www.iaea.org
- International Atomic Energy Agency -
Issued by thawte SSL CA - G2
About this certificate
This digital certificate with serial number 22:ca:1b:54:65:a0:76:52:b0:49:d9:0b:fc:a4:c7:c5 was issued on by thawte, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
International Atomic Energy Agency
Organization:
International Atomic Energy Agency
State / Province:
Wien
Locality: Wien
Country: AT
Locality: Wien
Country: AT
thawte, Inc.
Organization:
thawte, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 22:ca:1b:54:65:a0:76:52:b0:49:d9:0b:fc:a4:c7:c5Serial Number (int): 46243150133788097540673512882466768837
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: c2:4f:48:57:fc:d1:4f:9a:c0:5d:38:7d:0e:05:db:d9:2e:b5:52:60
Fingerprint (sha1): fe:c3:db:21:2b:b2:26:08:d6:0a:3a:ed:7b:2e:ba:81:01:94:be:a2
Fingerprint (sha256): 33:7d:8e:c4:bf:20:a9:b5:64:c9:32:32:75:6c:d3:7a:5f:7d:31:d4:c6:69:b7:bc:ed:a6:31:13:cc:77:8d:44
Issuing Certificate URL: http://tj.symcb.com/tj.crt
Revocation information
OCSP Server: http://tj.symcd.comCRL Distribution Point: http://tj.symcb.com/tj.crl
Check the revocation status for certificate www.iaea.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.iaea.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.iaea.org
iaea.org
iaea.org
Other certificates including the domain name iaea.org
(limited to 100 certificates)
*.iaea.org
iaeachallenge.org
ssl6418.cloudflare.com
imgm.iaea.org
ssl440680.cloudflaressl.com
iaeachallenge.org
vc.iaea.org
www.iaea.org
ssl440681.cloudflaressl.com
cnmdm.nomad.iaea.org
countryfiles.iaea.org
*.iaea.org
imgm.iaea.org
plms-nkm.iaea.org
ivetnet.iaea.org
ssl320268.cloudflaressl.com
iaeachallenge.org
libenc.iaea.org
ssl6418.cloudflare.com
taleo.iaea.org
conferences.iaea.org
lync.iaea.org
www-nds.iaea.org
*.iaea.org
ssl6418.cloudflare.com
*.iaea.org
test.iaea.org
mdm.nomad.iaea.org
sni.cloudflaressl.com
*.iaea.org
auth.iaea.org
*.iaea.org
hybrid.iaea.org
challenge.iaea.org
cnmdm.nomad.iaea.org
ssl748010.cloudflaressl.com
vc.iaea.org
elearning.iaea.org
*.*.iaea.org
test.iaea.org
sbb.iaea.org
libcat.iaea.org
*.iaea.org
segmdm1.nomad.iaea.org
email.iaea.org
taleo.iaea.org
conferences.iaea.org
msg.iaea.org
cnmdm.nomad.iaea.org
ssl440680.cloudflaressl.com
atoms.iaea.org
ssl440681.cloudflaressl.com
auth.iaea.org
cnmdm.nomad.iaea.org
ssl440682.cloudflaressl.com
conferences.iaea.org
ssl440681.cloudflaressl.com
share.iaea.org
lync-web.iaea.org
www-amdis.iaea.org
www.iaea.org
libenc.iaea.org
mdm.nomad.iaea.org
msg.iaea.org
personnel.iaea.org
e501.iaea.org
*.iaea.org
iec-vcse.iaea.org
ssl440681.cloudflaressl.com
sgmdm.iaea.org
iaeachallenge.org
conferences.iaea.org
cnmdm.nomad.iaea.org
guest2.iaea.org
conferences.iaea.org
www-nds.iaea.org
libenc-ext.iaea.org
ssl6418.cloudflare.com
countryprofiles.iaea.org
hybrid.iaea.org
www-amdis.iaea.org
email.iaea.org
lync-web.iaea.org
usie-connect.iaea.org
test.iaea.org
imgm.iaea.org
data.iaea.org
iaeachallenge.org
www-nds.iaea.org
*.iaea.org
sni.cloudflaressl.com
www-nds.iaea.org
data.iaea.org
lync-web.iaea.org
*.iaea.org
sni.cloudflaressl.com
libenc.iaea.org
segmdm1.nomad.iaea.org
ssl320270.cloudflaressl.com
libcat.iaea.org
iaeachallenge.org
ssl6418.cloudflare.com
imgm.iaea.org
ssl440680.cloudflaressl.com
iaeachallenge.org
vc.iaea.org
www.iaea.org
ssl440681.cloudflaressl.com
cnmdm.nomad.iaea.org
countryfiles.iaea.org
*.iaea.org
imgm.iaea.org
plms-nkm.iaea.org
ivetnet.iaea.org
ssl320268.cloudflaressl.com
iaeachallenge.org
libenc.iaea.org
ssl6418.cloudflare.com
taleo.iaea.org
conferences.iaea.org
lync.iaea.org
www-nds.iaea.org
*.iaea.org
ssl6418.cloudflare.com
*.iaea.org
test.iaea.org
mdm.nomad.iaea.org
sni.cloudflaressl.com
*.iaea.org
auth.iaea.org
*.iaea.org
hybrid.iaea.org
challenge.iaea.org
cnmdm.nomad.iaea.org
ssl748010.cloudflaressl.com
vc.iaea.org
elearning.iaea.org
*.*.iaea.org
test.iaea.org
sbb.iaea.org
libcat.iaea.org
*.iaea.org
segmdm1.nomad.iaea.org
email.iaea.org
taleo.iaea.org
conferences.iaea.org
msg.iaea.org
cnmdm.nomad.iaea.org
ssl440680.cloudflaressl.com
atoms.iaea.org
ssl440681.cloudflaressl.com
auth.iaea.org
cnmdm.nomad.iaea.org
ssl440682.cloudflaressl.com
conferences.iaea.org
ssl440681.cloudflaressl.com
share.iaea.org
lync-web.iaea.org
www-amdis.iaea.org
www.iaea.org
libenc.iaea.org
mdm.nomad.iaea.org
msg.iaea.org
personnel.iaea.org
e501.iaea.org
*.iaea.org
iec-vcse.iaea.org
ssl440681.cloudflaressl.com
sgmdm.iaea.org
iaeachallenge.org
conferences.iaea.org
cnmdm.nomad.iaea.org
guest2.iaea.org
conferences.iaea.org
www-nds.iaea.org
libenc-ext.iaea.org
ssl6418.cloudflare.com
countryprofiles.iaea.org
hybrid.iaea.org
www-amdis.iaea.org
email.iaea.org
lync-web.iaea.org
usie-connect.iaea.org
test.iaea.org
imgm.iaea.org
data.iaea.org
iaeachallenge.org
www-nds.iaea.org
*.iaea.org
sni.cloudflaressl.com
www-nds.iaea.org
data.iaea.org
lync-web.iaea.org
*.iaea.org
sni.cloudflaressl.com
libenc.iaea.org
segmdm1.nomad.iaea.org
ssl320270.cloudflaressl.com
libcat.iaea.org
Certificate
The complete raw certificate details for www.iaea.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFvTCCBKWgAwIBAgIQIsobVGWgdlKwSdkL/KTHxTANBgkqhkiG9w0BAQsFADBB MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0 aGF3dGUgU1NMIENBIC0gRzIwHhcNMTcwMzA5MDAwMDAwWhcNMTgwNDEwMjM1OTU5 WjBvMQswCQYDVQQGEwJBVDENMAsGA1UECAwEV2llbjENMAsGA1UEBwwEV2llbjEr MCkGA1UECgwiSW50ZXJuYXRpb25hbCBBdG9taWMgRW5lcmd5IEFnZW5jeTEVMBMG A1UEAwwMd3d3LmlhZWEub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6+P5t1NWSLvR/xnI4T1hy7vbZHMMZyhoBBTtH7m61AY8S+0nNhcVHICbabXa HcCdQ4bWig89YxTbfqyIu5Ewqaf7ZZG3c1ErTeb0msYX2qbh/9q12qCPZBigjF+d 2xvSJsC5MHYkV42aU5uvpJ6VfYG1SpDpXmLnGJcrlyxhtUE9smS/3+8VAhh6SW/h go1eiuAph/a4E2BRvaTAC+/Iaa4bhnDjvXPCe4gYFBoO7zztOZvx6g3rQsspEwGH 3j4+S13u3Jk+c0M89B9DpGQx5jqLbRNF7mhwZy5VigJDaL3hHBt9kuahb2dCHdyG 7YWX7nihgiI9j44gZ4wECYrERQIDAQABo4ICgTCCAn0wIQYDVR0RBBowGIIMd3d3 LmlhZWEub3JngghpYWVhLm9yZzAJBgNVHRMEAjAAMG4GA1UdIARnMGUwYwYGZ4EM AQICMFkwJgYIKwYBBQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzMC8G CCsGAQUFBwICMCMMIWh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vcmVwb3NpdG9yeTAO BgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUwk9IV/zRT5rAXTh9DgXb2S61UmAw KwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3RqLnN5bWNiLmNvbS90ai5jcmwwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFcGCCsGAQUFBwEBBEswSTAfBggr BgEFBQcwAYYTaHR0cDovL3RqLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDov L3RqLnN5bWNiLmNvbS90ai5jcnQwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgDd 6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+zAAAAVqyK9VtAAAEAwBHMEUC IAPNOUJbVQ9SSvsrjh+DUthZq+eKREhagmyEn6SZMiYtAiEA5WdwQTYIqRbUEvBf Ia6HiD7phnNJw5NSZDqSJDHD0qsAdwCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jj d80OyA3cEAAAAVqyK9WMAAAEAwBIMEYCIQCI0kZEQ0X/RlVtNd/iPcZb9+G6Lcas nllYGq0m7IXTOQIhALer0GqfSnEzGriXZw6/f6PQ3x986lHNK/+7qlddPJw8MA0G CSqGSIb3DQEBCwUAA4IBAQBFQjTo5a870vE2SGDkqL6uSLhiotdjo7Qu00n7I/QM vCQgkcuDVtB0meDrSIC18Bxb8UR9WHgKYFNL0YT7U+ni5CdvJzyxsJ4scnCPjCZ6 ZQno+eEnE0rRvRhHQg8ITXxkePdCigASBIOAZHqMrBiEqIdq9JBi8aKVNvx96edY I3HUJrm+NSAoI110DhvXzoN6WIgl1tfaIH0MH19bO9/sg/ggO7GRoOSWPYZa7e7Q 58+0S2tGX+VG6TQr0deCCdCqdg9EnRIohnviCKDD9InZWhsRrlsrxgrrOvVabnUq fCZtcrGQHnxgfu4p4D5iH24u8PsFPGq1GLC8/I7VGItS -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+P5t1NWSLvR/xnI4T1h y7vbZHMMZyhoBBTtH7m61AY8S+0nNhcVHICbabXaHcCdQ4bWig89YxTbfqyIu5Ew qaf7ZZG3c1ErTeb0msYX2qbh/9q12qCPZBigjF+d2xvSJsC5MHYkV42aU5uvpJ6V fYG1SpDpXmLnGJcrlyxhtUE9smS/3+8VAhh6SW/hgo1eiuAph/a4E2BRvaTAC+/I aa4bhnDjvXPCe4gYFBoO7zztOZvx6g3rQsspEwGH3j4+S13u3Jk+c0M89B9DpGQx 5jqLbRNF7mhwZy5VigJDaL3hHBt9kuahb2dCHdyG7YWX7nihgiI9j44gZ4wECYrE RQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 46243150133788097540673512882466768837 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte SSL CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-09 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-10 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Wien' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Wien' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'International Atomic Energy Agency' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.iaea.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29778420553091203639142468816469543705060406255789953609079485395135385374298281728156272966531536669030547436617631523059052701970515360916151211535508213520669839183236281604529934812919246461434521745892740837624294697908534948415793451324753801406572702502114991855121443928090570474467375307270990487203430076434144382986737024277821036505479239256677506306188296167913388082899395024896008404668600716903642760889449147088944745549082065236539720028145445683363322930023067065281975089719210110259046767367747024745006797169081268013205088777436080681906970502018482804459930525334316830017486110928012741100613 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iaea.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iaea.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c24f4857fcd14f9ac05d387d0e05dbd92eb55260 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015ab22bd56d0000040300473045022003cd39425b550f524afb2b8e1f8352d859abe78a44485a826c849fa49932262d022100e56770413608a916d412f05f21ae87883ee9867349c39352643a922431c3d2ab007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015ab22bd58c000004030048304602210088d246444345ff46556d35dfe23dc65bf7e1ba2dc6ac9e59581aad26ec85d339022100b7abd06a9f4a71331ab897670ebf7fa3d0df1f7cea51cd2bffbbaa575d3c9c3c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00454234e8e5af3bd2f1364860e4a8beae48b862a2d763a3b42ed349fb23f40cbc242091cb8356d07499e0eb4880b5f01c5bf1447d58780a60534bd184fb53e9e2e4276f273cb1b09e2c72708f8c267a6509e8f9e127134ad1bd1847420f084d7c6478f7428a0012048380647a8cac1884a8876af49062f1a29536fc7de9e7582371d426b9be352028235d740e1bd7ce837a588825d6d7da207d0c1f5f5b3bdfec83f8203bb191a0e4963d865aedeed0e7cfb44b6b465fe546e9342bd1d78209d0aa760f449d1228867be208a0c3f489d95a1b11ae5b2bc60aeb3af55a6e752a7c266d72b1901e7c607eee29e03e621f6e2ef0fb053c6ab518b0bcfc8ed5188b52