duo.bpmcpa.com
- Burr Pilger Mayer, Inc. -
Issued by thawte SSL CA - G2
About this certificate
This digital certificate with serial number 60:1d:42:d2:a5:9c:c5:df:8a:86:cc:f5:f4:de:77:a4 was issued on by thawte, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Burr Pilger Mayer, Inc.
Organization:
Burr Pilger Mayer, Inc.
Organization unit: IT
Organization unit: IT
State / Province:
California
Locality: San Francisco
Country: US
Locality: San Francisco
Country: US
thawte, Inc.
Organization:
thawte, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 60:1d:42:d2:a5:9c:c5:df:8a:86:cc:f5:f4:de:77:a4Serial Number (int): 127757819532451956283936500572315613092
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: c2:4f:48:57:fc:d1:4f:9a:c0:5d:38:7d:0e:05:db:d9:2e:b5:52:60
Fingerprint (sha1): 41:38:1f:0e:53:e4:56:a7:c3:a2:18:db:b7:64:c1:9f:fe:08:fc:33
Fingerprint (sha256): 44:8e:8e:d2:d7:04:13:b4:a2:e3:aa:92:d1:f8:fb:b2:f6:4e:b1:c1:a6:04:fc:f5:8d:4b:11:02:ee:c9:75:cc
Issuing Certificate URL: http://tj.symcb.com/tj.crt
Revocation information
OCSP Server: http://tj.symcd.comCRL Distribution Point: http://tj.symcb.com/tj.crl
Check the revocation status for certificate duo.bpmcpa.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for duo.bpmcpa.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
duo.bpmcpa.com
Other certificates including the domain name bpmcpa.com
(limited to 100 certificates)
servicedesk.6dca.flcourts.gov
bpmcpa.com
it-support.perimeter81.com
it.servicedesk.ucity.co.th
citrixbackup.bpmcpa.com
support.bpmcpa.com
webmail.bpmcpa.com
sdp.rikkyo.ac.jp
311help.seminolecountyfl.gov
secureweb2lead.bpmcpa.com
webmail.bpmcpa.com
webmail.bpmcpa.com
mobilityrouter.bpmcpa.com
sdp.rikkyo.ac.jp
bpmcpa.com
bpmskype.bpmcpa.com
ajghelpdesk.ajgaustralia.com.au
apps2.bpmcpa.com
ajghelpdesk.ajgaustralia.com.au
support.bpmcpa.com
citrix.bpmcpa.com
311help.seminolecountyfl.gov
311help.seminolecountyfl.gov
bpmskype.bpmcpa.com
vpnbackup.bpmcpa.com
helpdesk.waterfordbankna.com
support.bpmcpa.com
support.bpmcpa.com
servicedesk.6dca.flcourts.gov
311help.seminolecountyfl.gov
webmail.bpmcpa.com
webmail.bpmcpa.com
citrix.bpmcpa.com
helpdesk.johnhcarter.com
it.servicedesk.ucity.co.th
citrixbackup.bpmcpa.com
helpdesk.jicjo.com
emfserver.bpmcpa.com
311help.seminolecountyfl.gov
connect.bpmcpa.com
www.bpmcpa.com
bpmpool1.bpmcpa.com
duo.bpmcpa.com
helpdesk.jicjo.com
311help.seminolecountyfl.gov
servicedesk.1solar.com
webmail.bpmcpa.com
bpmcpa.com
www.bpmcpa.com
helpdesk.waterfordbankna.com
ajghelpdesk.ajgaustralia.com.au
311help.seminolecountyfl.gov
www.bpmcpa.com
help.enmu-roswell.edu
311help.seminolecountyfl.gov
it.servicedesk.ucity.co.th
citrixbackup.bpmcpa.com
duo.bpmcpa.com
sdp.rikkyo.ac.jp
servicedesk.1solar.com
311help.seminolecountyfl.gov
311help.seminolecountyfl.gov
www.bpmcpa.com
support.bpmcpa.com
vpn.bpmcpa.com
citrix.bpmcpa.com
bpmskype.bpmcpa.com
turn.bpmcpa.com
311help.seminolecountyfl.gov
support.bpmcpa.com
helpdesk.jicjo.com
mobilityrouter.bpmcpa.com
311help.seminolecountyfl.gov
rast.bpmcpa.com
www.bpmcpa.com
support.bpmcpa.com
gp.bpmcpa.com
311help.seminolecountyfl.gov
www.bpmcpa.com
bpmcpa.com
citrixbackup.bpmcpa.com
it-support.perimeter81.com
helpdesk.jicjo.com
webmailbackup.bpmcpa.com
helpdesk.jicjo.com
sdp.rikkyo.ac.jp
helpdesk.johnhcarter.com
helpdesk.johnhcarter.com
vpn.bpmcpa.com
ithelpdesk.magpul.com
emfserver.bpmcpa.com
servicedesk.1solar.com
webmail.bpmcpa.com
citrixbackup.bpmcpa.com
helpdesk.jicjo.com
servicedesk.6dca.flcourts.gov
it-support.perimeter81.com
citrix.bpmcpa.com
bpmcpa.com
it-support.perimeter81.com
it.servicedesk.ucity.co.th
citrixbackup.bpmcpa.com
support.bpmcpa.com
webmail.bpmcpa.com
sdp.rikkyo.ac.jp
311help.seminolecountyfl.gov
secureweb2lead.bpmcpa.com
webmail.bpmcpa.com
webmail.bpmcpa.com
mobilityrouter.bpmcpa.com
sdp.rikkyo.ac.jp
bpmcpa.com
bpmskype.bpmcpa.com
ajghelpdesk.ajgaustralia.com.au
apps2.bpmcpa.com
ajghelpdesk.ajgaustralia.com.au
support.bpmcpa.com
citrix.bpmcpa.com
311help.seminolecountyfl.gov
311help.seminolecountyfl.gov
bpmskype.bpmcpa.com
vpnbackup.bpmcpa.com
helpdesk.waterfordbankna.com
support.bpmcpa.com
support.bpmcpa.com
servicedesk.6dca.flcourts.gov
311help.seminolecountyfl.gov
webmail.bpmcpa.com
webmail.bpmcpa.com
citrix.bpmcpa.com
helpdesk.johnhcarter.com
it.servicedesk.ucity.co.th
citrixbackup.bpmcpa.com
helpdesk.jicjo.com
emfserver.bpmcpa.com
311help.seminolecountyfl.gov
connect.bpmcpa.com
www.bpmcpa.com
bpmpool1.bpmcpa.com
duo.bpmcpa.com
helpdesk.jicjo.com
311help.seminolecountyfl.gov
servicedesk.1solar.com
webmail.bpmcpa.com
bpmcpa.com
www.bpmcpa.com
helpdesk.waterfordbankna.com
ajghelpdesk.ajgaustralia.com.au
311help.seminolecountyfl.gov
www.bpmcpa.com
help.enmu-roswell.edu
311help.seminolecountyfl.gov
it.servicedesk.ucity.co.th
citrixbackup.bpmcpa.com
duo.bpmcpa.com
sdp.rikkyo.ac.jp
servicedesk.1solar.com
311help.seminolecountyfl.gov
311help.seminolecountyfl.gov
www.bpmcpa.com
support.bpmcpa.com
vpn.bpmcpa.com
citrix.bpmcpa.com
bpmskype.bpmcpa.com
turn.bpmcpa.com
311help.seminolecountyfl.gov
support.bpmcpa.com
helpdesk.jicjo.com
mobilityrouter.bpmcpa.com
311help.seminolecountyfl.gov
rast.bpmcpa.com
www.bpmcpa.com
support.bpmcpa.com
gp.bpmcpa.com
311help.seminolecountyfl.gov
www.bpmcpa.com
bpmcpa.com
citrixbackup.bpmcpa.com
it-support.perimeter81.com
helpdesk.jicjo.com
webmailbackup.bpmcpa.com
helpdesk.jicjo.com
sdp.rikkyo.ac.jp
helpdesk.johnhcarter.com
helpdesk.johnhcarter.com
vpn.bpmcpa.com
ithelpdesk.magpul.com
emfserver.bpmcpa.com
servicedesk.1solar.com
webmail.bpmcpa.com
citrixbackup.bpmcpa.com
helpdesk.jicjo.com
servicedesk.6dca.flcourts.gov
it-support.perimeter81.com
citrix.bpmcpa.com
Certificate
The complete raw certificate details for duo.bpmcpa.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgIQYB1C0qWcxd+Khsz19N53pDANBgkqhkiG9w0BAQsFADBB MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0 aGF3dGUgU1NMIENBIC0gRzIwHhcNMTcxMTExMDAwMDAwWhcNMTgxMTExMjM1OTU5 WjCBgjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcM DVNhbiBGcmFuY2lzY28xIDAeBgNVBAoMF0J1cnIgUGlsZ2VyIE1heWVyLCBJbmMu MQswCQYDVQQLDAJJVDEXMBUGA1UEAwwOZHVvLmJwbWNwYS5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaAZDdLQngBg8hWggYHC+RRjgcMq6KcAgX 7TJFZ/UUPg4FeZB/KqR39oAAWf7+1qyCdDuHHIzVUtlycGfYE/5kKvtADa6aQqJx ayzctAkmXWz5HXDf3XLKTqDJCEm/3wYkeTzRtVePADCVg0/2jn441dGlEGja9Djo b7RZJaOHdKIuH+Ay8WmZ63MnnUh4/K7fLM9gfUhv92/+V5u7JuGD/mus2SmWmtpc +5fOQh7g3jU92AYK21E3BVtVMLHdsdlPb382Sx7R7AptCfx8c29JLNkalOmciUBW cX4831JDnfnEncbxQMehtYqftWshZABTXbv7ZE524/7yKLkUjTP9AgMBAAGjggGF MIIBgTAZBgNVHREEEjAQgg5kdW8uYnBtY3BhLmNvbTAJBgNVHRMEAjAAMG4GA1Ud IARnMGUwYwYGZ4EMAQICMFkwJgYIKwYBBQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0 ZS5jb20vY3BzMC8GCCsGAQUFBwICMCMMIWh0dHBzOi8vd3d3LnRoYXd0ZS5jb20v cmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUwk9IV/zRT5rA XTh9DgXb2S61UmAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3RqLnN5bWNiLmNv bS90ai5jcmwwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFcGCCsGAQUF BwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL3RqLnN5bWNkLmNvbTAmBggrBgEF BQcwAoYaaHR0cDovL3RqLnN5bWNiLmNvbS90ai5jcnQwEwYKKwYBBAHWeQIEAwEB /wQCBQAwDQYJKoZIhvcNAQELBQADggEBAJaOZIRKUb1qtzpzQ10TfRxpI4+dlogq wzk3PQnNCmgl+vVlkivc4i9L/VWQjeHACbuNRyw/+fEp0Bj1mvDId9cAFgbnxrxY 5IcPeduqagrbLFHdLfIofBcPI7ldbEJPqL/DhuIgvhhCX9vNM34hnQ+LfNTxqnm6 jaEav4rmjcUFRBblnMHJNRavVKOIRSkYyHcsT3VyvM4Oev62RGpronxRgtD/+KNx OPK2HDNUDDxpZf8oVCZqdNM47g7Ul4chPafMpwILKhiJO0EtIqWPkWU3FpuLJ1g3 THUgpooFY/OtRrsUtt/mISPsePOYuFbbWMxogOmPOFdHHiOsW/Z3Xw0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgGQ3S0J4AYPIVoIGBwv kUY4HDKuinAIF+0yRWf1FD4OBXmQfyqkd/aAAFn+/tasgnQ7hxyM1VLZcnBn2BP+ ZCr7QA2umkKicWss3LQJJl1s+R1w391yyk6gyQhJv98GJHk80bVXjwAwlYNP9o5+ ONXRpRBo2vQ46G+0WSWjh3SiLh/gMvFpmetzJ51IePyu3yzPYH1Ib/dv/lebuybh g/5rrNkplpraXPuXzkIe4N41PdgGCttRNwVbVTCx3bHZT29/Nkse0ewKbQn8fHNv SSzZGpTpnIlAVnF+PN9SQ535xJ3G8UDHobWKn7VrIWQAU127+2ROduP+8ii5FI0z /QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 127757819532451956283936500572315613092 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte SSL CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-11 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-11 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'San Francisco' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Burr Pilger Mayer, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'duo.bpmcpa.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19441471126453682759271825155974325374595997348890869500318996226438967577477688328725548467695055491580763104121692170134855422448520842649232148958847398347097390309905616969818273972441654583631732179432908891042671454622918502644536873846732257002475529816193359384044838825155075836297659420582934307632330185558308785845512050948642638902556362953800738735126299148802444969299992817096223805597137791530546052486523176610468669203192961260167275593053922034203026946038117619424453018687582101607566614766407493886112686460254749408780922341556543237410654081037749745248104175951508963195559203614620841227261 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'duo.bpmcpa.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c24f4857fcd14f9ac05d387d0e05dbd92eb55260 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00968e64844a51bd6ab73a73435d137d1c69238f9d96882ac339373d09cd0a6825faf565922bdce22f4bfd55908de1c009bb8d472c3ff9f129d018f59af0c877d7001606e7c6bc58e4870f79dbaa6a0adb2c51dd2df2287c170f23b95d6c424fa8bfc386e220be18425fdbcd337e219d0f8b7cd4f1aa79ba8da11abf8ae68dc5054416e59cc1c93516af54a388452918c8772c4f7572bcce0e7afeb6446a6ba27c5182d0fff8a37138f2b61c33540c3c6965ff2854266a74d338ee0ed49787213da7cca7020b2a18893b412d22a58f916537169b8b2758374c7520a68a0563f3ad46bb14b6dfe62123ec78f398b856db58cc6880e98f3857471e23ac5bf6775f0d