orf.ap.holcim.com
Issued by COMODO RSA Domain Validation Secure Server CA
About this certificate
This digital certificate with serial number af:5a:c6:1c:94:dc:79:42:e1:e9:ad:59:1f:c3:08:54 was issued on by COMODO CA Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=orf.ap.holcim.com,OU=Domain Control Validated+OU=Issued through LafargeHolcim Ltd E-PKI Manager+OU=COMODO SSL
COMODO CA Limited
Organization:
COMODO CA Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): af:5a:c6:1c:94:dc:79:42:e1:e9:ad:59:1f:c3:08:54Serial Number (int): 233086224161188803448861932001683507284
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 35:9d:9f:99:8a:85:a5:23:53:4b:28:bd:5d:29:72:ab:72:aa:51:21
AuthorityKeyId: 90:af:6a:3a:94:5a:0b:d8:90:ea:12:56:73:df:43:b4:3a:28:da:e7
Fingerprint (sha1): ed:49:3a:44:74:1e:5a:0b:bd:e1:19:60:dd:1a:27:c0:86:1c:0f:28
Fingerprint (sha256): 39:90:94:d0:47:93:b9:dd:cd:c0:53:6e:74:d2:9d:cc:7e:9c:88:ef:c0:c6:a9:4d:ae:a9:44:92:9e:c9:a7:4e
Issuing Certificate URL: http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.comodoca.comCRL Distribution Point: http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl
Check the revocation status for certificate orf.ap.holcim.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for orf.ap.holcim.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
orf.ap.holcim.com
www.orf.ap.holcim.com
www.orf.ap.holcim.com
Other certificates including the domain name holcim.com
(limited to 100 certificates)
teamplace-qa.holcim.com
lp2-logon.holcim.com
*.hgrs.holcim.com
servicedesk.ap.holcim.com
brandportal.lafargeholcim.com
brandportal.lafargeholcim.com
aop.ap.holcim.com
iDispo-phl.ap.holcim.com
hronline.ap.holcim.com
trilogy.ap.holcim.com
stars-uat.ap.holcim.com
portal-qas.ap.holcim.com
brandportal.lafargeholcim.com
bwreport-poc.ap.holcim.com
crl-dev.privasphere.com
hronline-qas.ap.holcim.com
web-qa.hgrs.holcim.com
qlikview.ap.holcim.com
*.holcim.com
vd.hgrs.holcim.com
*.holcim.com
lp1-logon.holcim.com
stars.ap.holcim.com
*.hgrs.holcim.com
webvpn.holcim.com
esales.ap.holcim.com
*.hgrs.holcim.com
*.holcim.com
apbm.ap.holcim.com
portal-qas.ap.holcim.com
www.privasphere.com
*.analytics.hgrs.holcim.com
orf-poc.ap.holcim.com
Loyalty.ap.holcim.com
centennial-qa.holcim.com
*.holcim.com
*.hgrs.holcim.com
lq0-logon.holcim.com
awconsole.holcim.com
portal-poc.ap.holcim.com
vd.hgrs.holcim.com
dwa.hgrs.holcim.com
integrityline.holcim.com
loyalty-uat.ap.holcim.com
srm-qas.ap.holcim.com
mobilebi-cco.hgrs.holcim.com
trilogy.ap.holcim.com
hronline-qas.ap.holcim.com
cbs.holcim.com
awconsole.holcim.com
gw01hgrs.holcim.com
www.privasphere.com
stars.ap.holcim.com
cco.holcim.com
qa.holcim.com
websurvey.ap.holcim.com
bwreport-qas.ap.holcim.com
teamplace.holcim.com
webvpn.holcim.com
ecc-qas.ap.holcim.com
citrixphl.ap.holcim.com
hcm-qa.hgrs.holcim.com
emea-srmqimp.holcim.com
mobile.ap.holcim.com
emea-srmqbrt.holcim.com
dwa-qa.hgrs.holcim.com
bwreport-dev.ap.holcim.com
apbm.ap.holcim.com
bi.ap.holcim.com
orf-dev.ap.holcim.com
mdm.holcim.com
webvpn.holcim.com
workflow.ap.holcim.com
qvweb-dev.analytics.hgrs.holcim.com
integrity.lafargeholcim.com
www.privasphere.com
video.holcim.com
portal-qa.holcim.com
orf-dev.ap.holcim.com
maps.analytics.hgrs.holcim.com
global-workflow-dev.holcim.com
hcm.hgrs.holcim.com
crl-dev.privasphere.com
portal-dev.ap.holcim.com
*.hgrs.holcim.com
tmc.holcim.com
versand.ea.holcim.com
brandportal.lafargeholcim.com
bi-qa.hgrs.holcim.com
*.holcim.com
lj1-logon.holcim.com
stars-uat.ap.holcim.com
orf.ap.holcim.com
guesthgrs.hgrs.holcim.com
srm-qas.ap.holcim.com
logon.holcim.com
easybuild.holcim.com
*.holcim.com
appstore.ap.holcim.com
mobile.ap.holcim.com
lp2-logon.holcim.com
*.hgrs.holcim.com
servicedesk.ap.holcim.com
brandportal.lafargeholcim.com
brandportal.lafargeholcim.com
aop.ap.holcim.com
iDispo-phl.ap.holcim.com
hronline.ap.holcim.com
trilogy.ap.holcim.com
stars-uat.ap.holcim.com
portal-qas.ap.holcim.com
brandportal.lafargeholcim.com
bwreport-poc.ap.holcim.com
crl-dev.privasphere.com
hronline-qas.ap.holcim.com
web-qa.hgrs.holcim.com
qlikview.ap.holcim.com
*.holcim.com
vd.hgrs.holcim.com
*.holcim.com
lp1-logon.holcim.com
stars.ap.holcim.com
*.hgrs.holcim.com
webvpn.holcim.com
esales.ap.holcim.com
*.hgrs.holcim.com
*.holcim.com
apbm.ap.holcim.com
portal-qas.ap.holcim.com
www.privasphere.com
*.analytics.hgrs.holcim.com
orf-poc.ap.holcim.com
Loyalty.ap.holcim.com
centennial-qa.holcim.com
*.holcim.com
*.hgrs.holcim.com
lq0-logon.holcim.com
awconsole.holcim.com
portal-poc.ap.holcim.com
vd.hgrs.holcim.com
dwa.hgrs.holcim.com
integrityline.holcim.com
loyalty-uat.ap.holcim.com
srm-qas.ap.holcim.com
mobilebi-cco.hgrs.holcim.com
trilogy.ap.holcim.com
hronline-qas.ap.holcim.com
cbs.holcim.com
awconsole.holcim.com
gw01hgrs.holcim.com
www.privasphere.com
stars.ap.holcim.com
cco.holcim.com
qa.holcim.com
websurvey.ap.holcim.com
bwreport-qas.ap.holcim.com
teamplace.holcim.com
webvpn.holcim.com
ecc-qas.ap.holcim.com
citrixphl.ap.holcim.com
hcm-qa.hgrs.holcim.com
emea-srmqimp.holcim.com
mobile.ap.holcim.com
emea-srmqbrt.holcim.com
dwa-qa.hgrs.holcim.com
bwreport-dev.ap.holcim.com
apbm.ap.holcim.com
bi.ap.holcim.com
orf-dev.ap.holcim.com
mdm.holcim.com
webvpn.holcim.com
workflow.ap.holcim.com
qvweb-dev.analytics.hgrs.holcim.com
integrity.lafargeholcim.com
www.privasphere.com
video.holcim.com
portal-qa.holcim.com
orf-dev.ap.holcim.com
maps.analytics.hgrs.holcim.com
global-workflow-dev.holcim.com
hcm.hgrs.holcim.com
crl-dev.privasphere.com
portal-dev.ap.holcim.com
*.hgrs.holcim.com
tmc.holcim.com
versand.ea.holcim.com
brandportal.lafargeholcim.com
bi-qa.hgrs.holcim.com
*.holcim.com
lj1-logon.holcim.com
stars-uat.ap.holcim.com
orf.ap.holcim.com
guesthgrs.hgrs.holcim.com
srm-qas.ap.holcim.com
logon.holcim.com
easybuild.holcim.com
*.holcim.com
appstore.ap.holcim.com
mobile.ap.holcim.com
Certificate
The complete raw certificate details for orf.ap.holcim.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHETCCBfmgAwIBAgIRAK9axhyU3HlC4emtWR/DCFQwDQYJKoZIhvcNAQELBQAw gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg Q0EwHhcNMTgwNTA5MDAwMDAwWhcNMjAwNjIyMjM1OTU5WjCBjTEhMB8GA1UECxMY RG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMTcwNQYDVQQLEy5Jc3N1ZWQgdGhyb3Vn aCBMYWZhcmdlSG9sY2ltIEx0ZCBFLVBLSSBNYW5hZ2VyMRMwEQYDVQQLEwpDT01P RE8gU1NMMRowGAYDVQQDExFvcmYuYXAuaG9sY2ltLmNvbTCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBALLJgQB3ivtEY4ii2JdgMTg55sXlpUMthW3psbDK huIY3kOZNCoJ65EqMUL9XQDhUiiwj0HIej9syK2gmup1tEHiMfuf8q53yf2QRqVQ fV5cujRmpUCzSGLQ4agP5+exibQ1BcL7C3OKQWYwANVsGLl+9uSA66b+HMprRrWo SE4yrRv28ULqfW9k01suMRnqEwW0X+y/QPw+rL3AuPA7ouer2BmxgDdK3Hacm/vV 2Uy0Rxy34a0Z+G/ks8Kurq9uxtu0G8THoesag9+HOFGtJD3XXRtq3o96Cv/c7lrK sQ+jyqHxtJJ1sl3OUqrl4jIFITnBl68pX2zdliOzZDQUlIsCAwEAAaOCA2UwggNh MB8GA1UdIwQYMBaAFJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBQ1nZ+Z ioWlI1NLKL1dKXKrcqpRITAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEE AbIxAQICBzArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29t L0NQUzAIBgZngQwBAgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21v ZG9jYS5jb20vQ09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNB LmNybDCBhQYIKwYBBQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNv bW9kb2NhLmNvbS9DT01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVy Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wMwYD VR0RBCwwKoIRb3JmLmFwLmhvbGNpbS5jb22CFXd3dy5vcmYuYXAuaG9sY2ltLmNv bTCCAXwGCisGAQQB1nkCBAIEggFsBIIBaAFmAHYA7ku9t3XOYLrhQmkfq+GeZqMP fl+wctiDAMR7iXqo/csAAAFjRBTD/gAABAMARzBFAiEA+/q5ivlwnXYZMrU8tlL4 AM6pgqMr/XaoxjJV1pWqDmcCIGcOXYsiWbNaXx/nC8c9P6yAv3UFy1uaeXwL/qiS 87yNAHYAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFjRBTEGwAA BAMARzBFAiAj/hoMrxnKU2jLn9sZENkE1v2Jp+gbYdK49OtlYGHnYAIhAO6RAEZH ncabrbzAFJWmQAci1q+Eh58Xu1GuXVTe/t+QAHQAVYHUwhaQNgFK6gubVzxT8MDk OHhwJQgXL6OqHQcT0wwAAAFjRBTEcAAABAMARTBDAh8ZZiAE3xV5i3LibfB7BxRf 6h6jSOUXInkTHoYO4eMpAiBRqFU2GIK8vCqxdSu9ff+AlV26Kpskx6z6LNuHhz7z 9jANBgkqhkiG9w0BAQsFAAOCAQEADgKSLbl2Bb56Vlu/71/gVzrIngvq9isCcI0o bJ3EuH37tZXj9gkhZ/Waravh65r30UCA/+MsruQLX09ZWGJBu4DYcW5NWgF2Dk63 Jtzlo1i93vrD50/U9z9HTwjVvVWe0tgYfy7xSc7pDEnIlWqz710cyd3tvLMQEEnB 6PJYsNnod+Ok1ne7fFt/vUwXO/Q4RFLadcXo5vwtvGcVzRaDRCYIDNQyU2PJCGRa +5ro+cWcJ1NFTQigKCR9sazJyFHi5mlLCRP0IoxNNU/JGHONd4Js4FUG0i/whf76 z0kbR8kCDT5AOURxfWRJMNeE/hOwnOHPKOlyK0fanV8GiMhWBg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssmBAHeK+0RjiKLYl2Ax ODnmxeWlQy2FbemxsMqG4hjeQ5k0KgnrkSoxQv1dAOFSKLCPQch6P2zIraCa6nW0 QeIx+5/yrnfJ/ZBGpVB9Xly6NGalQLNIYtDhqA/n57GJtDUFwvsLc4pBZjAA1WwY uX725IDrpv4cymtGtahITjKtG/bxQup9b2TTWy4xGeoTBbRf7L9A/D6svcC48Dui 56vYGbGAN0rcdpyb+9XZTLRHHLfhrRn4b+Szwq6ur27G27QbxMeh6xqD34c4Ua0k PdddG2rej3oK/9zuWsqxD6PKofG0knWyXc5SquXiMgUhOcGXrylfbN2WI7NkNBSU iwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 233086224161188803448861932001683507284 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO RSA Domain Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-09 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-22 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Issued through LafargeHolcim Ltd E-PKI Manager' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'orf.ap.holcim.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22569783567038617890916064219789276586121448146431915820046898795933425991383749466617740051577097463467465437524128321743696919910447602485271327326887257965039096774942966777614075897513363339149483786025576623364317878753125417552239438380294481481926005566665541223218339799300860204443576373182186289227306706628871307098606727088408324867629154108403550481648542810361801355528240954328752125043743896795496168380570398844987099144043287105848074128769060934371292941955491838764728927248782725205657691155962452602434481018541637162588551997749428942230755682970337732992381452949117263094109710663226739692683 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 90af6a3a945a0bd890ea125673df43b43a28dae7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 359d9f998a85a523534b28bd5d2972ab72aa5121 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (77 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'orf.ap.holcim.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.orf.ap.holcim.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 0166007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb000001634414c3fe0000040300473045022100fbfab98af9709d761932b53cb652f800cea982a32bfd76a8c63255d695aa0e670220670e5d8b2259b35a5f1fe70bc73d3fac80bf7505cb5b9a797c0bfea892f3bc8d0076005ea773f9df56c0e7b536487dd049e0327a919a0c84a112128418759681714558000001634414c41b0000040300473045022023fe1a0caf19ca5368cb9fdb1910d904d6fd89a7e81b61d2b8f4eb656061e760022100ee910046479dc69badbcc01495a6400722d6af84879f17bb51ae5d54defedf900074005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001634414c4700000040300453043021f19662004df15798b72e26df07b07145fea1ea348e5172279131e860ee1e329022051a855361882bcbc2ab1752bbd7dff80955dba2a9b24c7acfa2cdb87873ef3f6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000e02922db97605be7a565bbfef5fe0573ac89e0beaf62b02708d286c9dc4b87dfbb595e3f6092167f59aadabe1eb9af7d14080ffe32caee40b5f4f59586241bb80d8716e4d5a01760e4eb726dce5a358bddefac3e74fd4f73f474f08d5bd559ed2d8187f2ef149cee90c49c8956ab3ef5d1cc9ddedbcb3101049c1e8f258b0d9e877e3a4d677bb7c5b7fbd4c173bf4384452da75c5e8e6fc2dbc6715cd16834426080cd4325363c908645afb9ae8f9c59c2753454d08a028247db1acc9c851e2e6694b0913f4228c4d354fc918738d77826ce05506d22ff085fefacf491b47c9020d3e403944717d644930d784fe13b09ce1cf28e9722b47da9d5f0688c85606