extranet.veoliaeau.fr

- VEOLIA ENVIRONNEMENT -

Issued by thawte SSL CA - G2

About this certificate

This digital certificate with serial number 2e:f1:82:3b:65:ee:d3:7c:9a:5e:3a:c7:fc:27:0d:fa was issued on by thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

VEOLIA ENVIRONNEMENT

Organization: VEOLIA ENVIRONNEMENT
Organization unit: VEOLIA ENVIRONNEMENT
State / Province: PARIS
Locality: PARIS
Country: FR

thawte, Inc.

Organization: thawte, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 2e:f1:82:3b:65:ee:d3:7c:9a:5e:3a:c7:fc:27:0d:fa
Serial Number (int): 62398472768269795725673682630160616954
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: c2:4f:48:57:fc:d1:4f:9a:c0:5d:38:7d:0e:05:db:d9:2e:b5:52:60

Fingerprint (sha1): 8b:30:06:2e:ea:85:a2:56:15:db:f7:07:2c:40:23:55:da:5e:31:ab
Fingerprint (sha256): 52:2a:af:51:fb:8d:dc:6b:eb:3a:f5:00:d9:e2:30:57:a2:43:05:6a:2e:ae:05:25:f8:48:6e:9d:76:89:e4:a2

Issuing Certificate URL: http://tj.symcb.com/tj.crt

Revocation information

OCSP Server: http://tj.symcd.com
CRL Distribution Point: http://tj.symcb.com/tj.crl

Check the revocation status for certificate extranet.veoliaeau.fr

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for extranet.veoliaeau.fr

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

extranet.veoliaeau.fr

Other certificates including the domain name veoliaeau.fr

(limited to 100 certificates)
www.service-client.veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
www.service-client.veoliaeau.fr
veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
extranet.veoliaeau.fr
extranet.veoliaeau.fr
pp.service-client.veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr
veoliaeau.fr
extranet.veoliaeau.fr
www.service-client.veoliaeau.fr
www.service-client.veoliaeau.fr
www.service-client.veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
veoliaeau.fr
veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
www.canalo.veoliaeau.fr
extranet.veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
www.canalo.veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
extranet.veoliaeau.fr
extranet.veoliaeau.fr
www.service-client.veoliaeau.fr
www.service-client.veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr

Certificate

The complete raw certificate details for extranet.veoliaeau.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGUTCCBTmgAwIBAgIQLvGCO2Xu03yaXjrH/CcN+jANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTcwMTI2MDAwMDAwWhcNMTgwMzI3MjM1OTU5
WjCBizELMAkGA1UEBhMCRlIxDjAMBgNVBAgMBVBBUklTMQ4wDAYDVQQHDAVQQVJJ
UzEdMBsGA1UECgwUVkVPTElBIEVOVklST05ORU1FTlQxHTAbBgNVBAsMFFZFT0xJ
QSBFTlZJUk9OTkVNRU5UMR4wHAYDVQQDDBVleHRyYW5ldC52ZW9saWFlYXUuZnIw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0uwKbyTRr/ERUBIL1fKmt
pKIXe3n4MTMw6WIARrZCd62/VyAnqbVsAceQ6AtiuvEC4KiQe/3qjx7x/Okgnylq
LD+jV5iCS1bUJXef0szmfBYcfg5cp2nFes/n+sTU4X2cwzPXXwsU9ZyPiUTpxc7w
lL+gtJxc6wupFqU5z9kTbod27/puWIhR6RduRcKpbKMdSOh12b8fNwbb4l06ocLk
jYboi1MuMtGEzgrazuzrY4k6cqHKmlRiPB4bmR+D6kBajFQle4VgD1m80DULrR22
xH9QiMoqR9L4VUqDE8++gU5GTQ/r4Cs8ta5XnAE6Kg7ox8AzeOamuBgCxyHwFPi1
AgMBAAGjggL4MIIC9DAgBgNVHREEGTAXghVleHRyYW5ldC52ZW9saWFlYXUuZnIw
CQYDVR0TBAIwADBuBgNVHSAEZzBlMGMGBmeBDAECAjBZMCYGCCsGAQUFBwIBFhpo
dHRwczovL3d3dy50aGF3dGUuY29tL2NwczAvBggrBgEFBQcCAjAjDCFodHRwczov
L3d3dy50aGF3dGUuY29tL3JlcG9zaXRvcnkwDgYDVR0PAQH/BAQDAgWgMB8GA1Ud
IwQYMBaAFMJPSFf80U+awF04fQ4F29kutVJgMCsGA1UdHwQkMCIwIKAeoByGGmh0
dHA6Ly90ai5zeW1jYi5jb20vdGouY3JsMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly90ai5z
eW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly90ai5zeW1jYi5jb20vdGouY3J0
MIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgDd6x0reg1PpiCLga2BaHB+Lo6d
AdVciI09EcTNtuy+zAAAAVna/KSuAAAEAwBHMEUCIQDB5SlPwFa2RLcDlHUbKb2T
24U6IbDriLDe4DNtYPLNKgIgTZ4QIj1Cn4LuA5I1otGdF3vTji2rooD05csZDbHL
wpIAdQCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAVna/KTIAAAE
AwBGMEQCIB0hngkZes8EOKp7E0V0mTI8EQpz7PxRxIuekXqBlYIHAiA37SMjh2ZS
Z1agsK9iaOQ2Z2XtN39JnyfgF2zF2zhPvAB2ALx44d/F9jxoRkkzTaEPoV8JeWkg
CcCBtPP2kX8+2bilAAABWdr8pZ0AAAQDAEcwRQIhALBb4dSIOc2GUM4CApVO8Pp+
ydnZZ4cFr5CvhwZkTc/UAiAKorm1BWJQyDlR1kV3Q7j61Zl5uVNBhhbbNXw+MrQd
FTANBgkqhkiG9w0BAQsFAAOCAQEAL9dcq2OvgU3C3xeAko64yRgDquPxBD31nXiP
xg6grybjB/LMpIKbDytvdugmXusRQuqCR9+9mvlZhb0LUJwIH3CDJc4NSRJBVBwF
I9inPOqm22bYZWhyylsfY4EUt26VQBKvjF33oqBMSuIIElYiZhVAWbD53HjuxkfY
eyw0+zQQ/d0NCuZQ3IcPZjA+hCL+SVv7jHwDtLJXbs/ZJuvloV6lO09hraTXDzMn
FZ+0v13iTqRk2lMvLxloy2mxkXl5hYYzhlGWor5NXpgce9Yw12wsY7Il5enmp33w
L3J4PiZR7k11ZNAX3vgaC0ItanQlv3IdUXYfNJk+rTyE5RFR8g==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLsCm8k0a/xEVASC9Xyp
raSiF3t5+DEzMOliAEa2Qnetv1cgJ6m1bAHHkOgLYrrxAuCokHv96o8e8fzpIJ8p
aiw/o1eYgktW1CV3n9LM5nwWHH4OXKdpxXrP5/rE1OF9nMMz118LFPWcj4lE6cXO
8JS/oLScXOsLqRalOc/ZE26Hdu/6bliIUekXbkXCqWyjHUjoddm/HzcG2+JdOqHC
5I2G6ItTLjLRhM4K2s7s62OJOnKhyppUYjweG5kfg+pAWoxUJXuFYA9ZvNA1C60d
tsR/UIjKKkfS+FVKgxPPvoFORk0P6+ArPLWuV5wBOioO6MfAM3jmprgYAsch8BT4
tQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 62398472768269795725673682630160616954
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte SSL CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-01-26 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-03-27 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'PARIS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'PARIS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'VEOLIA ENVIRONNEMENT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'VEOLIA ENVIRONNEMENT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'extranet.veoliaeau.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22815113055402747132411998994522003348346039093539208642544820337217470287975939946224713218462741527386683824372060232862063717870677982987980218914208540128970267036360887755326506829109432477960905005016939871674697198455909105396277660756224587349681561338284975750028364029216587700888619466523057093771124382190995433631612049925388576286845698214477768922719510553290770867921797641665493028077432410471864364800530794183819405074723003180776599959817897849173012423219286188493595253970318719184273175317701592653966964151209930755047157161644677430924091563206809878510332583397065632328141774490226239273141
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'extranet.veoliaeau.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c24f4857fcd14f9ac05d387d0e05dbd92eb55260
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc00000159dafca4ae0000040300473045022100c1e5294fc056b644b70394751b29bd93db853a21b0eb88b0dee0336d60f2cd2a02204d9e10223d429f82ee039235a2d19d177bd38e2daba280f4e5cb190db1cbc292007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000159dafca4c8000004030046304402201d219e09197acf0438aa7b13457499323c110a73ecfc51c48b9e917a81958207022037ed23238766526756a0b0af6268e4366765ed377f499f27e0176cc5db384fbc007600bc78e1dfc5f63c684649334da10fa15f0979692009c081b4f3f6917f3ed9b8a500000159dafca59d0000040300473045022100b05be1d48839cd8650ce0202954ef0fa7ec9d9d9678705af90af8706644dcfd402200aa2b9b5056250c83951d6457743b8fad59979b953418616db357c3e32b41d15
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002fd75cab63af814dc2df1780928eb8c91803aae3f1043df59d788fc60ea0af26e307f2cca4829b0f2b6f76e8265eeb1142ea8247dfbd9af95985bd0b509c081f708325ce0d491241541c0523d8a73ceaa6db66d8656872ca5b1f638114b76e954012af8c5df7a2a04c4ae20812562266154059b0f9dc78eec647d87b2c34fb3410fddd0d0ae650dc870f66303e8422fe495bfb8c7c03b4b2576ecfd926ebe5a15ea53b4f61ada4d70f3327159fb4bf5de24ea464da532f2f1968cb69b1917979858633865196a2be4d5e981c7bd630d76c2c63b225e5e9e6a77df02f72783e2651ee4d7564d017def81a0b422d6a7425bf721d51761f34993ead3c84e51151f2