webmail.ijm.org
- International Justice Mission -
Issued by Thawte RSA CA 2018
About this certificate
This digital certificate with serial number 02:29:ef:dc:0e:13:74:ae:bd:3d:10:cc:e8:77:8c:15 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
International Justice Mission
Organization:
International Justice Mission
Organization unit: GTS
Organization unit: GTS
State / Province:
Virginia
Locality: Arlington
Country: US
Locality: Arlington
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 02:29:ef:dc:0e:13:74:ae:bd:3d:10:cc:e8:77:8c:15Serial Number (int): 2876205093217096311916022782565518357
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: 92:e1:9c:c9:99:d5:f9:53:24:bb:02:f0:6b:54:13:83:b6:e0:81:e5
AuthorityKeyId: a3:c8:5e:65:54:e5:30:78:c1:05:ea:07:0a:6a:59:cc:b9:fe:de:5a
Fingerprint (sha1): c4:9f:a7:ff:5c:fe:2d:bf:0c:d2:8d:8d:f6:49:98:7a:1e:2c:0a:b6
Fingerprint (sha256): 5c:6d:93:ee:aa:e9:1b:50:a3:85:bd:bd:a0:1d:06:71:8b:9c:f7:be:30:41:0c:16:22:d9:61:7e:ce:d9:bd:ec
Issuing Certificate URL: http://cacerts.thawte.com/ThawteRSACA2018.crt
Revocation information
OCSP Server: http://status.thawte.comCRL Distribution Point: http://cdp.thawte.com/ThawteRSACA2018.crl
Check the revocation status for certificate webmail.ijm.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for webmail.ijm.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
webmail.ijm.org
autodiscover.ijm.org
autodiscover.ijm.org
Other certificates including the domain name ijm.org
(limited to 100 certificates)
stage.ijm.org
stage.freedomcommons.ijm.org
gifts.ijm.org
sentry.ijm.org
image.mktmarathonkids.org
ssl964611.cloudflaressl.com
freedomcommons.ijm.org
stage.gifts.ijm.org
sni.cloudflaressl.com
gifts.ijm.org
netcommunity.ijm.org
www.ijm.org
mask12.classy.org
sharepoint.ijm.org
stage.ijm.org
gifts.ijm.org
image.mktmarathonkids.org
gifts.ijm.org
mask12.classy.org
fundraising.ijm.org
*.ijm.org
freedomcommons.ijm.org
mask12.classy.org
mask12.classy.org
mask12.classy.org
freedomcommons.ijm.org
mask12.classy.org
gifts.ijm.org
mask12.classy.org
dev.ijm.org
mobile.ijm.org
image.mktmarathonkids.org
support.quickhelp.com
mobile.ijm.org
support.quickhelp.com
san-3-s7.tlsprovisioning.exacttarget.com
tableau.ijm.org
support.quickhelp.com
*.ijm.org
stage.ijm.org
dev.ijm.org
stage.ijm.org
webmail.ijm.org
stage.gifts.ijm.org
www.ijm.org
stage.ijm.org
stage.ijm.org
webmail.ijm.org
ssl964612.cloudflaressl.com
stage.freedomcommons.ijm.org
image.mktmarathonkids.org
support.quickhelp.com
gifts.ijm.org
tableau.ijm.org
gifts.ijm.org
ijm.org
stage.freedomcommons.ijm.org
stage.gifts.ijm.org
image.mktmarathonkids.org
image.mktmarathonkids.org
mask12.classy.org
sharepoint.ijm.org
image.mktmarathonkids.org
support.quickhelp.com
mobile.ijm.org
image.mktmarathonkids.org
mask12.classy.org
webmail.ijm.org
mask12.classy.org
gifts.ijm.org
stage.gifts.ijm.org
mask12.classy.org
dev.ijm.org
image.mktmarathonkids.org
webmail.ijm.org
mask12.classy.org
my.ijm.org
mask12.classy.org
sni.cloudflaressl.com
www.ijm.org
image.mktmarathonkids.org
image.mktmarathonkids.org
mask12.classy.org
gifts.ijm.org
san-3-s7.tlsprovisioning.exacttarget.com
mask12.classy.org
mask12.classy.org
image.mktmarathonkids.org
stage.freedomcommons.ijm.org
tableau.ijm.org
www.ijm.org
image.mktmarathonkids.org
mask12.classy.org
stage.gifts.ijm.org
sni.cloudflaressl.com
webmail.ijm.org
bomgar.ijm.org
image.mktmarathonkids.org
sni.cloudflaressl.com
dev.ijm.org
stage.freedomcommons.ijm.org
gifts.ijm.org
sentry.ijm.org
image.mktmarathonkids.org
ssl964611.cloudflaressl.com
freedomcommons.ijm.org
stage.gifts.ijm.org
sni.cloudflaressl.com
gifts.ijm.org
netcommunity.ijm.org
www.ijm.org
mask12.classy.org
sharepoint.ijm.org
stage.ijm.org
gifts.ijm.org
image.mktmarathonkids.org
gifts.ijm.org
mask12.classy.org
fundraising.ijm.org
*.ijm.org
freedomcommons.ijm.org
mask12.classy.org
mask12.classy.org
mask12.classy.org
freedomcommons.ijm.org
mask12.classy.org
gifts.ijm.org
mask12.classy.org
dev.ijm.org
mobile.ijm.org
image.mktmarathonkids.org
support.quickhelp.com
mobile.ijm.org
support.quickhelp.com
san-3-s7.tlsprovisioning.exacttarget.com
tableau.ijm.org
support.quickhelp.com
*.ijm.org
stage.ijm.org
dev.ijm.org
stage.ijm.org
webmail.ijm.org
stage.gifts.ijm.org
www.ijm.org
stage.ijm.org
stage.ijm.org
webmail.ijm.org
ssl964612.cloudflaressl.com
stage.freedomcommons.ijm.org
image.mktmarathonkids.org
support.quickhelp.com
gifts.ijm.org
tableau.ijm.org
gifts.ijm.org
ijm.org
stage.freedomcommons.ijm.org
stage.gifts.ijm.org
image.mktmarathonkids.org
image.mktmarathonkids.org
mask12.classy.org
sharepoint.ijm.org
image.mktmarathonkids.org
support.quickhelp.com
mobile.ijm.org
image.mktmarathonkids.org
mask12.classy.org
webmail.ijm.org
mask12.classy.org
gifts.ijm.org
stage.gifts.ijm.org
mask12.classy.org
dev.ijm.org
image.mktmarathonkids.org
webmail.ijm.org
mask12.classy.org
my.ijm.org
mask12.classy.org
sni.cloudflaressl.com
www.ijm.org
image.mktmarathonkids.org
image.mktmarathonkids.org
mask12.classy.org
gifts.ijm.org
san-3-s7.tlsprovisioning.exacttarget.com
mask12.classy.org
mask12.classy.org
image.mktmarathonkids.org
stage.freedomcommons.ijm.org
tableau.ijm.org
www.ijm.org
image.mktmarathonkids.org
mask12.classy.org
stage.gifts.ijm.org
sni.cloudflaressl.com
webmail.ijm.org
bomgar.ijm.org
image.mktmarathonkids.org
sni.cloudflaressl.com
dev.ijm.org
Certificate
The complete raw certificate details for webmail.ijm.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIQAinv3A4TdK69PRDM6HeMFTANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMRswGQYDVQQDExJUaGF3dGUgUlNBIENBIDIwMTgwHhcN MTgwODMwMDAwMDAwWhcNMTkwOTI5MTIwMDAwWjCBhDELMAkGA1UEBhMCVVMxETAP BgNVBAgTCFZpcmdpbmlhMRIwEAYDVQQHEwlBcmxpbmd0b24xJjAkBgNVBAoTHUlu dGVybmF0aW9uYWwgSnVzdGljZSBNaXNzaW9uMQwwCgYDVQQLEwNHVFMxGDAWBgNV BAMTD3dlYm1haWwuaWptLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/PooY/OFCWsW9/LMKUNIT7BugGLfWU9TQO2bzvXAfykNKDza/Si9D49hsp zWjTwbkX2Cv0ig1vwLEBOp+TuPO3iH0DDU3Q43eSoE9Ic3Yk4B0ImSWRwmbyoEph oehCFrC4zbr3uT+X8iQ32fJxRCghh82FpWE6NW15tpT08GtnX4eYceCviJkrC1vJ 2ILFVebBgl7PfjHvgXE947QN8g81QMYMTv7whFUPwtp6SH5hDFgnSGDVTdsQ0YFU mpGueb8ILsUL6X5m08ZZQMX7BgIIW+b/5Dgr//EITdvxt+ncQCKkEvG2fb9bqRNU drfKi2NZEsUQkPBQuGy7hhhDoZMCAwEAAaOCAcAwggG8MB8GA1UdIwQYMBaAFKPI XmVU5TB4wQXqBwpqWcy5/t5aMB0GA1UdDgQWBBSS4ZzJmdX5UyS7AvBrVBODtuCB 5TAwBgNVHREEKTAngg93ZWJtYWlsLmlqbS5vcmeCFGF1dG9kaXNjb3Zlci5pam0u b3JnMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH AwIwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NkcC50aGF3dGUuY29tL1RoYXd0 ZVJTQUNBMjAxOC5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEF BQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbwYI KwYBBQUHAQEEYzBhMCQGCCsGAQUFBzABhhhodHRwOi8vc3RhdHVzLnRoYXd0ZS5j b20wOQYIKwYBBQUHMAKGLWh0dHA6Ly9jYWNlcnRzLnRoYXd0ZS5jb20vVGhhd3Rl UlNBQ0EyMDE4LmNydDAJBgNVHRMEAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0G CSqGSIb3DQEBCwUAA4IBAQBdpxgrD9juJh9coGHj7VrW+lJfFawM7Nnf3P2Wmw/K ceHhaFu295eyS+xWKdYDyr4hPKlquja98+oB19K8BtNH/J7U3UUUpTcWJF1CVa4m z3RmLI3XCtMvo9JIe61+MinrjoXWSYxR36ehcZ6yqTCcwz5vIkIeaoXmkLhFjs2k 4AITBATu2Dm4g/sPc6q1LfPf0ZMP4rPRkgFqOYO5nlnzR/2DtIf4qs2RnSd3sxD7 EDzhyZxIHFGbq3+ngNQynz/MxsbsD3+G4xIKi2hk9TjVIoQVrLHbvY+J4Do5dHPz 8UTcFCiWHQ+850IJ+AAiUDT+mUBghEL3szDi3TIu5ysw -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8+ihj84UJaxb38swpQ0 hPsG6AYt9ZT1NA7ZvO9cB/KQ0oPNr9KL0Pj2GynNaNPBuRfYK/SKDW/AsQE6n5O4 87eIfQMNTdDjd5KgT0hzdiTgHQiZJZHCZvKgSmGh6EIWsLjNuve5P5fyJDfZ8nFE KCGHzYWlYTo1bXm2lPTwa2dfh5hx4K+ImSsLW8nYgsVV5sGCXs9+Me+BcT3jtA3y DzVAxgxO/vCEVQ/C2npIfmEMWCdIYNVN2xDRgVSaka55vwguxQvpfmbTxllAxfsG Aghb5v/kOCv/8QhN2/G36dxAIqQS8bZ9v1upE1R2t8qLY1kSxRCQ8FC4bLuGGEOh kwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2876205093217096311916022782565518357 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-30 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-29 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Virginia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arlington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'International Justice Mission' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GTS' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'webmail.ijm.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24213904814523753878125443672199555608829232935130001407559358740892978855733794207335061731062800112295793126353358308883622477408363557026278302532566885137452071912282686197230800841407106801897153841927178633094364116001982762153501940042696658100646699128907228640278816376309757752230541356802199167262410351830942229626452643949348855857908206006589661059170455283405001675177443390294388415637400669666441399363393625349493490262267104678215754291579785919591669628585109465758311267564244909622667952995256113889866901921213004364634401791339085958885871752172307407335746890713081752597123358584989485867411 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a3c85e6554e53078c105ea070a6a59ccb9fede5a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 92e19cc999d5f95324bb02f06b541383b6e081e5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (41 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.ijm.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.ijm.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005da7182b0fd8ee261f5ca061e3ed5ad6fa525f15ac0cecd9dfdcfd969b0fca71e1e1685bb6f797b24bec5629d603cabe213ca96aba36bdf3ea01d7d2bc06d347fc9ed4dd4514a53716245d4255ae26cf74662c8dd70ad32fa3d2487bad7e3229eb8e85d6498c51dfa7a1719eb2a9309cc33e6f22421e6a85e690b8458ecda4e002130404eed839b883fb0f73aab52df3dfd1930fe2b3d192016a3983b99e59f347fd83b487f8aacd919d2777b310fb103ce1c99c481c519bab7fa780d4329f3fccc6c6ec0f7f86e3120a8b6864f538d5228415acb1dbbd8f89e03a397473f3f144dc1428961d0fbce74209f800225034fe9940608442f7b330e2dd322ee72b30