www.yves-rocher.de

- Laboratoires de Biologie Vegetale Yves Rocher -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 04:e4:40:34:2f:78:31:43:00:00:00:00:50:de:06:c1 was issued on by Entrust, Inc..

With 39 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Laboratoires de Biologie Vegetale Yves Rocher

Organization: Laboratoires de Biologie Vegetale Yves Rocher
Locality: Morbihan
Country: FR

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:e4:40:34:2f:78:31:43:00:00:00:00:50:de:06:c1
Serial Number (int): 6502057875655787831419356176092890817
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: e7:07:fd:a9:6d:9c:98:00:09:54:44:94:46:04:d7:08:e6:2e:22:e7
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): fd:90:65:8a:dc:f6:c9:4d:62:3e:7d:a7:71:e3:01:a3:d0:40:34:9c
Fingerprint (sha256): 8d:c5:d2:0e:74:fe:a1:ad:ab:16:b5:02:19:dd:4a:53:b4:47:ec:2c:38:b2:51:e0:9c:a1:37:64:20:07:85:08

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate www.yves-rocher.de

39

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.yves-rocher.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.yves-rocher.de
yves-rocher.de
m.yves-rocher.ch
wiki.yves-rocher.de
m.yves-rocher.at
wiki.yves-rocher.at
www.yves-rocher.be
wiki.yves-rocher.ch
m.yves-rocher.be
www.yves-rocher.at
www.yves-rocher.nl
www.yves-rocher.ch
blog.yves-rocher.de
m.yves-rocher.de
www.yvesrocher.com.tr
blog.yves-rocher.es
www.yves-rocher.dk
www.yves-rocher-kz.com
m.yves-rocher.nl
m.yvesrocher.com.tr
m.yvesrocherusa.com
m.yves-rocher.es
www.yves-rocher.no
www.yves-rocher.ua
wiki.yves-rocher.es
m.yves-rocher.se
blog.yves-rocher.nl
m.yves-rocher.no
m.yves-rocher.fi
m.yves-rocher.ua
www.yves-rocher.se
m.yvesrocher.ca
www.yvesrocher.ca
www.yves-rocher.es
m.yves-rocher.dk
www.yves-rocher.co.uk
wiki.yves-rocher.nl
www.yves-rocher.fi
www.yvesrocherusa.com

Other certificates including the domain name yves-rocher.de

(limited to 100 certificates)
www.yves-rocher.fr
www.yves-rocher.fr
www.yves-rocher.fr
survey.yves-rocher.fr
san-16-s50.tlsprovisioning.exacttarget.com
t-www.yves-rocher.at
prod.yves-rocher.de
search.yves-rocher.at
www.yves-rocher.fr
www.yves-rocher.fr
san-16-s50.tlsprovisioning.exacttarget.com
survey.yves-rocher.fr
www.yves-rocher.de
survey.yves-rocher.fr
survey.yves-rocher.fr
www.yves-rocher.fr
news.yves-rocher.de
t-www.yves-rocher.at
san-16-s50.tlsprovisioning.exacttarget.com
t.nl.yves-rocher.de
search.yves-rocher.de
t-www.yves-rocher.at
survey.yves-rocher.fr
san-16-s50.tlsprovisioning.exacttarget.com
search.yves-rocher.at
versand.yves-rocher.de
san-16-s50.tlsprovisioning.exacttarget.com
t.nl.yves-rocher.de
san-16-s50.tlsprovisioning.exacttarget.com
secureorder.yves-rocher.de
www.yves-rocher.fr
t.nl.yves-rocher.de
www.yves-rocher.fr
survey.yves-rocher.fr
secureorder.m.yves-rocher.fr
survey.yves-rocher.fr
search.yves-rocher.at
news.yves-rocher.de
secureorder.m.yvesrocher.com.tr
secureorder.m.yves-rocher.fr
secureorder.yves-rocher.de
secureorder.yves-rocher.de
www.yves-rocher.fr
www.yves-rocher.fr
www.yves-rocher.fr
san-16-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.de
www.yves-rocher.fr
www.yves-rocher.fr
t.nl.yves-rocher.de
www.yves-rocher.de
nocdn-w.yves-rocher.fr
secureorder.yves-rocher.de
secureorder.yves-rocher.de
search.yves-rocher.at
san-16-s50.tlsprovisioning.exacttarget.com
secureorder.yves-rocher.de
news.yves-rocher.de
news.yves-rocher.de
www.yves-rocher.fr
versand.yves-rocher.de
secureorder.yves-rocher.de
www.yves-rocher.fr
san-16-s50.tlsprovisioning.exacttarget.com
search.yves-rocher.de
secureorder.yves-rocher.de
survey.yves-rocher.fr
news.yves-rocher.de
secureorder.yves-rocher.de
www.yves-rocher.fr
survey.yves-rocher.fr
prod.yves-rocher.de
san-16-s50.tlsprovisioning.exacttarget.com
search.yves-rocher.de
www.yves-rocher.fr
prod.yves-rocher.de
search.yves-rocher.at
www.yves-rocher.fr
san-16-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.fr
san-16-s50.tlsprovisioning.exacttarget.com
certforssl247apiA.yves-rocher.de
secureorder.m.yvesrocher.com.tr
versand.yves-rocher.de
secureorder.yves-rocher.de
t.nl.yves-rocher.de
www.yves-rocher.fr
survey.yves-rocher.fr

Certificate

The complete raw certificate details for www.yves-rocher.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIPDCCBySgAwIBAgIQBORANC94MUMAAAAAUN4GwTANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0x
NzA5MTExMTAxMjlaFw0xOTA5MTExMTMxMjZaMHUxCzAJBgNVBAYTAkZSMREwDwYD
VQQHEwhNb3JiaWhhbjE2MDQGA1UEChMtTGFib3JhdG9pcmVzIGRlIEJpb2xvZ2ll
IFZlZ2V0YWxlIFl2ZXMgUm9jaGVyMRswGQYDVQQDExJ3d3cueXZlcy1yb2NoZXIu
ZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC366kLWbc+NXlbWeg5
v0gQmQahGW55Szfsrtgy5Q9YV43BMeU87lTCXJzjATJXu+Eq5/njx+sTZHOuhEtz
ELH9HF5NMixTqLEZ82kzR10Q+twKe5ggbSgzk9wfUH7cvEfG7xagr+fvRRyOGp25
cjz/lVKpNzAisRBL/tJrjyXfncfXZlzIf0g4ossmOOeky/6TYWvvkEK0i8/v791N
HJRvcL30amAcshShXymlxDzQfjlZiD+GgNJAZNh+sNSah8plpiQdaat7s5SmNauc
dGOF8OQhrRgYDuQ/r2V3whLocZo8Q8ryw8EuIMdtmOjb8oQw7DQ+mRvbQfUYMlIe
qFxPAgMBAAGjggSAMIIEfDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB
BQUHAwEGCCsGAQUFBwMCMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50
cnVzdC5uZXQvbGV2ZWwxay5jcmwwSwYDVR0gBEQwQjA2BgpghkgBhvpsCgEFMCgw
JgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuZW50cnVzdC5uZXQvcnBhMAgGBmeBDAEC
AjBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1
c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0L2wxay1j
aGFpbjI1Ni5jZXIwggMSBgNVHREEggMJMIIDBYISd3d3Lnl2ZXMtcm9jaGVyLmRl
gg55dmVzLXJvY2hlci5kZYIQbS55dmVzLXJvY2hlci5jaIITd2lraS55dmVzLXJv
Y2hlci5kZYIQbS55dmVzLXJvY2hlci5hdIITd2lraS55dmVzLXJvY2hlci5hdIIS
d3d3Lnl2ZXMtcm9jaGVyLmJlghN3aWtpLnl2ZXMtcm9jaGVyLmNoghBtLnl2ZXMt
cm9jaGVyLmJlghJ3d3cueXZlcy1yb2NoZXIuYXSCEnd3dy55dmVzLXJvY2hlci5u
bIISd3d3Lnl2ZXMtcm9jaGVyLmNoghNibG9nLnl2ZXMtcm9jaGVyLmRlghBtLnl2
ZXMtcm9jaGVyLmRlghV3d3cueXZlc3JvY2hlci5jb20udHKCE2Jsb2cueXZlcy1y
b2NoZXIuZXOCEnd3dy55dmVzLXJvY2hlci5ka4IWd3d3Lnl2ZXMtcm9jaGVyLWt6
LmNvbYIQbS55dmVzLXJvY2hlci5ubIITbS55dmVzcm9jaGVyLmNvbS50coITbS55
dmVzcm9jaGVydXNhLmNvbYIQbS55dmVzLXJvY2hlci5lc4ISd3d3Lnl2ZXMtcm9j
aGVyLm5vghJ3d3cueXZlcy1yb2NoZXIudWGCE3dpa2kueXZlcy1yb2NoZXIuZXOC
EG0ueXZlcy1yb2NoZXIuc2WCE2Jsb2cueXZlcy1yb2NoZXIubmyCEG0ueXZlcy1y
b2NoZXIubm+CEG0ueXZlcy1yb2NoZXIuZmmCEG0ueXZlcy1yb2NoZXIudWGCEnd3
dy55dmVzLXJvY2hlci5zZYIPbS55dmVzcm9jaGVyLmNhghF3d3cueXZlc3JvY2hl
ci5jYYISd3d3Lnl2ZXMtcm9jaGVyLmVzghBtLnl2ZXMtcm9jaGVyLmRrghV3d3cu
eXZlcy1yb2NoZXIuY28udWuCE3dpa2kueXZlcy1yb2NoZXIubmyCEnd3dy55dmVz
LXJvY2hlci5maYIVd3d3Lnl2ZXNyb2NoZXJ1c2EuY29tMB8GA1UdIwQYMBaAFIKi
cHTdvFM/z3vU981/p2DGCky/MB0GA1UdDgQWBBTnB/2pbZyYAAlURJRGBNcI5i4i
5zAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQDDTPo5v+VjmvA6bUCgiFkx
ggq9Wc7Plk1Fz2/cotS2gIlNv93yEEhfaeAUIZTRmnXI+MkT9Mm/10PAmG+viOBr
NfHAGMI1EgiLGdhE1S0AmtgqTa7WG//m1/wuczVyuC7fYDAs31PdlqPBYE9TqJ5D
isT2+lgLxveCKHnbiIMxOrjRFOPmwCY1FfBLVUA4pD3wud+AmrmhKabU9Mu7cust
MFnXeFGkQHFsC6pBnIsl+Ma2jb4r3/LqOQ+QCHfXmHFZtJKJ4kWK8hfcjRVoBfdT
DBYQ6WNI6+wPIF5oD7LgrDm/ICPAA6V8iU0qB8+csZwt9iO9gVayk7YcbHm1aCav
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+upC1m3PjV5W1noOb9I
EJkGoRlueUs37K7YMuUPWFeNwTHlPO5Uwlyc4wEyV7vhKuf548frE2RzroRLcxCx
/RxeTTIsU6ixGfNpM0ddEPrcCnuYIG0oM5PcH1B+3LxHxu8WoK/n70UcjhqduXI8
/5VSqTcwIrEQS/7Sa48l353H12ZcyH9IOKLLJjjnpMv+k2Fr75BCtIvP7+/dTRyU
b3C99GpgHLIUoV8ppcQ80H45WYg/hoDSQGTYfrDUmofKZaYkHWmre7OUpjWrnHRj
hfDkIa0YGA7kP69ld8IS6HGaPEPK8sPBLiDHbZjo2/KEMOw0Ppkb20H1GDJSHqhc
TwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6502057875655787831419356176092890817
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-09-11 11:01:29 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-11 11:31:26 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Morbihan'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Laboratoires de Biologie Vegetale Yves Rocher'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.yves-rocher.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23217818248385499042152980484262692693054115423029938544671173706874638568866332703975274978004008244411856681731360049994737535777881153358988656808858900155816303327480490000188259929641518729454857523897535041988648162671056440074147545700491320519760759649291959285589863561310769880833675885442293516298068934969906517906331655348944205289960898514207586305372093858940326353408219543284530285851396263630721038713951595139209849931856953345786226274188209293970338733992735313308276467876991870389182059143866402800135244106535310434964681903798112863358556734279066152910295254340770035124739683188929754324047
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (777 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wiki.yves-rocher.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.at'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wiki.yves-rocher.at'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wiki.yves-rocher.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.at'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.yves-rocher.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yvesrocher.com.tr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.yves-rocher.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.dk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher-kz.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yvesrocher.com.tr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yvesrocherusa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.no'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.ua'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wiki.yves-rocher.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.se'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.yves-rocher.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.no'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.ua'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.se'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yvesrocher.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yvesrocher.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.dk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wiki.yves-rocher.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yvesrocherusa.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e707fda96d9c9800095444944604d708e62e22e7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00c34cfa39bfe5639af03a6d40a0885931820abd59cecf964d45cf6fdca2d4b680894dbfddf210485f69e0142194d19a75c8f8c913f4c9bfd743c0986faf88e06b35f1c018c23512088b19d844d52d009ad82a4daed61bffe6d7fc2e733572b82edf60302cdf53dd96a3c1604f53a89e438ac4f6fa580bc6f7822879db8883313ab8d114e3e6c0263515f04b554038a43df0b9df809ab9a129a6d4f4cbbb72eb2d3059d77851a440716c0baa419c8b25f8c6b68dbe2bdff2ea390f900877d7987159b49289e2458af217dc8d156805f7530c1610e96348ebec0f205e680fb2e0ac39bf2023c003a57c894d2a07cf9cb19c2df623bd8156b293b61c6c79b56826af