www.orencia.de
- Bristol-Myers Squibb Co. -
Issued by Thawte RSA CA 2018
About this certificate
This digital certificate with serial number 02:57:18:a5:21:52:93:02:a1:06:b7:6c:79:a7:bf:f9 was issued on by DigiCert Inc.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Bristol-Myers Squibb Co.
Organization:
Bristol-Myers Squibb Co.
Organization unit: Internet Marketing
Organization unit: Internet Marketing
State / Province:
New Jersey
Locality: Pennington
Country: US
Locality: Pennington
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 02:57:18:a5:21:52:93:02:a1:06:b7:6c:79:a7:bf:f9Serial Number (int): 3110685679052495720878064981986754553
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: a8:bd:d0:74:7f:2b:e3:3d:65:4e:b4:5b:49:dc:42:c7:a5:ae:af:af
AuthorityKeyId: a3:c8:5e:65:54:e5:30:78:c1:05:ea:07:0a:6a:59:cc:b9:fe:de:5a
Fingerprint (sha1): 13:45:59:3b:a0:88:f6:00:8f:dc:47:7f:62:3d:3f:39:83:e9:82:02
Fingerprint (sha256): 8f:58:53:d3:4f:3d:60:28:a6:48:f0:d2:01:5e:b2:e5:84:21:ba:8c:71:11:9c:21:b6:f6:28:94:db:8f:ae:30
Issuing Certificate URL: http://cacerts.thawte.com/ThawteRSACA2018.crt
Revocation information
OCSP Server: http://status.thawte.comCRL Distribution Point: http://cdp.thawte.com/ThawteRSACA2018.crl
Check the revocation status for certificate www.orencia.de
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.orencia.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.orencia.de
orencia.de
www.daklinza.nl
orencia.de
www.daklinza.nl
Other certificates including the domain name orencia.de
(limited to 100 certificates)
www.orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
orencia.de
orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
orencia.de
www.orencia.de
www.orencia.de
bms.com
www.orencia.de
www.orencia.de
www.orencia.de
orencia.de
www.orencia.de
orencia.de
www.orencia.de
orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
orencia.de
orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
orencia.de
www.orencia.de
www.orencia.de
bms.com
www.orencia.de
www.orencia.de
www.orencia.de
orencia.de
www.orencia.de
orencia.de
www.orencia.de
orencia.de
Certificate
The complete raw certificate details for www.orencia.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGMjCCBRqgAwIBAgIQAlcYpSFSkwKhBrdseae/+TANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMRswGQYDVQQDExJUaGF3dGUgUlNBIENBIDIwMTgwHhcN MTgwNTI0MDAwMDAwWhcNMTkwNTI0MTIwMDAwWjCBkDELMAkGA1UEBhMCVVMxEzAR BgNVBAgTCk5ldyBKZXJzZXkxEzARBgNVBAcTClBlbm5pbmd0b24xITAfBgNVBAoT GEJyaXN0b2wtTXllcnMgU3F1aWJiIENvLjEbMBkGA1UECxMSSW50ZXJuZXQgTWFy a2V0aW5nMRcwFQYDVQQDEw53d3cub3JlbmNpYS5kZTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAJdGyAY/rhqHrFiL+KcgVdZfcEmah0+Ro4uds2Rths3G /pevbfZ4+qQ+KP2+z+4P8zjl8upEzTvC1GRHK7WqUzIl0D63nb/Ttjs57MPkr6L6 CgBejM/ZQY/GTWsgsEkVtCRqXz8VMHNEQVz1giQ8fdE7RBw883Lc0uYLW4RijDsL TXsh1a3QL7FmKTQ439PvSbsk1JQ5pDbUsHpz4djl+N5lgwTGhgcJkFDlbfYreOBf 8Xy0MmyGDp8gGAL+7goTPVF1ZGujYpEsesAHuZ+uom9ZO2mdO8nqGCJ/uf7Zad3R 4lPD3AvYlhCL0nEATee56zn+GaGv3papvMZt3ggoPb8CAwEAAaOCArkwggK1MB8G A1UdIwQYMBaAFKPIXmVU5TB4wQXqBwpqWcy5/t5aMB0GA1UdDgQWBBSovdB0fyvj PWVOtFtJ3ELHpa6vrzA2BgNVHREELzAtgg53d3cub3JlbmNpYS5kZYIKb3JlbmNp YS5kZYIPd3d3LmRha2xpbnphLm5sMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2Nk cC50aGF3dGUuY29tL1RoYXd0ZVJTQUNBMjAxOC5jcmwwTAYDVR0gBEUwQzA3Bglg hkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29t L0NQUzAIBgZngQwBAgIwbwYIKwYBBQUHAQEEYzBhMCQGCCsGAQUFBzABhhhodHRw Oi8vc3RhdHVzLnRoYXd0ZS5jb20wOQYIKwYBBQUHMAKGLWh0dHA6Ly9jYWNlcnRz LnRoYXd0ZS5jb20vVGhhd3RlUlNBQ0EyMDE4LmNydDAJBgNVHRMEAjAAMIIBBAYK KwYBBAHWeQIEAgSB9QSB8gDwAHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fN DsgN3BAAAAFjkl07NgAABAMARjBEAiBpqiVHQ5omKflYtBOzIQn9AR8ykHs/0t8q DutufUTGvAIga4KEt2PukLumSb87MgAgq9MGrmUGTLosVIsfV9ecw/EAdwCHdb/n WXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWOSXTvPAAAEAwBIMEYCIQC1 VqCA9Jqiy9IkvmsB3fmMS7nVC8KFo8tYOlbThYVPEwIhANw+Ybfdy99ZLGIEand+ X9VPbWpwYqrKbJutUTGwqadRMA0GCSqGSIb3DQEBCwUAA4IBAQC8EH7A4HEsVlMA 2vhgSH3o5WByFIoVpiosQnhak899SwfHUMky2U9/KRAtVrABsiJ0DZ1pr8tf6Muf zTT84rHln6zhRdQ1LhSsqdTgVvvTBXWkeZdRgOZikt18sSbaz20nk5rVXeD9NdqZ x0fysVcdwT0VBXVQJ0EkdaH95TgW6w8p3tVIOolUX4D5rBBeYGkuBRGG+qWYLgW8 w0rhHkZ0XXWKrlqaVRksqbqLIIBud4p31sShSPC3q4gLksUGentgoaI16sfel36D WoEYFMTZ5lZUKbFSNHxqYXpjr3QqC6e8fVGwouGRQOXqGLGggNUu+X7r7s9vlqVl Qt1601eb -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0bIBj+uGoesWIv4pyBV 1l9wSZqHT5Gji52zZG2Gzcb+l69t9nj6pD4o/b7P7g/zOOXy6kTNO8LUZEcrtapT MiXQPredv9O2Oznsw+SvovoKAF6Mz9lBj8ZNayCwSRW0JGpfPxUwc0RBXPWCJDx9 0TtEHDzzctzS5gtbhGKMOwtNeyHVrdAvsWYpNDjf0+9JuyTUlDmkNtSwenPh2OX4 3mWDBMaGBwmQUOVt9it44F/xfLQybIYOnyAYAv7uChM9UXVka6NikSx6wAe5n66i b1k7aZ07yeoYIn+5/tlp3dHiU8PcC9iWEIvScQBN57nrOf4Zoa/elqm8xm3eCCg9 vwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 3110685679052495720878064981986754553 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-24 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-24 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Jersey' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pennington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bristol-Myers Squibb Co.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet Marketing' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.orencia.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19096887632140456049127057669929712399478322609227507242804170677277808577269085759270181749887538169180393839992035579868616260808404289879112097818347113084209404831236182114076305220023235349237177587421709489750600510855069514627604150588775382391661977944975041753447703518397261198544335260611825054704167073948866241265495051384932979725019635050133788617090226807413806154460136483941351768108517920110931582927024204553164040426109168772199197335978661400345638141339913367106917239727162861560203727377474232690940719300374005860378167558735629187858838472632135205029997180431281080390249159145891463445951 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a3c85e6554e53078c105ea070a6a59ccb9fede5a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a8bdd0747f2be33d654eb45b49dc42c7a5aeafaf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.orencia.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'orencia.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.daklinza.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000163925d3b360000040300463044022069aa2547439a2629f958b413b32109fd011f32907b3fd2df2a0eeb6e7d44c6bc02206b8284b763ee90bba649bf3b320020abd306ae65064cba2c548b1f57d79cc3f10077008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f00000163925d3bcf0000040300483046022100b556a080f49aa2cbd224be6b01ddf98c4bb9d50bc285a3cb583a56d385854f13022100dc3e61b7ddcbdf592c62046a777e5fd54f6d6a7062aaca6c9bad5131b0a9a751 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bc107ec0e0712c565300daf860487de8e56072148a15a62a2c42785a93cf7d4b07c750c932d94f7f29102d56b001b222740d9d69afcb5fe8cb9fcd34fce2b1e59face145d4352e14aca9d4e056fbd30575a479975180e66292dd7cb126dacf6d27939ad55de0fd35da99c747f2b1571dc13d1505755027412475a1fde53816eb0f29ded5483a89545f80f9ac105e60692e051186faa5982e05bcc34ae11e46745d758aae5a9a55192ca9ba8b20806e778a77d6c4a148f0b7ab880b92c5067a7b60a1a235eac7de977e835a811814c4d9e6565429b152347c6a617a63af742a0ba7bc7d51b0a2e19140e5ea18b1a080d52ef97eebeecf6f96a56542dd7ad3579b