www.yves-rocher.fr

- Laboratoires de Biologie Vegetale Yves Rocher -

Issued by Sectigo RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number 34:d7:32:1b:bf:1a:0f:fd:a0:55:1b:4f:49:b1:33:dc was issued on by Sectigo Limited.

With 71 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Laboratoires de Biologie Vegetale Yves Rocher

Organization: Laboratoires de Biologie Vegetale Yves Rocher
Organization unit: BU_Digital
State / Province: Bretagne
Country: FR

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 34:d7:32:1b:bf:1a:0f:fd:a0:55:1b:4f:49:b1:33:dc
Serial Number (int): 70237215924184328261053888858223096796
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: ca:24:ad:4e:11:ab:9a:5f:41:d7:9c:05:1d:75:85:2b:80:ad:31:44
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb

Fingerprint (sha1): 10:1b:35:a4:f4:c8:68:92:89:2d:b9:77:e9:f8:9a:88:4d:e3:97:b6
Fingerprint (sha256): 8d:d4:f1:e9:0f:29:c6:d8:44:30:f1:cd:bd:4d:89:b8:a9:ea:61:24:b3:50:a9:45:13:80:96:7a:62:29:11:4c

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate www.yves-rocher.fr

71

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.yves-rocher.fr

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.yves-rocher.fr
auth.yves-rocher-kz.com
auth.yves-rocher.at
auth.yves-rocher.be
auth.yves-rocher.ch
auth.yves-rocher.de
auth.yves-rocher.dk
auth.yves-rocher.es
auth.yves-rocher.fi
auth.yves-rocher.fr
auth.yves-rocher.kz
auth.yves-rocher.nl
auth.yves-rocher.no
auth.yves-rocher.se
auth.yves-rocher.ua
auth.yvesrocher.ca
auth.yvesrocher.com.tr
auth.yvesrocherusa.com
hc-spark.yves-rocher.com
images.yves-rocher.fr
m.yves-rocher-kz.com
m.yves-rocher.at
m.yves-rocher.be
m.yves-rocher.ch
m.yves-rocher.de
m.yves-rocher.dk
m.yves-rocher.es
m.yves-rocher.fi
m.yves-rocher.fr
m.yves-rocher.nl
m.yves-rocher.no
m.yves-rocher.se
m.yves-rocher.ua
m.yvesrocher.ca
m.yvesrocher.com.tr
m.yvesrocherusa.com
pictures.yves-rocher.com
pictures.yvesrocher.com
www.yves-rocher-kz.com
www.yves-rocher.at
www.yves-rocher.be
www.yves-rocher.ch
www.yves-rocher.de
www.yves-rocher.dk
www.yves-rocher.es
www.yves-rocher.fi
www.yves-rocher.kz
www.yves-rocher.nl
www.yves-rocher.no
www.yves-rocher.se
www.yves-rocher.ua
www.yvesrocher.ca
www.yvesrocher.com.tr
www.yvesrocherusa.com
yves-rocher-kz.com
yves-rocher.at
yves-rocher.be
yves-rocher.ch
yves-rocher.de
yves-rocher.dk
yves-rocher.es
yves-rocher.fi
yves-rocher.fr
yves-rocher.kz
yves-rocher.nl
yves-rocher.no
yves-rocher.se
yves-rocher.ua
yvesrocher.ca
yvesrocher.com.tr
yvesrocherusa.com

Other certificates including the domain name yves-rocher.fr

(limited to 100 certificates)
t.newsletters.yves-rocher.fr
www.ambassadeur.yves-rocher.fr
datayr.yves-rocher.fr
images.yves-rocher.fr
macif-ecartecadeau.yves-rocher.fr
www.yves-rocher.fr
franchise.yves-rocher.fr
image.care-chemicals.basf.com
securepayment.yves-rocher.fr
image.care-chemicals.basf.com
t.newsletters.yves-rocher.fr
www.franchise.yves-rocher.fr
newsletter.yves-rocher.fr
franchise.yves-rocher.fr
san-5-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.fr
www.yves-rocher.fr
survey.yves-rocher.fr
search.yves-rocher.at
www.yves-rocher.fr
www.yves-rocher.fr
securepayment.yves-rocher.fr
ambassadeur.yves-rocher.fr
k.yves-rocher.fr
securepayment.yves-rocher.fr
survey.yves-rocher.fr
secureorder.yves-rocher.fr
ambassadeur.yves-rocher.fr
images.yves-rocher.fr
survey.yves-rocher.fr
survey.yves-rocher.fr
secureorder.yves-rocher.fr
secureorder.yves-rocher.fr
survey.yves-rocher.fr
san-5-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.fr
newsletter.yves-rocher.fr
search.yves-rocher.fr
ambassadeur.yves-rocher.fr
securepayment.yves-rocher.fr
securepayment.yves-rocher.fr
ambassadeur.yves-rocher.fr
www.yves-rocher.com
image.care-chemicals.basf.com
t.nl.yves-rocher.de
survey.yves-rocher.fr
survey.yves-rocher.fr
search.yves-rocher.at
t.nl.yves-rocher.de
secure.yves-rocher.fr
san-5-s50.tlsprovisioning.exacttarget.com
secureorder.yves-rocher.fr
www.franchise.yves-rocher.fr
www.yves-rocher.fr
t.nl.yves-rocher.de
www.yves-rocher.fr
image.care-chemicals.basf.com
e-cartecadeau.yves-rocher.fr
survey.yves-rocher.fr
secureorder.m.yves-rocher.fr
coordo-campagnes.yves-rocher.fr
survey.yves-rocher.fr
search.yves-rocher.at
recrutement.yves-rocher.fr
franchise.yves-rocher.fr
www.franchise.yves-rocher.fr
ambassadeur.yves-rocher.fr
secureorder.yves-rocher.fr
*.crm.yves-rocher.fr
e-cartecadeau.yves-rocher.fr
www.yves-rocher.fr
e-cartecadeau.yves-rocher.fr
securepayment.yves-rocher.fr
secureorder.m.yves-rocher.fr
image.care-chemicals.basf.com
image.care-chemicals.basf.com
newsletter.yves-rocher.fr
datayr.yves-rocher.fr
franchise.yves-rocher.fr
image.care-chemicals.basf.com
www.yves-rocher.fr
www.yves-rocher.fr
vpc.yves-rocher.fr
k.yves-rocher.fr
datayr.yves-rocher.fr
e-cartecadeau.yves-rocher.fr
image.care-chemicals.basf.com
www.yves-rocher.fr
www.yves-rocher.fr
image.care-chemicals.basf.com
www.yves-rocher.fr
t.nl.yves-rocher.de
securepayment.yves-rocher.fr
images.yves-rocher.fr
secureorder.yves-rocher.fr
image.care-chemicals.basf.com
www.franchise.yves-rocher.fr
ambassadeur.yves-rocher.fr
nocdn-w.yves-rocher.fr
preprod.e-cartecadeau.yves-rocher.fr

Certificate

The complete raw certificate details for www.yves-rocher.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIMZTCCC02gAwIBAgIQNNcyG78aD/2gVRtPSbEz3DANBgkqhkiG9w0BAQsFADCB
lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD
EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy
dmVyIENBMB4XDTIyMDUxNzAwMDAwMFoXDTIzMDUxNzIzNTk1OVowgYoxCzAJBgNV
BAYTAkZSMREwDwYDVQQIEwhCcmV0YWduZTE2MDQGA1UEChMtTGFib3JhdG9pcmVz
IGRlIEJpb2xvZ2llIFZlZ2V0YWxlIFl2ZXMgUm9jaGVyMRMwEQYDVQQLDApCVV9E
aWdpdGFsMRswGQYDVQQDExJ3d3cueXZlcy1yb2NoZXIuZnIwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQChTdFAYgeeNFoUojQO2Q/3aFgvNPgwznhBewxb
T3uZ9PDEzbI7Zo9sXOwiEqzBfXD7FpQenlkGEt03IxSGHT/D6o5lB9P0pqRC1wIa
JG7zu/QLKtUI373BujFUyPElPTGUuVYWlBamN9M0yyYMkgynPzgVx9gMbaSuzaOS
OnOZB8MjaHUyLCcNYcq7hrEUGZOUJGx0o9lv7R2CGoggp3VQuFOptozqhz4A2Ldo
9ctgEPkDL0SStQsb9VjFabUZM2r9BrCfWDb8ny8n3hpXfAIGDtboacWEzlbr95EV
RS2iT0JbYepHgEHw0wNq1Fvbg+3J+mUNkZ27NW38EhyFZJ/1AgMBAAGjggi4MIII
tDAfBgNVHSMEGDAWgBQX2dYlJ2f5McJJQ9kwNkSMbKlP6zAdBgNVHQ4EFgQUyiSt
ThGrml9B15wFHXWFK4CtMUQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEoGA1UdIARDMEEwNQYMKwYB
BAGyMQECAQMEMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BT
MAgGBmeBDAECAjBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLnNlY3RpZ28u
Y29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVy
Q0EuY3JsMIGKBggrBgEFBQcBAQR+MHwwVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQu
c2VjdGlnby5jb20vU2VjdGlnb1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1
cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28u
Y29tMIIBfAYKKwYBBAHWeQIEAgSCAWwEggFoAWYAdQCt9776fP8QyIudPZwePhhq
tGcpXc+xDCTKhYY069yCigAAAYDRieMmAAAEAwBGMEQCIEiGLM07FCY6eHz+36tL
a3CiDKtOceysFGDT5EPVLnw6AiAylo9Vn7bTzqp+WprNRV/rIHA+GRcIGiApYZ9J
/uYzVgB1AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABgNGJ4zkA
AAQDAEYwRAIgNIMzA8o549b0CqoCLJn82Dch6I5j4HnntOJRak0G4OQCIAgGo+vR
8f0Ofh9EqLVV/b6ai82McV8BekDvBtoSLgfVAHYA6D7Q2j71BjUy51covIlryQPT
y9ERa+zraeF3fW0GvW4AAAGA0YnjUAAABAMARzBFAiEAio5WlqIT3Y03b/4oWsIl
Ew/tRNhfLgkTm8nbpX9XDY0CIBkKiCg0ZuDEs0oTHMblBcxiqMZ8awdeuyiFX0Fs
imxPMIIFfgYDVR0RBIIFdTCCBXGCEnd3dy55dmVzLXJvY2hlci5mcoIXYXV0aC55
dmVzLXJvY2hlci1rei5jb22CE2F1dGgueXZlcy1yb2NoZXIuYXSCE2F1dGgueXZl
cy1yb2NoZXIuYmWCE2F1dGgueXZlcy1yb2NoZXIuY2iCE2F1dGgueXZlcy1yb2No
ZXIuZGWCE2F1dGgueXZlcy1yb2NoZXIuZGuCE2F1dGgueXZlcy1yb2NoZXIuZXOC
E2F1dGgueXZlcy1yb2NoZXIuZmmCE2F1dGgueXZlcy1yb2NoZXIuZnKCE2F1dGgu
eXZlcy1yb2NoZXIua3qCE2F1dGgueXZlcy1yb2NoZXIubmyCE2F1dGgueXZlcy1y
b2NoZXIubm+CE2F1dGgueXZlcy1yb2NoZXIuc2WCE2F1dGgueXZlcy1yb2NoZXIu
dWGCEmF1dGgueXZlc3JvY2hlci5jYYIWYXV0aC55dmVzcm9jaGVyLmNvbS50coIW
YXV0aC55dmVzcm9jaGVydXNhLmNvbYIYaGMtc3BhcmsueXZlcy1yb2NoZXIuY29t
ghVpbWFnZXMueXZlcy1yb2NoZXIuZnKCFG0ueXZlcy1yb2NoZXIta3ouY29tghBt
Lnl2ZXMtcm9jaGVyLmF0ghBtLnl2ZXMtcm9jaGVyLmJlghBtLnl2ZXMtcm9jaGVy
LmNoghBtLnl2ZXMtcm9jaGVyLmRlghBtLnl2ZXMtcm9jaGVyLmRrghBtLnl2ZXMt
cm9jaGVyLmVzghBtLnl2ZXMtcm9jaGVyLmZpghBtLnl2ZXMtcm9jaGVyLmZyghBt
Lnl2ZXMtcm9jaGVyLm5sghBtLnl2ZXMtcm9jaGVyLm5vghBtLnl2ZXMtcm9jaGVy
LnNlghBtLnl2ZXMtcm9jaGVyLnVhgg9tLnl2ZXNyb2NoZXIuY2GCE20ueXZlc3Jv
Y2hlci5jb20udHKCE20ueXZlc3JvY2hlcnVzYS5jb22CGHBpY3R1cmVzLnl2ZXMt
cm9jaGVyLmNvbYIXcGljdHVyZXMueXZlc3JvY2hlci5jb22CFnd3dy55dmVzLXJv
Y2hlci1rei5jb22CEnd3dy55dmVzLXJvY2hlci5hdIISd3d3Lnl2ZXMtcm9jaGVy
LmJlghJ3d3cueXZlcy1yb2NoZXIuY2iCEnd3dy55dmVzLXJvY2hlci5kZYISd3d3
Lnl2ZXMtcm9jaGVyLmRrghJ3d3cueXZlcy1yb2NoZXIuZXOCEnd3dy55dmVzLXJv
Y2hlci5maYISd3d3Lnl2ZXMtcm9jaGVyLmt6ghJ3d3cueXZlcy1yb2NoZXIubmyC
End3dy55dmVzLXJvY2hlci5ub4ISd3d3Lnl2ZXMtcm9jaGVyLnNlghJ3d3cueXZl
cy1yb2NoZXIudWGCEXd3dy55dmVzcm9jaGVyLmNhghV3d3cueXZlc3JvY2hlci5j
b20udHKCFXd3dy55dmVzcm9jaGVydXNhLmNvbYISeXZlcy1yb2NoZXIta3ouY29t
gg55dmVzLXJvY2hlci5hdIIOeXZlcy1yb2NoZXIuYmWCDnl2ZXMtcm9jaGVyLmNo
gg55dmVzLXJvY2hlci5kZYIOeXZlcy1yb2NoZXIuZGuCDnl2ZXMtcm9jaGVyLmVz
gg55dmVzLXJvY2hlci5maYIOeXZlcy1yb2NoZXIuZnKCDnl2ZXMtcm9jaGVyLmt6
gg55dmVzLXJvY2hlci5ubIIOeXZlcy1yb2NoZXIubm+CDnl2ZXMtcm9jaGVyLnNl
gg55dmVzLXJvY2hlci51YYINeXZlc3JvY2hlci5jYYIReXZlc3JvY2hlci5jb20u
dHKCEXl2ZXNyb2NoZXJ1c2EuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQA0CX6wwfb7
AYFwGUOXjIAxib6YYW09+ItmINIHE+M3Hsl9+wrdu8626XFsXyf340Q/uVyeeWiu
I3OTa2MXs8Wx/M3NvqK2eILlSXSE9SHdT7IRE9mA8TpBSDYQeN4ZX1k5+R+DKPpx
+dvgrlzkp0/NF07HSjaJiy+mesaRX2prooR+9uo+eN04U2Kt7n2Jzab3MICgU2ki
mJ8gRjdbncCUm58hGFZdnbzbghoxWbm4B0zslUkz5+/iP+dEsC25YvwDP25cVftO
j7bZ47hack4hXM3A24+zKfVW3eavHxqYKYKLRqy/3CEPqA7RousmDKr7MNN0CpnZ
LM4wqE2//jpg
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU3RQGIHnjRaFKI0DtkP
92hYLzT4MM54QXsMW097mfTwxM2yO2aPbFzsIhKswX1w+xaUHp5ZBhLdNyMUhh0/
w+qOZQfT9KakQtcCGiRu87v0CyrVCN+9wboxVMjxJT0xlLlWFpQWpjfTNMsmDJIM
pz84FcfYDG2krs2jkjpzmQfDI2h1MiwnDWHKu4axFBmTlCRsdKPZb+0dghqIIKd1
ULhTqbaM6oc+ANi3aPXLYBD5Ay9EkrULG/VYxWm1GTNq/Qawn1g2/J8vJ94aV3wC
Bg7W6GnFhM5W6/eRFUUtok9CW2HqR4BB8NMDatRb24PtyfplDZGduzVt/BIchWSf
9QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 70237215924184328261053888858223096796
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-05-17 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-17 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bretagne'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Laboratoires de Biologie Vegetale Yves Rocher'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'BU_Digital'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.yves-rocher.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20362740284069652897711350983633110954166881241502460694119952187681267743514914693912533521318335810916848752301922668382567130368408061292197377020078433008094798031546432193045534324627646090641853639132829970239791712567092424494480794540724236594803457611002067827450378601777140539930918413257439636971214280045818124367334212315351018630512942652979745797137440716597974184638611760728457857596024824463975362610565593619073501033624746433804405221386712861064977771543824568178521314504424052942148017364445500258119349346888402193157239267171549070157470306976289576037055569322363292262786461840838215639029
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ca24ad4e11ab9a5f41d79c051d75852b80ad3144
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							0166007500adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000180d189e3260000040300463044022048862ccd3b14263a787cfedfab4b6b70a20cab4e71ecac1460d3e443d52e7c3a022032968f559fb6d3ceaa7e5a9acd455feb20703e1917081a2029619f49fee633560075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000180d189e3390000040300463044022034833303ca39e3d6f40aaa022c99fcd83721e88e63e079e7b4e2516a4d06e0e402200806a3ebd1f1fd0e7e1f44a8b555fdbe9a8bcd8c715f017a40ef06da122e07d5007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000180d189e35000000403004730450221008a8e5696a213dd8d376ffe285ac225130fed44d85f2e09139bc9dba57f570d8d0220190a88283466e0c4b34a131cc6e505cc62a8c67c6b075ebb28855f416c8a6c4f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1397 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yves-rocher-kz.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yves-rocher.at'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yves-rocher.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yves-rocher.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yves-rocher.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yves-rocher.dk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yves-rocher.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yves-rocher.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yves-rocher.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yves-rocher.kz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yves-rocher.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yves-rocher.no'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yves-rocher.se'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yves-rocher.ua'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yvesrocher.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yvesrocher.com.tr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.yvesrocherusa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hc-spark.yves-rocher.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images.yves-rocher.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher-kz.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.at'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.dk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.no'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.se'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yves-rocher.ua'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yvesrocher.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yvesrocher.com.tr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.yvesrocherusa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pictures.yves-rocher.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pictures.yvesrocher.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher-kz.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.at'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.dk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.kz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.no'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.se'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yves-rocher.ua'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yvesrocher.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yvesrocher.com.tr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yvesrocherusa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher-kz.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher.at'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher.dk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher.kz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher.no'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher.se'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yves-rocher.ua'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yvesrocher.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yvesrocher.com.tr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yvesrocherusa.com'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0034097eb0c1f6fb0181701943978c803189be98616d3df88b6620d20713e3371ec97dfb0addbbceb6e9716c5f27f7e3443fb95c9e7968ae2373936b6317b3c5b1fccdcdbea2b67882e5497484f521dd4fb21113d980f13a4148361078de195f5939f91f8328fa71f9dbe0ae5ce4a74fcd174ec74a36898b2fa67ac6915f6a6ba2847ef6ea3e78dd385362adee7d89cda6f73080a0536922989f2046375b9dc0949b9f2118565d9dbcdb821a3159b9b8074cec954933e7efe23fe744b02db962fc033f6e5c55fb4e8fb6d9e3b85a724e215ccdc0db8fb329f556dde6af1f1a9829828b46acbfdc210fa80ed1a2eb260caafb30d3740a99d92cce30a84dbffe3a60