ufapihb1.bankleumi.co.il
- Bank Leumi le-Israel B.M -
Issued by Thawte RSA CA 2018
About this certificate
This digital certificate with serial number 0e:e1:4c:ee:45:46:6e:f1:e6:12:69:eb:ef:89:bd:ec was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Bank Leumi le-Israel B.M
Organization:
Bank Leumi le-Israel B.M
Organization unit: Terms of use at www.comsign.co.il/rpa (c) 03
Organization unit: Terms of use at www.comsign.co.il/rpa (c) 03
Locality:
Tel Aviv
Country: IL
Country: IL
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0e:e1:4c:ee:45:46:6e:f1:e6:12:69:eb:ef:89:bd:ecSerial Number (int): 19779019075031328766539928622133263852
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: a1:cb:36:3a:e8:bb:b6:af:08:b1:86:8b:ca:ed:d9:3b:14:b3:1a:29
AuthorityKeyId: a3:c8:5e:65:54:e5:30:78:c1:05:ea:07:0a:6a:59:cc:b9:fe:de:5a
Fingerprint (sha1): 6a:67:82:ef:86:22:27:2c:09:e5:17:b5:58:33:a9:6b:64:cf:b7:5a
Fingerprint (sha256): 43:ad:1e:33:5c:f6:f1:04:94:ff:c4:a4:90:0c:91:7b:76:4b:6d:7d:94:a3:13:28:98:6c:48:30:62:bf:73:08
Issuing Certificate URL: http://cacerts.thawte.com/ThawteRSACA2018.crt
Revocation information
OCSP Server: http://status.thawte.comCRL Distribution Point: http://cdp.thawte.com/ThawteRSACA2018.crl
Check the revocation status for certificate ufapihb1.bankleumi.co.il
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ufapihb1.bankleumi.co.il
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ufapihb1.bankleumi.co.il
Other certificates including the domain name bankleumi.co.il
(limited to 100 certificates)
hb5wap.bankleumi.co.il
accessibility.bankleumi.co.il
widget.bankleumi.co.il
streamer.bankleumi.co.il
incomingcredit.bankleumi.co.il
akamai-san17.exacttarget.com
hb2.bankleumi.co.il
livenesshb3.bankleumi.co.il
lti-content.bankleumi.co.il
ufapi.bankleumi.co.il
liveness.bankleumi.co.il
akamai-san17.exacttarget.com
leumiservices-msr.bankleumi.co.il
incomingcredit5.bankleumi.co.il
lfxt.bankleumi.co.il
mobile.bankleumi.co.il
akamai-san17.exacttarget.com
forms-stg.bankleumi.co.il
mft.bankleumi.co.il
cellular.bankleumi.co.il
sdc.bankleumi.co.il
cache.bankleumi.co.il
accessibilitys.bankleumi.co.il
appdynlib.bankleumi.co.il
www.bankleumi.co.il
exp2.bankleumi.co.il
lyncweb.bankleumi.co.il
tradair.bankleumi.co.il
encmail.bankleumi.co.il
accessibilitys.bankleumi.co.il
ufapihb3.bankleumi.co.il
securemail.bankleumi.co.il
cache.bankleumi.co.il
sa5.bankleumi.co.il
*.bankleumi.co.il
cloud.digital.bankleumi.co.il
accessibilitys.bankleumi.co.il
Securemail.bankleumi.co.il
sa3.bankleumi.co.il
cellulardlv.bankleumi.co.il
prpn.bankleumi.co.il
apiportal.bankleumi.co.il
accessibility.bankleumi.co.il
streamer.bankleumi.co.il
hb3wap.bankleumi.co.il
akamai-san17.exacttarget.com
securemail.bankleumi.co.il
securemail.bankleumi.co.il
www.bankleumi.co.il
accessibility.bankleumi.co.il
access.bankleumi.co.il
hb5wap.bankleumi.co.il
prodapi.bankleumi.co.il
leumiservices.bankleumi.co.il
trade.bankleumi.co.il
e-learning.bankleumi.co.il
liveness.bankleumi.co.il
e-learning.bankleumi.co.il
sdc.bankleumi.co.il
widget.bankleumi.co.il
lfxt.bankleumi.co.il
hbwaptest.bankleumi.co.il
service-stg7.bankleumi.co.il
hb3wap.bankleumi.co.il
cache.bankleumi.co.il
e-learning.bankleumi.co.il
leumisrv-prod.bankleumi.co.il
e-learning.bankleumi.co.il
sa5.bankleumi.co.il
trade.bankleumi.co.il
hb2.bankleumi.co.il
apidev.bankleumi.co.il
access.bankleumi.co.il
sdc.bankleumi.co.il
apidev.bankleumi.co.il
oobstg.bankleumi.co.il
service.bankleumi.co.il
video.bankleumi.co.il
lfxt.bankleumi.co.il
appdynlib.bankleumi.co.il
hb2.bankleumi.co.il
encmail.bankleumi.co.il
sa3.bankleumi.co.il
leumisrv-prod.bankleumi.co.il
lyncweb.bankleumi.co.il
widget.bankleumi.co.il
help.bankleumi.co.il
ufapi.bankleumi.co.il
cache.bankleumi.co.il
akamai-san17.exacttarget.com
oob.bankleumi.co.il
ufapi.bankleumi.co.il
apitest.bankleumi.co.il
appdynlib.bankleumi.co.il
access.bankleumi.co.il
streamer.bankleumi.co.il
ocrhb3.bankleumi.co.il
hb2.bankleumi.co.il
ufapihb1.bankleumi.co.il
mobile.bankleumi.co.il
accessibility.bankleumi.co.il
widget.bankleumi.co.il
streamer.bankleumi.co.il
incomingcredit.bankleumi.co.il
akamai-san17.exacttarget.com
hb2.bankleumi.co.il
livenesshb3.bankleumi.co.il
lti-content.bankleumi.co.il
ufapi.bankleumi.co.il
liveness.bankleumi.co.il
akamai-san17.exacttarget.com
leumiservices-msr.bankleumi.co.il
incomingcredit5.bankleumi.co.il
lfxt.bankleumi.co.il
mobile.bankleumi.co.il
akamai-san17.exacttarget.com
forms-stg.bankleumi.co.il
mft.bankleumi.co.il
cellular.bankleumi.co.il
sdc.bankleumi.co.il
cache.bankleumi.co.il
accessibilitys.bankleumi.co.il
appdynlib.bankleumi.co.il
www.bankleumi.co.il
exp2.bankleumi.co.il
lyncweb.bankleumi.co.il
tradair.bankleumi.co.il
encmail.bankleumi.co.il
accessibilitys.bankleumi.co.il
ufapihb3.bankleumi.co.il
securemail.bankleumi.co.il
cache.bankleumi.co.il
sa5.bankleumi.co.il
*.bankleumi.co.il
cloud.digital.bankleumi.co.il
accessibilitys.bankleumi.co.il
Securemail.bankleumi.co.il
sa3.bankleumi.co.il
cellulardlv.bankleumi.co.il
prpn.bankleumi.co.il
apiportal.bankleumi.co.il
accessibility.bankleumi.co.il
streamer.bankleumi.co.il
hb3wap.bankleumi.co.il
akamai-san17.exacttarget.com
securemail.bankleumi.co.il
securemail.bankleumi.co.il
www.bankleumi.co.il
accessibility.bankleumi.co.il
access.bankleumi.co.il
hb5wap.bankleumi.co.il
prodapi.bankleumi.co.il
leumiservices.bankleumi.co.il
trade.bankleumi.co.il
e-learning.bankleumi.co.il
liveness.bankleumi.co.il
e-learning.bankleumi.co.il
sdc.bankleumi.co.il
widget.bankleumi.co.il
lfxt.bankleumi.co.il
hbwaptest.bankleumi.co.il
service-stg7.bankleumi.co.il
hb3wap.bankleumi.co.il
cache.bankleumi.co.il
e-learning.bankleumi.co.il
leumisrv-prod.bankleumi.co.il
e-learning.bankleumi.co.il
sa5.bankleumi.co.il
trade.bankleumi.co.il
hb2.bankleumi.co.il
apidev.bankleumi.co.il
access.bankleumi.co.il
sdc.bankleumi.co.il
apidev.bankleumi.co.il
oobstg.bankleumi.co.il
service.bankleumi.co.il
video.bankleumi.co.il
lfxt.bankleumi.co.il
appdynlib.bankleumi.co.il
hb2.bankleumi.co.il
encmail.bankleumi.co.il
sa3.bankleumi.co.il
leumisrv-prod.bankleumi.co.il
lyncweb.bankleumi.co.il
widget.bankleumi.co.il
help.bankleumi.co.il
ufapi.bankleumi.co.il
cache.bankleumi.co.il
akamai-san17.exacttarget.com
oob.bankleumi.co.il
ufapi.bankleumi.co.il
apitest.bankleumi.co.il
appdynlib.bankleumi.co.il
access.bankleumi.co.il
streamer.bankleumi.co.il
ocrhb3.bankleumi.co.il
hb2.bankleumi.co.il
ufapihb1.bankleumi.co.il
mobile.bankleumi.co.il
Certificate
The complete raw certificate details for ufapihb1.bankleumi.co.il in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFOTCCBCGgAwIBAgIQDuFM7kVGbvHmEmnr74m97DANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMRswGQYDVQQDExJUaGF3dGUgUlNBIENBIDIwMTgwHhcN MTkwMjIxMDAwMDAwWhcNMjEwNDIxMTIwMDAwWjCBnTELMAkGA1UEBhMCSUwxETAP BgNVBAcTCFRlbCBBdml2MSEwHwYDVQQKExhCYW5rIExldW1pIGxlLUlzcmFlbCBC Lk0xNTAzBgNVBAsTLFRlcm1zIG9mIHVzZSBhdCB3d3cuY29tc2lnbi5jby5pbC9y cGEgKGMpIDAzMSEwHwYDVQQDExh1ZmFwaWhiMS5iYW5rbGV1bWkuY28uaWwwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx7JTtsT/ehlwATBrYBtS7Q0CA doq56luv/cminxrjvJC7l0/HX2k4kjOvbu0ujcLZMgowaeUqDbzQ116SzZH8gDSG 1oyWdKSIQL9AS9VQewOOAm7FUfPSrbc/02Q5Qe0TxVXQn4D8YRheFxUYwcJUHEGP mSwMCY2/pes1awf7LL04kx+Z8VEtI3m81HfI/LgJJUQUg1/Di3MKW+1OaEUML4VP COTmbJueZ0c/DOpzqKdAyDyvOkz/YrmPrTsEtzfGWG18MKCSEevnJ8mL7asONFcH Tb6rLwqGvPfjaRi7RtIo9vQ2Xs8bBDY8irMvngvCPG6LoxlLqJXnq2BR7bgrAgMB AAGjggGzMIIBrzAfBgNVHSMEGDAWgBSjyF5lVOUweMEF6gcKalnMuf7eWjAdBgNV HQ4EFgQUocs2Oui7tq8IsYaLyu3ZOxSzGikwIwYDVR0RBBwwGoIYdWZhcGloYjEu YmFua2xldW1pLmNvLmlsMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NkcC50aGF3 dGUuY29tL1RoYXd0ZVJTQUNBMjAxOC5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1s AQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAI BgZngQwBAgIwbwYIKwYBBQUHAQEEYzBhMCQGCCsGAQUFBzABhhhodHRwOi8vc3Rh dHVzLnRoYXd0ZS5jb20wOQYIKwYBBQUHMAKGLWh0dHA6Ly9jYWNlcnRzLnRoYXd0 ZS5jb20vVGhhd3RlUlNBQ0EyMDE4LmNydDAJBgNVHRMEAjAAMBMGCisGAQQB1nkC BAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQASGsoJZYH6vXgy+4eQWjAxx8TS qIGeTOmcS890B0X6KRk6IpB+w8WhaZVQmxptx7840WhXqRdKlmdbstajM7rfe9Gu eFmvcwC6tstIwKL0Oza0yiV2dqxdWXtaXdAZnrR8Cio6KvmuSeJTyQi86OY2xCgK fsCJANSxwHeFda7x41SsQH8ghTSZXUMMcf3Pj3E5c1au0B2MrDdcqXW6VZCKQ+Ft D/1IAmRcNSpnGD5TaK/3fg2gHTgE3AkvuQe6455Yw2u6NDtVOkc/qF8jAq6nvD3K NZniIR+NnUErP45os6gLM1R4eG7PxCGnEYco44N90Co3XeMFXPWBPcKod3NJ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseyU7bE/3oZcAEwa2AbU u0NAgHaKuepbr/3Jop8a47yQu5dPx19pOJIzr27tLo3C2TIKMGnlKg280Ndeks2R /IA0htaMlnSkiEC/QEvVUHsDjgJuxVHz0q23P9NkOUHtE8VV0J+A/GEYXhcVGMHC VBxBj5ksDAmNv6XrNWsH+yy9OJMfmfFRLSN5vNR3yPy4CSVEFINfw4tzClvtTmhF DC+FTwjk5mybnmdHPwzqc6inQMg8rzpM/2K5j607BLc3xlhtfDCgkhHr5yfJi+2r DjRXB02+qy8Khrz342kYu0bSKPb0Nl7PGwQ2PIqzL54Lwjxui6MZS6iV56tgUe24 KwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 19779019075031328766539928622133263852 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-21 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-21 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tel Aviv' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bank Leumi le-Israel B.M' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Terms of use at www.comsign.co.il/rpa (c) 03' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ufapihb1.bankleumi.co.il' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22460842788935702707702986927817527848562756930057494299073813969516481961425323316110941688660538672005086259185090836271481298204513176467023791001520711146407168426014236658078197114337475299763765668928194197049358277254845862781051007373875478675311806102220587312584152420037792081801851886292704855220980781499817131296873245974835195418225322814235333173547653503640409353480873677001937926628042904867544897104277686996441480723484470793430820962966536222418453170372046336038905978168050299457597837141093267160740595651649595617993165955061641702066103528698567713043964977252069020386436065410571425396779 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a3c85e6554e53078c105ea070a6a59ccb9fede5a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a1cb363ae8bbb6af08b1868bcaedd93b14b31a29 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ufapihb1.bankleumi.co.il' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00121aca096581fabd7832fb87905a3031c7c4d2a8819e4ce99c4bcf740745fa29193a22907ec3c5a16995509b1a6dc7bf38d16857a9174a96675bb2d6a333badf7bd1ae7859af7300bab6cb48c0a2f43b36b4ca257676ac5d597b5a5dd0199eb47c0a2a3a2af9ae49e253c908bce8e636c4280a7ec08900d4b1c0778575aef1e354ac407f208534995d430c71fdcf8f71397356aed01d8cac375ca975ba55908a43e16d0ffd4802645c352a67183e5368aff77e0da01d3804dc092fb907bae39e58c36bba343b553a473fa85f2302aea7bc3dca3599e2211f8d9d412b3f8e68b3a80b335478786ecfc421a7118728e3837dd02a375de3055cf5813dc2a8777349