espace-client.ancv.com

- AGENCE NATIONALE POUR LES CHEQUES-VACANCES EPIC -

Issued by thawte Extended Validation SSL CA

About this certificate

This digital certificate with serial number 14:e7:5b:dc:4c:78:33:c3:11:43:25:98:e2:3e:e8:f2 was issued on by thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

AGENCE NATIONALE POUR LES CHEQUES-VACANCES EPIC

Company registration number: 326 817 442
Organization: AGENCE NATIONALE POUR LES CHEQUES-VACANCES EPIC
State / Province: VAL D'OISE
Locality: SARCELLES CEDEX
Country: FR

thawte, Inc.

Organization: thawte, Inc.
Organization unit: Terms of use at https://www.thawte.com/cps (c)06
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 14:e7:5b:dc:4c:78:33:c3:11:43:25:98:e2:3e:e8:f2
Serial Number (int): 27785843643155724364255116347154819314
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: cd:32:e2:f2:5d:25:47:02:aa:8f:79:4b:32:ee:03:99:fd:30:49:d1

Fingerprint (sha1): c6:aa:0c:f3:de:10:6d:ce:ca:e8:c4:fb:d3:5a:88:93:8d:e9:1d:ea
Fingerprint (sha256): 3d:70:e9:c8:4c:33:68:de:6a:a8:35:54:31:25:a9:b3:92:4f:c1:e1:14:f7:4d:82:2b:b4:26:25:62:52:2a:11

Issuing Certificate URL: http://crl.thawte.com/ThawteEVCA2006.cer

Revocation information

OCSP Server: http://ocsp.thawte.com
CRL Distribution Point: http://crl.thawte.com/ThawteEVCA2006.crl

Check the revocation status for certificate espace-client.ancv.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for espace-client.ancv.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

espace-client.ancv.com

Other certificates including the domain name ancv.com

(limited to 100 certificates)
telereglement.ancv.com
bsv.ancv.com
espace-client.ancv.com
www.ancv.com
*.connect.ancv.com
espace-ptl.ancv.com
bsv.ancv.com
telereglement.ancv.com
*.recette.ancv.com
tr.communication.ancv.com
adr.ancv.com
*.partenaires.espace-actionsociale.ancv.com
bsv.ancv.com
bsv.ancv.com
faq.ancv.com
eremboursement.ancv.com
tr.communication.ancv.com
*.ancv.com
www.ancv.com
eremboursement.ancv.com
telereglement.ancv.com
extranet1.ancv.com
telereglement.ancv.com
faq.ancv.com
espace-ptl.preprod.ancv.com
espace-client.ancv.com
adn.ancv.com
eremboursement.preprod.ancv.com
*.recette.ancv.com
auth.connect.ancv.com
espace-ptl.ancv.com
espace-ptl.preprod.ancv.com
www.ancv.com
*.secure-connect2.ancv.com
static.ancv.com
tr.communication.ancv.com
espace-client.ancv.com
telereglement.ancv.com
*.ancv.com
static.ancv.com
eremboursement.preprod.ancv.com
eremboursement.ancv.com
espace-ptl.ancv.com
espace-ptl.ancv.com
boutique-en-ligne.ancv.com
bsv.ancv.com
cvt-pro.ancv.com
www.ancv.com
telereglement.ancv.com
espace-ptl.ancv.com
eremboursement.preprod.ancv.com
boutique-en-ligne.ancv.com
espace-ptl.preprod.ancv.com
espace-ptl.ancv.com
eremboursement.preprod.ancv.com
bsv.ancv.com
extranet1.ancv.com
bsv.ancv.com
*.secure-connect2.preprod.ancv.com
boutique-en-ligne.ancv.com
*.preprod.ancv.com
tr.communication.ancv.com
tr.communication.ancv.com
adr.ancv.com
tr.communication.ancv.com
boutique-en-ligne.ancv.com
eremboursement.preprod.ancv.com
espace-client.ancv.com
*.ancv.com

*.imagine.ancv.com
espace-client.ancv.com
www.ancv.com
communications.ancv.com
telereglement.ancv.com
telereglement.ancv.com
infos.ancv.com
adr.ancv.com
espace-client.ancv.com
bsv.ancv.com
eremboursement.ancv.com
adn.ancv.com
info.ancv.com
www.ancv.com
static.ancv.com
tr.communication.ancv.com
*.imagine.ancv.com
bsv.ancv.com
*.secure-connect2.ancv.com
*.ancv.com
adn.ancv.com
information.ancv.com
*.connect.ancv.com
faq.ancv.com
*.ancv.com
*.secure-connect2.preprod.ancv.com
espace-ptl.preprod.ancv.com
telereglement.ancv.com
espace-ptl.ancv.com
eremboursement.preprod.ancv.com

Certificate

The complete raw certificate details for espace-client.ancv.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgIQFOdb3Ex4M8MRQyWY4j7o8jANBgkqhkiG9w0BAQUFADCB
izELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE5MDcGA1UECxMw
VGVybXMgb2YgdXNlIGF0IGh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzIChjKTA2
MSowKAYDVQQDEyF0aGF3dGUgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTU0wgQ0EwHhcN
MTQwNDE1MDAwMDAwWhcNMTUwNTE1MjM1OTU5WjCB4TETMBEGCysGAQQBgjc8AgED
EwJGUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xFDASBgNVBAUTCzMy
NiA4MTcgNDQyMQswCQYDVQQGEwJGUjETMBEGA1UECBQKVkFMIEQnT0lTRTEYMBYG
A1UEBxQPU0FSQ0VMTEVTIENFREVYMTgwNgYDVQQKFC9BR0VOQ0UgTkFUSU9OQUxF
IFBPVVIgTEVTIENIRVFVRVMtVkFDQU5DRVMgRVBJQzEfMB0GA1UEAxQWZXNwYWNl
LWNsaWVudC5hbmN2LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
APLIpuWP3FCXCIhIt3vKVOJI4XPCo0Buw4RkatFwMBP0hxcFbX5baTsl7YTv8u6w
hwD14WekUYlVBrnXWI+PWczueTQjoHodyWQjbKB8SXXK7G07jhPSRTk+RUtM6YgQ
IT2pRe1akPCeZjBFOp4Jc/4/noZd+bZFbqT1GOwNiA9PACVvdZIsMjn44PNFfmBd
UbAD245E6bXQb2ehLC/kRKu8RrUnQfhYlsiHgfWGdcUQe8lQMZ4FRTXWOXC5AjDv
4jDkfRDarYVUw5Q9ovHhEXN4IjTPOx/5/rm8CFfKPFJOYyquByEebVm4M5bmI8Qo
sxjbhFKdP16BBIxSaerh0H0CAwEAAaOCAWswggFnMCEGA1UdEQQaMBiCFmVzcGFj
ZS1jbGllbnQuYW5jdi5jb20wCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwOQYD
VR0fBDIwMDAuoCygKoYoaHR0cDovL2NybC50aGF3dGUuY29tL1RoYXd0ZUVWQ0Ey
MDA2LmNybDBCBgNVHSAEOzA5MDcGC2CGSAGG+EUBBzABMCgwJgYIKwYBBQUHAgEW
Gmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjAfBgNVHSMEGDAWgBTNMuLyXSVHAqqPeUsy7gOZ/TBJ0TBoBggr
BgEFBQcBAQRcMFowIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnRoYXd0ZS5jb20w
NAYIKwYBBQUHMAKGKGh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVFVkNBMjAw
Ni5jZXIwDQYJKoZIhvcNAQEFBQADggEBAG3aL2ksoPNJJhHDSv0QfMyfC7nFKpqO
fbpIU86Luyl55ilNW0nJWwA/bRJB0lSe8fPwOVCnYIVE9e5lF/PDRKKWiT2/tyJZ
G6grS5qB84BrDvnwAjO/ZUYOZglvGfNUZKaLtXmnGgZrjy783CiTGV0wAx/I1R3v
RbeC3bOfZtgCUC9fpL8iy4cs63Z59/PYsumwqDmbC1VH43y9VlMFiKRigdZ+XevV
y40/wOgfmJwUkV9v3cGylUOJHJQ2BbvQ8nQJJQDBBP0R/ZNNvFIqO8zrcMdux5fO
bgZT8q2/+v4TJqOriVdSVw6Ubv7w3eC2h/N9+8uqzr6hBQd9fMpxCR8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8sim5Y/cUJcIiEi3e8pU
4kjhc8KjQG7DhGRq0XAwE/SHFwVtfltpOyXthO/y7rCHAPXhZ6RRiVUGuddYj49Z
zO55NCOgeh3JZCNsoHxJdcrsbTuOE9JFOT5FS0zpiBAhPalF7VqQ8J5mMEU6nglz
/j+ehl35tkVupPUY7A2ID08AJW91kiwyOfjg80V+YF1RsAPbjkTptdBvZ6EsL+RE
q7xGtSdB+FiWyIeB9YZ1xRB7yVAxngVFNdY5cLkCMO/iMOR9ENqthVTDlD2i8eER
c3giNM87H/n+ubwIV8o8Uk5jKq4HIR5tWbgzluYjxCizGNuEUp0/XoEEjFJp6uHQ
fQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 27785843643155724364255116347154819314
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Terms of use at https://www.thawte.com/cps (c)06'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte Extended Validation SSL CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-04-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-05-15 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '326 817 442'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'VAL D'OISE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'SARCELLES CEDEX'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'AGENCE NATIONALE POUR LES CHEQUES-VACANCES EPIC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'espace-client.ancv.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30648614961303183127009921812400993643519297500968504082755114046389226942736319576097554870515685527453191828636807620169284679702043708322485260735394229786114743192898248148408924544639955745386609663040203656320081352306847598977224151397967706246446177567023825541767019155803835244170538296119457249742794527487139920679950833208801754437156026035306866227245572741552945540574192377317752222619174863322163950601664038134124864601602745857632148498022366199912994402747872104595185372901636289069377896670474299754556319387554058122675049815685739690390957477305053736005932158834887622487245995010309000122493
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'espace-client.ancv.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.thawte.com/ThawteEVCA2006.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (59 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.48.1 (Thawte EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName cd32e2f25d254702aa8f794b32ee0399fd3049d1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.thawte.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.thawte.com/ThawteEVCA2006.cer'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006dda2f692ca0f3492611c34afd107ccc9f0bb9c52a9a8e7dba4853ce8bbb2979e6294d5b49c95b003f6d1241d2549ef1f3f03950a7608544f5ee6517f3c344a296893dbfb722591ba82b4b9a81f3806b0ef9f00233bf65460e66096f19f35464a68bb579a71a066b8f2efcdc2893195d30031fc8d51def45b782ddb39f66d802502f5fa4bf22cb872ceb7679f7f3d8b2e9b0a8399b0b5547e37cbd56530588a46281d67e5debd5cb8d3fc0e81f989c14915f6fddc1b29543891c943605bbd0f274092500c104fd11fd934dbc522a3bcceb70c76ec797ce6e0653f2adbffafe1326a3ab895752570e946efef0dde0b687f37dfbcbaacebea105077d7cca71091f