*.ideastoaction.lafargeholcim.com
Issued by Sectigo RSA Domain Validation Secure Server CA
About this certificate
This digital certificate with serial number 88:6b:7f:0a:30:9a:e7:4d:38:16:2d:57:59:be:26:93 was issued on by Sectigo Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.ideastoaction.lafargeholcim.com,OU=Domain Control Validated+OU=Issued through LafargeHolcim Ltd E-PKI Manager+OU=COMODO SSL Wildcard
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): 88:6b:7f:0a:30:9a:e7:4d:38:16:2d:57:59:be:26:93Serial Number (int): 181333159863955621514701260865882957459
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: f7:b1:df:d6:33:a6:2c:ea:e7:6b:ce:03:bf:e7:63:af:4f:96:14:15
AuthorityKeyId: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1
Fingerprint (sha1): 3e:47:dd:61:2b:cb:85:37:ce:39:1f:15:4a:9e:b6:c8:9e:21:f8:1f
Fingerprint (sha256): 49:4d:17:eb:4c:91:ed:d8:6a:81:25:7d:d5:1f:10:6a:42:c5:04:97:bd:74:10:a0:7a:7b:6f:0f:0d:4e:82:bc
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCheck the revocation status for certificate *.ideastoaction.lafargeholcim.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.ideastoaction.lafargeholcim.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.ideastoaction.lafargeholcim.com
ideastoaction.lafargeholcim.com
ideastoaction.lafargeholcim.com
Other certificates including the domain name lafargeholcim.com
(limited to 100 certificates)
indwebiz.lafargeholcim.com
itasia.lafargeholcim.com
brandportal.lafargeholcim.com
brandportal.lafargeholcim.com
vanity2.jiveon.com
share.lafargeholcim.com
intranet.lafargeholcim.com
brandportal.lafargeholcim.com
vanity2.jiveon.com
intranet.lafargeholcim.com
vanity2.jiveon.com
*.lafargeholcim.com
portal.zonda.lafargeholcim.com
fiori-mea.lafargeholcim.com
connect.lafargeholcim.com
lq3-logon.lafargeholcim.com
vanity2.jiveon.com
intranet.lafargeholcim.com
integrityline.holcim.com
jarvis.lafargeholcim.com
seawebiz.lafargeholcim.com
intranet.lafargeholcim.com
fiori-mea.lafargeholcim.com
jarvis.lafargeholcim.com
qa1-fiori.lafargeholcim.com
vanity2.jiveon.com
vanity2.jiveon.com
share.lafargeholcim.com
connect.lafargeholcim.com
dv1-fiori.lafargeholcim.com
connect.lafargeholcim.com
dv1-fiori.lafargeholcim.com
share.lafargeholcim.com
integrity.lafargeholcim.com
vanity2.jiveon.com
vanity2.jiveon.com
intranet-demo.lafargeholcim.com
brandportal.lafargeholcim.com
jarvis.lafargeholcim.com
intranet.lafargeholcim.com
vanity2.jiveon.com
intranet-demo.lafargeholcim.com
share.lafargeholcim.com
jarvis.lafargeholcim.com
vanity2.jiveon.com
financialreports.lafargeholcim.com
connect.lafargeholcim.com
vanity2.jiveon.com
vanity2.jiveon.com
connect.lafargeholcim.com
brandportal.lafargeholcim.com
indwebiz.lafargeholcim.com
*.lafargeholcim.com
*.ideastoaction.lafargeholcim.com
vanity2.jiveon.com
integrity.lafargeholcim.com
*.lafargeholcim.com
itemea.lafargeholcim.com
brandportal.lafargeholcim.com
share.lafargeholcim.com
lp1-mobile-logon.lafargeholcim.com
itemea.lafargeholcim.com
*.ideastoaction.lafargeholcim.com
itasia.lafargeholcim.com
portal.dev.zonda.lafargeholcim.com
integrity.lafargeholcim.com
share.lafargeholcim.com
vanity2.jiveon.com
itasia.lafargeholcim.com
vanity2.jiveon.com
brandportal.lafargeholcim.com
portal.qa.zonda.lafargeholcim.com
intranet.lafargeholcim.com
itasia.lafargeholcim.com
brandportal.lafargeholcim.com
vanity2.jiveon.com
brandportal.lafargeholcim.com
lp1-mobile-logon.lafargeholcim.com
intranet.lafargeholcim.com
vanity2.jiveon.com
*.lafargeholcim.com
share.lafargeholcim.com
indwebiz.lafargeholcim.com
share.lafargeholcim.com
*.lafargeholcim.com
vanity2.jiveon.com
www.holcim.com
vanity2.jiveon.com
connect.lafargeholcim.com
connect.lafargeholcim.com
brandportal.lafargeholcim.com
intranet.lafargeholcim.com
itemea.lafargeholcim.com
connect.lafargeholcim.com
vanity2.jiveon.com
vanity2.jiveon.com
vanity2.jiveon.com
football.lafargeholcim.com
connect.lafargeholcim.com
vanity2.jiveon.com
itasia.lafargeholcim.com
brandportal.lafargeholcim.com
brandportal.lafargeholcim.com
vanity2.jiveon.com
share.lafargeholcim.com
intranet.lafargeholcim.com
brandportal.lafargeholcim.com
vanity2.jiveon.com
intranet.lafargeholcim.com
vanity2.jiveon.com
*.lafargeholcim.com
portal.zonda.lafargeholcim.com
fiori-mea.lafargeholcim.com
connect.lafargeholcim.com
lq3-logon.lafargeholcim.com
vanity2.jiveon.com
intranet.lafargeholcim.com
integrityline.holcim.com
jarvis.lafargeholcim.com
seawebiz.lafargeholcim.com
intranet.lafargeholcim.com
fiori-mea.lafargeholcim.com
jarvis.lafargeholcim.com
qa1-fiori.lafargeholcim.com
vanity2.jiveon.com
vanity2.jiveon.com
share.lafargeholcim.com
connect.lafargeholcim.com
dv1-fiori.lafargeholcim.com
connect.lafargeholcim.com
dv1-fiori.lafargeholcim.com
share.lafargeholcim.com
integrity.lafargeholcim.com
vanity2.jiveon.com
vanity2.jiveon.com
intranet-demo.lafargeholcim.com
brandportal.lafargeholcim.com
jarvis.lafargeholcim.com
intranet.lafargeholcim.com
vanity2.jiveon.com
intranet-demo.lafargeholcim.com
share.lafargeholcim.com
jarvis.lafargeholcim.com
vanity2.jiveon.com
financialreports.lafargeholcim.com
connect.lafargeholcim.com
vanity2.jiveon.com
vanity2.jiveon.com
connect.lafargeholcim.com
brandportal.lafargeholcim.com
indwebiz.lafargeholcim.com
*.lafargeholcim.com
*.ideastoaction.lafargeholcim.com
vanity2.jiveon.com
integrity.lafargeholcim.com
*.lafargeholcim.com
itemea.lafargeholcim.com
brandportal.lafargeholcim.com
share.lafargeholcim.com
lp1-mobile-logon.lafargeholcim.com
itemea.lafargeholcim.com
*.ideastoaction.lafargeholcim.com
itasia.lafargeholcim.com
portal.dev.zonda.lafargeholcim.com
integrity.lafargeholcim.com
share.lafargeholcim.com
vanity2.jiveon.com
itasia.lafargeholcim.com
vanity2.jiveon.com
brandportal.lafargeholcim.com
portal.qa.zonda.lafargeholcim.com
intranet.lafargeholcim.com
itasia.lafargeholcim.com
brandportal.lafargeholcim.com
vanity2.jiveon.com
brandportal.lafargeholcim.com
lp1-mobile-logon.lafargeholcim.com
intranet.lafargeholcim.com
vanity2.jiveon.com
*.lafargeholcim.com
share.lafargeholcim.com
indwebiz.lafargeholcim.com
share.lafargeholcim.com
*.lafargeholcim.com
vanity2.jiveon.com
www.holcim.com
vanity2.jiveon.com
connect.lafargeholcim.com
connect.lafargeholcim.com
brandportal.lafargeholcim.com
intranet.lafargeholcim.com
itemea.lafargeholcim.com
connect.lafargeholcim.com
vanity2.jiveon.com
vanity2.jiveon.com
vanity2.jiveon.com
football.lafargeholcim.com
connect.lafargeholcim.com
vanity2.jiveon.com
Certificate
The complete raw certificate details for *.ideastoaction.lafargeholcim.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIH6TCCBtGgAwIBAgIRAIhrfwowmudNOBYtV1m+JpMwDQYJKoZIhvcNAQELBQAw gY8xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UE AxMuU2VjdGlnbyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD QTAeFw0xOTA2MTcwMDAwMDBaFw0yMTA3MTMyMzU5NTlaMIGmMSEwHwYDVQQLExhE b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxNzA1BgNVBAsTLklzc3VlZCB0aHJvdWdo IExhZmFyZ2VIb2xjaW0gTHRkIEUtUEtJIE1hbmFnZXIxHDAaBgNVBAsTE0NPTU9E TyBTU0wgV2lsZGNhcmQxKjAoBgNVBAMMISouaWRlYXN0b2FjdGlvbi5sYWZhcmdl aG9sY2ltLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK+9XvQr cTURpc3gSa87sj0DeIgSIIKp8s/0iOCukt1sBv6VhvZBZmAT6RLKeaKhd7MwZOpF TuW77kUd/hHqNH7CkXnN4svGvAcNc88VTa2k1aIewsvwHnb8TRon5RRrEIMgO0g2 t+0pYMwMZsxmTq5uftUxk36PXbF5Hc9HzI6PflodaSURrTWurpSIo4U5SGt1gdS4 Btim91XnjP/Ju+H4OsulHH4DD0A0L5akvtrrKggIs+SWmm4LiG5I5Olj6zTXpPhN eEvdpUIzlbFjrBlgNwtNx4Rp0ueD9OT7kO2oBx5Qkk3ifeffPuTdchQxyecBOwHG glGG2IRa+vpqhz/N/rboMpJZnPMjXv0Sf3o7KmCgQHbQJVDKUVdoQeMS6LyvvMSg PELjGsxXuKwmwKY4firgl5gfHxfc4qK6ZLbMSVt1H4jHBkBvy98l1sXGh/v5L2B8 eWn9DuOCmbzwWAtwGvBbPI/z6ry6c6UpJht4uTUOZjhdueDsPoFfTzJtSzeahJIO c0sE9sFHveVXeFd68bDLWJkHLQgheBdOhDY89JdKktL/ZNIZxq+F/l6VrXzY0Xy7 y2P/xXZeAL3zHSN8aaBbxizkzslv1Pl2HUm4pAR8HquEOPWEVmCjc0nIeJAn93mi FjO8QxTUI6AW6iJzI8i2rEUyLR2PbZ0OvyzTAgMBAAGjggMlMIIDITAfBgNVHSME GDAWgBSNjF7EVK2K4Xfpm/mbBeG4AY1h4TAdBgNVHQ4EFgQU97Hf1jOmLOrna84D v+djr0+WFBUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAgcw JTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQIB MIGEBggrBgEFBQcBAQR4MHYwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9jcnQuc2VjdGln by5jb20vU2VjdGlnb1JTQURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5j cnQwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tME0GA1UdEQRG MESCISouaWRlYXN0b2FjdGlvbi5sYWZhcmdlaG9sY2ltLmNvbYIfaWRlYXN0b2Fj dGlvbi5sYWZhcmdlaG9sY2ltLmNvbTCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFp AHcAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFrZZl6CwAABAMA SDBGAiEAjiWj/dSvRt9lwC9+/myZS+o7C1l33wv3d22GOQynyw8CIQC6zYj884cz 6jHXE1g44op5i29rAmxrW2sF8ihcqEKN9QB3AESUZS6w7s6vxEAH2Kj+KMDa5oK+ 2MsxtT/TM5a1toGoAAABa2Wf2vgAAAQDAEgwRgIhALbeDxV/eStuwYZ9EHMkeAXH 7iJSoHdO+9O35zpX1+3lAiEAjm5Sg4mGBVRVQcCDiDCoFDwoISNtTUR/IYbVkUO6 44sAdQBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAWtlmXorAAAE AwBGMEQCIBPPpBrd1Y3J4CaUQGyHSRElRGlFazuwtfNW+YNChQePAiBMU+FoExfy cbQ6CsAXCk9vgbQrjwtUmGVlwl/qvcrAhzANBgkqhkiG9w0BAQsFAAOCAQEA1M7d ykBPL+1Wmcr4+jRaA+zPHSGdhZB0SsCU5oGvv159pa7PlKzTXw9dwBxgtgBEyfmT 84pHPENkekL1is0HCZcyqwpSopmtbCWRDFP0m5E0P+QMthK+ewQuL65W+2hdsEXD Ct8e66h1kyf3oUUl5+VXhe3LVEOBTqRO+u6AfSb/n16kzcig/APACLC4hI1YrTkw us2ShdCnWSrQeJLCE4W3stbKl/zLphIY2oIGyz8nvZoDfRSxODPmW2W4NG6LAvIV mIJIr4azpjd/fcAc33Q5GtBg2m9g9tkeHd/66n5ftto07giAiNsfRPge5X2lLVTT mZv1c0h2ECnHGnn1Dw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr71e9CtxNRGlzeBJrzuy PQN4iBIggqnyz/SI4K6S3WwG/pWG9kFmYBPpEsp5oqF3szBk6kVO5bvuRR3+Eeo0 fsKRec3iy8a8Bw1zzxVNraTVoh7Cy/AedvxNGiflFGsQgyA7SDa37SlgzAxmzGZO rm5+1TGTfo9dsXkdz0fMjo9+Wh1pJRGtNa6ulIijhTlIa3WB1LgG2Kb3VeeM/8m7 4fg6y6UcfgMPQDQvlqS+2usqCAiz5JaabguIbkjk6WPrNNek+E14S92lQjOVsWOs GWA3C03HhGnS54P05PuQ7agHHlCSTeJ9598+5N1yFDHJ5wE7AcaCUYbYhFr6+mqH P83+tugyklmc8yNe/RJ/ejsqYKBAdtAlUMpRV2hB4xLovK+8xKA8QuMazFe4rCbA pjh+KuCXmB8fF9ziorpktsxJW3UfiMcGQG/L3yXWxcaH+/kvYHx5af0O44KZvPBY C3Aa8Fs8j/PqvLpzpSkmG3i5NQ5mOF254Ow+gV9PMm1LN5qEkg5zSwT2wUe95Vd4 V3rxsMtYmQctCCF4F06ENjz0l0qS0v9k0hnGr4X+XpWtfNjRfLvLY//Fdl4AvfMd I3xpoFvGLOTOyW/U+XYdSbikBHweq4Q49YRWYKNzSch4kCf3eaIWM7xDFNQjoBbq InMjyLasRTItHY9tnQ6/LNMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 181333159863955621514701260865882957459 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-07-13 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Issued through LafargeHolcim Ltd E-PKI Manager' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO SSL Wildcard' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.ideastoaction.lafargeholcim.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 716955547539577650449872874950480600315137907469426575147339042519490811446977192075472818767677171742340946519397828107577590385969106473585532253867248428348067003517828041626573492593473394014980482638865914914413140913342984635596751317352224696290953312975336736871447101340152499612669525076105229169136042410107734168884548942386664841144072307099270251820117076416789156281521549636649970354191167900033039702895010734234292578684760408299499715309988385100339858253280191795583457862137721730207213094247638403290877004867771105325595010618891141944178916021057554814743008972583067207726538456988539125196124968664062170644217377782960438530802792344674514441852043846215062558674783942148895138049669310457253492783393026290274922200330406280753509714812345332509319851046488370970077175586048537177172270758952446623848506148655941700451464285229829566492412889672168858470902711390942245698162578279331022215520156811804774689812795901498757087761270876864424494178140294805076941162809109780214089521852210224777207389363308368764664785530988465526319166070157291619880591674688207553567786554787906906398411173139403349421822379647224956906329503985732385020132742513237430808897971612719453860927366670752882884553939 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f7b1dfd633a62ceae76bce03bfe763af4f961415 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (70 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ideastoaction.lafargeholcim.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ideastoaction.lafargeholcim.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016b65997a0b00000403004830460221008e25a3fdd4af46df65c02f7efe6c994bea3b0b5977df0bf7776d86390ca7cb0f022100bacd88fcf38733ea31d7135838e28a798b6f6b026c6b5b6b05f2285ca8428df50077004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016b659fdaf80000040300483046022100b6de0f157f792b6ec1867d1073247805c7ee2252a0774efbd3b7e73a57d7ede50221008e6e5283898605545541c0838830a8143c2821236d4d447f2186d59143bae38b0075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016b65997a2b0000040300463044022013cfa41addd58dc9e02694406c874911254469456b3bb0b5f356f9834285078f02204c53e1681317f271b43a0ac0170a4f6f81b42b8f0b54986565c25feabdcac087 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00d4ceddca404f2fed5699caf8fa345a03eccf1d219d8590744ac094e681afbf5e7da5aecf94acd35f0f5dc01c60b60044c9f993f38a473c43647a42f58acd07099732ab0a52a299ad6c25910c53f49b91343fe40cb612be7b042e2fae56fb685db045c30adf1eeba8759327f7a14525e7e55785edcb5443814ea44efaee807d26ff9f5ea4cdc8a0fc03c008b0b8848d58ad3930bacd9285d0a7592ad07892c21385b7b2d6ca97fccba61218da8206cb3f27bd9a037d14b13833e65b65b8346e8b02f215988248af86b3a6377f7dc01cdf74391ad060da6f60f6d91e1ddffaea7e5fb6da34ee088088db1f44f81ee57da52d54d3999bf57348761029c71a79f50f