*.rhein-zeitung.net
- Mittelrhein-Verlag GmbH -
Issued by Thawte RSA CA 2018
About this certificate
This digital certificate with serial number 0f:ca:b9:cd:8c:a8:13:a5:9f:b5:a4:cc:fa:65:54:2e was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Mittelrhein-Verlag GmbH
Organization:
Mittelrhein-Verlag GmbH
State / Province:
Rheinland Pfalz
Locality: Koblenz
Country: DE
Locality: Koblenz
Country: DE
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0f:ca:b9:cd:8c:a8:13:a5:9f:b5:a4:cc:fa:65:54:2eSerial Number (int): 20991032433278857950605702711956821038
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 1b:ea:27:ed:47:43:59:ff:92:39:c2:20:ee:85:54:49:69:6e:1b:3a
AuthorityKeyId: a3:c8:5e:65:54:e5:30:78:c1:05:ea:07:0a:6a:59:cc:b9:fe:de:5a
Fingerprint (sha1): 9e:fe:b9:d6:8c:1d:9b:d6:05:a1:b8:82:56:64:ee:4f:9c:82:58:f1
Fingerprint (sha256): 98:83:6d:8d:b2:3d:d8:bb:97:c2:64:2e:f5:0d:0b:60:a9:4c:91:fc:40:6b:60:a8:1c:44:47:26:48:5d:20:ff
Issuing Certificate URL: http://cacerts.thawte.com/ThawteRSACA2018.crt
Revocation information
OCSP Server: http://status.thawte.comCRL Distribution Point: http://cdp.thawte.com/ThawteRSACA2018.crl
Check the revocation status for certificate *.rhein-zeitung.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.rhein-zeitung.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.rhein-zeitung.net
rhein-zeitung.net
rhein-zeitung.net
Other certificates including the domain name rhein-zeitung.net
(limited to 100 certificates)
*.rhein-zeitung.net
*.int.rhein-zeitung.net
*.rhein-zeitung.net
*.rhein-zeitung.net
*.rhein-zeitung.net
watchg-qms.rhein-zeitung.net
*.rhein-zeitung.net
*.rhein-zeitung.net
*.rhein-zeitung.net
*.prod.rhein-zeitung.net
*.rhein-zeitung.net
*.rhein-zeitung.net
karriere.rhein-zeitung.net
karriere.rhein-zeitung.net
*.rhein-zeitung.net
*.rhein-zeitung.net
*.rhein-zeitung.net
*.int.rhein-zeitung.net
karriere.rhein-zeitung.net
*.int.rhein-zeitung.net
*.rhein-zeitung.net
*.rhein-zeitung.net
*.rhein-zeitung.net
watchg-qms.rhein-zeitung.net
*.rhein-zeitung.net
*.rhein-zeitung.net
*.rhein-zeitung.net
*.prod.rhein-zeitung.net
*.rhein-zeitung.net
*.rhein-zeitung.net
karriere.rhein-zeitung.net
karriere.rhein-zeitung.net
*.rhein-zeitung.net
*.rhein-zeitung.net
*.rhein-zeitung.net
*.int.rhein-zeitung.net
karriere.rhein-zeitung.net
Certificate
The complete raw certificate details for *.rhein-zeitung.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGjzCCBXegAwIBAgIQD8q5zYyoE6WftaTM+mVULjANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMRswGQYDVQQDExJUaGF3dGUgUlNBIENBIDIwMTgwHhcN MTkwMjEyMDAwMDAwWhcNMjEwMjExMTIwMDAwWjB5MQswCQYDVQQGEwJERTEYMBYG A1UECBMPUmhlaW5sYW5kIFBmYWx6MRAwDgYDVQQHEwdLb2JsZW56MSAwHgYDVQQK ExdNaXR0ZWxyaGVpbi1WZXJsYWcgR21iSDEcMBoGA1UEAwwTKi5yaGVpbi16ZWl0 dW5nLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANFvAeIWVJND WHdp37/KcJMQLAlWqHf28pfb1G6DvvG0DpPxxT/8WxH8agbV1SjBuyEjB+nTrzIK QMIa78Lt49girdvEhbz668WwFHnM2GWWOyaDNMj2ifJ9e/46LhkTgfwFUr2nFsLQ 8zrEkgCtkm1+jsyayyCc0Ct1brhwl6s5FvVfmgSwX5enHumu1KXgyG8JlQ4iJT8X 61vXs+a75mE9cJ1lCJ2If6VR7JzCODuSraCMJu2srA1H79a93XEx/zJCyZMo3Hdh IT10OZj1+tkYbwlV88r9dQqxUMKwtfB3ffrt49Ho5B2z+7K6z6CG+GG1XJzoaFtY qOhScw2ZF2sCAwEAAaOCAy4wggMqMB8GA1UdIwQYMBaAFKPIXmVU5TB4wQXqBwpq Wcy5/t5aMB0GA1UdDgQWBBQb6iftR0NZ/5I5wiDuhVRJaW4bOjAxBgNVHREEKjAo ghMqLnJoZWluLXplaXR1bmcubmV0ghFyaGVpbi16ZWl0dW5nLm5ldDAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDoGA1UdHwQz MDEwL6AtoCuGKWh0dHA6Ly9jZHAudGhhd3RlLmNvbS9UaGF3dGVSU0FDQTIwMTgu Y3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBz Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMG8GCCsGAQUFBwEBBGMw YTAkBggrBgEFBQcwAYYYaHR0cDovL3N0YXR1cy50aGF3dGUuY29tMDkGCCsGAQUF BzAChi1odHRwOi8vY2FjZXJ0cy50aGF3dGUuY29tL1RoYXd0ZVJTQUNBMjAxOC5j cnQwCQYDVR0TBAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHcApLkJkLQY WBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFo4fq4iQAABAMASDBGAiEA9H09 mfBC12Lf2b1PrtmNxE3tygeOHSgO9O19Ui7AClICIQCQzk4UN62gpBTnwjudNHb5 pJVvTShenlPKw2zDBXPUPwB1AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9e oIMPAAABaOH6uVwAAAQDAEYwRAIgYIBh8WuvDqzAmpewd65rAG7fwvnXUkPnkc25 2BMrggECIAtgxq2utJ77sk7L6xFDy5yLgLoNTf1JgBLoUSb1kd99AHYARJRlLrDu zq/EQAfYqP4owNrmgr7YyzG1P9MzlrW2gagAAAFo4fq4kgAABAMARzBFAiBYRDgg wR+ivAPI+4Z3kRaoHtWDuu8e7Mp4LfjlEvQr4QIhAK08DwK18iQgdjCtzAHtO/gn T7/hRcHQtJVKqXp1KGGfMA0GCSqGSIb3DQEBCwUAA4IBAQAHNnCOCYoMM7dROQVr 6oWhSndiTBuFYIOw/HxUAH+gmkMJzJGAj3TqylFohmL/4w+9hAvNJt3a7+vJc3n5 uSmF3aTGz5RyrdareFH5ReAMNJsNk9Ij1boVzQxh9M5iSQ7f3rTkPNKpNYw2duD2 HS0AerHYo5iV8Ijib0eZJoQ1lnxBhz41AaK/1HrJC8l1Bv4wDAu/aV52vexVeG8F JVWIJbYi9cxaxg6kvC8V3/agollwoaZP7ht9j5cLqyTgXJcPNDaXogfmRm5Pu2pT q7oous6t18V2C3ag/8C/Pit3jEO7+3xAG77Dqrdd+9AHUCg+IkqGi1vDQorvfF+X FmM8 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0W8B4hZUk0NYd2nfv8pw kxAsCVaod/byl9vUboO+8bQOk/HFP/xbEfxqBtXVKMG7ISMH6dOvMgpAwhrvwu3j 2CKt28SFvPrrxbAUeczYZZY7JoM0yPaJ8n17/jouGROB/AVSvacWwtDzOsSSAK2S bX6OzJrLIJzQK3VuuHCXqzkW9V+aBLBfl6ce6a7UpeDIbwmVDiIlPxfrW9ez5rvm YT1wnWUInYh/pVHsnMI4O5KtoIwm7aysDUfv1r3dcTH/MkLJkyjcd2EhPXQ5mPX6 2RhvCVXzyv11CrFQwrC18Hd9+u3j0ejkHbP7srrPoIb4YbVcnOhoW1io6FJzDZkX awIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 20991032433278857950605702711956821038 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-02-11 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rheinland Pfalz' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Koblenz' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Mittelrhein-Verlag GmbH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.rhein-zeitung.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26438545505362121018856602053138349807746937891138146073117173969248714068624869732517548959788442704416507470061035267723209147619436961126264261310357575947626540505879452925837211085100103261919684022573611986114001067192911536280370359174730067774413981901915148999851085485374310057793334828658388582484713967273952894790130426303046649688665726195648180416432777001282554678351965152987973801249820119217526589921451578918050675048023384577202835291278244621262278357787826899980687399799505473179668394487152524225650757992910817021315218579531278280225987928090816203266373124622217396214409553625542127327083 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a3c85e6554e53078c105ea070a6a59ccb9fede5a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1bea27ed474359ff9239c220ee855449696e1b3a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rhein-zeitung.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rhein-zeitung.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000168e1fab8890000040300483046022100f47d3d99f042d762dfd9bd4faed98dc44dedca078e1d280ef4ed7d522ec00a5202210090ce4e1437ada0a414e7c23b9d3476f9a4956f4d285e9e53cac36cc30573d43f0075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f00000168e1fab95c00000403004630440220608061f16baf0eacc09a97b077ae6b006edfc2f9d75243e791cdb9d8132b820102200b60c6adaeb49efbb24ecbeb1143cb9c8b80ba0d4dfd498012e85126f591df7d0076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a800000168e1fab8920000040300473045022058443820c11fa2bc03c8fb86779116a81ed583baef1eecca782df8e512f42be1022100ad3c0f02b5f224207630adcc01ed3bf8274fbfe145c1d0b4954aa97a7528619f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000736708e098a0c33b75139056bea85a14a77624c1b856083b0fc7c54007fa09a4309cc91808f74eaca51688662ffe30fbd840bcd26dddaefebc97379f9b92985dda4c6cf9472add6ab7851f945e00c349b0d93d223d5ba15cd0c61f4ce62490edfdeb4e43cd2a9358c3676e0f61d2d007ab1d8a39895f088e26f4799268435967c41873e3501a2bfd47ac90bc97506fe300c0bbf695e76bdec55786f0525558825b622f5cc5ac60ea4bc2f15dff6a0a25970a1a64fee1b7d8f970bab24e05c970f343697a207e6466e4fbb6a53abba28baceadd7c5760b76a0ffc0bf3e2b778c43bbfb7c401bbec3aab75dfbd00750283e224a868b5bc3428aef7c5f9716633c