static.impots.gouv.fr

- DIRECTION GENERALE DES FINANCES PUBLIQUES -

Issued by Certigna Services CA

About this certificate

This digital certificate with serial number a1:f3:5d:da:b6:6d:f2:9c:b1:83:e9:96:54:f8:f0:27 was issued on by DHIMYOTIS.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

DIRECTION GENERALE DES FINANCES PUBLIQUES

Company registration number: S307250566
Organization: DIRECTION GENERALE DES FINANCES PUBLIQUES
Locality: PARIS
Country: FR

DHIMYOTIS

Organization: DHIMYOTIS
Organization unit: 0002 48146308100036
Country: FR

This certificate will expire on

Certificate Details

Serial Number (hex): a1:f3:5d:da:b6:6d:f2:9c:b1:83:e9:96:54:f8:f0:27
Serial Number (int): 215269339050287176771215921039413932071
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: c8:79:e9:e4:69:cc:8a:44:fc:1d:f0:a8:2f:c5:d7:d8:e2:04:fd:3e
AuthorityKeyId: ac:ec:86:8f:4b:37:1c:b8:7f:17:1b:19:d0:ae:e8:4e:e3:34:5c:12

Fingerprint (sha1): eb:f6:b6:25:2a:64:e7:ab:67:51:5e:ca:2f:e2:41:b5:3c:1c:23:f0
Fingerprint (sha256): 50:d8:79:bf:fd:28:6d:e9:bc:8b:ca:7a:df:cb:e9:09:4e:82:91:d2:86:be:5a:3d:80:dd:48:bf:df:d2:64:ee

Issuing Certificate URL: http://autorite.dhimyotis.com/servicesca.der
Issuing Certificate URL: http://autorite.certigna.fr/servicesca.der

Revocation information

OCSP Server: http://servicesca.ocsp.certigna.fr
OCSP Server: http://servicesca.ocsp.dhimyotis.com
CRL Distribution Point: http://crl.dhimyotis.com/servicesca.crl
CRL Distribution Point: http://crl.certigna.fr/servicesca.crl

Check the revocation status for certificate static.impots.gouv.fr

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for static.impots.gouv.fr

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

static.impots.gouv.fr

Other certificates including the domain name impots.gouv.fr

(limited to 100 certificates)
cfsfc.impots.gouv.fr
bmly.impots.gouv.fr
adel.impots.gouv.fr
cfspro-idp.impots.gouv.fr
www.impots.gouv.fr
teletd.impots.gouv.fr
inscriptionpro.impots.gouv.fr
cfsfc.impots.gouv.fr
www.impots.gouv.fr
www.impots.gouv.fr
cfspro.impots.gouv.fr
timbres.impots.gouv.fr
passtrans.impots.gouv.fr
cfspro.impots.gouv.fr
www3.impots.gouv.fr
consommation.timbres.impots.gouv.fr
cfspart.impots.gouv.fr
cfspart.impots.gouv.fr
inscriptionpart.impots.gouv.fr
assistance-en-ligne.integration.impots.gouv.fr
static.impots.gouv.fr
assistance-en-ligne.impots.gouv.fr
inscriptionpro.integration.impots.gouv.fr
www3.impots.gouv.fr
idp.impots.gouv.fr
wss-acl.integration.impots.gouv.fr
www.integration.impots.gouv.fr
cfsmsp.impots.gouv.fr
poseidon2.impots.gouv.fr
cfspro.impots.gouv.fr
static.impots.gouv.fr
inscriptionpro.impots.gouv.fr
teletd.impots.gouv.fr
cfspro-idp.impots.gouv.fr
passtrans.integration.impots.gouv.fr
idp.impots.gouv.fr
adel.integration.impots.gouv.fr
teletd-test.impots.gouv.fr
timbres.impots.gouv.fr
static.impots.gouv.fr
www.integration.impots.gouv.fr
inscriptionpro.impots.gouv.fr
inscriptionpro.impots.gouv.fr
www.impots.gouv.fr
teletd.integration.impots.gouv.fr
inscriptionpro.impots.gouv.fr
recherchesuccessionsvacantes.impots.gouv.fr
cfsfc.impots.gouv.fr
eai-fatca.impots.gouv.fr
poseidon1.integration.impots.gouv.fr
timbres.impots.gouv.fr
www.impots.gouv.fr
inscriptionpro.integration.impots.gouv.fr
formuelassistteleservice.impots.gouv.fr
www.impots.gouv.fr
encheres-domaine.integration.impots.gouv.fr
poseidon1-test.integration.impots.gouv.fr
cfsmsp.impots.gouv.fr
formulaires.impots.gouv.fr
inscriptionpro.impots.gouv.fr
idp.impots.gouv.fr
recherchesuccessionsvacantes.integration.impots.gouv.fr
eai-cts-nc.impots.gouv.fr
www.impots.gouv.fr
rendezvous.impots.gouv.fr
idp.integration.impots.gouv.fr
poseidon2.impots.gouv.fr
idp.integration.impots.gouv.fr
static.impots.gouv.fr
cfsfc.impots.gouv.fr
www.impots.gouv.fr
payfip.impots.gouv.fr
www.impots.gouv.fr
cfsfc.impots.gouv.fr
poseidon1.impots.gouv.fr
www.impots.gouv.fr
static.impots.gouv.fr
payfip.impots.gouv.fr
timbres.impots.gouv.fr
consommation.timbres.impots.gouv.fr
gw.impots.gouv.fr
cfsfc.impots.gouv.fr
teletd.integration.impots.gouv.fr
static.impots.gouv.fr
poseidon2.impots.gouv.fr
cfspro.impots.gouv.fr
cfspart.integration.impots.gouv.fr
eai-fatca.impots.gouv.fr
payfip.integration.impots.gouv.fr
cfsmsp.impots.gouv.fr
formuelassistteleservice.impots.gouv.fr
retraitesdeletat.integration.impots.gouv.fr
cfspart.impots.gouv.fr
cfspro.impots.gouv.fr
encheres-domaine2.integration.impots.gouv.fr
www.impots.gouv.fr
static.impots.gouv.fr
static.impots.gouv.fr
inscriptionpro.impots.gouv.fr
www.tipi.integration.impots.gouv.fr

Certificate

The complete raw certificate details for static.impots.gouv.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG8DCCBNigAwIBAgIRAKHzXdq2bfKcsYPpllT48CcwDQYJKoZIhvcNAQELBQAw
fTELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURISU1ZT1RJUzEcMBoGA1UECwwTMDAw
MiA0ODE0NjMwODEwMDAzNjEdMBsGA1UEYQwUTlRSRlItNDgxNDYzMDgxMDAwMzYx
HTAbBgNVBAMMFENlcnRpZ25hIFNlcnZpY2VzIENBMB4XDTI0MDQyMjIyMDAwMFoX
DTI1MDUyNDIxNTk1OVowgYYxCzAJBgNVBAYTAkZSMQ4wDAYDVQQHDAVQQVJJUzEy
MDAGA1UECgwpRElSRUNUSU9OIEdFTkVSQUxFIERFUyBGSU5BTkNFUyBQVUJMSVFV
RVMxHjAcBgNVBAMMFXN0YXRpYy5pbXBvdHMuZ291di5mcjETMBEGA1UEBRMKUzMw
NzI1MDU2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJxvJiDObf7K
ZoHkjFZGRJxNeyHrUiQcDE3iF6eOmHEvcP3+yIMbB/zSZilHobN/aI4ZEGGulNWp
ymVQ2g32ZVfA1UR2eycUgomAGkvDq7Mu/TO3H2i7IfLrHhiFTt6TGr2CD7031yoT
OmCmumTXHXNeZIhkmfFGksPY/uAkjWe7H4da/dxxTSzC5fsygX9ZVoBTnvfuiNE1
15Y5n0J58gUu9VK0ZTlxor5+wEf6qyy2YWO4UYgN/HqpAtW+mEIMSO7UhzqVF1lp
hKYFtZ7/hjr1KB8J1M7A0FSCZuvJOqlDeYGQHEgbf/4C57efqsfN8bHMXdwvfMLi
PCVJKC0UErECAwEAAaOCAl8wggJbMIHkBggrBgEFBQcBAQSB1zCB1DA4BggrBgEF
BQcwAoYsaHR0cDovL2F1dG9yaXRlLmRoaW15b3Rpcy5jb20vc2VydmljZXNjYS5k
ZXIwNgYIKwYBBQUHMAKGKmh0dHA6Ly9hdXRvcml0ZS5jZXJ0aWduYS5mci9zZXJ2
aWNlc2NhLmRlcjAuBggrBgEFBQcwAYYiaHR0cDovL3NlcnZpY2VzY2Eub2NzcC5j
ZXJ0aWduYS5mcjAwBggrBgEFBQcwAYYkaHR0cDovL3NlcnZpY2VzY2Eub2NzcC5k
aGlteW90aXMuY29tMB8GA1UdIwQYMBaAFKzsho9LNxy4fxcbGdCu6E7jNFwSMAwG
A1UdEwEB/wQCMAAwYQYDVR0gBFowWDAIBgZngQwBAgIwTAYLKoF6AYExAgUBAQEw
PTA7BggrBgEFBQcCARYvaHR0cHM6Ly93d3cuY2VydGlnbmEuY29tL2F1dG9yaXRl
LWNlcnRpZmljYXRpb24wZQYDVR0fBF4wXDAtoCugKYYnaHR0cDovL2NybC5kaGlt
eW90aXMuY29tL3NlcnZpY2VzY2EuY3JsMCugKaAnhiVodHRwOi8vY3JsLmNlcnRp
Z25hLmZyL3NlcnZpY2VzY2EuY3JsMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA4GA1Ud
DwEB/wQEAwIFoDAgBgNVHREEGTAXghVzdGF0aWMuaW1wb3RzLmdvdXYuZnIwHQYD
VR0OBBYEFMh56eRpzIpE/B3wqC/F19jiBP0+MBMGCisGAQQB1nkCBAMBAf8EAgUA
MA0GCSqGSIb3DQEBCwUAA4ICAQCZQBF5K+QG3xnJwRXB67S+ZhcTYEs9tu5HG92l
aCngek+SQ2mfSqh3Q+YApbPTNjzuqFCUv/J9qSyHZ+m3xIEFq87sZZg+HyLafkMV
01skGQ0FN6Pv/0TgQz95IyNDUzGPRkTTXyTyJjV7HU2ae5NKl0GwYeCwcMn+FkCa
8KJQfuZ8ZnEImdlyLgabJrdWljlQRLxWo4J1xmEvruiSHzhDhC15UvAJsw3h4HyR
G/iMIlxmriB6ZOXKgS/iTLBixD/u1upAXfMRRwsZUKcSsoHXe0bPJsELIjXWhs6B
9a0uVOtKrkJScKfUf9bvSHfRYBIHP6e/BeECgXUuaMN6zilmWnq3bue1ubgg1aRi
pVpOiKu5gdKk2QyMkRHIw9b5PD3BSEpf7jmW3/VCiX++5ygFtzggR2OVfT5vFIIa
x7jEiV3wVLOVUn5scaHCQHqyomk9czjBzpb3OX8jG3Tstw6W+PB4piaVM6+41kST
A1EQ96Rvrra8dRcqoko8qzm0d5s/AuCNBlv762XYDf0rjWQJrwdY3+yMv1myXA1p
i9K1T64n9xnf//Ie1X1LMY3n4TudJI7bpxBuvvNdRQklbvrLvEkWhdx8ZozHM8B2
1RcrkuwsBHJYSxMam3hvDBMJyx+4ISGFLiVcDk4V7+SOs/w2BN9vN05BASsjhRcy
6iK7XQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnG8mIM5t/spmgeSMVkZE
nE17IetSJBwMTeIXp46YcS9w/f7IgxsH/NJmKUehs39ojhkQYa6U1anKZVDaDfZl
V8DVRHZ7JxSCiYAaS8Orsy79M7cfaLsh8useGIVO3pMavYIPvTfXKhM6YKa6ZNcd
c15kiGSZ8UaSw9j+4CSNZ7sfh1r93HFNLMLl+zKBf1lWgFOe9+6I0TXXljmfQnny
BS71UrRlOXGivn7AR/qrLLZhY7hRiA38eqkC1b6YQgxI7tSHOpUXWWmEpgW1nv+G
OvUoHwnUzsDQVIJm68k6qUN5gZAcSBt//gLnt5+qx83xscxd3C98wuI8JUkoLRQS
sQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 215269339050287176771215921039413932071
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DHIMYOTIS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '0002 48146308100036'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRFR-48146308100036'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Certigna Services CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-22 22:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-24 21:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'PARIS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DIRECTION GENERALE DES FINANCES PUBLIQUES'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'static.impots.gouv.fr'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'S307250566'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19747985158856240586177973549665826853487493421161988279274444365058404857805692638705758707875076414380239476744987075632198034678557564281205846224145529067737292779105371393910728722239838216888819286582941962735421558548341222980026327842310547646985837901914623997663779611895347852275067462737393736877105307384907559045633530079820531548410197661704371001932866788177612652823159172186198163298663189378481496473417212482724177219048370965754488070870107262187474483761562850276623367307448917713838780703219228658349984721814278420101198809856404886632888471999083842702459235220911152195102172796879675593393
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (215 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://autorite.dhimyotis.com/servicesca.der'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://autorite.certigna.fr/servicesca.der'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://servicesca.ocsp.certigna.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://servicesca.ocsp.dhimyotis.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName acec868f4b371cb87f171b19d0aee84ee3345c12
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.250.1.177.2.5.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.certigna.com/autorite-certification'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (94 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.dhimyotis.com/servicesca.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.certigna.fr/servicesca.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'static.impots.gouv.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c879e9e469cc8a44fc1df0a82fc5d7d8e204fd3e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00994011792be406df19c9c115c1ebb4be661713604b3db6ee471bdda56829e07a4f9243699f4aa87743e600a5b3d3363ceea85094bff27da92c8767e9b7c48105abceec65983e1f22da7e4315d35b24190d0537a3efff44e0433f7923234353318f4644d35f24f226357b1d4d9a7b934a9741b061e0b070c9fe16409af0a2507ee67c66710899d9722e069b26b75696395044bc56a38275c6612faee8921f3843842d7952f009b30de1e07c911bf88c225c66ae207a64e5ca812fe24cb062c43feed6ea405df311470b1950a712b281d77b46cf26c10b2235d686ce81f5ad2e54eb4aae425270a7d47fd6ef4877d16012073fa7bf05e10281752e68c37ace29665a7ab76ee7b5b9b820d5a462a55a4e88abb981d2a4d90c8c9111c8c3d6f93c3dc1484a5fee3996dff542897fbee72805b738204763957d3e6f14821ac7b8c4895df054b395527e6c71a1c2407ab2a2693d7338c1ce96f7397f231b74ecb70e96f8f078a6269533afb8d64493035110f7a46faeb6bc75172aa24a3cab39b4779b3f02e08d065bfbeb65d80dfd2b8d6409af0758dfec8cbf59b25c0d698bd2b54fae27f719dffff21ed57d4b318de7e13b9d248edba7106ebef35d4509256efacbbc491685dc7c668cc733c076d5172b92ec2c0472584b131a9b786f0c1309cb1fb82121852e255c0e4e15efe48eb3fc3604df6f374e41012b23851732ea22bb5d