*.yves-rocher.com

Issued by GlobalSign Domain Validation CA - SHA256 - G2

About this certificate

This digital certificate with serial number 55:cf:08:c8:db:cf:12:6c:a1:af:1e:98 was issued on by GlobalSign nv-sa.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.yves-rocher.com,OU=Domain Control Validated

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate has expire since

Certificate Details

Serial Number (hex): 55:cf:08:c8:db:cf:12:6c:a1:af:1e:98
Serial Number (int): 26556514963594135452106301080
Serial Number lenght: 95 bits, 12 octets

SubjectKeyId: 44:04:4a:b6:5f:ac:04:5e:62:73:0c:84:86:b6:fb:6a:e2:b8:ca:ab
AuthorityKeyId: ea:4e:7c:d4:80:2d:e5:15:81:86:26:8c:82:6d:c0:98:a4:cf:97:0f

Fingerprint (sha1): b6:58:55:02:55:61:1e:79:47:dd:7e:81:2d:48:b0:8e:bf:3a:1c:7e
Fingerprint (sha256): 4d:17:19:a5:6b:86:48:23:bf:10:45:d7:07:2b:d9:4e:04:0a:69:bd:9d:58:55:d0:83:44:b1:d2:3d:3b:df:c3

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsdomainvalsha2g2r1.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsdomainvalsha2g2
CRL Distribution Point: http://crl.globalsign.com/gs/gsdomainvalsha2g2.crl

Check the revocation status for certificate *.yves-rocher.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.yves-rocher.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.yves-rocher.com
yves-rocher.com

Other certificates including the domain name yves-rocher.com

(limited to 100 certificates)
services.yves-rocher.com
medianet.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
abspace-re7.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
incapsula.com
www.yves-rocher.fr
www.yves-rocher.com
eimv3-statics.yves-rocher.com
www.yves-rocher.com
birdplan.yves-rocher.com
san-16-s50.tlsprovisioning.exacttarget.com
admin-rec.easy-ext.yves-rocher.com
sec.yr-fr-rec1.easy-ext.yves-rocher.com
*.yves-rocher.com
www.yves-rocher.fr
www.yves-rocher.com
dyrectperso.yves-rocher.com
san-16-s50.tlsprovisioning.exacttarget.com
imperva.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
pim.yves-rocher.com
secure-vpci.yves-rocher.com
secure-vpci.yves-rocher.com
incapsula.com
dyrectperso.yves-rocher.com
incapsula.com
specif-ac.yves-rocher.com
www-npe.yves-rocher.com
incapsula.com
incapsula.com
incapsula.com
dyrectperso.yves-rocher.com
san-16-s50.tlsprovisioning.exacttarget.com
www-npe.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
sec.yr-fr-rec1.easy-ext.yves-rocher.com
secure-vpci.yves-rocher.com
myreport.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
incapsula.com
san-11-s50.tlsprovisioning.exacttarget.com
services.yves-rocher.com
imperva.com
san-16-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
*.statics-easy-ext.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-16-s50.tlsprovisioning.exacttarget.com
*.yves-rocher.com
dyrectperso.yves-rocher.com
pim.yves-rocher.com
dyrectperso.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
medianet.yves-rocher.com
admin-rec.easy-ext.yves-rocher.com
*.yves-rocher.com
ftp-pao.yves-rocher.com
*.yves-rocher.com
services.yves-rocher.com
incapsula.com
samy.yves-rocher.com
newsroom.yves-rocher.com
www.yves-rocher.fr
dyrectperso.yves-rocher.com
services.yves-rocher.com
specif-ac.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.com
dyrectperso.yves-rocher.com
newsroom.yves-rocher.com
www-npe.yves-rocher.com
dkb.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
pim.yves-rocher.com
specif-ac.yves-rocher.com
*.yves-rocher.com
flow.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
*.yves-rocher.com
portailmag-rec.yves-rocher.com
*.dev-spark-ext.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
services.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
specif-ac.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com

Certificate

The complete raw certificate details for *.yves-rocher.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgIMVc8IyNvPEmyhrx6YMA0GCSqGSIb3DQEBCwUAMGAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcN
MTYxMTIyMTU0NzAyWhcNMjAwMTA0MTU0OTEzWjA/MSEwHwYDVQQLExhEb21haW4g
Q29udHJvbCBWYWxpZGF0ZWQxGjAYBgNVBAMMESoueXZlcy1yb2NoZXIuY29tMIIC
IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAua32MwEsjXQDCY4s0zfemNpM
jNjiFlTuW5p2NET4GlUGSo5XNEguZzNwpr56rDYyXU7PNunebmYixg4817DgSkbk
hvHm7g48BnxmFLZe+zfPq0lCWUKtfshyyrFuxED1Fk/Q4fKlykCY9haeQmD4JgcY
smGxVjUJ63C3+UDTrgK9dla0lN44jws/w8DpK9UTYWepRSnmTlY32enDUE7Yhj1S
+xJr9j1jflMweKFABJKZkCwyT8/McE45iIUSZcvHc/b6ni5t68yEWZWY0muHzTUy
+RO1P4n0mlqhOAa8cAvHYv0w7xYvITDnqXNHDhFosQvEJXdcFXHEq6AqEawMmoy+
a9f2nwocS55LXn8dHeR5MvOBb+hH+02PsJ+lV/R6qg9mdLGYc0D/PULjvdsoy3D6
cgkjwNqHPoYhw1l53by/ecY3+1YZ9zhNPI5gboFwTV04Im+7VKbOFrHqUPsqvXqO
mf9ZjCzsn8ICWYeflvMqFzvvOJOfOPkhLAw+3MInPXnKb7sSsPOnibatSmVCmuq2
SqlKGkNOhi0TLKPOEBEkDLnuLI1NSMJV9d8kkCiDjh3SFjHDapw2GxIZZPC/8h+j
07AZiKN+I3LuDONMTj+qN783VYiobs5V5d5R1DzQJLRukLIxvxMoJvhUIdCtAC/6
s3pmmiZMCVoNzxycwRkCAwEAAaOCAfYwggHyMA4GA1UdDwEB/wQEAwIFoDCBlAYI
KwYBBQUHAQEEgYcwgYQwRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xvYmFs
c2lnbi5jb20vY2FjZXJ0L2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsGAQUF
BzABhi1odHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEy
ZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6
Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1Ud
EwQCMAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNv
bS9ncy9nc2RvbWFpbnZhbHNoYTJnMi5jcmwwLQYDVR0RBCYwJIIRKi55dmVzLXJv
Y2hlci5jb22CD3l2ZXMtcm9jaGVyLmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwHQYDVR0OBBYEFEQESrZfrAReYnMMhIa2+2riuMqrMB8GA1UdIwQY
MBaAFOpOfNSALeUVgYYmjIJtwJikz5cPMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0G
CSqGSIb3DQEBCwUAA4IBAQBjLU6te1bzN7GlGw6v+U3/7JTJrchE8bv4SVFmzjaT
B3LJapKWi+BWhygXW7tXHAsXOSXYUYec1FRk1jRgvZoTeXKb/pFZRyUemWGJEjUL
jA6My+Sa4a0BUeE2Le/WRyNqNfznEObLBwxZQNee4SrIZpsOQmLdfqs/oSJtQgx0
nRimIaLp/U7jqYKONmSggU7z88G7+hE8clrTAS8Jlrrgl+JWo6Ex2+oamiSuUR3S
5/znUxNGpS3BCWlP0Is2o9FGrHx7xLKrZNu70uVP4tMR8g1gUwgAtsCDngFRgnMD
ZZXlonQmoVJPBBDgtHteiO7ziz3qHQYn8bvYyYW6LKfJ
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAua32MwEsjXQDCY4s0zfe
mNpMjNjiFlTuW5p2NET4GlUGSo5XNEguZzNwpr56rDYyXU7PNunebmYixg4817Dg
SkbkhvHm7g48BnxmFLZe+zfPq0lCWUKtfshyyrFuxED1Fk/Q4fKlykCY9haeQmD4
JgcYsmGxVjUJ63C3+UDTrgK9dla0lN44jws/w8DpK9UTYWepRSnmTlY32enDUE7Y
hj1S+xJr9j1jflMweKFABJKZkCwyT8/McE45iIUSZcvHc/b6ni5t68yEWZWY0muH
zTUy+RO1P4n0mlqhOAa8cAvHYv0w7xYvITDnqXNHDhFosQvEJXdcFXHEq6AqEawM
moy+a9f2nwocS55LXn8dHeR5MvOBb+hH+02PsJ+lV/R6qg9mdLGYc0D/PULjvdso
y3D6cgkjwNqHPoYhw1l53by/ecY3+1YZ9zhNPI5gboFwTV04Im+7VKbOFrHqUPsq
vXqOmf9ZjCzsn8ICWYeflvMqFzvvOJOfOPkhLAw+3MInPXnKb7sSsPOnibatSmVC
muq2SqlKGkNOhi0TLKPOEBEkDLnuLI1NSMJV9d8kkCiDjh3SFjHDapw2GxIZZPC/
8h+j07AZiKN+I3LuDONMTj+qN783VYiobs5V5d5R1DzQJLRukLIxvxMoJvhUIdCt
AC/6s3pmmiZMCVoNzxycwRkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 26556514963594135452106301080
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Domain Validation CA - SHA256 - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-11-22 15:47:02 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-04 15:49:13 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.yves-rocher.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 757506425559490765532315581075855084884844714684904288320326605177517485280393682821473662520269778043331018142576877441991729705115248771903044240858569708992877869645056336179992723903636869864259872766190370651964100511768641110877434064311315104995313278458114760501855081474497265385398509427484680284155692134610540076185052597811444793333765088078226193412612295009416490585777162655746894299278926126716907515529027961330180423331760661606477222226573285720957559765888410748545735846270214549726669674448969089945645188413560801452181321530921341601422327107121513425921948199555333142151846403089658251387386087581223636973875364907147044071037911566689754053343282917685463718747520127179887382631395975491374773268690232724316057205231435892149990181309858915375827435474482135723045161783531306219292945435746649552964486936244119257006577769074327630854330043288494162868910197639509416570583751748912703907898834683906182884068332625475959417150310397684534134777886919667116977496370552283769482022883048916394704504576198106269487540115181659650692712396868835513738034987357068149593921679801424463303653154572292250342484705469831657081627003400691889663790630236222229190171440750364620412771527053957141796536601
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsdomainvalsha2g2r1.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsdomainvalsha2g2'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10 (globalsignDVPolicy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsdomainvalsha2g2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.yves-rocher.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							44044ab65fac045e62730c8486b6fb6ae2b8caab
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ea4e7cd4802de5158186268c826dc098a4cf970f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00632d4ead7b56f337b1a51b0eaff94dffec94c9adc844f1bbf8495166ce36930772c96a92968be0568728175bbb571c0b173925d851879cd45464d63460bd9a1379729bfe915947251e99618912350b8c0e8ccbe49ae1ad0151e1362defd647236a35fce710e6cb070c5940d79ee12ac8669b0e4262dd7eab3fa1226d420c749d18a621a2e9fd4ee3a9828e3664a0814ef3f3c1bbfa113c725ad3012f0996bae097e256a3a131dbea1a9a24ae511dd2e7fce7531346a52dc109694fd08b36a3d146ac7c7bc4b2ab64dbbbd2e54fe2d311f20d60530800b6c0839e01518273036595e5a27426a1524f0410e0b47b5e88eef38b3dea1d0627f1bbd8c985ba2ca7c9