*.refer.org

Issued by Gandi Standard SSL CA 2

About this certificate

This digital certificate with serial number c1:81:0f:12:8d:e4:35:b6:4c:99:45:6f:fe:c7:26:20 was issued on by Gandi.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.refer.org,OU=Domain Control Validated+OU=Gandi Standard Wildcard SSL

Gandi

Organization: Gandi
State / Province: Paris
Locality: Paris
Country: FR

This certificate has expire since

Certificate Details

Serial Number (hex): c1:81:0f:12:8d:e4:35:b6:4c:99:45:6f:fe:c7:26:20
Serial Number (int): 257211115187404011386261955367135553056
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: f2:23:bc:7d:7d:38:af:db:49:28:2e:03:6d:45:7a:ed:3a:eb:87:b5
AuthorityKeyId: b3:90:a7:d8:c9:af:4e:cd:61:3c:9f:7c:ad:5d:7f:41:fd:69:30:ea

Fingerprint (sha1): c3:e1:f4:ef:45:89:00:7d:9c:4a:36:0e:65:18:89:8b:60:77:ba:ed
Fingerprint (sha256): 79:21:7e:1e:d6:6f:15:01:cf:8a:56:bb:cf:58:26:7b:d1:09:7a:92:a3:ee:15:87:e7:8d:80:b6:60:4a:4d:f9

Issuing Certificate URL: http://crt.usertrust.com/GandiStandardSSLCA2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.usertrust.com/GandiStandardSSLCA2.crl

Check the revocation status for certificate *.refer.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.refer.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.refer.org
refer.org

Other certificates including the domain name refer.org

(limited to 100 certificates)
senghor.refer.org
basarpcsi.eg.refer.org
examens.refer.org
listes.cm.refer.org
*.refer.org
foad.refer.org
fad-damanhour.eg.refer.org
senghor.refer.org
listes.cm.refer.org
examens.refer.org
listes.cm.refer.org
listes.cm.refer.org
listes.cm.refer.org
basarpcsi.eg.refer.org
www.eg.auf.org
adip.eg.refer.org
foad.refer.org
fad-damanhour.eg.refer.org
examens.refer.org
examens.refer.org
foad.refer.org
foad.refer.org
cnf-tripoli.eg.refer.org
senghor.refer.org
*.refer.org
www.eg.auf.org
mooc.refer.org
www.eg.auf.org
tg.refer.org
adip.eg.refer.org
foad.refer.org
examens.refer.org
listes.cm.refer.org
mooc.refer.org
foad.refer.org
senghor.refer.org
adip.eg.refer.org
mooc.refer.org
cnf-tripoli.eg.refer.org
www.eg.auf.org
mooc.refer.org
senghor.refer.org
www.eg.auf.org
fad-damanhour.eg.refer.org
listes.cm.refer.org
www.eg.auf.org
www.eg.auf.org
foad.refer.org
mooc.refer.org
examens.refer.org
basarpcsi.eg.refer.org
tg.refer.org
critique-mediatique.eg.refer.org
*.refer.org
basarpcsi.eg.refer.org
certificationtice102.refer.org
mooc.refer.org
basarpcsi.eg.refer.org
adip.eg.refer.org
examens.refer.org
foad.refer.org
listes.cm.refer.org
senghor.refer.org
examens.refer.org
critique-mediatique.eg.refer.org
mooc.refer.org
critique-mediatique.eg.refer.org
mooc.refer.org
tg.refer.org
examens.refer.org
*.refer.org
listes.cm.refer.org
listes.cm.refer.org
listes.cm.refer.org
adip.eg.refer.org
critique-mediatique.eg.refer.org
adip.eg.refer.org
foad.refer.org
critique-mediatique.eg.refer.org
fad-damanhour.eg.refer.org
fad-damanhour.eg.refer.org
foad.refer.org
senghor.refer.org
listes.cm.refer.org
refer.org
fad-damanhour.eg.refer.org
adip.eg.refer.org
senghor.refer.org
basarpcsi.eg.refer.org
fad-damanhour.eg.refer.org
veilleauf.refer.org
senghor.refer.org
listes.cm.refer.org
mooc.refer.org
*.refer.org
*.refer.org
basarpcsi.eg.refer.org
cnf-tripoli.eg.refer.org
critique-mediatique.eg.refer.org
www.eg.auf.org

Certificate

The complete raw certificate details for *.refer.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIRAMGBDxKN5DW2TJlFb/7HJiAwDQYJKoZIhvcNAQELBQAw
XzELMAkGA1UEBhMCRlIxDjAMBgNVBAgTBVBhcmlzMQ4wDAYDVQQHEwVQYXJpczEO
MAwGA1UEChMFR2FuZGkxIDAeBgNVBAMTF0dhbmRpIFN0YW5kYXJkIFNTTCBDQSAy
MB4XDTE3MDUwMjAwMDAwMFoXDTE4MDYwNTIzNTk1OVowXzEhMB8GA1UECxMYRG9t
YWluIENvbnRyb2wgVmFsaWRhdGVkMSQwIgYDVQQLExtHYW5kaSBTdGFuZGFyZCBX
aWxkY2FyZCBTU0wxFDASBgNVBAMMCyoucmVmZXIub3JnMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEA0BSDgLGa00X6J/TOM8LnjMJGP9ucuz+Jo30i9iBO
RsYaJf+0x4JRRw6AfRl1epbwaCJWm0O3lg8ANUt3YTqFlaDdLWKcLnXPFbwNct+F
rHve41V+xr2h0JpvFwAz8350VWhY2ByhoHGRdYk0E5LbdX3p8iA5iSJfwDNScvy4
IFT/W/bkOJCe6OIXxabj2zoYVAojhHDVefAvfy3Cf4nV1jh3achoyxmBUl/hGSmt
/QeDV45Aa5bKhDTtD1aL4bBCgiZYDBLYx5+XyF2bynK4zap/vwyYdMT8af6hEjQL
ygL3mZghv/W0b26cGGKe4T2oamc4h/ic5xiD8ybXTI8xowIDAQABo4IBqTCCAaUw
HwYDVR0jBBgwFoAUs5Cn2MmvTs1hPJ98rV1/Qf1pMOowHQYDVR0OBBYEFPIjvH19
OK/bSSguA21Feu0664e1MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBLBgNVHSAERDBCMDYGCysGAQQB
sjEBAgIaMCcwJQYIKwYBBQUHAgEWGWh0dHBzOi8vY3BzLnVzZXJ0cnVzdC5jb20w
CAYGZ4EMAQIBMEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9jcmwudXNlcnRydXN0
LmNvbS9HYW5kaVN0YW5kYXJkU1NMQ0EyLmNybDBzBggrBgEFBQcBAQRnMGUwPAYI
KwYBBQUHMAKGMGh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9HYW5kaVN0YW5kYXJk
U1NMQ0EyLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNv
bTAhBgNVHREEGjAYggsqLnJlZmVyLm9yZ4IJcmVmZXIub3JnMA0GCSqGSIb3DQEB
CwUAA4IBAQCKVqNVqNJYdBFj+j6YAUGKy+7aRDRu2UN6RkWvKceN5se5pzcRhsGP
OYPeqW+U2SQAHY0A7NKglSnIPGrVvqhxcLwvSsuzXcKZ2ysi38fye0T8sLzXmhpD
UB6cyLLR90PbwdjxLHvXPhrrpMO6ufOaSdlMs25zSjvRSLvrlxS0ZCPsSN5xK+gI
mS7eqiNHYkap2Z2R5zLB4VzbOlX5LR05ltl+7Ove2hsVz58BiMYx8rzWe+3Nmcp9
y6ieQ4kOHb/Nj9zgte1P+EZkDGTdBCMXSyQflTuV/AJYnYYXgqJT/9vIHQs1EVXF
oHJ0mShHwOS9TIvJLE4GyZL+iLboMZXW
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BSDgLGa00X6J/TOM8Ln
jMJGP9ucuz+Jo30i9iBORsYaJf+0x4JRRw6AfRl1epbwaCJWm0O3lg8ANUt3YTqF
laDdLWKcLnXPFbwNct+FrHve41V+xr2h0JpvFwAz8350VWhY2ByhoHGRdYk0E5Lb
dX3p8iA5iSJfwDNScvy4IFT/W/bkOJCe6OIXxabj2zoYVAojhHDVefAvfy3Cf4nV
1jh3achoyxmBUl/hGSmt/QeDV45Aa5bKhDTtD1aL4bBCgiZYDBLYx5+XyF2bynK4
zap/vwyYdMT8af6hEjQLygL3mZghv/W0b26cGGKe4T2oamc4h/ic5xiD8ybXTI8x
owIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 257211115187404011386261955367135553056
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Paris'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Paris'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi Standard SSL CA 2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-05-02 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-06-05 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi Standard Wildcard SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.refer.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26267683106778074163975934242549466192504556838284592469721781243176963284908008021824534556276249453115900503634818716553174632659569819501800452143900830875391995595686376865309624305016695143048651709079187445104875015590273304508705183732135267159567791381486854072153427466545163026008872638728492817679315198978786783184991561738500724591044561932766328740038361622038112294099256050228654341447472390596981553980354185226689300362204487414627295091606870429869602447534415010680420635407220928952816704487549317013794814549197385697177031220146309108701065540696587301865897944741691786553948119048142898278819
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b390a7d8c9af4ecd613c9f7cad5d7f41fd6930ea
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f223bc7d7d38afdb49282e036d457aed3aeb87b5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.26
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/GandiStandardSSLCA2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/GandiStandardSSLCA2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.refer.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'refer.org'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008a56a355a8d258741163fa3e9801418acbeeda44346ed9437a4645af29c78de6c7b9a7371186c18f3983dea96f94d924001d8d00ecd2a09529c83c6ad5bea87170bc2f4acbb35dc299db2b22dfc7f27b44fcb0bcd79a1a43501e9cc8b2d1f743dbc1d8f12c7bd73e1aeba4c3bab9f39a49d94cb36e734a3bd148bbeb9714b46423ec48de712be808992edeaa23476246a9d99d91e732c1e15cdb3a55f92d1d3996d97eecebdeda1b15cf9f0188c631f2bcd67bedcd99ca7dcba89e43890e1dbfcd8fdce0b5ed4ff846640c64dd0423174b241f953b95fc02589d861782a253ffdbc81d0b351155c5a07274992847c0e4bd4c8bc92c4e06c992fe88b6e83195d6