*.platform.rsglab.com

- The Rocket Science Group, LLC -

Issued by thawte SHA256 SSL CA

About this certificate

This digital certificate with serial number 68:5b:52:bc:14:f2:4f:20:3e:11:44:c5:73:a6:2d:2d was issued on by thawte, Inc..

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

The Rocket Science Group, LLC

Organization: The Rocket Science Group, LLC
Organization unit: Operations
State / Province: Georgia
Locality: Atlanta
Country: US

thawte, Inc.

Organization: thawte, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 68:5b:52:bc:14:f2:4f:20:3e:11:44:c5:73:a6:2d:2d
Serial Number (int): 138713888634722606121356470911230160173
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: 2b:9a:35:ae:01:18:38:30:e1:70:7a:05:e0:11:76:a3:ce:bd:90:14

Fingerprint (sha1): ff:87:cb:a3:7d:52:74:b5:ef:d4:6f:2a:5c:af:c6:3a:0f:3b:4d:ca
Fingerprint (sha256): 46:1d:11:a3:b2:89:83:74:61:08:13:7e:6c:25:30:aa:f2:24:76:c5:a7:67:cc:f2:f4:f4:06:e4:b3:28:53:a5

Issuing Certificate URL: http://tg.symcb.com/tg.crt

Revocation information

OCSP Server: http://tg.symcd.com
CRL Distribution Point: http://tg.symcb.com/tg.crl

Check the revocation status for certificate *.platform.rsglab.com

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.platform.rsglab.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.c1.platform.prod.atl01.rsglab.com
*.c1.platform.stage.atl01.rsglab.com
*.c2.platform.prod.suw01.rsglab.com
*.platform.rsglab.com

Other certificates including the domain name rsglab.com

(limited to 100 certificates)
bench.rsglab.com
creative-assistant.rsglab.com
link.getup-shoes.com
storybook.rsglab.com
prototypes.rsglab.com
prototypes.rsglab.com
wink.rsglab.com
storefront.rsglab.com
mns-ise.rsglab.com
sitespeed.rsglab.com
mcvpn.rsglab.com
vacation-feed.rsglab.com
creative-assistant.rsglab.com
sitespeed.rsglab.com
router.prod.fabric.rsglab.com
fp.rsglab.com
go-test.rsglab.com
*.platform.rsglab.com
jss.rsglab.com
storybook.rsglab.com
*.rsglab.com
git.rsglab.com
downloads.e-ceos.com.br
www.colornix.biz
omnicache.rsglab.com
incidents.rsglab.com
wink.rsglab.com
go-test.rsglab.com
jss.rsglab.com
rsgmc-az-scs.corp.mailchimp.co
experiments.rsglab.com
staff.rsglab.com
sitespeed.rsglab.com
storefront.rsglab.com
data.rsglab.com
git-stage.rsglab.com
router.prod.fabric.rsglab.com
pcm-ise2.rsglab.com
www.aidhon.com
crashplan-vault.rsglab.com
*.rsglab.com
fp.rsglab.com
vacation-feed.rsglab.com
sitespeed.rsglab.com
*.rsglab.com
vacation-feed.rsglab.com
mergeblocks.rsglab.com
vacation-feed.rsglab.com
router.dev.fabric.rsglab.com
storefront.rsglab.com
mcvpn.rsglab.com
*.rsglab.com
data.rsglab.com
mcvpnsw.rsglab.com
router.dev.fabric.rsglab.com
mcvpn.rsglab.com
mcvpnam.rsglab.com
creative-assistant.rsglab.com
*.platform.rsglab.com
boo.pushstart.com.br
front-end.rsglab.com
creative-assistant.rsglab.com
mergeblocks.rsglab.com
vacation-feed.rsglab.com
sawa-dev-4.rsglab.com
creative-assistant.rsglab.com
storybook.rsglab.com
crashplan-vault.rsglab.com
backpack.rsglab.com
status-stage.rsglab.com
transit.rsglab.com
prototypes.rsglab.com
transit.rsglab.com
vacation-feed.rsglab.com
mcvpnap.rsglab.com
*.platform.rsglab.com
router.prod.fabric.rsglab.com
app01.altimeter.prod.pcm01.rsglab.com
sitespeed.rsglab.com
sitespeed.rsglab.com
thesaurum.thetislive.com
mcvpn.rsglab.com
wink.rsglab.com
www.kyber.space
data.rsglab.com
editing-platform.rsglab.com
fp.rsglab.com
storefront.rsglab.com
experiments.rsglab.com
incidents.rsglab.com
fp.rsglab.com
sitespeed.rsglab.com
router.prod.dsfgcloud.rsglab.com
editing-platform.rsglab.com
bench.rsglab.com
front-end.rsglab.com
app.nomasfilas.cl
es-it.rsglab.com
test-management.mhntools.net
incidents.rsglab.com

Certificate

The complete raw certificate details for *.platform.rsglab.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGXTCCBUWgAwIBAgIQaFtSvBTyTyA+EUTFc6YtLTANBgkqhkiG9w0BAQsFADBD
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMR0wGwYDVQQDExR0
aGF3dGUgU0hBMjU2IFNTTCBDQTAeFw0xNzA4MTYwMDAwMDBaFw0yMDA1MjEyMzU5
NTlaMIGOMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHR2VvcmdpYTEQMA4GA1UEBwwH
QXRsYW50YTEmMCQGA1UECgwdVGhlIFJvY2tldCBTY2llbmNlIEdyb3VwLCBMTEMx
EzARBgNVBAsMCk9wZXJhdGlvbnMxHjAcBgNVBAMMFSoucGxhdGZvcm0ucnNnbGFi
LmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANZ7XtjAFxfN1fCQ
Hg6eOZzcttLK2yMKsG+bwkKRPZoJadYEO93bBk6c8LYQggYT5NqrNQYCYepmgAZO
Of2rbH+RH4Qhi5eoyoBOe8HqjpOQpHf5RtUbR/+LnpaRb/bGjzyPdzSxCPs0XHEX
wKXVP0l47TVT+59+i2b5m3t1DaRmU0yu0RWaBNNeVP+T7skhQW8jl/bVBhKa9trb
R/sjFMwSK7DTAjRkIwU49J/CHJH8jYFA+Hs6vP8ZFtL9x3QE1OjIhH4tKVn673ln
eeEENVoIGOUmsz7aUOgfy3mBkvVhFgKzOyX8d0Wfcy8j3c0QIcwiE5SlYbZfJA9B
eqcidBc3x2s+9Os9tYH69rx9afgvIrGu+I8DoxpZad3L4IJzVix6TILhElIMkCyY
46JHODNo7+/WSu+fcDzFE8YpN9lsXLaOJTJmbHJ2M52lSBjHUckDT/1GM7TQRfOm
kYCdYoC5e3YZAu5xPGgM6t29AdBI442rWfI6nGpfdQfCx0WVIUx7XkkfDZxYlAwq
Mf9NAuVWbrv/MdOW9VkZnySUDvjB8KaeREmcKwdH800lYb0aTHcx06PbjfoObJWr
eUk2CATLrVJ6ouI8tWptclAfeEuiH5hs/2LmKCrUB21PHBVkO/cAXEXIyR1CAunx
k1yUMQ8F7F7THXWfDJA0uvjcJ+8RAgMBAAGjggH/MIIB+zCBkgYDVR0RBIGKMIGH
giMqLmMxLnBsYXRmb3JtLnByb2QuYXRsMDEucnNnbGFiLmNvbYIkKi5jMS5wbGF0
Zm9ybS5zdGFnZS5hdGwwMS5yc2dsYWIuY29tgiMqLmMyLnBsYXRmb3JtLnByb2Qu
c3V3MDEucnNnbGFiLmNvbYIVKi5wbGF0Zm9ybS5yc2dsYWIuY29tMAkGA1UdEwQC
MAAwbgYDVR0gBGcwZTBjBgZngQwBAgIwWTAmBggrBgEFBQcCARYaaHR0cHM6Ly93
d3cudGhhd3RlLmNvbS9jcHMwLwYIKwYBBQUHAgIwIwwhaHR0cHM6Ly93d3cudGhh
d3RlLmNvbS9yZXBvc2l0b3J5MA4GA1UdDwEB/wQEAwIFoDAfBgNVHSMEGDAWgBQr
mjWuARg4MOFwegXgEXajzr2QFDArBgNVHR8EJDAiMCCgHqAchhpodHRwOi8vdGcu
c3ltY2IuY29tL3RnLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
VwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vdGcuc3ltY2QuY29t
MCYGCCsGAQUFBzAChhpodHRwOi8vdGcuc3ltY2IuY29tL3RnLmNydDATBgorBgEE
AdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlS02t928rIyisngGnNAG
l7EfNuceaNKvxd5BBgTFpSE8RAI0Xs5SYDjmXQALUnrA0RiJE2+HxrddQpYXl6N1
iSsPpcohg1goo+t0llblFMSDKr8bIz9g2k5meHbOD0MZqCdf6eooacZLvWRrfXXT
2/ZFx2Nz1pmVP7spLhufX3C8C+b1x2fz8Aa1rT8LwSHaNWk/3IyXoNyGWyUsVWbf
gq5N8c6SQiYQ+PJ83r7C7trzBCv7KyjDoKAjHJcQCNj6k8WKpVtlYuZ8lGMHzRK6
8jjel59JqNzEIQ9eDG813JGjY15PP++kX9wESPQ21kGi9BZ9iCgsKDW2jXF2HxFG
TQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1nte2MAXF83V8JAeDp45
nNy20srbIwqwb5vCQpE9mglp1gQ73dsGTpzwthCCBhPk2qs1BgJh6maABk45/ats
f5EfhCGLl6jKgE57weqOk5Ckd/lG1RtH/4uelpFv9saPPI93NLEI+zRccRfApdU/
SXjtNVP7n36LZvmbe3UNpGZTTK7RFZoE015U/5PuySFBbyOX9tUGEpr22ttH+yMU
zBIrsNMCNGQjBTj0n8IckfyNgUD4ezq8/xkW0v3HdATU6MiEfi0pWfrveWd54QQ1
WggY5SazPtpQ6B/LeYGS9WEWArM7Jfx3RZ9zLyPdzRAhzCITlKVhtl8kD0F6pyJ0
FzfHaz706z21gfr2vH1p+C8isa74jwOjGllp3cvggnNWLHpMguESUgyQLJjjokc4
M2jv79ZK759wPMUTxik32Wxcto4lMmZscnYznaVIGMdRyQNP/UYztNBF86aRgJ1i
gLl7dhkC7nE8aAzq3b0B0EjjjatZ8jqcal91B8LHRZUhTHteSR8NnFiUDCox/00C
5VZuu/8x05b1WRmfJJQO+MHwpp5ESZwrB0fzTSVhvRpMdzHTo9uN+g5slat5STYI
BMutUnqi4jy1am1yUB94S6IfmGz/YuYoKtQHbU8cFWQ79wBcRcjJHUIC6fGTXJQx
DwXsXtMddZ8MkDS6+Nwn7xECAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 138713888634722606121356470911230160173
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte SHA256 SSL CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-08-16 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-21 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Georgia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Atlanta'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'The Rocket Science Group, LLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Operations'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.platform.rsglab.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 875009876288631265593619788903700309452888146523081042164876624453524704501875891517015585695228302211725504046233848402297252881236993762050675934254460088120055119810996194392359842005700230570787691372756578318951780121388462023560123895215007692519399664182792269851668823059684297909616814181830462944390579239202608788115638253003533917944432019254242973209642464213622044146973048661567640958960000486533651357459279790157674672724408663321705065744536880751919222439716572120641341500330821955432176006316915686212152557067593214380417311816239361444116388822125049792464445575852690132485909801014608814157231887793309918366949328438025669713128024705555137143466738836760225788268834696720781746291611706983031571981384189474603503260832313173726122156540785110681800643777579300423884800152152051850003820674669808079892244373174704227689067993755750849304158772295222092943584597915939921006524200685525519878617941035547321662229976848209126029305740992748209594363794535873384283167494142305337750658182466021974676635520843318031360756416982796540759008539622504753473542456401665404457157414484467984475019737756630118981591519610342217893981276443418586121940607287872420251981367029493531651702796184920774765178641
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (138 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.c1.platform.prod.atl01.rsglab.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.c1.platform.stage.atl01.rsglab.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.c2.platform.prod.suw01.rsglab.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.platform.rsglab.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2b9a35ae01183830e1707a05e01176a3cebd9014
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tg.symcb.com/tg.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tg.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tg.symcb.com/tg.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00952d36b7ddbcac8ca2b278069cd00697b11f36e71e68d2afc5de410604c5a5213c4402345ece526038e65d000b527ac0d11889136f87c6b75d42961797a375892b0fa5ca21835828a3eb749656e514c4832abf1b233f60da4e667876ce0f4319a8275fe9ea2869c64bbd646b7d75d3dbf645c76373d699953fbb292e1b9f5f70bc0be6f5c767f3f006b5ad3f0bc121da35693fdc8c97a0dc865b252c5566df82ae4df1ce92422610f8f27cdebec2eedaf3042bfb2b28c3a0a0231c971008d8fa93c58aa55b6562e67c946307cd12baf238de979f49a8dcc4210f5e0c6f35dc91a3635e4f3fefa45fdc0448f436d641a2f4167d88282c2835b68d71761f11464d