cfsfc.impots.gouv.fr

- DIRECTION GENERALE DES FINANCES PUBLIQUES -

Issued by Certigna Services CA

About this certificate

This digital certificate with serial number bc:f6:75:fe:3d:ad:01:74:26:b7:77:22:4a:40:00:60 was issued on by DHIMYOTIS.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Basic Constraints extension is present (2.5.29.19) and marked as non-critical basicConstraints MAY appear in the certificate, and when it is included MUST be marked as critical (CA/Browser Forum BRs: 7.1.2.7.6)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

DIRECTION GENERALE DES FINANCES PUBLIQUES

Company registration number: S297610523
Organization: DIRECTION GENERALE DES FINANCES PUBLIQUES
Locality: PARIS
Country: FR

DHIMYOTIS

Organization: DHIMYOTIS
Organization unit: 0002 48146308100036
Country: FR

This certificate will expire on

Certificate Details

Serial Number (hex): bc:f6:75:fe:3d:ad:01:74:26:b7:77:22:4a:40:00:60
Serial Number (int): 251174561419728394201989584960983400544
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 38:fd:33:38:c0:6a:23:fb:48:f9:0f:81:f6:52:98:bb:dc:ac:19:29
AuthorityKeyId: ac:ec:86:8f:4b:37:1c:b8:7f:17:1b:19:d0:ae:e8:4e:e3:34:5c:12

Fingerprint (sha1): d6:aa:0e:77:12:cf:e1:6f:e8:e8:6f:10:3f:d1:04:44:6b:76:de:72
Fingerprint (sha256): 38:f1:51:70:83:c7:d7:0c:e6:f2:82:c4:48:4e:25:b5:d5:14:66:50:20:cf:cd:21:83:f3:c1:f1:6a:44:e7:e4

Issuing Certificate URL: http://autorite.dhimyotis.com/servicesca.der
Issuing Certificate URL: http://autorite.certigna.fr/servicesca.der

Revocation information

OCSP Server: http://servicesca.ocsp.dhimyotis.com
OCSP Server: http://servicesca.ocsp.certigna.fr
CRL Distribution Point: http://crl.certigna.fr/servicesca.crl
CRL Distribution Point: http://crl.dhimyotis.com/servicesca.crl

Check the revocation status for certificate cfsfc.impots.gouv.fr

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cfsfc.impots.gouv.fr

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cfsfc.impots.gouv.fr
cfspart-idp.impots.gouv.fr
cfspart.impots.gouv.fr
cfspart2.impots.gouv.fr
cft.impots.gouv.fr
idp.impots.gouv.fr

Other certificates including the domain name impots.gouv.fr

(limited to 100 certificates)
cfsfc.impots.gouv.fr
bmly.impots.gouv.fr
adel.impots.gouv.fr
cfspro-idp.impots.gouv.fr
www.impots.gouv.fr
teletd.impots.gouv.fr
inscriptionpro.impots.gouv.fr
cfsfc.impots.gouv.fr
www.impots.gouv.fr
www.impots.gouv.fr
cfspro.impots.gouv.fr
timbres.impots.gouv.fr
passtrans.impots.gouv.fr
cfspro.impots.gouv.fr
www3.impots.gouv.fr
consommation.timbres.impots.gouv.fr
cfspart.impots.gouv.fr
cfspart.impots.gouv.fr
inscriptionpart.impots.gouv.fr
assistance-en-ligne.integration.impots.gouv.fr
static.impots.gouv.fr
assistance-en-ligne.impots.gouv.fr
inscriptionpro.integration.impots.gouv.fr
www3.impots.gouv.fr
idp.impots.gouv.fr
wss-acl.integration.impots.gouv.fr
www.integration.impots.gouv.fr
cfsmsp.impots.gouv.fr
cfspro.impots.gouv.fr
static.impots.gouv.fr
inscriptionpro.impots.gouv.fr
teletd.impots.gouv.fr
cfspro-idp.impots.gouv.fr
passtrans.integration.impots.gouv.fr
idp.impots.gouv.fr
adel.integration.impots.gouv.fr
teletd-test.impots.gouv.fr
timbres.impots.gouv.fr
static.impots.gouv.fr
www.integration.impots.gouv.fr
inscriptionpro.impots.gouv.fr
inscriptionpro.impots.gouv.fr
www.impots.gouv.fr
teletd.integration.impots.gouv.fr
inscriptionpro.impots.gouv.fr
recherchesuccessionsvacantes.impots.gouv.fr
cfsfc.impots.gouv.fr
poseidon1.integration.impots.gouv.fr
www.impots.gouv.fr
inscriptionpro.integration.impots.gouv.fr
formuelassistteleservice.impots.gouv.fr
www.impots.gouv.fr
encheres-domaine.integration.impots.gouv.fr
poseidon1-test.integration.impots.gouv.fr
cfsmsp.impots.gouv.fr
formulaires.impots.gouv.fr
inscriptionpro.impots.gouv.fr
idp.impots.gouv.fr
recherchesuccessionsvacantes.integration.impots.gouv.fr
eai-cts-nc.impots.gouv.fr
www.impots.gouv.fr
rendezvous.impots.gouv.fr
idp.integration.impots.gouv.fr
poseidon2.impots.gouv.fr
idp.integration.impots.gouv.fr
static.impots.gouv.fr
cfsfc.impots.gouv.fr
www.impots.gouv.fr
payfip.impots.gouv.fr
www.impots.gouv.fr
poseidon1.impots.gouv.fr
www.impots.gouv.fr
static.impots.gouv.fr
payfip.impots.gouv.fr
timbres.impots.gouv.fr
consommation.timbres.impots.gouv.fr
gw.impots.gouv.fr
cfsfc.impots.gouv.fr
teletd.integration.impots.gouv.fr
static.impots.gouv.fr
poseidon2.impots.gouv.fr
cfspro.impots.gouv.fr
cfspart.integration.impots.gouv.fr
payfip.integration.impots.gouv.fr
cfsmsp.impots.gouv.fr
formuelassistteleservice.impots.gouv.fr
retraitesdeletat.integration.impots.gouv.fr
cfspart.impots.gouv.fr
cfspro.impots.gouv.fr
encheres-domaine2.integration.impots.gouv.fr
www.impots.gouv.fr
static.impots.gouv.fr
static.impots.gouv.fr
inscriptionpro.impots.gouv.fr
www.tipi.integration.impots.gouv.fr
poseidon2.impots.gouv.fr
encheres-domaine.integration.impots.gouv.fr
idp.impots.gouv.fr
inscriptionpart.impots.gouv.fr
padoc.impots.gouv.fr

Certificate

The complete raw certificate details for cfsfc.impots.gouv.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHYzCCBUugAwIBAgIRALz2df49rQF0Jrd3IkpAAGAwDQYJKoZIhvcNAQELBQAw
fTELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURISU1ZT1RJUzEcMBoGA1UECwwTMDAw
MiA0ODE0NjMwODEwMDAzNjEdMBsGA1UEYQwUTlRSRlItNDgxNDYzMDgxMDAwMzYx
HTAbBgNVBAMMFENlcnRpZ25hIFNlcnZpY2VzIENBMB4XDTI0MDExNzIzMDAwMFoX
DTI1MDExNjIyNTk1OVowgYUxCzAJBgNVBAYTAkZSMQ4wDAYDVQQHDAVQQVJJUzEy
MDAGA1UECgwpRElSRUNUSU9OIEdFTkVSQUxFIERFUyBGSU5BTkNFUyBQVUJMSVFV
RVMxHTAbBgNVBAMMFGNmc2ZjLmltcG90cy5nb3V2LmZyMRMwEQYDVQQFEwpTMjk3
NjEwNTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6XAbttmwtfeb
4tSZD15mKfSou8i14idjRrj53ODOEi0kFbWz2A79nvmbNOGaqK+FBpjzT1dhRrPA
WGfTEI0jUQq9vmgBMyr5i9/6Vgix82td7421VErFIJrYuNQa6gzL/IDAknaHRf+a
cU8EnsXW3+CHaq3gSvIAPeuJIj6UlijzDV1A76X1xqRDK3b0Zuw0BaexXQGKfyyU
Lkk6jEAJ6pqnzQ3cfU3cBZNxpXPIdsHFzf/KZioG2ejN0KhPGpGyeGkiGRam4JRl
eEuy6FB/VizR66OlL37H8vvqQA8aEiz9tq3pE5yKcbDBISQA48LdiYo42BENcrDL
h8qMYuInNwIDAQABo4IC0zCCAs8wgeQGCCsGAQUFBwEBBIHXMIHUMDgGCCsGAQUF
BzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNlc2NhLmRl
cjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZp
Y2VzY2EuZGVyMDAGCCsGAQUFBzABhiRodHRwOi8vc2VydmljZXNjYS5vY3NwLmRo
aW15b3Rpcy5jb20wLgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3Au
Y2VydGlnbmEuZnIwHwYDVR0jBBgwFoAUrOyGj0s3HLh/FxsZ0K7oTuM0XBIwCQYD
VR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAECAjBMBgsqgXoBgTECBQEBATA9MDsG
CCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0aWduYS5jb20vYXV0b3JpdGUtY2Vy
dGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25h
LmZyL3NlcnZpY2VzY2EuY3JsMC2gK6AphidodHRwOi8vY3JsLmRoaW15b3Rpcy5j
b20vc2VydmljZXNjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/
BAQDAgWgMIGWBgNVHREEgY4wgYuCFGNmc2ZjLmltcG90cy5nb3V2LmZyghpjZnNw
YXJ0LWlkcC5pbXBvdHMuZ291di5mcoIWY2ZzcGFydC5pbXBvdHMuZ291di5mcoIX
Y2ZzcGFydDIuaW1wb3RzLmdvdXYuZnKCEmNmdC5pbXBvdHMuZ291di5mcoISaWRw
LmltcG90cy5nb3V2LmZyMB0GA1UdDgQWBBQ4/TM4wGoj+0j5D4H2Upi73KwZKTAT
BgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAgEAmnM1JUZtiYCv
7ix6d90Sj+lNKXUjUSqiaLEkmqHncNBS+EZhCab9UmFQHHwHA6JRNgs0AsE0Wqxm
0lCwv1e7tLdPldCDOW/33EYMZ1pY93Qghx3HRCRtn3Ct1rwJOxG1FIPRA75b59vh
sNBcFNJMP0BfDEakYXfUGe6H7quL1oltr9yamV/S+u8OhAzwwIRXInwUOEIbXKuj
MmrKQKabpyxohuW8SNE7a20lXxpfTD6FCtJkJYUI6oTPbjpZqRDJzjt6JYhOkKmR
O+jOjIuySZEM/D0MGqtxhXamKALafTr/yjVEgmUTTsl17vj0id36AJXsM21CLSCv
IgF7/Ka2KA43s+WVWmqBbOdCxj2c++LqQUVMRLc2ueAKIa7tBSrIWRf2i2acUJ/5
QLK36lPp+pS8j8zWnJM5sWBUf04lhwgY9eEy0opsu1I2Y2Vbf36XZEJ4jtk8UmUf
ODyk3CM0cibbD0Zzm+wgib26Kd0SfPjHF4N/ReeufI5MsdYscJtd/62m5gIjfVDE
i2q0T3oN8vlynO48zg6Ut09tZYle/0S03XbtxnUvEKxBPWcgABMNMIsy0CgN7g/O
1f9Ye0H/GagVbh+gACBu1y002R9uJxWMJDNF2hoNgduDrBBHl2IPt4bLlok4lPCJ
qDe8Mm+avrFg1dsasQmFf5iiDLRATII=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6XAbttmwtfeb4tSZD15m
KfSou8i14idjRrj53ODOEi0kFbWz2A79nvmbNOGaqK+FBpjzT1dhRrPAWGfTEI0j
UQq9vmgBMyr5i9/6Vgix82td7421VErFIJrYuNQa6gzL/IDAknaHRf+acU8EnsXW
3+CHaq3gSvIAPeuJIj6UlijzDV1A76X1xqRDK3b0Zuw0BaexXQGKfyyULkk6jEAJ
6pqnzQ3cfU3cBZNxpXPIdsHFzf/KZioG2ejN0KhPGpGyeGkiGRam4JRleEuy6FB/
VizR66OlL37H8vvqQA8aEiz9tq3pE5yKcbDBISQA48LdiYo42BENcrDLh8qMYuIn
NwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 251174561419728394201989584960983400544
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DHIMYOTIS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '0002 48146308100036'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRFR-48146308100036'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Certigna Services CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-17 23:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-16 22:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'PARIS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DIRECTION GENERALE DES FINANCES PUBLIQUES'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'cfsfc.impots.gouv.fr'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'S297610523'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29468807699930562337744772031738298510401332611952665311181702133809214867474159074375795246800337690651643087349444576422893407234754045282107683626483972661953769350785680802984167804921875337013506421198161237416651385040947576724403482004160645502749814742864860993162905933158141645715120027187151639421243241694731280800889733597139242026403065286287398387580307242165471360071855088524796461349020891804446075893918726561299573397672134633011375139771597677004461807420707329540676615170508295118152512926561051064828095077180056758196740577184505396972426278452425263519677946102132730288873508536419520489271
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (215 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://autorite.dhimyotis.com/servicesca.der'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://autorite.certigna.fr/servicesca.der'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://servicesca.ocsp.dhimyotis.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://servicesca.ocsp.certigna.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName acec868f4b371cb87f171b19d0aee84ee3345c12
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.250.1.177.2.5.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.certigna.com/autorite-certification'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (94 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.certigna.fr/servicesca.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.dhimyotis.com/servicesca.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (142 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cfsfc.impots.gouv.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cfspart-idp.impots.gouv.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cfspart.impots.gouv.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cfspart2.impots.gouv.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cft.impots.gouv.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idp.impots.gouv.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							38fd3338c06a23fb48f90f81f65298bbdcac1929
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		009a733525466d8980afee2c7a77dd128fe94d297523512aa268b1249aa1e770d052f8466109a6fd5261501c7c0703a251360b3402c1345aac66d250b0bf57bbb4b74f95d083396ff7dc460c675a58f77420871dc744246d9f70add6bc093b11b51483d103be5be7dbe1b0d05c14d24c3f405f0c46a46177d419ee87eeab8bd6896dafdc9a995fd2faef0e840cf0c08457227c1438421b5caba3326aca40a69ba72c6886e5bc48d13b6b6d255f1a5f4c3e850ad264258508ea84cf6e3a59a910c9ce3b7a25884e90a9913be8ce8c8bb249910cfc3d0c1aab718576a62802da7d3affca35448265134ec975eef8f489ddfa0095ec336d422d20af22017bfca6b6280e37b3e5955a6a816ce742c63d9cfbe2ea41454c44b736b9e00a21aeed052ac85917f68b669c509ff940b2b7ea53e9fa94bc8fccd69c9339b160547f4e25870818f5e132d28a6cbb523663655b7f7e976442788ed93c52651f383ca4dc23347226db0f46739bec2089bdba29dd127cf8c717837f45e7ae7c8e4cb1d62c709b5dffada6e602237d50c48b6ab44f7a0df2f9729cee3cce0e94b74f6d65895eff44b4dd76edc6752f10ac413d672000130d308b32d0280dee0fced5ff587b41ff19a8156e1fa000206ed72d34d91f6e27158c243345da1a0d81db83ac104797620fb786cb96893894f089a837bc326f9abeb160d5db1ab109857f98a20cb4404c82