HEAB-ITSC-A007.ap.holcim.net

Issued by COMODO RSA Domain Validation Secure Server CA

About this certificate

This digital certificate with serial number 0a:59:8c:fc:ff:f8:e8:11:39:0d:2d:9d:20:41:b3:61 was issued on by COMODO CA Limited.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=HEAB-ITSC-A007.ap.holcim.net,OU=Domain Control Validated+OU=Issued through LafargeHolcim Ltd E-PKI Manager+OU=COMODO SSL

COMODO CA Limited

Organization: COMODO CA Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:59:8c:fc:ff:f8:e8:11:39:0d:2d:9d:20:41:b3:61
Serial Number (int): 13757253960319810230886798722991240033
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: c9:51:ff:49:5a:71:7f:64:c9:8b:99:96:5a:99:d9:a1:10:2c:bd:09
AuthorityKeyId: 90:af:6a:3a:94:5a:0b:d8:90:ea:12:56:73:df:43:b4:3a:28:da:e7

Fingerprint (sha1): 3d:38:1b:04:0d:1a:9b:7c:68:c5:f0:52:56:b8:85:1c:63:6a:02:d4
Fingerprint (sha256): 89:de:bf:cd:1c:d5:a2:ef:7c:99:87:9f:d9:76:c4:a4:49:c3:55:96:be:51:9d:36:ee:41:1b:9f:1d:d5:a1:0b

Issuing Certificate URL: http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.comodoca.com
CRL Distribution Point: http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl

Check the revocation status for certificate HEAB-ITSC-A007.ap.holcim.net

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for HEAB-ITSC-A007.ap.holcim.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

HEAB-ITSC-A007.ap.holcim.net
www.heab-itsc-a007.ap.holcim.net

Other certificates including the domain name holcim.net

(limited to 100 certificates)
holporsso.holcim.net
webmail02.ea.holcim.net
hanzsapdev.oc.holcim.net
VPNFBNL.EA.holcim.net
holporsso.holcim.net
hnaadc501.extq.na.holcim.net
lassxp2cip02v.la.holcim.net
*.oc.holcim.net
HEAB-ITSC-A007.ap.holcim.net
vpn.au.holcim.net
nasnctxapqa01.na.holcim.net
hnamgw001.na.holcim.net
emea-webmail.ea.holcim.net
holporsso.holcim.net
usa-dund1-ise3.na.holcim.net
HEAB-ITSC-A006.ap.holcim.net
emea-webmail.ea.holcim.net
amanpmpinpd51.na.holcim.net
AP-SGS-SP901.in.holcim.net
hnaadc501.ebusinessq.na.holcim.net
amanpmpinpd01.na.holcim.net
deuha-webmail.ea.holcim.net
holcimconecta.ea.holcim.net
hnaadc502.extqa.na.holcim.net
qlikview.na.holcim.net
*.ea.holcim.net
holporsso-qa.holcim.net
hnaadc501.ext.na.holcim.net
integration-bmw.ea.holcim.net
hnaadc501.ebusiness.na.holcim.net
usa-dund1-ise3.na.holcim.net
hnaadc502.ebusinessq.na.holcim.net
AP-SGS-VH141.in.holcim.net
hgrsuhep.hgrs.holcim.net
holporsso-qa.holcim.net
hnaadc001.ext.na.holcim.net
vnmds03.ap.holcim.net
usa-dund1-ise4.na.holcim.net
NAWFMSP01.na.holcim.net
hgrs-hbk-s0230.hgrs.holcim.net
holporsso-qa.holcim.net
vpn.au.holcim.net
nasnctxappd03.na.holcim.net
webmail02.ea.holcim.net
usa-dund1-ise3.na.holcim.net
holcimconecta.ea.holcim.net
NACTXP076.na.holcim.net
ita-webmail.ea.holcim.net
AP-SGS-SP901.in.holcim.net
hgrsuhep.hgrs.holcim.net
qua-vpn.ap.holcim.net
AP-SGS-S5200.in.holcim.net
amanpmpinpd51.na.holcim.net
hnaadc502.ebusinessq.na.holcim.net
integration-immw.ea.holcim.net
esp-webmail.ea.holcim.net
AP-SGS-SP902.in.holcim.net
webmail.ea.holcim.net
integration-dmw.ea.holcim.net
hnaadc502.extqa.na.holcim.net
integration-bmw.ea.holcim.net
svk-webmail.ea.holcim.net
webmeetingmx.laseritsc.net
hanzappsdev.oc.holcim.net
AP-SGS-VH141.in.holcim.net
hanzapps.oc.holcim.net
webmail05.ea.holcim.net
AP-SGS-SP902.in.holcim.net
apacsepm.ap.holcim.net
holporsso-qa.holcim.net
mail.au.holcim.net
HEAB-ITSC-A006.ap.holcim.net
hnaadc501.extqa.na.holcim.net
hnaadc501.ebusiness.na.holcim.net
nasnwfmwsqa02.na.holcim.net
svk-webstorage.ea.holcim.net
comms.oc.holcim.net
hnaadc501.ebusinessq.na.holcim.net
hnaadc502.ebusinessq.na.holcim.net
htsx-hbk-s1457.hgrs.holcim.net
esp-logis.ea.holcim.net
sysmon.hgrs.holcim.net
comms.oc.holcim.net
ches-webmail.ea.holcim.net
hnaadc501.ebusinessq.na.holcim.net
amaiiseinpd02.na.holcim.net
hnaadc001.ebusiness.na.holcim.net
eportalqa.oc.holcim.net
nasnoraapdv01.na.holcim.net
hnaadc001.ebusiness.na.holcim.net
integration-immw.ea.holcim.net
nascvlep.ebusiness.na.holcim.net
usa-dund1-ise4.na.holcim.net
imperva.com
imperva.com
hnaadc501.ebusinessq.na.holcim.net
integration-dmw.ea.holcim.net
amaiiseinpd01.na.holcim.net
holporsso.holcim.net
integration-bmw.ea.holcim.net

Certificate

The complete raw certificate details for HEAB-ITSC-A007.ap.holcim.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHMTCCBhmgAwIBAgIQClmM/P/46BE5DS2dIEGzYTANBgkqhkiG9w0BAQsFADCB
kDELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxNjA0BgNV
BAMTLUNPTU9ETyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD
QTAeFw0xODA1MTYwMDAwMDBaFw0yMDA1MTUyMzU5NTlaMIGYMSEwHwYDVQQLExhE
b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxNzA1BgNVBAsTLklzc3VlZCB0aHJvdWdo
IExhZmFyZ2VIb2xjaW0gTHRkIEUtUEtJIE1hbmFnZXIxEzARBgNVBAsTCkNPTU9E
TyBTU0wxJTAjBgNVBAMTHEhFQUItSVRTQy1BMDA3LmFwLmhvbGNpbS5uZXQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNd2cttcNWZif7FCcyVH2c3VcV
pL7VkG8zzSke3xn8vWqyZTsnRZTuIithG6t2WY1PtXhbjLgbjfO2Wson9Px35cnO
aZvy4k0NrYQaQ0Fog1gxRbAt/gUF9SQzpd7ut46rkRwRR0/aoOPNfadKKDTTVjrf
Ml/whcvSF8Xm/shFp6/1BY03oSpiXOA+gEt+tV4cQG0mglclE29xbKdabZ9CV1yn
MgNT+Sbme00SoIZQPXNOSpv28r2OGcsseNqILcwAvjvi5XWP7HgrFqadukE6XV+d
ufcT+EqjJSuKzxiWmKqU/DpzxHwR1sPjPkx8DpC06a5tXwFKEZc5ujnXeMJlAgMB
AAGjggN7MIIDdzAfBgNVHSMEGDAWgBSQr2o6lFoL2JDqElZz30O0Oija5zAdBgNV
HQ4EFgQUyVH/SVpxf2TJi5mWWpnZoRAsvQkwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1UdIARI
MEYwOgYLKwYBBAGyMQECAgcwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUu
Y29tb2RvLmNvbS9DUFMwCAYGZ4EMAQIBMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6
Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET1JTQURvbWFpblZhbGlkYXRpb25TZWN1
cmVTZXJ2ZXJDQS5jcmwwgYUGCCsGAQUFBwEBBHkwdzBPBggrBgEFBQcwAoZDaHR0
cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNl
Y3VyZVNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2Rv
Y2EuY29tMEkGA1UdEQRCMECCHEhFQUItSVRTQy1BMDA3LmFwLmhvbGNpbS5uZXSC
IHd3dy5oZWFiLWl0c2MtYTAwNy5hcC5ob2xjaW0ubmV0MIIBfAYKKwYBBAHWeQIE
AgSCAWwEggFoAWYAdQDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAA
AWNoIkUMAAAEAwBGMEQCIHXS2od6+UsmjgVHFi68nCi0Us0BQhRs8TbVG8pYFvSa
AiAYA1kg6TUgf+8NnT01m9qY4sDk7WnglPL2/95cQMstwwB1AF6nc/nfVsDntTZI
fdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABY2giRP8AAAQDAEYwRAIgOMD4cNDSxLPo
MWEwNtd6Vz/1OjCwVvMcTL2A+i4N5dYCIB8q8m/vyJ9DZehqRL4y2+QJ05whvw9O
l386yzop6XfnAHYAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAFj
aCJHrgAABAMARzBFAiEA7/O646ehmElaY+1K04Klg5RUzzWG2HlRr1n2Lb4ILSQC
ICdpJviFhhma8KIb868H3vDDrU+vyw9eYicRopyVNqAAMA0GCSqGSIb3DQEBCwUA
A4IBAQBY9WG9Pa8tIojlEmu/AdydNWejAGEUrKtS7t/4IjLCJPIHGyoCGvd1D86I
ge506/uvdQyLELdiKim1Q7OxMWenv9QaHkcFj14yOnH0uWmFcCTlpufBpruBx2Xx
ENyNY95xCU/egHIJy4gUBxojQrglETdns2iWocwdixZrB4poZ/KZTHBqeo6BOwTi
pG/x7B8s6D7XSlF/X+Eru3mua2fRW02DbvFIWjOJnF8eY6iFGd3SLr7uxOxMSlXE
7PW7blGm/X50vWnPNKLb2mV7flVQeZz4mxYNMKmsFoPr4x8kCJbLeFDTBVE8PWf5
NTs/acVa3hqr3OpP778hZq0YTF8t
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXdnLbXDVmYn+xQnMlR9
nN1XFaS+1ZBvM80pHt8Z/L1qsmU7J0WU7iIrYRurdlmNT7V4W4y4G43ztlrKJ/T8
d+XJzmmb8uJNDa2EGkNBaINYMUWwLf4FBfUkM6Xe7reOq5EcEUdP2qDjzX2nSig0
01Y63zJf8IXL0hfF5v7IRaev9QWNN6EqYlzgPoBLfrVeHEBtJoJXJRNvcWynWm2f
QldcpzIDU/km5ntNEqCGUD1zTkqb9vK9jhnLLHjaiC3MAL474uV1j+x4KxamnbpB
Ol1fnbn3E/hKoyUris8YlpiqlPw6c8R8EdbD4z5MfA6QtOmubV8BShGXObo513jC
ZQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 13757253960319810230886798722991240033
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO RSA Domain Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-16 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-15 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Issued through LafargeHolcim Ltd E-PKI Manager'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HEAB-ITSC-A007.ap.holcim.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25937732352153718886984197716762075261895515686247119746222017310739512563450080860354471486786843479176095459288486653754892694478671493794059064543579168380535950834946683754959727707495289459137036294327572708088093797415478454393953022863613035225823023702004931359097749235690807599376618928608000208134185666537796955897038694183753810605760512166655887943720598394852518948368153270025372821941281962057099788340057857764557746077975522121209445879036264917770396976746505167576472300311558684996347011104134403751460961438433136833398771303215531956781821069654765767187125834802599611497936672494082185544293
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 90af6a3a945a0bd890ea125673df43b43a28dae7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c951ff495a717f64c98b99965a99d9a1102cbd09
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (77 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'HEAB-ITSC-A007.ap.holcim.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.heab-itsc-a007.ap.holcim.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							0166007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb000001636822450c0000040300463044022075d2da877af94b268e0547162ebc9c28b452cd0142146cf136d51bca5816f49a022018035920e935207fef0d9d3d359bda98e2c0e4ed69e094f2f6ffde5c40cb2dc30075005ea773f9df56c0e7b536487dd049e0327a919a0c84a11212841875968171455800000163682244ff0000040300463044022038c0f870d0d2c4b3e831613036d77a573ff53a30b056f31c4cbd80fa2e0de5d602201f2af26fefc89f4365e86a44be32dbe409d39c21bf0f4e977f3acb3a29e977e70076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000163682247ae0000040300473045022100eff3bae3a7a198495a63ed4ad382a5839454cf3586d87951af59f62dbe082d240220276926f88586199af0a21bf3af07def0c3ad4fafcb0f5e622711a29c9536a000
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0058f561bd3daf2d2288e5126bbf01dc9d3567a3006114acab52eedff82232c224f2071b2a021af7750fce8881ee74ebfbaf750c8b10b7622a29b543b3b13167a7bfd41a1e47058f5e323a71f4b969857024e5a6e7c1a6bb81c765f110dc8d63de71094fde807209cb8814071a2342b825113767b36896a1cc1d8b166b078a6867f2994c706a7a8e813b04e2a46ff1ec1f2ce83ed74a517f5fe12bbb79ae6b67d15b4d836ef1485a33899c5f1e63a88519ddd22ebeeec4ec4c4a55c4ecf5bb6e51a6fd7e74bd69cf34a2dbda657b7e5550799cf89b160d30a9ac1683ebe31f240896cb7850d305513c3d67f9353b3f69c55ade1aabdcea4fefbf2166ad184c5f2d