpo.cz
miss.mpo.cz
spintra.mpo.cz
foreigners.mpo.cz
www.mpo.cz
druhotnasurovina.cz
mis.mpo.cz
druhotnasurovina.cz
druhotnasurovina.cz
homeoffice.mpo.cz
tip.mpo.cz
miss.mpo.cz
druhotnasurovina.cz
monitoring.mpo.cz
foreigners.mpo.cz
monitoring.mpo.cz
vykazy.mpo.cz
owa.mpo.cz
cafe.mpo.cz
cafe.mpo.cz
vykazy.mpo.cz
trio.mpo.cz
blockchain.mpo.cz
www.mpo.cz
druhotnasurovina.cz
monitoring.mpo.cz
forms.mpo.cz
Certificate
The complete raw certificate details for aisportal.mpo.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHIzCCBgugAwIBAgIQBgYcItk8HknQhR9CF6hXITANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMRswGQYDVQQDExJUaGF3dGUgUlNBIENBIDIwMTgwHhcN MjIwNTI0MDAwMDAwWhcNMjMwNjE5MjM1OTU5WjAbMRkwFwYDVQQDExBhaXNwb3J0 YWwubXBvLmN6MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0VDG60/Z PEue5YFtH/wlnzvijC5X2lYWTceomGVg6kcuzX4v/yWkfME5aWMKnGeeChKZFCB6 xzimH73cTdI1SKRrAGfmo6vVEXvn6V0InomjZ+sRB7ja2XA9hDjyZ4lV3lo96av1 PCOHA5XS1XU/9CLFoeL5wS19JH+CoafnOSDBulKkmXt0AoUg/MneV2E8YG73xD5n MerBel0vxm0eOk/EhiRVubYWdBuvxvzMJu2ZzstWExt2h7mEy+Tn0zz7lsC6dnoQ aq6poOw2WAj4bNfcvsI5SfjH2H7U6xLXgy+sJ05UVlPSUQBG1xJPmSewaXLm+y8v Vl1Q2d5K6Fu2Jmv1cGUtl1GCfEfjPqyNui0/HB4lL0V0iJgOPtoRI2tp0ssNyBln ZbZUjPb+en7rJz9fdz0trbKo28f3mBTInqjdJKxNLZ2uMM34S7o0Vw1Fn6xo23sV MrcW06lFaJR2yPwRTdyQzky6efOp5aWCbi1c+0mzGEII70sZCMmy23jdACi2HE32 oVEelA6+DVmSMyj2V+cPyLgYyWiS/EEvXBFCMmVZyUElY8t7Sf7M4Dxu2x7jNV+v fkgu8It9HjP08bViwSRBLbPLqx8JVsgtcxlhholsKMQbafnNKQDVkkIf6eszqqHT wLtscNP4KPctt3KNeRTIWn3hOmsdtcql3o8CAwEAAaOCAyAwggMcMB8GA1UdIwQY MBaAFKPIXmVU5TB4wQXqBwpqWcy5/t5aMB0GA1UdDgQWBBTkwRUxz1L4f6VepY3t fzqiS8gRLDAxBgNVHREEKjAoghBhaXNwb3J0YWwubXBvLmN6ghR3d3cuYWlzcG9y dGFsLm1wby5jejAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jZHAudGhhd3RlLmNv bS9UaGF3dGVSU0FDQTIwMTguY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQIBMCkwJwYI KwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzBvBggrBgEFBQcB AQRjMGEwJAYIKwYBBQUHMAGGGGh0dHA6Ly9zdGF0dXMudGhhd3RlLmNvbTA5Bggr BgEFBQcwAoYtaHR0cDovL2NhY2VydHMudGhhd3RlLmNvbS9UaGF3dGVSU0FDQTIw MTguY3J0MAkGA1UdEwQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AOg+ 0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABgPZF5ioAAAQDAEcwRQIh AKMV2AK6Ufu9U0WUzu3/WU8q22KPyZJZBbEFk0aGJvNCAiA2GCQEF2omb+YKQYTQ Y5UABfi/H5/hYt/fgDFA3dKvxwB3ADXPGRu/sWxXvw+tTG1Cy7u2JyAmUeo/4Srv qAPDO9ZMAAABgPZF5jcAAAQDAEgwRgIhAPqvc1wYU+IRm0ufhmw6q7A1aB/IdQkj xYaKrpcngiTZAiEAt8barqC9pKROUG6giOB+pAeJiCru4pn6elRYEMpGy5cAdQCz c3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAYD2ReZWAAAEAwBGMEQC IGXJON7YgEwCVOH7P4sE0H7d+edq92OJ7Seopg0hJOLpAiBCUUnwxehGEhXNn/SJ pf7FKCAgZb3OmZcc9N9fo6OsJjANBgkqhkiG9w0BAQsFAAOCAQEAUStdUqzRSEg9 4pJO0rLRDW8oxSSonqal36sHnNdu2wgyH++xvemsxg+nnqMjKLJW/S+PcViVGWOV w7QCjrV7HZ8RWov35N+4FXjf7QHOLGcOpC8HNULM4ovec7JunSoHvcPH+pRyQBDi KItLx3NpU/nmFQWeD01J/599KEJnYikILu4UKbQRjJSf4IW1KVqGIJTfAtJgmddE nWfu+9ggDc70fw3SvLunIRIFxPe2QcUb8CteZyyu/QORpLu2MJQqbeFTMSb0J7kH XeLLTanESzx8i6SOsw90t6fE/5QWAVFFvgpQwq8taEjH1TzGay+hgli6HBen8Wch yYD/M06WKQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0VDG60/ZPEue5YFtH/wl nzvijC5X2lYWTceomGVg6kcuzX4v/yWkfME5aWMKnGeeChKZFCB6xzimH73cTdI1 SKRrAGfmo6vVEXvn6V0InomjZ+sRB7ja2XA9hDjyZ4lV3lo96av1PCOHA5XS1XU/ 9CLFoeL5wS19JH+CoafnOSDBulKkmXt0AoUg/MneV2E8YG73xD5nMerBel0vxm0e Ok/EhiRVubYWdBuvxvzMJu2ZzstWExt2h7mEy+Tn0zz7lsC6dnoQaq6poOw2WAj4 bNfcvsI5SfjH2H7U6xLXgy+sJ05UVlPSUQBG1xJPmSewaXLm+y8vVl1Q2d5K6Fu2 Jmv1cGUtl1GCfEfjPqyNui0/HB4lL0V0iJgOPtoRI2tp0ssNyBlnZbZUjPb+en7r Jz9fdz0trbKo28f3mBTInqjdJKxNLZ2uMM34S7o0Vw1Fn6xo23sVMrcW06lFaJR2 yPwRTdyQzky6efOp5aWCbi1c+0mzGEII70sZCMmy23jdACi2HE32oVEelA6+DVmS Myj2V+cPyLgYyWiS/EEvXBFCMmVZyUElY8t7Sf7M4Dxu2x7jNV+vfkgu8It9HjP0 8bViwSRBLbPLqx8JVsgtcxlhholsKMQbafnNKQDVkkIf6eszqqHTwLtscNP4KPct t3KNeRTIWn3hOmsdtcql3o8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 8007092424318057647994385277617985313 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-05-24 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-19 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aisportal.mpo.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 853932881792056358957718966345979342639778328539308102116009404416722916391251551831683486160896142740606145839820003149390171641924911831954938603223231524845498358375769585199966212144717005280178913877608412830279701283148915809042572148049001552817749595680380145007758946486342867436022267333079661158233784245283953315584524480943357097452716194502717502105011972976417797939025159924132435200901193413911909281384396717198989500180666329083401435590952668752010268881005803104798051078853312330510311709851608204391111291909315897569505565027067645827236997499107060043929460649937756020507325810113565049433069205211649414358999434903043888484261171379001155936125666256343391307842411452786128331540341681393456475372167852996427116533386023253614944001507133757750524396593842488142523325264946268244516122936681481058074587841569889050116390062337876105413177210237500509535584433319707437152993711644511107331415605556303579878975534658999641554750401517574001321897873351420681037538578733665028708745124197063867769840777396936786842326979514641558722339781272761142342763679375818806126987765693270032966891236040926204151872845221239237741911125877689961453020295387077973554253255036002513996236947655743754996145807 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a3c85e6554e53078c105ea070a6a59ccb9fede5a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e4c11531cf52f87fa55ea58ded7f3aa24bc8112c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aisportal.mpo.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aisportal.mpo.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000180f645e62a0000040300473045022100a315d802ba51fbbd534594ceedff594f2adb628fc9925905b10593468626f342022036182404176a266fe60a4184d063950005f8bf1f9fe162dfdf803140ddd2afc700770035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c00000180f645e6370000040300483046022100faaf735c1853e2119b4b9f866c3aabb035681fc8750923c5868aae97278224d9022100b7c6daaea0bda4a44e506ea088e07ea40789882aeee299fa7a545810ca46cb97007500b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000180f645e6560000040300463044022065c938ded8804c0254e1fb3f8b04d07eddf9e76af76389ed27a8a60d2124e2e90220425149f0c5e8461215cd9ff489a5fec528202065bdce99971cf4df5fa3a3ac26 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00512b5d52acd148483de2924ed2b2d10d6f28c524a89ea6a5dfab079cd76edb08321fefb1bde9acc60fa79ea32328b256fd2f8f715895196395c3b4028eb57b1d9f115a8bf7e4dfb81578dfed01ce2c670ea42f073542cce28bde73b26e9d2a07bdc3c7fa94724010e2288b4bc7736953f9e615059e0f4d49ff9f7d2842676229082eee1429b4118c949fe085b5295a862094df02d26099d7449d67eefbd8200dcef47f0dd2bcbba7211205c4f7b641c51bf02b5e672caefd0391a4bbb630942a6de1533126f427b9075de2cb4da9c44b3c7c8ba48eb30f74b7a7c4ff9416015145be0a50c2af2d6848c7d53cc66b2fa18258ba1c17a7f16721c980ff334e9629