bsv.ancv.com

- AGENCE NATIONALE POUR LES CHEQUES-VACANCES E.P.I.C. -

Issued by thawte EV SSL CA - G3

About this certificate

This digital certificate with serial number 1d:47:4b:c7:18:a1:f2:6d:f2:bf:89:ea:9c:78:86:3a was issued on by thawte, Inc..

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

AGENCE NATIONALE POUR LES CHEQUES-VACANCES E.P.I.C.

Company registration number: 326 817 442
Organization: AGENCE NATIONALE POUR LES CHEQUES-VACANCES E.P.I.C.
Organization unit: ANCV
State / Province: VAL D'OISE
Locality: SARCELLE CEDEX
Country: FR

thawte, Inc.

Organization: thawte, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 1d:47:4b:c7:18:a1:f2:6d:f2:bf:89:ea:9c:78:86:3a
Serial Number (int): 38917801909466569423267093700073260602
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: f0:70:51:da:d3:2a:91:4f:52:77:d7:86:77:74:0f:ce:71:1a:6c:22

Fingerprint (sha1): d8:2a:99:e3:af:ec:8b:e4:cf:5d:9e:d9:9a:2c:a6:fe:fa:c1:75:a1
Fingerprint (sha256): 88:d9:bd:57:d5:78:53:f0:4d:ea:92:0b:12:d3:c7:fe:f8:8e:f2:7a:0f:95:fc:3e:07:7f:42:bc:16:72:28:5e

Issuing Certificate URL: http://ti.symcb.com/ti.crt

Revocation information

OCSP Server: http://ti.symcd.com
CRL Distribution Point: http://ti.symcb.com/ti.crl

Check the revocation status for certificate bsv.ancv.com

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for bsv.ancv.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

projets-vacances.ancv.com
seniors.ancv.com
porteurs.ancv.com
bsv.ancv.com

Other certificates including the domain name ancv.com

(limited to 100 certificates)
telereglement.ancv.com
bsv.ancv.com
espace-client.ancv.com
www.ancv.com
*.connect.ancv.com
espace-ptl.ancv.com
bsv.ancv.com
telereglement.ancv.com
*.recette.ancv.com
tr.communication.ancv.com
adr.ancv.com
*.partenaires.espace-actionsociale.ancv.com
bsv.ancv.com
bsv.ancv.com
faq.ancv.com
eremboursement.ancv.com
tr.communication.ancv.com
*.ancv.com
www.ancv.com
eremboursement.ancv.com
telereglement.ancv.com
extranet1.ancv.com
telereglement.ancv.com
faq.ancv.com
espace-ptl.preprod.ancv.com
espace-client.ancv.com
adn.ancv.com
eremboursement.preprod.ancv.com
*.recette.ancv.com
auth.connect.ancv.com
espace-ptl.ancv.com
espace-ptl.preprod.ancv.com
www.ancv.com
*.secure-connect2.ancv.com
static.ancv.com
tr.communication.ancv.com
espace-client.ancv.com
telereglement.ancv.com
*.ancv.com
static.ancv.com
eremboursement.preprod.ancv.com
eremboursement.ancv.com
espace-ptl.ancv.com
espace-ptl.ancv.com
boutique-en-ligne.ancv.com
bsv.ancv.com
cvt-pro.ancv.com
www.ancv.com
telereglement.ancv.com
espace-ptl.ancv.com
eremboursement.preprod.ancv.com
boutique-en-ligne.ancv.com
espace-ptl.preprod.ancv.com
espace-ptl.ancv.com
eremboursement.preprod.ancv.com
bsv.ancv.com
extranet1.ancv.com
bsv.ancv.com
*.secure-connect2.preprod.ancv.com
boutique-en-ligne.ancv.com
*.preprod.ancv.com
tr.communication.ancv.com
tr.communication.ancv.com
adr.ancv.com
tr.communication.ancv.com
boutique-en-ligne.ancv.com
eremboursement.preprod.ancv.com
espace-client.ancv.com
*.ancv.com

*.imagine.ancv.com
espace-client.ancv.com
www.ancv.com
communications.ancv.com
telereglement.ancv.com
telereglement.ancv.com
infos.ancv.com
adr.ancv.com
espace-client.ancv.com
bsv.ancv.com
eremboursement.ancv.com
adn.ancv.com
info.ancv.com
www.ancv.com
static.ancv.com
tr.communication.ancv.com
*.imagine.ancv.com
bsv.ancv.com
*.secure-connect2.ancv.com
*.ancv.com
adn.ancv.com
information.ancv.com
*.connect.ancv.com
faq.ancv.com
*.ancv.com
*.secure-connect2.preprod.ancv.com
espace-ptl.preprod.ancv.com
telereglement.ancv.com
espace-ptl.ancv.com
eremboursement.preprod.ancv.com

Certificate

The complete raw certificate details for bsv.ancv.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGdTCCBV2gAwIBAgIQHUdLxxih8m3yv4nqnHiGOjANBgkqhkiG9w0BAQsFADBE
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMR4wHAYDVQQDExV0
aGF3dGUgRVYgU1NMIENBIC0gRzMwHhcNMTUxMjIzMDAwMDAwWhcNMTcwMjIwMjM1
OTU5WjCB6TETMBEGCysGAQQBgjc8AgEDEwJGUjEdMBsGA1UEDxMUUHJpdmF0ZSBP
cmdhbml6YXRpb24xFDASBgNVBAUTCzMyNiA4MTcgNDQyMQswCQYDVQQGEwJGUjET
MBEGA1UECBQKVkFMIEQnT0lTRTEXMBUGA1UEBxQOU0FSQ0VMTEUgQ0VERVgxPDA6
BgNVBAoUM0FHRU5DRSBOQVRJT05BTEUgUE9VUiBMRVMgQ0hFUVVFUy1WQUNBTkNF
UyBFLlAuSS5DLjENMAsGA1UECxQEQU5DVjEVMBMGA1UEAxQMYnN2LmFuY3YuY29t
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywezgciuhugJnO4OFcv4
5fEgwnoJglxEE3kiKbO/rM500dPoq0noHlUHQ3A+14gS6SeG+luzghniq+lFQFhX
nFfVQ27Gee6xb3NOFUgdpCyjktLQmu7LpL17D/AQLw45MMkRNcQdTtNMHyTDPVvP
N0qbsxP9H3RdmNYpVu+dLUF+rpQBg/5/4jy83Bh7jFt0Q2GGaZj4t7du2HBBTHpt
kfQn9mwIcoMAtPd7KynpqvsANB8+HlFSlwrqYMwUyXJjpYN+s0VvFYJpYfH4h/76
TukWy/p3i8q1HjU5L9REiqWGU7OoDPmbVBPMhnhHtVSnLhWVdPG/P9mvnKBBxTEj
uQIDAQABo4ICuzCCArcwVwYDVR0RBFAwToIZcHJvamV0cy12YWNhbmNlcy5hbmN2
LmNvbYIQc2VuaW9ycy5hbmN2LmNvbYIRcG9ydGV1cnMuYW5jdi5jb22CDGJzdi5h
bmN2LmNvbTAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDArBgNVHR8EJDAiMCCg
HqAchhpodHRwOi8vdGkuc3ltY2IuY29tL3RpLmNybDBzBgNVHSAEbDBqMGgGC2CG
SAGG+EUBBzABMFkwJgYIKwYBBQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20v
Y3BzMC8GCCsGAQUFBwICMCMMIWh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vcmVwb3Np
dG9yeTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAU
8HBR2tMqkU9Sd9eGd3QPznEabCIwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzAB
hhNodHRwOi8vdGkuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vdGkuc3lt
Y2IuY29tL3RpLmNydDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB1AN3rHSt6DU+m
IIuBrYFocH4ujp0B1VyIjT0RxM227L7MAAABUc4exTQAAAQDAEYwRAIgNe2HfzdV
JJ4OWna+LQr5oCuOLjRq165XqRBh6icnlOECIHvl1twAhE51rMMGWzEP4CtFFFa7
4KRzRb0nllNRvHBaAHcApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAA
AAFRzh7FagAABAMASDBGAiEA5PQHIgGkronNBwU+hrFetZPnplIyBYcvx75WLlCb
elICIQDmvPqSLndFRYyQVeZrnMFuYhPf/SwhtP+IMAo5u393KTANBgkqhkiG9w0B
AQsFAAOCAQEAGq53BdKpRv0+HLxrpDwM6kTDooJdxBOFcLHn0FyEq/ifGroSD7hl
DIF4e/9VIUwdorCYFwPtcoj3MztzwCYe7pQsXlpRWMBnjJEpbG7gn4OsOVTUl5Ub
XFlxe08ENuz1GmtVyph3qYWu9FOqVx8weiNgpyRfiIOhK93DFYqFbELVouyfPpYA
+gKnbJ/nkosZOmUji5L1KuBXIBdg1PfNwncXZ4nq6/0zez8mlypqWlLgWiJU+1Tb
w+lXypVj72jl6kSb5Ih6+YIkUPqC6DrnuqFk40qtnIEY36ayZl/5Y/u19x8/j6gE
9AxaUXxakOYDllc+9Z9iubUEQoZDtM/u8Q==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywezgciuhugJnO4OFcv4
5fEgwnoJglxEE3kiKbO/rM500dPoq0noHlUHQ3A+14gS6SeG+luzghniq+lFQFhX
nFfVQ27Gee6xb3NOFUgdpCyjktLQmu7LpL17D/AQLw45MMkRNcQdTtNMHyTDPVvP
N0qbsxP9H3RdmNYpVu+dLUF+rpQBg/5/4jy83Bh7jFt0Q2GGaZj4t7du2HBBTHpt
kfQn9mwIcoMAtPd7KynpqvsANB8+HlFSlwrqYMwUyXJjpYN+s0VvFYJpYfH4h/76
TukWy/p3i8q1HjU5L9REiqWGU7OoDPmbVBPMhnhHtVSnLhWVdPG/P9mvnKBBxTEj
uQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 38917801909466569423267093700073260602
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte EV SSL CA - G3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-12-23 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-02-20 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '326 817 442'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'VAL D'OISE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'SARCELLE CEDEX'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'AGENCE NATIONALE POUR LES CHEQUES-VACANCES E.P.I.C.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'ANCV'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'bsv.ancv.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25630173510922414140303015877384128194513571678658868259624569522287938898492069595235763579142932556783513520824504848302464938618722390158798780772764554466194663651789629602215858814796309812416800387950334235589133794888535090637961031084277908685091795344105156117432113232058078804951405775142058306870924925792790838096371972320558665955747771953997321009329761248949979155939508928477812684577476228709417842398394109080103727866668436280428289045674402642133162882859708075192065284508527962962304820445940934897885864140402170869600259274754003052403825341709306928497438013994474120264856270717788498240441
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projets-vacances.ancv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'seniors.ancv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'porteurs.ancv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bsv.ancv.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ti.symcb.com/ti.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.48.1 (Thawte EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f07051dad32a914f5277d78677740fce711a6c22
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ti.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ti.symcb.com/ti.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007500ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc00000151ce1ec5340000040300463044022035ed877f3755249e0e5a76be2d0af9a02b8e2e346ad7ae57a91061ea272794e102207be5d6dc00844e75acc3065b310fe02b451456bbe0a47345bd27965351bc705a007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000151ce1ec56a0000040300483046022100e4f4072201a4ae89cd07053e86b15eb593e7a6523205872fc7be562e509b7a52022100e6bcfa922e7745458c9055e66b9cc16e6213dffd2c21b4ff88300a39bb7f7729
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001aae7705d2a946fd3e1cbc6ba43c0cea44c3a2825dc4138570b1e7d05c84abf89f1aba120fb8650c81787bff55214c1da2b0981703ed7288f7333b73c0261eee942c5e5a5158c0678c91296c6ee09f83ac3954d497951b5c59717b4f0436ecf51a6b55ca9877a985aef453aa571f307a2360a7245f8883a12bddc3158a856c42d5a2ec9f3e9600fa02a76c9fe7928b193a65238b92f52ae057201760d4f7cdc277176789eaebfd337b3f26972a6a5a52e05a2254fb54dbc3e957ca9563ef68e5ea449be4887af9822450fa82e83ae7baa164e34aad9c8118dfa6b2665ff963fbb5f71f3f8fa804f40c5a517c5a90e60396573ef59f62b9b504428643b4cfeef1