www.estore-tco.com

- Tiffany & Co. -

Issued by COMODO RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number 4c:f4:99:c2:95:09:9c:0e:c1:69:b0:b7:3f:d9:0e:08 was issued on by COMODO CA Limited.

With 19 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Tiffany & Co.

Organization: Tiffany & Co.
Organization unit: Unified Communications
Address: 727 Fifth Avenue
Postal code: 10022
State / Province: NY
Locality: New York
Country: US

COMODO CA Limited

Organization: COMODO CA Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 4c:f4:99:c2:95:09:9c:0e:c1:69:b0:b7:3f:d9:0e:08
Serial Number (int): 102291366738193874512026691184732212744
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 49:fe:34:2c:f7:22:06:4d:f3:be:09:45:6a:ce:da:55:1e:a4:8d:7f
AuthorityKeyId: 9a:f3:2b:da:cf:ad:4f:b6:2f:bb:2a:48:48:2a:12:b7:1b:42:c1:24

Fingerprint (sha1): a7:bd:24:3f:05:4b:1e:7f:d7:49:15:ac:19:72:73:17:8d:6d:70:66
Fingerprint (sha256): 45:99:ec:d1:09:52:7e:11:82:13:4d:3b:56:8f:3c:cd:bf:3c:f8:1f:ca:14:1a:29:53:f3:40:4a:c9:69:a1:6d

Issuing Certificate URL: http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.comodoca.com
CRL Distribution Point: http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate www.estore-tco.com

19

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.estore-tco.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.estore-tco.com
tiffany.at
tiffany.ca
tiffany.cn
tiffany.co.jp
tiffany.co.uk
tiffany.com
tiffany.com.au
tiffany.com.br
tiffany.com.mx
tiffany.de
tiffany.es
tiffany.fr
tiffany.ie
tiffany.it
tiffany.kr
tiffany.ru
www.estore-tco.jp
www.tiffanytrade.jp

Other certificates including the domain name estore-tco.com

(limited to 100 certificates)
sstats.estore-tco.com
pa.tiffany.com
dev3.edev.tiffany.com
qa2-aem.tiffany.com
www.tiffany.com
www.tiffany.com
qa3-aem.tiffany.com
www.pa.tiffany.com
ps2b.tiffany.com
www.tiffany.com
www.pa.tiffany.com
qa1-aem.tiffany.com
test1.edev.tiffany.com
www.estore-tco.com
qa1-aem.tiffany.com
www.estore-tco.com
www.qa1.tiffany.com
www.estore-tco.com
www.pa.tiffany.com
www.pa.tiffany.com
www.qa1.tiffany.com
www.pa.tiffany.com
ps-aem.tiffany.com
qa3-aem.tiffany.com
qa1-aem.tiffany.com
www.tiffany.com
www.estore-tco.com
dev1.edev.tiffany.com
sstats.estore-tco.com
qa.tiffany.com
ps-aem.tiffany.com
www.qa1.tiffany.com
www.tiffany.com
www.tiffany.com
www.estore-tco.com
dev2.edev.tiffany.com
sstats.estore-tco.com
dev3.edev.tiffany.com
www.pa.tiffany.com
tiffany.at
www.pa.tiffany.com
dev2.edev.tiffany.com
ps2b.tiffany.com
www.tiffany.com
dev2.edev.tiffany.com
sstats.estore-tco.com
www.pa.tiffany.com
www.qa1.tiffany.com
TIFFANY AND CO.
www.tiffany.com
test3.edev.tiffany.com
qa3.tiffany.com
dev3.edev.tiffany.com
sstats.estore-tco.com
test2.edev.tiffany.com
www.tiffany.com
www.pa.tiffany.com
www.qa.tiffany.com
www.tiffany.com
www.qa1.tiffany.com
tiffany.at
www.qa1.tiffany.com
www.pa.tiffany.com
qa2.tiffany.com
pa.tiffany.com
www.qa1.tiffany.com
www.pa.tiffany.com
pa.tiffany.com
pa-aem.tiffany.com
sstats.estore-tco.com
www.qa1.tiffany.com
qa2-aem.tiffany.com
qa2-aem.tiffany.com
www.pa.tiffany.com
test1.edev.tiffany.com
test3.edev.tiffany.com
www.tiffany.com
pa-aem.tiffany.com
www.qa1.tiffany.com
qa3-aem.tiffany.com
www.tiffany.com
sstats.estore-tco.com
qa2.tiffany.com
qa.tiffany.com
pa.tiffany.com
www.pa.tiffany.com
qa2-aem.tiffany.com
pa.tiffany.com
www.qa1.tiffany.com
www.estore-tco.com
www.qa1.tiffany.com
pa.tiffany.com
www.estore-tco.com
www.pa.tiffany.com
qa3-aem.tiffany.com
pa.tiffany.com
www.tiffany.com
www.qa1.tiffany.com
www.qa.tiffany.com
qa1-aem.tiffany.com

Certificate

The complete raw certificate details for www.estore-tco.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGxDCCBaygAwIBAgIQTPSZwpUJnA7BabC3P9kOCDANBgkqhkiG9w0BAQsFADCB
ljELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPDA6BgNV
BAMTM0NPTU9ETyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl
cnZlciBDQTAeFw0xODA1MTcwMDAwMDBaFw0yMDA4MTgyMzU5NTlaMIGuMQswCQYD
VQQGEwJVUzEOMAwGA1UEERMFMTAwMjIxCzAJBgNVBAgTAk5ZMREwDwYDVQQHEwhO
ZXcgWW9yazEZMBcGA1UECRMQNzI3IEZpZnRoIEF2ZW51ZTEWMBQGA1UECgwNVGlm
ZmFueSAmIENvLjEfMB0GA1UECxMWVW5pZmllZCBDb21tdW5pY2F0aW9uczEbMBkG
A1UEAxMSd3d3LmVzdG9yZS10Y28uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAsbJrQQeIRjjO/NPl0YFA2B/RfFc7LQTfVJYWDtSnglAH1wcuCD8T
VqaxNGlB3ekXKP+pQT/+WbOlkC2s54RhEOCJ9C4UR7Vb/OoWUtw5AvAvKDXlXrf2
48VWG9HnhmI6eAJLtTe91XnBewJRPcELyROR8T6GTRvZ15rOh2r5oj2MC1KjQMEr
JQCh6iVLjqFMZPZ9esppZcjuOjF3w0qaSazUbgjcfg4uQfKHnQ+8kvInik5J7ZTX
Zb9mVHmBLKwwsRNyc9GudAKl4CMctGY8F0Eq9B+wCrxJ5WYMX3bkxhv5LvCn3399
qTFw3SpUyL3FmZB+ga83lwKkau4j7eyzzQIDAQABo4IC8jCCAu4wHwYDVR0jBBgw
FoAUmvMr2s+tT7YvuypISCoStxtCwSQwHQYDVR0OBBYEFEn+NCz3IgZN874JRWrO
2lUepI1/MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG
CCsGAQUFBwMBBggrBgEFBQcDAjBQBgNVHSAESTBHMDsGDCsGAQQBsjEBAgEDBDAr
MCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZn
gQwBAgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5jb21vZG9jYS5jb20v
Q09NT0RPUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNy
bDCBiwYIKwYBBQUHAQEEfzB9MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LmNvbW9k
b2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2Vy
dmVyQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20w
EwYKKwYBBAHWeQIEAwEB/wQCBQAwggEcBgNVHREEggETMIIBD4ISd3d3LmVzdG9y
ZS10Y28uY29tggp0aWZmYW55LmF0ggp0aWZmYW55LmNhggp0aWZmYW55LmNugg10
aWZmYW55LmNvLmpwgg10aWZmYW55LmNvLnVrggt0aWZmYW55LmNvbYIOdGlmZmFu
eS5jb20uYXWCDnRpZmZhbnkuY29tLmJygg50aWZmYW55LmNvbS5teIIKdGlmZmFu
eS5kZYIKdGlmZmFueS5lc4IKdGlmZmFueS5mcoIKdGlmZmFueS5pZYIKdGlmZmFu
eS5pdIIKdGlmZmFueS5rcoIKdGlmZmFueS5ydYIRd3d3LmVzdG9yZS10Y28uanCC
E3d3dy50aWZmYW55dHJhZGUuanAwDQYJKoZIhvcNAQELBQADggEBAFy3s5BLwBTM
IBcaabffoKR9pMVMRJAtW2FKGg/FBj1UCoEYZwpenm7DNsRgRZ+hjVZw1RGBXL+h
c50KglW1ohqL9/nq65Gax45BGrHiCiYfffHw3hqfgxnh/Y9bwYHNA8TLPjaq9wUJ
6RTNb12RLublHGiKRl9QAxshsoDp0oUw35W1OtHebjUG8bzqldS21jbGB1OM/Es0
+gJI0j+3A9zywgZs2vJr+GSdKnKtkHcBy0BVjLWgO5HWK1HH4hBhjkcZi699Efg8
mrmMc6GfbP5oU6zPG6RMTWZjN9guRoxMBrvl1gHTtYHkMX37oLCQTPB57uPJgkq3
GfmkfAYcc0g=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbJrQQeIRjjO/NPl0YFA
2B/RfFc7LQTfVJYWDtSnglAH1wcuCD8TVqaxNGlB3ekXKP+pQT/+WbOlkC2s54Rh
EOCJ9C4UR7Vb/OoWUtw5AvAvKDXlXrf248VWG9HnhmI6eAJLtTe91XnBewJRPcEL
yROR8T6GTRvZ15rOh2r5oj2MC1KjQMErJQCh6iVLjqFMZPZ9esppZcjuOjF3w0qa
SazUbgjcfg4uQfKHnQ+8kvInik5J7ZTXZb9mVHmBLKwwsRNyc9GudAKl4CMctGY8
F0Eq9B+wCrxJ5WYMX3bkxhv5LvCn3399qTFw3SpUyL3FmZB+ga83lwKkau4j7eyz
zQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 102291366738193874512026691184732212744
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-17 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-18 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '10022'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NY'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '727 Fifth Avenue'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Tiffany & Co.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Unified Communications'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.estore-tco.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22432161647793164020701981733130861956629432169535350548401542651964566247097369843399099186570766866280311988672168796479578619736372558169150905000285936000688655405677520291752810039249946218890676754768209629574625651474443552612421903804538432845079538927744755235437172670299883471575230784942288074641238696926498708977112532963201556262668670142850667533634724613109658312652729986139816897062633126967584037008178647617034454006098313154457184795302940838747337428881643922778840160817639770144022521597771902719009175230230227527580307057038222706251761333309094765570674549191549561920990457847187849917389
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9af32bdacfad4fb62fbb2a48482a12b71b42c124
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							49fe342cf722064df3be09456aceda551ea48d7f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (127 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (275 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.estore-tco.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.at'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.com.mx'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.kr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.ru'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.estore-tco.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffanytrade.jp'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005cb7b3904bc014cc20171a69b7dfa0a47da4c54c44902d5b614a1a0fc5063d540a8118670a5e9e6ec336c460459fa18d5670d511815cbfa1739d0a8255b5a21a8bf7f9eaeb919ac78e411ab1e20a261f7df1f0de1a9f8319e1fd8f5bc181cd03c4cb3e36aaf70509e914cd6f5d912ee6e51c688a465f50031b21b280e9d28530df95b53ad1de6e3506f1bcea95d4b6d636c607538cfc4b34fa0248d23fb703dcf2c2066cdaf26bf8649d2a72ad907701cb40558cb5a03b91d62b51c7e210618e47198baf7d11f83c9ab98c73a19f6cfe6853accf1ba44c4d666337d82e468c4c06bbe5d601d3b581e4317dfba0b0904cf079eee3c9824ab719f9a47c061c7348