vpn-etab.ac-grenoble.fr

- Rectorat - Académie de Grenoble -

Issued by TERENA SSL CA 3

About this certificate

This digital certificate with serial number 0e:e5:a9:b6:8a:aa:e7:4a:db:f6:19:ab:53:1a:41:3b was issued on by TERENA.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Rectorat - Académie de Grenoble

Organization: Rectorat - Académie de Grenoble
Locality: Grenoble
Country: FR

TERENA

Organization: TERENA
State / Province: Noord-Holland
Locality: Amsterdam
Country: NL

This certificate has expire since

Certificate Details

Serial Number (hex): 0e:e5:a9:b6:8a:aa:e7:4a:db:f6:19:ab:53:1a:41:3b
Serial Number (int): 19801670111257433468244466562254913851
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: f0:00:5c:64:b1:1e:9d:0d:b6:43:f3:9e:4e:99:1f:f0:9d:ca:13:f6
AuthorityKeyId: 67:fd:88:20:14:27:98:c7:09:d2:25:19:bb:e9:51:11:63:75:50:62

Fingerprint (sha1): 3c:94:1e:7b:94:26:da:05:d7:83:52:cb:85:ea:b5:2f:cb:e0:a3:b0
Fingerprint (sha256): 37:94:19:30:a1:64:84:db:18:ab:0c:1d:c0:50:73:74:2f:ed:ad:4c:9e:04:7b:fc:37:d0:49:59:62:40:59:e5

Issuing Certificate URL: http://cacerts.digicert.com/TERENASSLCA3.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/TERENASSLCA3.crl
CRL Distribution Point: http://crl4.digicert.com/TERENASSLCA3.crl

Check the revocation status for certificate vpn-etab.ac-grenoble.fr

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for vpn-etab.ac-grenoble.fr

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

vpn-etab.ac-grenoble.fr
www.vpn-etab.ac-grenoble.fr

Other certificates including the domain name ac-grenoble.fr

(limited to 100 certificates)
documentation.ac-grenoble.fr
publinet.ac-grenoble.fr
test-admin-adm.ac-grenoble.fr
*.clg-pierre-aiguille.ac-grenoble.fr
incident.ac-grenoble.fr
ds-airwatch.ac-grenoble.fr
assistance.ac-grenoble.fr
drupal-cas.ac-grenoble.fr
*.lyc-champollion.ac-grenoble.fr
bas-moodle33.ac-grenoble.fr
andromede.ac-grenoble.fr
*.emwiki.ac-grenoble.fr
*.clg-charvieu.ac-grenoble.fr
dafco-appli.ac-grenoble.fr
airwatch-preprod.ac-grenoble.fr
drupal-cas.ac-grenoble.fr
visio.ac-grenoble.fr
*.lyc-louise-michel.eple.in.ac-grenoble.fr
devnat.ac-grenoble.fr
jitsi.ac-grenoble.fr
extranet.ac-grenoble.fr
documentation.ac-grenoble.fr
pia-sso1.ac-grenoble.fr
documentation.ac-grenoble.fr
lec.ac-grenoble.fr
smtp.ac-grenoble.fr
aloes.0380105H.ac-grenoble.fr
pronote.lec.ac-grenoble.fr
airwatch.ac-grenoble.fr
pia.ac-grenoble.fr
bv.ac-grenoble.fr
lyc-guillaume-fichet.ac-grenoble.fr
ent.ac-grenoble.fr
gestiondeparc.ac-grenoble.fr
moodle.ac-grenoble.fr
cordelia.ac-grenoble.fr
pia-sso.ac-grenoble.fr
extranet.ac-grenoble.fr
smtp.ac-grenoble.fr
portail-captif.ac-grenoble.fr
mdm.cg-drome-1.ac-grenoble.fr
webmail.ac-grenoble.fr
fluence.ac-grenoble.fr
*.lyc-guillaume-fichet.ac-grenoble.fr
devnat.ac-grenoble.fr
extranet.ac-grenoble.fr
*.lyc-guillaume-fichet.ac-grenoble.fr
perdition.ac-grenoble.fr
incident.ac-grenoble.fr
documentation.ac-grenoble.fr
documentation.ac-grenoble.fr
moodle.ac-grenoble.fr
ocean.ac-grenoble.fr
*.lyc-pheroult.ac-grenoble.fr
clg-ggaud.ac-grenoble.fr
extranet.ac-grenoble.fr
lec.ac-grenoble.fr
proxyecole.ac-grenoble.fr
erea-amelie-gex.ac-grenoble.fr
stswebnet.ac-grenoble.fr
sql.ac-grenoble.fr
ocean.ac-grenoble.fr
rhea.ac-grenoble.fr
webmail.ac-grenoble.fr
clg-louis-lumiere.ac-grenoble.fr
netsync.in.ac-grenoble.fr
bas-moodle33.ac-grenoble.fr
*.lyc-stendhal.ac-grenoble.fr
clg-louis-lumiere.ac-grenoble.fr
netsync.ac-grenoble.fr
ts.ac-grenoble.fr
documentation.ac-grenoble.fr
clg-champoulant-adm.ac-grenoble.fr
bv.ac-grenoble.fr
pia.ac-grenoble.fr
clg-barnave.ac-grenoble.fr
moodle.ac-grenoble.fr
bv.ac-grenoble.fr
*.lyc-pneruda.ac-grenoble.fr
devnat.ac-grenoble.fr
netsync.ac-grenoble.fr
assistance.ac-grenoble.fr
*.clg-belledonne.ac-grenoble.fr
pluton.ac-grenoble.fr
clg-barnave.ac-grenoble.fr
vpn-etab.ac-grenoble.fr
listes.ac-grenoble.fr
documentation.ac-grenoble.fr
lec.ac-grenoble.fr
ocean.ac-grenoble.fr
assistance.ac-grenoble.fr
pia-sso.ac-grenoble.fr
clg-jean-monnet.ac-grenoble.fr
ocean.ac-grenoble.fr
ocean.ac-grenoble.fr
*.clg-fleming.ac-grenoble.fr
*.clg-barnave.ac-grenoble.fr
lp-moutiers.ac-grenoble.fr
teleservices.ac-grenoble.fr
moodle.ac-grenoble.fr

Certificate

The complete raw certificate details for vpn-etab.ac-grenoble.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIQDuWptoqq50rb9hmrUxpBOzANBgkqhkiG9w0BAQsFADBk
MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJ
QW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wg
Q0EgMzAeFw0yMDAzMzAwMDAwMDBaFw0yMjA3MDMwMDAwMDBaMG0xCzAJBgNVBAYT
AkZSMREwDwYDVQQHEwhHcmVub2JsZTEpMCcGA1UECgwgUmVjdG9yYXQgLSBBY2Fk
w6ltaWUgZGUgR3Jlbm9ibGUxIDAeBgNVBAMTF3Zwbi1ldGFiLmFjLWdyZW5vYmxl
LmZyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kqeaQdPCHX17EXq
12f5y6yAK7HiTTAsaHlWSpetoSVM0Ihie0x1t9w7EfP0V4UIhKCheOwKmYL2mC8J
mnhNRmOiDOWejldG5M1fw7HQtEMInjrgAZV4YUdArns/GeudS6mammnewx5cJCR0
OBHnnRodrS0Dcd1Df8VZ2IGlhAPeMPHLYtP+Cl5rznU3qn+3oBUw4LSnhh7rVXpD
V12RU6ES8cgq1QOXS0WsPTCl2W/A8gwmvThrQjxGHUiy/mjcgLpH/yX0eL3/fxHJ
iL1xOoU8q1wB0DnyngQlTQsE56jusajveuwUj0nLyXFUNyVsv++5QuqyBE9IkBIO
qxbabwIDAQABo4ICAjCCAf4wHwYDVR0jBBgwFoAUZ/2IIBQnmMcJ0iUZu+lREWN1
UGIwHQYDVR0OBBYEFPAAXGSxHp0NtkPznk6ZH/CdyhP2MD8GA1UdEQQ4MDaCF3Zw
bi1ldGFiLmFjLWdyZW5vYmxlLmZyght3d3cudnBuLWV0YWIuYWMtZ3Jlbm9ibGUu
ZnIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVS
RU5BU1NMQ0EzLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RF
UkVOQVNTTENBMy5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEF
BQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYI
KwYBBQUHAQEEYjBgMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5j
b20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJF
TkFTU0xDQTMuY3J0MAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAw
DQYJKoZIhvcNAQELBQADggEBAL/ixT+ZYidXpo+I7m+rINmuO7xYyJdSZo8kZsdg
g+hvaUpO+6bJOPUFDQtRO5w96sMVpq5Wmu2Cz4wWMd2jae8r8so5VkDnOPG92Hk3
MxTxMP63hdCxifJb6ZNkKRY64jXL0SlqPVvDxPuKy2kgE22Vnz0lKwrDT2QVHWZ7
j3KL5MNM+xVjC/S6eFdQ+QbdR6rmpGxxEFgr4kKRNScpcErvAKJ1AedlQNBi7hOd
FKE3Z7DgoUgljMQiSAFAI6EBBpDlnUEDKZN3hGgF6WxmImEP4dUi+YRF8KWBifVA
4Mw4t8Eheyuw4T8U7Mz97YK7UQ0Ppd/puca07dOMfleokx4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kqeaQdPCHX17EXq12f5
y6yAK7HiTTAsaHlWSpetoSVM0Ihie0x1t9w7EfP0V4UIhKCheOwKmYL2mC8JmnhN
RmOiDOWejldG5M1fw7HQtEMInjrgAZV4YUdArns/GeudS6mammnewx5cJCR0OBHn
nRodrS0Dcd1Df8VZ2IGlhAPeMPHLYtP+Cl5rznU3qn+3oBUw4LSnhh7rVXpDV12R
U6ES8cgq1QOXS0WsPTCl2W/A8gwmvThrQjxGHUiy/mjcgLpH/yX0eL3/fxHJiL1x
OoU8q1wB0DnyngQlTQsE56jusajveuwUj0nLyXFUNyVsv++5QuqyBE9IkBIOqxba
bwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 19801670111257433468244466562254913851
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Noord-Holland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amsterdam'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA SSL CA 3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-30 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-03 00:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Grenoble'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Rectorat - Académie de Grenoble'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'vpn-etab.ac-grenoble.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26546839939676659494488614879702246015849252651000407751190281956489439752869193492363131845572323477313876704224623208388026272472817012491279571830638364429294031695715847158493760759252350399985181807822556529949636163234689075944642280215937778998922397647218840154454146859477184823682717214632776926704978311807388081046811664214617002134872054864604373779990385398594076309516716818709406023301481376649095077564086976170448631828569801284198185263281158323274054030210546021510867478238140426319422997661016167040044645153977981615650185073801048973149980807158567165669733066808744801282835114455137990924911
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 67fd8820142798c709d22519bbe9511163755062
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f0005c64b11e9d0db643f39e4e991ff09dca13f6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vpn-etab.ac-grenoble.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.vpn-etab.ac-grenoble.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/TERENASSLCA3.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/TERENASSLCA3.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (98 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/TERENASSLCA3.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00bfe2c53f99622757a68f88ee6fab20d9ae3bbc58c89752668f2466c76083e86f694a4efba6c938f5050d0b513b9c3deac315a6ae569aed82cf8c1631dda369ef2bf2ca395640e738f1bdd879373314f130feb785d0b189f25be9936429163ae235cbd1296a3d5bc3c4fb8acb6920136d959f3d252b0ac34f64151d667b8f728be4c34cfb15630bf4ba785750f906dd47aae6a46c7110582be24291352729704aef00a27501e76540d062ee139d14a13767b0e0a148258cc42248014023a1010690e59d4103299377846805e96c6622610fe1d522f98445f0a58189f540e0cc38b7c1217b2bb0e13f14ecccfded82bb510d0fa5dfe9b9c6b4edd38c7e57a8931e