*.xempus.com
Issued by Thawte TLS RSA CA G1
About this certificate
This digital certificate with serial number 07:92:89:c6:da:ff:34:b7:21:36:95:e9:c4:f2:63:8a was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.xempus.com
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 07:92:89:c6:da:ff:34:b7:21:36:95:e9:c4:f2:63:8aSerial Number (int): 10065465756908631213538521396366435210
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 1c:43:5d:c1:ad:ed:91:c7:d8:cd:2c:1d:db:98:e1:fd:92:a9:81:5f
AuthorityKeyId: a5:8c:fe:32:cc:eb:0f:2c:d4:19:c6:08:b8:00:24:88:5d:c3:c5:b7
Fingerprint (sha1): a7:e9:72:95:76:db:9c:0e:d8:98:f6:a3:1f:b0:86:df:33:f3:6c:e8
Fingerprint (sha256): 91:e7:16:be:ba:9c:ca:7f:a3:0b:7e:24:3a:43:ad:46:8c:00:da:00:7f:ff:34:27:66:5c:fd:08:18:41:d4:e6
Issuing Certificate URL: http://cacerts.thawte.com/ThawteTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.thawte.comCRL Distribution Point: http://cdp.thawte.com/ThawteTLSRSACAG1.crl
Check the revocation status for certificate *.xempus.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.xempus.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.xempus.com
xempus.com
xempus.com
Other certificates including the domain name xempus.com
(limited to 100 certificates)
status.itsnationwide.com
overturstatus.allegion.com
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
status.managementcouncil.org
status.qualyteam.com.br
status.logicpath.com
videoberatung.xempus.com
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
partner-status.verify.interac-id.ca
status.fringesecure.com
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
status.madeinleander.com
status.itsnationwide.com
status.zoho.jp
*.xempus.com
status.blitzrocks.net
webstatus.engr.ucdavis.edu
status.fringesecure.com
status.managementcouncil.org
status.itsnationwide.com
status.zoho.jp
webstatus.engr.ucdavis.edu
status.mscloud.ca
status-salus-na.uleeco.com
status.elmohub.com.au
webstatus.engr.ucdavis.edu
status.startlink.com.br
webstatus.engr.ucdavis.edu
status.console.macrometa.io
status.mybookingplatform.com
overturstatus.allegion.com
status.madeinleander.com
status.metaserve.cloud
webstatus.engr.ucdavis.edu
status.ahima.app
status.mybookingplatform.com
status.mybookingplatform.com
status.hub.verifiedidentitysolutions.com
status.logicpath.com
status.managementcouncil.org
status.albania10.com.br
status.elmohub.com.au
webstatus.engr.ucdavis.edu
status.teamtexter.io
videoberatung.xempus.com
*.xempus.com
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
status.startlink.com.br
status.startlink.com.br
status-namer-attest.gtil.gt.com
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
status.hub.verifiedidentitysolutions.com
status.managementcouncil.org
status.plantdemand.com
status.eicatalyst.com
status.blitzrocks.net
status.fringesecure.com
status.elmohub.com.au
status.qualyteam.com.br
status.startlink.com.br
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
maintenance.xempus.com
status.zoho.jp
status.albania10.com.br
status.dev.ulaval.ca
status.elmohub.com.au
status.logicpath.com
status-salus-na.uleeco.com
webstatus.engr.ucdavis.edu
old.xbav.de
xempus.com
webstatus.engr.ucdavis.edu
status.tecfiscal.linx.com.br
status.teamtexter.io
webstatus.engr.ucdavis.edu
status.eicatalyst.com
apimonitoring.carletoninc.com
partner-status.verify.interac-id.ca
status.logicpath.com
webstatus.engr.ucdavis.edu
status.teamtexter.io
status.success.ai
status-namer-attest.gtil.gt.com
status.madeinleander.com
status.hub.verifiedidentitysolutions.com
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
status.itsnationwide.com
overturstatus.allegion.com
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
status.managementcouncil.org
status.qualyteam.com.br
status.logicpath.com
videoberatung.xempus.com
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
partner-status.verify.interac-id.ca
status.fringesecure.com
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
status.madeinleander.com
status.itsnationwide.com
status.zoho.jp
*.xempus.com
status.blitzrocks.net
webstatus.engr.ucdavis.edu
status.fringesecure.com
status.managementcouncil.org
status.itsnationwide.com
status.zoho.jp
webstatus.engr.ucdavis.edu
status.mscloud.ca
status-salus-na.uleeco.com
status.elmohub.com.au
webstatus.engr.ucdavis.edu
status.startlink.com.br
webstatus.engr.ucdavis.edu
status.console.macrometa.io
status.mybookingplatform.com
overturstatus.allegion.com
status.madeinleander.com
status.metaserve.cloud
webstatus.engr.ucdavis.edu
status.ahima.app
status.mybookingplatform.com
status.mybookingplatform.com
status.hub.verifiedidentitysolutions.com
status.logicpath.com
status.managementcouncil.org
status.albania10.com.br
status.elmohub.com.au
webstatus.engr.ucdavis.edu
status.teamtexter.io
videoberatung.xempus.com
*.xempus.com
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
status.startlink.com.br
status.startlink.com.br
status-namer-attest.gtil.gt.com
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
status.hub.verifiedidentitysolutions.com
status.managementcouncil.org
status.plantdemand.com
status.eicatalyst.com
status.blitzrocks.net
status.fringesecure.com
status.elmohub.com.au
status.qualyteam.com.br
status.startlink.com.br
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
maintenance.xempus.com
status.zoho.jp
status.albania10.com.br
status.dev.ulaval.ca
status.elmohub.com.au
status.logicpath.com
status-salus-na.uleeco.com
webstatus.engr.ucdavis.edu
old.xbav.de
xempus.com
webstatus.engr.ucdavis.edu
status.tecfiscal.linx.com.br
status.teamtexter.io
webstatus.engr.ucdavis.edu
status.eicatalyst.com
apimonitoring.carletoninc.com
partner-status.verify.interac-id.ca
status.logicpath.com
webstatus.engr.ucdavis.edu
status.teamtexter.io
status.success.ai
status-namer-attest.gtil.gt.com
status.madeinleander.com
status.hub.verifiedidentitysolutions.com
webstatus.engr.ucdavis.edu
webstatus.engr.ucdavis.edu
status.itsnationwide.com
Certificate
The complete raw certificate details for *.xempus.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGGTCCBQGgAwIBAgIQB5KJxtr/NLchNpXpxPJjijANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRUaGF3dGUgVExTIFJTQSBDQSBHMTAe Fw0yNDAyMTAwMDAwMDBaFw0yNTAzMTAyMzU5NTlaMBcxFTATBgNVBAMMDCoueGVt cHVzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ+l/SYJoOBv Yfr8S2v8wAss7o5PLhPSpwlmG3ft3ODF10BbNgssxcU14kJwotYWrKhfw44H2xmy iQs2z7c9N8NaWxlZppC2icxb/toxK+pe5LNeoVelD0xZEe3ws7nfjpCgG8Vjt/K6 bV4jclgkwatw5AYJ9Bp55LeAGLRysfS1n5aPLAfudmxhHWzR6XRszpqhlbDNAAQm yLBSMfl7kt53zPGelZDx8MbU5SeIlq2yFwBQUHwXZ+5foilCYceP8ScXwztsrNVF qMVxX/qfCrbQ1kQpTaKEGPXUjkpuC2GlJPzbuQzZoR1gaIVn/6NSnZL0FZjKqIO7 93vOBFm47/sCAwEAAaOCAxgwggMUMB8GA1UdIwQYMBaAFKWM/jLM6w8s1BnGCLgA JIhdw8W3MB0GA1UdDgQWBBQcQ13Bre2Rx9jNLB3bmOH9kqmBXzAjBgNVHREEHDAa ggwqLnhlbXB1cy5jb22CCnhlbXB1cy5jb20wPgYDVR0gBDcwNTAzBgZngQwBAgEw KTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0f BDQwMjAwoC6gLIYqaHR0cDovL2NkcC50aGF3dGUuY29tL1RoYXd0ZVRMU1JTQUNB RzEuY3JsMHAGCCsGAQUFBwEBBGQwYjAkBggrBgEFBQcwAYYYaHR0cDovL3N0YXR1 cy50aGF3dGUuY29tMDoGCCsGAQUFBzAChi5odHRwOi8vY2FjZXJ0cy50aGF3dGUu Y29tL1RoYXd0ZVRMU1JTQUNBRzEuY3J0MAwGA1UdEwEB/wQCMAAwggF/BgorBgEE AdZ5AgQCBIIBbwSCAWsBaQB3AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFi mjnfAAABjZK0v1YAAAQDAEgwRgIhAKKocEpO68wQ0RwAUmMoNZxuSVaGWIdkcANT 13rzrHhSAiEAnVuKooIXxyK2491SqDwBgab0c/7pwUQIsbAV+FYbe60AdgB9WR4S 4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kOjC55uAAAAY2StL97AAAEAwBHMEUCIAbB 6wFgdakChM77sZ87Whf9v4WoKP7oq/MtzqKLIJOXAiEA0xRwUm1KryuP6EA9MWXk E6txGR8P/f5kBo8eT0CP6rgAdgDm0jFjQHeMwRBBBtdxuc7B0kD2loSG+7qHMh39 HjeOUAAAAY2StL+pAAAEAwBHMEUCIFy0CUV/onEVoQMksChFlwELrOqxFxhUmxha SCkpkjoZAiEAzBjYODzDFtb+R2x2brj/r1uYCe5TIpjRj9rC+rCHZAwwDQYJKoZI hvcNAQELBQADggEBABFK1ZpB7eVHhz4gga/hG6rtcEQ2FXLmoT4bMPFX82SKn2d+ L9xWnuP/eR3guUVP7ySZ18Y1C8yHHQBB86O5NQS/NCIz+6Fqj3CkZhGGMedXJ/Ho qbNyxwDDBNwyDWw8xdf/x5ug1eyMpJMYqxb1Acwmo2GloQm39qBGWEXr0cI1I9Tl B/rsYJtN+wRCVyfRFrVMOo9O1cL/znvBMvVWPGpK9n0Cb9WqaQYEfltyEZZqHxnl hPIC8Q8bXBsTBsG5NkiSI1VjjB+iWMjUTAKaMnZoGSK85wTQDYno5NlrcoYPf0JI h3ST5pPH5sq69/KPcBp1YCHPG/RfHiFCHu1theg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6X9Jgmg4G9h+vxLa/zA Cyzujk8uE9KnCWYbd+3c4MXXQFs2CyzFxTXiQnCi1hasqF/DjgfbGbKJCzbPtz03 w1pbGVmmkLaJzFv+2jEr6l7ks16hV6UPTFkR7fCzud+OkKAbxWO38rptXiNyWCTB q3DkBgn0Gnnkt4AYtHKx9LWflo8sB+52bGEdbNHpdGzOmqGVsM0ABCbIsFIx+XuS 3nfM8Z6VkPHwxtTlJ4iWrbIXAFBQfBdn7l+iKUJhx4/xJxfDO2ys1UWoxXFf+p8K ttDWRClNooQY9dSOSm4LYaUk/Nu5DNmhHWBohWf/o1KdkvQVmMqog7v3e84EWbjv +wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10065465756908631213538521396366435210 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-10 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-10 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.xempus.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20153742647958542717410573560408432437376295805467482580080141878913596037941716252216234354709005521124901228172511327895229047119614732569466623121381240311212423663342648972469988639731927535607090077914272200771163564536803202030359356414907648835800028055585633245228273817191538423931706494987336749445214169077335986753656463011779254284834418607026204954165639395638260054713392405183451849705766363674726900285087256299562141126270584054532558500722302630958693951740730468243456927870343707308059255144417411778744560386661383111521951007673825657085752644136403649161233717013336092821196041530304884174843 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a58cfe32cceb0f2cd419c608b80024885dc3c5b7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1c435dc1aded91c7d8cd2c1ddb98e1fd92a9815f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.xempus.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'xempus.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 01690077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d92b4bf560000040300483046022100a2a8704a4eebcc10d11c00526328359c6e495686588764700353d77af3ac78520221009d5b8aa28217c722b6e3dd52a83c0181a6f473fee9c14408b1b015f8561b7bad0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018d92b4bf7b0000040300473045022006c1eb016075a90284cefbb19f3b5a17fdbf85a828fee8abf32dcea28b209397022100d31470526d4aaf2b8fe8403d3165e413ab71191f0ffdfe64068f1e4f408feab8007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018d92b4bfa9000004030047304502205cb409457fa27115a10324b0284597010baceab11718549b185a482929923a19022100cc18d8383cc316d6fe476c766eb8ffaf5b9809ee532298d18fdac2fab087640c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00114ad59a41ede547873e2081afe11baaed7044361572e6a13e1b30f157f3648a9f677e2fdc569ee3ff791de0b9454fef2499d7c6350bcc871d0041f3a3b93504bf342233fba16a8f70a466118631e75727f1e8a9b372c700c304dc320d6c3cc5d7ffc79ba0d5ec8ca49318ab16f501cc26a361a5a109b7f6a0465845ebd1c23523d4e507faec609b4dfb04425727d116b54c3a8f4ed5c2ffce7bc132f5563c6a4af67d026fd5aa6906047e5b7211966a1f19e584f202f10f1b5c1b1306c1b93648922355638c1fa258c8d44c029a3276681922bce704d00d89e8e4d96b72860f7f4248877493e693c7e6cabaf7f28f701a756021cf1bf45f1e21421eed6d85e8