booking.a-rosa.de
Issued by Thawte DV SSL CA
About this certificate
This digital certificate with serial number 16:16:af:36:2a:eb:50:20:79:61:93:fc:78:7f:56:50 was issued on by Thawte, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=booking.a-rosa.de,OU=Go to https://www.thawte.com/repository/index.html+OU=Thawte SSL123 certificate+OU=Domain Validated
Thawte, Inc.
Organization:
Thawte, Inc.
Organization unit: Domain Validated SSL
Organization unit: Domain Validated SSL
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 16:16:af:36:2a:eb:50:20:79:61:93:fc:78:7f:56:50Serial Number (int): 29360800151440176592776652402471163472
Serial Number lenght: 125 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: ab:44:e4:5d:ec:83:c7:d9:c0:85:9f:f7:e1:c6:97:90:b0:8c:3f:98
Fingerprint (sha1): 89:0a:1a:19:25:94:70:8f:82:43:13:12:21:c4:fe:6e:dc:cb:b9:29
Fingerprint (sha256): 46:72:69:47:59:62:fd:28:1e:88:8f:5d:d1:38:3f:52:8d:56:5f:31:41:0d:bb:b1:13:f4:d7:9b:ba:4d:08:b8
Issuing Certificate URL: http://svr-dv-aia.thawte.com/ThawteDV.cer
Revocation information
OCSP Server: http://ocsp.thawte.comCRL Distribution Point: http://svr-dv-crl.thawte.com/ThawteDV.crl
Check the revocation status for certificate booking.a-rosa.de
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for booking.a-rosa.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
booking.a-rosa.de
Other certificates including the domain name a-rosa.de
(limited to 100 certificates)
www.a-rosa.de
kurs.a-rosa.de
webmail.a-rosa.de
webmail.a-rosa.de
sslvpn.a-rosa.de
a-rosa.de
afleet.a-rosa.de
a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
a-rosa.de
mx01.a-rosa.de
mail.a-rosa.de
kurs.a-rosa.de
m.a-rosa.de
afleet.a-rosa.de
kurs.a-rosa.de
blog.a-rosa.de
a-rosa.de
a-rosa.de
a-rosa.de
a-rosa.de
booking.a-rosa.de
blog.a-rosa.de
blog.a-rosa.de
kurs.a-rosa.de
blog.a-rosa.de
blog.a-rosa.de
webmail.a-rosa.de
a-rosa.de
mail.a-rosa.de
mail.a-rosa.de
old.a-rosa.de
mail.a-rosa.de
a-rosa.de
booking.a-rosa.de
mail.a-rosa.de
webmail.a-rosa.de
a-rosa.de
www.a-rosa.de
kurs.a-rosa.de
a-rosa.de
a-rosa.de
kurs.a-rosa.de
kurs.a-rosa.de
resort.a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
mail.a-rosa.de
a-rosa.de
a-rosa.de
webmail.a-rosa.de
www.a-rosa.de
m.a-rosa.de
www.kurs.a-rosa.de
a-rosa.de
afleet.a-rosa.de
a-rosa.de
a-rosa.de
www.a-rosa.de
blog.a-rosa.de
a-rosa.de
a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
a-rosa.de
blog.a-rosa.de
a-rosa.de
www.a-rosa.de
kurs.a-rosa.de
kurs.a-rosa.de
webmail.a-rosa.de
webmail.a-rosa.de
sslvpn.a-rosa.de
a-rosa.de
afleet.a-rosa.de
a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
a-rosa.de
mx01.a-rosa.de
mail.a-rosa.de
kurs.a-rosa.de
m.a-rosa.de
afleet.a-rosa.de
kurs.a-rosa.de
blog.a-rosa.de
a-rosa.de
a-rosa.de
a-rosa.de
a-rosa.de
booking.a-rosa.de
blog.a-rosa.de
blog.a-rosa.de
kurs.a-rosa.de
blog.a-rosa.de
blog.a-rosa.de
webmail.a-rosa.de
a-rosa.de
mail.a-rosa.de
mail.a-rosa.de
old.a-rosa.de
mail.a-rosa.de
a-rosa.de
booking.a-rosa.de
mail.a-rosa.de
webmail.a-rosa.de
a-rosa.de
www.a-rosa.de
kurs.a-rosa.de
a-rosa.de
a-rosa.de
kurs.a-rosa.de
kurs.a-rosa.de
resort.a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
mail.a-rosa.de
a-rosa.de
a-rosa.de
webmail.a-rosa.de
www.a-rosa.de
m.a-rosa.de
www.kurs.a-rosa.de
a-rosa.de
afleet.a-rosa.de
a-rosa.de
a-rosa.de
www.a-rosa.de
blog.a-rosa.de
a-rosa.de
a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
a-rosa.de
blog.a-rosa.de
a-rosa.de
www.a-rosa.de
kurs.a-rosa.de
Certificate
The complete raw certificate details for booking.a-rosa.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIQFhavNirrUCB5YZP8eH9WUDANBgkqhkiG9w0BAQUFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMR0wGwYDVQQLExRE b21haW4gVmFsaWRhdGVkIFNTTDEZMBcGA1UEAxMQVGhhd3RlIERWIFNTTCBDQTAe Fw0xMzA1MTMwMDAwMDBaFw0xNzA2MTEyMzU5NTlaMIGYMTswOQYDVQQLEzJHbyB0 byBodHRwczovL3d3dy50aGF3dGUuY29tL3JlcG9zaXRvcnkvaW5kZXguaHRtbDEi MCAGA1UECxMZVGhhd3RlIFNTTDEyMyBjZXJ0aWZpY2F0ZTEZMBcGA1UECxMQRG9t YWluIFZhbGlkYXRlZDEaMBgGA1UEAxQRYm9va2luZy5hLXJvc2EuZGUwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2zPrVEpHjO+BjCtUnK5unZlIqbeTG dXq8qNc/Ojqor4oQOsE2POW8TVPkRR4nLSCa/x4x6hS6P+1LJ7+l9lNcxYegMK6D N5XiVHBcrquZbkmT7GgeWiK9yL1rqjwo7f5Gd38kY9FrF5vnQm2JPGZBvwR9ZGPr f3qQeFBftQD+fMVaJT7ej5YrqZoG5DFz32l+IK8gDkiXwAnJ5+MynT1P1lzPzMbV 4waKK6v41aNzyaNauP+tE1QvSkdDq77r41aNnGrbe8sbA6NPx3bEJvDTIJPN2dPv S4a/qymyxpvVlaDFI+7boWx/mriv6cAsIiDdl0fXhDnm3CpfOHrNeA7pAgMBAAGj ggFnMIIBYzAcBgNVHREEFTATghFib29raW5nLmEtcm9zYS5kZTAJBgNVHRMEAjAA MDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9zdnItZHYtY3JsLnRoYXd0ZS5jb20v VGhhd3RlRFYuY3JsMEEGA1UdIAQ6MDgwNgYKYIZIAYb4RQEHNjAoMCYGCCsGAQUF BwIBFhpodHRwczovL3d3dy50aGF3dGUuY29tL2NwczAfBgNVHSMEGDAWgBSrRORd 7IPH2cCFn/fhxpeQsIw/mDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMGkGCCsGAQUFBwEBBF0wWzAiBggrBgEFBQcwAYYWaHR0 cDovL29jc3AudGhhd3RlLmNvbTA1BggrBgEFBQcwAoYpaHR0cDovL3N2ci1kdi1h aWEudGhhd3RlLmNvbS9UaGF3dGVEVi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAG/y O0X8cSkAXLzitawvFKBFIrIFATYEgRYZqlE2Rc+ByAojMGcxyCktaDCphKne0ITy LiVplUOnLe+UQnvM70QjDqcE24+UO7tYcK3L2tbhsega/+ldoVXM93XE1qUYQwQV 0DuxRYb/NDxC4MEd/VzkLil/r2uh4VHDRnscF88qYhHvrAiLwq+lh+XUP5IAywbt 4U6grX5E522fyrOPPJxfaKX7AKfS52uOblsCQiaLH6o1uerEkyntcDAbXw5G5qLM KzInHptuLSy8Dnp4n/FOxtYhwz7zZjObh8/msq66KT6opVgc7vKcDhfX9VPnbGTQ sjSTZMpcZ01ZMHOHBbQ= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsz61RKR4zvgYwrVJyub p2ZSKm3kxnV6vKjXPzo6qK+KEDrBNjzlvE1T5EUeJy0gmv8eMeoUuj/tSye/pfZT XMWHoDCugzeV4lRwXK6rmW5Jk+xoHloivci9a6o8KO3+Rnd/JGPRaxeb50JtiTxm Qb8EfWRj6396kHhQX7UA/nzFWiU+3o+WK6maBuQxc99pfiCvIA5Il8AJyefjMp09 T9Zcz8zG1eMGiiur+NWjc8mjWrj/rRNUL0pHQ6u+6+NWjZxq23vLGwOjT8d2xCbw 0yCTzdnT70uGv6spssab1ZWgxSPu26Fsf5q4r+nALCIg3ZdH14Q55twqXzh6zXgO 6QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 29360800151440176592776652402471163472 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte DV SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-05-13 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-06-11 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go to https://www.thawte.com/repository/index.html' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte SSL123 certificate' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'booking.a-rosa.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23076450817250002936432938287839876011373919285451692610051955913210103174175408854297242841814518366888105874701815565747411666478452425835308682380537124277575535032082513444539014299031407464132385085028506670611349952770321458572940750165216678116887932753115859861573170742683980767185450012381790068959940914413285746750318483433038196573423850536950310002332285588932733922574894054847479335012082634668010972968498570979446100206473957405001126278905563914346613248498928189057293279169331772752148327226130004327379223307845184206441560631707428296245191440962174716512136353887397713814595878089278638001897 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'booking.a-rosa.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-dv-crl.thawte.com/ThawteDV.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ab44e45dec83c7d9c0859ff7e1c69790b08c3f98 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (93 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-dv-aia.thawte.com/ThawteDV.cer' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006ff23b45fc7129005cbce2b5ac2f14a04522b205013604811619aa513645cf81c80a23306731c8292d6830a984a9ded084f22e25699543a72def94427bccef44230ea704db8f943bbb5870adcbdad6e1b1e81affe95da155ccf775c4d6a518430415d03bb14586ff343c42e0c11dfd5ce42e297faf6ba1e151c3467b1c17cf2a6211efac088bc2afa587e5d43f9200cb06ede14ea0ad7e44e76d9fcab38f3c9c5f68a5fb00a7d2e76b8e6e5b0242268b1faa35b9eac49329ed70301b5f0e46e6a2cc2b32271e9b6e2d2cbc0e7a789ff14ec6d621c33ef366339b87cfe6b2aeba293ea8a5581ceef29c0e17d7f553e76c64d0b2349364ca5c674d5930738705b4