www.yves-rocher.com
Issued by R3
About this certificate
This digital certificate with serial number 04:c7:44:c0:cb:0f:81:e0:41:59:95:10:a0:de:c0:e7:b2:6d was issued on by Let's Encrypt.
With 40 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.yves-rocher.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:c7:44:c0:cb:0f:81:e0:41:59:95:10:a0:de:c0:e7:b2:6dSerial Number (int): 416256723287575720435229212811519544767085
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 66:f1:92:e9:ab:d5:fa:c7:bb:88:87:82:ef:50:9b:ab:e6:2e:52:16
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 1a:d9:fa:79:45:34:46:2d:6c:18:cf:06:da:8c:4c:12:e4:fd:79:90
Fingerprint (sha256): 5d:a3:f8:f4:73:3c:09:7a:17:da:ee:66:61:5a:69:f5:80:0a:36:6b:81:d1:95:bd:ac:1a:99:e1:8b:b0:17:48
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.yves-rocher.com
40
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.yves-rocher.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
api.groupe-rocher.com
bi.yvesrocher.com.mx
deal.yrg.se
descubre.yves-rocher.com.mx
eimv3-statics.yves-rocher.com
eimv3.yves-rocher.com
flow.yves-rocher.com
gestorcomercial.yvesrocher.com.mx
media.aod-care.com
pcv-lcda.groupe-rocher.com
pim.yves-rocher.com
s.yrg.se
samy-it.yves-rocher.com
samy-yrbe.yves-rocher.com
samy-yrca.yves-rocher.com
samy-yrce.yves-rocher.com
samy-yres.yves-rocher.com
samy-yrfr.yves-rocher.com
samy-yrit.yves-rocher.com
services.ricaud.com
services.yves-rocher.com
stanhome-lcda.groupe-rocher.com
storelocator.yves-rocher.com
studio-rennes.groupe-rocher.com
tilkal-prd.petit-bateau.com
vpci.ricaud.com
vpci.yves-rocher.com
www-rksp.yves-rocher.com.mx
www.cosmetovigilance.groupe-rocher.com
www.extracteur-donnees-mag-yr.com
www.fondation-danieljouvance.org
www.reconnect-to-nature.com
www.stanfacil.es
www.stanhome.com
www.stanhomeperte.it
www.yves-rocher.co.th
www.yves-rocher.com
www.yves-rocher.com.mx
www.yvesrocher.com.mx
www.yvesrocher.jo
bi.yvesrocher.com.mx
deal.yrg.se
descubre.yves-rocher.com.mx
eimv3-statics.yves-rocher.com
eimv3.yves-rocher.com
flow.yves-rocher.com
gestorcomercial.yvesrocher.com.mx
media.aod-care.com
pcv-lcda.groupe-rocher.com
pim.yves-rocher.com
s.yrg.se
samy-it.yves-rocher.com
samy-yrbe.yves-rocher.com
samy-yrca.yves-rocher.com
samy-yrce.yves-rocher.com
samy-yres.yves-rocher.com
samy-yrfr.yves-rocher.com
samy-yrit.yves-rocher.com
services.ricaud.com
services.yves-rocher.com
stanhome-lcda.groupe-rocher.com
storelocator.yves-rocher.com
studio-rennes.groupe-rocher.com
tilkal-prd.petit-bateau.com
vpci.ricaud.com
vpci.yves-rocher.com
www-rksp.yves-rocher.com.mx
www.cosmetovigilance.groupe-rocher.com
www.extracteur-donnees-mag-yr.com
www.fondation-danieljouvance.org
www.reconnect-to-nature.com
www.stanfacil.es
www.stanhome.com
www.stanhomeperte.it
www.yves-rocher.co.th
www.yves-rocher.com
www.yves-rocher.com.mx
www.yvesrocher.com.mx
www.yvesrocher.jo
Other certificates including the domain name yves-rocher.com
(limited to 100 certificates)
services.yves-rocher.com
medianet.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
abspace-re7.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
incapsula.com
www.yves-rocher.fr
www.yves-rocher.com
eimv3-statics.yves-rocher.com
www.yves-rocher.com
birdplan.yves-rocher.com
san-16-s50.tlsprovisioning.exacttarget.com
admin-rec.easy-ext.yves-rocher.com
sec.yr-fr-rec1.easy-ext.yves-rocher.com
*.yves-rocher.com
www.yves-rocher.fr
www.yves-rocher.com
dyrectperso.yves-rocher.com
san-16-s50.tlsprovisioning.exacttarget.com
imperva.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
pim.yves-rocher.com
secure-vpci.yves-rocher.com
secure-vpci.yves-rocher.com
incapsula.com
dyrectperso.yves-rocher.com
incapsula.com
specif-ac.yves-rocher.com
www-npe.yves-rocher.com
incapsula.com
incapsula.com
incapsula.com
dyrectperso.yves-rocher.com
san-16-s50.tlsprovisioning.exacttarget.com
www-npe.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
sec.yr-fr-rec1.easy-ext.yves-rocher.com
secure-vpci.yves-rocher.com
myreport.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
incapsula.com
san-11-s50.tlsprovisioning.exacttarget.com
services.yves-rocher.com
imperva.com
san-16-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
*.statics-easy-ext.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-16-s50.tlsprovisioning.exacttarget.com
*.yves-rocher.com
dyrectperso.yves-rocher.com
pim.yves-rocher.com
dyrectperso.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
medianet.yves-rocher.com
admin-rec.easy-ext.yves-rocher.com
*.yves-rocher.com
ftp-pao.yves-rocher.com
*.yves-rocher.com
services.yves-rocher.com
incapsula.com
samy.yves-rocher.com
newsroom.yves-rocher.com
www.yves-rocher.fr
dyrectperso.yves-rocher.com
services.yves-rocher.com
specif-ac.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.com
dyrectperso.yves-rocher.com
newsroom.yves-rocher.com
www-npe.yves-rocher.com
dkb.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
pim.yves-rocher.com
specif-ac.yves-rocher.com
*.yves-rocher.com
flow.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
*.yves-rocher.com
portailmag-rec.yves-rocher.com
*.dev-spark-ext.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
services.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
specif-ac.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
medianet.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
abspace-re7.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
incapsula.com
www.yves-rocher.fr
www.yves-rocher.com
eimv3-statics.yves-rocher.com
www.yves-rocher.com
birdplan.yves-rocher.com
san-16-s50.tlsprovisioning.exacttarget.com
admin-rec.easy-ext.yves-rocher.com
sec.yr-fr-rec1.easy-ext.yves-rocher.com
*.yves-rocher.com
www.yves-rocher.fr
www.yves-rocher.com
dyrectperso.yves-rocher.com
san-16-s50.tlsprovisioning.exacttarget.com
imperva.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
pim.yves-rocher.com
secure-vpci.yves-rocher.com
secure-vpci.yves-rocher.com
incapsula.com
dyrectperso.yves-rocher.com
incapsula.com
specif-ac.yves-rocher.com
www-npe.yves-rocher.com
incapsula.com
incapsula.com
incapsula.com
dyrectperso.yves-rocher.com
san-16-s50.tlsprovisioning.exacttarget.com
www-npe.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
sec.yr-fr-rec1.easy-ext.yves-rocher.com
secure-vpci.yves-rocher.com
myreport.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
incapsula.com
san-11-s50.tlsprovisioning.exacttarget.com
services.yves-rocher.com
imperva.com
san-16-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
*.statics-easy-ext.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-16-s50.tlsprovisioning.exacttarget.com
*.yves-rocher.com
dyrectperso.yves-rocher.com
pim.yves-rocher.com
dyrectperso.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
medianet.yves-rocher.com
admin-rec.easy-ext.yves-rocher.com
*.yves-rocher.com
ftp-pao.yves-rocher.com
*.yves-rocher.com
services.yves-rocher.com
incapsula.com
samy.yves-rocher.com
newsroom.yves-rocher.com
www.yves-rocher.fr
dyrectperso.yves-rocher.com
services.yves-rocher.com
specif-ac.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.com
dyrectperso.yves-rocher.com
newsroom.yves-rocher.com
www-npe.yves-rocher.com
dkb.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
pim.yves-rocher.com
specif-ac.yves-rocher.com
*.yves-rocher.com
flow.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
*.yves-rocher.com
portailmag-rec.yves-rocher.com
*.dev-spark-ext.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
services.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
specif-ac.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
Certificate
The complete raw certificate details for www.yves-rocher.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIII1zCCB7+gAwIBAgISBMdEwMsPgeBBWZUQoN7A57JtMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMDUwNzM0MDNaFw0yNDAzMDQwNzM0MDJaMB4xHDAaBgNVBAMT E3d3dy55dmVzLXJvY2hlci5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQDZfxGkd9HKk2WPeh/IzLXx6NKAWoNOUPE+TGxPgImNsWDQYYONhNnuUdMP DJa6Be12SiYiKcgk15vxXHtE2q1/srGDZwlV7grlhRZoEY+ZVovHkCUMDs2kGfbl eO5EqHmrOKfE4zIG+gqV9EskPIKRyZLaal2zv0fNczBCrywKemNddgqKinnmMj8u brGQyaaio7rlA6l26kOvn8TvpsvL79GXjw2QUJDA49fytd04dmERFg4aydNIApuC bmckXDodBy8WwYXDhi0NrZnJ1ixlna5RaEskgsp3v+suoLobFDjaFBRhXOCppBSq 04fLpnQMCuMS9XKE0EotHMav/I+5AgMBAAGjggX5MIIF9TAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw HQYDVR0OBBYEFGbxkumr1frHu4iHgu9Qm6vmLlIWMB8GA1UdIwQYMBaAFBQusxe3 WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0 cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5j ci5vcmcvMIID/wYDVR0RBIID9jCCA/KCFWFwaS5ncm91cGUtcm9jaGVyLmNvbYIU YmkueXZlc3JvY2hlci5jb20ubXiCC2RlYWwueXJnLnNlghtkZXNjdWJyZS55dmVz LXJvY2hlci5jb20ubXiCHWVpbXYzLXN0YXRpY3MueXZlcy1yb2NoZXIuY29tghVl aW12My55dmVzLXJvY2hlci5jb22CFGZsb3cueXZlcy1yb2NoZXIuY29tgiFnZXN0 b3Jjb21lcmNpYWwueXZlc3JvY2hlci5jb20ubXiCEm1lZGlhLmFvZC1jYXJlLmNv bYIacGN2LWxjZGEuZ3JvdXBlLXJvY2hlci5jb22CE3BpbS55dmVzLXJvY2hlci5j b22CCHMueXJnLnNlghdzYW15LWl0Lnl2ZXMtcm9jaGVyLmNvbYIZc2FteS15cmJl Lnl2ZXMtcm9jaGVyLmNvbYIZc2FteS15cmNhLnl2ZXMtcm9jaGVyLmNvbYIZc2Ft eS15cmNlLnl2ZXMtcm9jaGVyLmNvbYIZc2FteS15cmVzLnl2ZXMtcm9jaGVyLmNv bYIZc2FteS15cmZyLnl2ZXMtcm9jaGVyLmNvbYIZc2FteS15cml0Lnl2ZXMtcm9j aGVyLmNvbYITc2VydmljZXMucmljYXVkLmNvbYIYc2VydmljZXMueXZlcy1yb2No ZXIuY29tgh9zdGFuaG9tZS1sY2RhLmdyb3VwZS1yb2NoZXIuY29tghxzdG9yZWxv Y2F0b3IueXZlcy1yb2NoZXIuY29tgh9zdHVkaW8tcmVubmVzLmdyb3VwZS1yb2No ZXIuY29tght0aWxrYWwtcHJkLnBldGl0LWJhdGVhdS5jb22CD3ZwY2kucmljYXVk LmNvbYIUdnBjaS55dmVzLXJvY2hlci5jb22CG3d3dy1ya3NwLnl2ZXMtcm9jaGVy LmNvbS5teIImd3d3LmNvc21ldG92aWdpbGFuY2UuZ3JvdXBlLXJvY2hlci5jb22C IXd3dy5leHRyYWN0ZXVyLWRvbm5lZXMtbWFnLXlyLmNvbYIgd3d3LmZvbmRhdGlv bi1kYW5pZWxqb3V2YW5jZS5vcmeCG3d3dy5yZWNvbm5lY3QtdG8tbmF0dXJlLmNv bYIQd3d3LnN0YW5mYWNpbC5lc4IQd3d3LnN0YW5ob21lLmNvbYIUd3d3LnN0YW5o b21lcGVydGUuaXSCFXd3dy55dmVzLXJvY2hlci5jby50aIITd3d3Lnl2ZXMtcm9j aGVyLmNvbYIWd3d3Lnl2ZXMtcm9jaGVyLmNvbS5teIIVd3d3Lnl2ZXNyb2NoZXIu Y29tLm14ghF3d3cueXZlc3JvY2hlci5qbzATBgNVHSAEDDAKMAgGBmeBDAECATCC AQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2AKLiv9Ye3i8vB6DWTm03p9xlQ7DGtS6i 2reK+Jpt9RfYAAABjDkc44AAAAQDAEcwRQIgSwoV7emp4g+JOYU4b68NZDKGOD6R hKIjjfsFyvzlcrkCIQC0ao0BMht5zfI0uAZZOykc4CK6LRwfGY+dI87UAi3cBAB3 AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjDkc49YAAAQDAEgw RgIhANBkMTvwQNSywMLBepzh0l4mmwepxKIvzalCup9lErlUAiEA1dAiOw5DNlC7 UowhG3dSoquW25jCOb3g2SzJSXekoQkwDQYJKoZIhvcNAQELBQADggEBAH5SmSxH tDU0XvGfM3up3uqaYgflo8RQpNFno/bFZZTuYFKmMm3XMmtz79gghyJfwvB75pQQ S1p1pDNNAbObbXBHzgpo9G2W+UUt1RAfGrXo6DEhyW/+aPltZi5HjTCKw3l/DKlT 9CXicmB1kouGIC7esi9whWJzQFDsmreljHXIX1YM/qAA7Ed0uafvNEKy02zthdyW cHxQJFtGwIJE6EWLCjvl2gfm96KpbCtYKvOeKTOTsOf1StSWaZmKBhMFfh1tHTWh XbiuPwcwO6Chn4xts3BIJ0WwE9HRo5PCRyFN5MkhW37bfCOJxcnW7LxJT4bQBTt4 ERjH9Z/jMKALgCs= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2X8RpHfRypNlj3ofyMy1 8ejSgFqDTlDxPkxsT4CJjbFg0GGDjYTZ7lHTDwyWugXtdkomIinIJNeb8Vx7RNqt f7Kxg2cJVe4K5YUWaBGPmVaLx5AlDA7NpBn25XjuRKh5qzinxOMyBvoKlfRLJDyC kcmS2mpds79HzXMwQq8sCnpjXXYKiop55jI/Lm6xkMmmoqO65QOpdupDr5/E76bL y+/Rl48NkFCQwOPX8rXdOHZhERYOGsnTSAKbgm5nJFw6HQcvFsGFw4YtDa2ZydYs ZZ2uUWhLJILKd7/rLqC6GxQ42hQUYVzgqaQUqtOHy6Z0DArjEvVyhNBKLRzGr/yP uQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 416256723287575720435229212811519544767085 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-05 07:34:03 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-04 07:34:02 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.yves-rocher.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27456372195402918476300212817924783084111949342759330212152881145580216319201079659990329938243606574744773212063224524638283809419022191606498642664363614902751956088161466852742464578297430916077075996876364442855611050488436499995767573218925389802315941324051748928589313993106350730028176291814764989134616895200932709176549185723290871413774420087958870768780247682938221029161203489783927288237204445392778173698938363312556110151695563135434690484653438545499944184720283688337158556091916808502191976987311542678123887953511301098111745449855005138912805588150493137234823137525908154462950639283371081764793 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 66f192e9abd5fac7bb888782ef509babe62e5216 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1014 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.groupe-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bi.yvesrocher.com.mx' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'deal.yrg.se' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'descubre.yves-rocher.com.mx' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eimv3-statics.yves-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eimv3.yves-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flow.yves-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gestorcomercial.yvesrocher.com.mx' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'media.aod-care.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pcv-lcda.groupe-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pim.yves-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 's.yrg.se' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'samy-it.yves-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'samy-yrbe.yves-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'samy-yrca.yves-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'samy-yrce.yves-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'samy-yres.yves-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'samy-yrfr.yves-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'samy-yrit.yves-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services.ricaud.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services.yves-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stanhome-lcda.groupe-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'storelocator.yves-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'studio-rennes.groupe-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tilkal-prd.petit-bateau.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vpci.ricaud.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vpci.yves-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-rksp.yves-rocher.com.mx' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cosmetovigilance.groupe-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.extracteur-donnees-mag-yr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fondation-danieljouvance.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.reconnect-to-nature.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stanfacil.es' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stanhome.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stanhomeperte.it' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.co.th' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.com.mx' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yvesrocher.com.mx' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yvesrocher.jo' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018c391ce380000004030047304502204b0a15ede9a9e20f893985386faf0d643286383e9184a2238dfb05cafce572b9022100b46a8d01321b79cdf234b806593b291ce022ba2d1c1f198f9d23ced4022ddc0400770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c391ce3d60000040300483046022100d064313bf040d4b2c0c2c17a9ce1d25e269b07a9c4a22fcda942ba9f6512b954022100d5d0223b0e433650bb528c211b7752a2ab96db98c239bde0d92cc94977a4a109 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007e52992c47b435345ef19f337ba9deea9a6207e5a3c450a4d167a3f6c56594ee6052a6326dd7326b73efd82087225fc2f07be694104b5a75a4334d01b39b6d7047ce0a68f46d96f9452dd5101f1ab5e8e83121c96ffe68f96d662e478d308ac3797f0ca953f425e2726075928b86202edeb22f708562734050ec9ab7a58c75c85f560cfea000ec4774b9a7ef3442b2d36ced85dc96707c50245b46c08244e8458b0a3be5da07e6f7a2a96c2b582af39e293393b0e7f54ad49669998a0613057e1d6d1d35a15db8ae3f07303ba0a19f8c6db370482745b013d1d1a393c247214de4c9215b7edb7c2389c5c9d6ecbc494f86d0053b781118c7f59fe330a00b802b