boutique-en-ligne.ancv.com

- AGENCE NATIONALE POUR LES CHEQUES-VACANCES E.P.I.C. -

Issued by thawte Extended Validation SSL CA

About this certificate

This digital certificate with serial number 22:d0:33:04:24:eb:d2:21:4e:9e:70:4f:e2:fe:ff:d7 was issued on by thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

AGENCE NATIONALE POUR LES CHEQUES-VACANCES E.P.I.C.

Company registration number: 326 817 442
Organization: AGENCE NATIONALE POUR LES CHEQUES-VACANCES E.P.I.C.
State / Province: VAL D'OISE
Locality: SARCELLES
Country: FR

thawte, Inc.

Organization: thawte, Inc.
Organization unit: Terms of use at https://www.thawte.com/cps (c)06
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 22:d0:33:04:24:eb:d2:21:4e:9e:70:4f:e2:fe:ff:d7
Serial Number (int): 46274784334491370350259661227750784983
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: cd:32:e2:f2:5d:25:47:02:aa:8f:79:4b:32:ee:03:99:fd:30:49:d1

Fingerprint (sha1): c3:54:fb:b5:8f:02:cf:16:b9:2d:44:e8:63:96:5a:04:1b:0c:66:7c
Fingerprint (sha256): 9f:84:7e:78:bf:e1:a9:fb:90:7b:28:28:68:f1:db:a2:9a:f7:6f:76:db:9e:e8:88:91:06:53:2c:93:3e:9e:d3

Issuing Certificate URL: http://crl.thawte.com/ThawteEVCA2006.cer

Revocation information

OCSP Server: http://ocsp.thawte.com
CRL Distribution Point: http://crl.thawte.com/ThawteEVCA2006.crl

Check the revocation status for certificate boutique-en-ligne.ancv.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for boutique-en-ligne.ancv.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

boutique-en-ligne.ancv.com

Other certificates including the domain name ancv.com

(limited to 100 certificates)
telereglement.ancv.com
bsv.ancv.com
espace-client.ancv.com
www.ancv.com
*.connect.ancv.com
espace-ptl.ancv.com
bsv.ancv.com
telereglement.ancv.com
*.recette.ancv.com
tr.communication.ancv.com
adr.ancv.com
*.partenaires.espace-actionsociale.ancv.com
bsv.ancv.com
bsv.ancv.com
faq.ancv.com
eremboursement.ancv.com
tr.communication.ancv.com
*.ancv.com
www.ancv.com
eremboursement.ancv.com
telereglement.ancv.com
extranet1.ancv.com
telereglement.ancv.com
faq.ancv.com
espace-ptl.preprod.ancv.com
espace-client.ancv.com
adn.ancv.com
eremboursement.preprod.ancv.com
*.recette.ancv.com
auth.connect.ancv.com
espace-ptl.ancv.com
espace-ptl.preprod.ancv.com
www.ancv.com
*.secure-connect2.ancv.com
static.ancv.com
tr.communication.ancv.com
espace-client.ancv.com
telereglement.ancv.com
*.ancv.com
static.ancv.com
eremboursement.preprod.ancv.com
eremboursement.ancv.com
espace-ptl.ancv.com
espace-ptl.ancv.com
boutique-en-ligne.ancv.com
bsv.ancv.com
cvt-pro.ancv.com
www.ancv.com
telereglement.ancv.com
espace-ptl.ancv.com
eremboursement.preprod.ancv.com
boutique-en-ligne.ancv.com
espace-ptl.preprod.ancv.com
espace-ptl.ancv.com
eremboursement.preprod.ancv.com
bsv.ancv.com
extranet1.ancv.com
bsv.ancv.com
*.secure-connect2.preprod.ancv.com
boutique-en-ligne.ancv.com
*.preprod.ancv.com
tr.communication.ancv.com
tr.communication.ancv.com
adr.ancv.com
tr.communication.ancv.com
boutique-en-ligne.ancv.com
eremboursement.preprod.ancv.com
espace-client.ancv.com
*.ancv.com

*.imagine.ancv.com
espace-client.ancv.com
www.ancv.com
communications.ancv.com
telereglement.ancv.com
telereglement.ancv.com
infos.ancv.com
adr.ancv.com
espace-client.ancv.com
bsv.ancv.com
eremboursement.ancv.com
adn.ancv.com
info.ancv.com
www.ancv.com
static.ancv.com
tr.communication.ancv.com
*.imagine.ancv.com
bsv.ancv.com
*.secure-connect2.ancv.com
*.ancv.com
adn.ancv.com
information.ancv.com
*.connect.ancv.com
faq.ancv.com
*.ancv.com
*.secure-connect2.preprod.ancv.com
espace-ptl.preprod.ancv.com
telereglement.ancv.com
espace-ptl.ancv.com
eremboursement.preprod.ancv.com

Certificate

The complete raw certificate details for boutique-en-ligne.ancv.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIQItAzBCTr0iFOnnBP4v7/1zANBgkqhkiG9w0BAQUFADCB
izELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE5MDcGA1UECxMw
VGVybXMgb2YgdXNlIGF0IGh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzIChjKTA2
MSowKAYDVQQDEyF0aGF3dGUgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTU0wgQ0EwHhcN
MTQwMTEzMDAwMDAwWhcNMTUwMTEzMjM1OTU5WjCB4zETMBEGCysGAQQBgjc8AgED
EwJGUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xFDASBgNVBAUTCzMy
NiA4MTcgNDQyMQswCQYDVQQGEwJGUjETMBEGA1UECBQKVkFMIEQnT0lTRTESMBAG
A1UEBxQJU0FSQ0VMTEVTMTwwOgYDVQQKFDNBR0VOQ0UgTkFUSU9OQUxFIFBPVVIg
TEVTIENIRVFVRVMtVkFDQU5DRVMgRS5QLkkuQy4xIzAhBgNVBAMUGmJvdXRpcXVl
LWVuLWxpZ25lLmFuY3YuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0dSjtO3CW2WJG/mc5ZUUIiHdZhEUSEz/PRa34xolNzo3L354EBcQp1UoK7+s
w2KGF/L4xiYlwYt9OVcmLcEymki1CZGXhT7QUN/0Wb32Nr/NBV7KOZvFChzQaXpl
jdHgsWI6PDkn4NEoFmY+s33nOC7EiHYCuk3fwqtmiHZdi/zSFYxHyZ2XnFNgDEhr
up8Mp+m2RbnxkpbcPNPv72tH/EoERRvQN0EiiDdj60ChPzBAtd2uLZnWvFPWHf3E
mVc99hBP5J2unyhKGSoi6/BacfpmY9MyQaz5PtgO/9n3Jw8ebJOlzCAGtcwkQiME
j42nepIpV+Xt1qJFmpg9QmE2WQIDAQABo4IBbzCCAWswJQYDVR0RBB4wHIIaYm91
dGlxdWUtZW4tbGlnbmUuYW5jdi5jb20wCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMC
BaAwOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2NybC50aGF3dGUuY29tL1RoYXd0
ZUVWQ0EyMDA2LmNybDBCBgNVHSAEOzA5MDcGC2CGSAGG+EUBBzABMCgwJgYIKwYB
BQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzMB0GA1UdJQQWMBQGCCsG
AQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBTNMuLyXSVHAqqPeUsy7gOZ/TBJ
0TBoBggrBgEFBQcBAQRcMFowIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnRoYXd0
ZS5jb20wNAYIKwYBBQUHMAKGKGh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVF
VkNBMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAGEPcA6dQ+x4ApuygM+CR9PO
yYDiyjKXZRimWV9zNBDjZffSt5cUi/vBMLnu6ZHazSc8bkUj+N1TVcMgzgWdsbD4
R+qswBlWyf94zpzU2LTL4E0a6zaeNx1WKvwryJ/gDnOTHem1RwnjEJ1zQD5HJ1R4
Km3PUksJKGG24JKBYuZQikEjMZpdtJbT72XISFcSdn0VRbzsu6vbp2zYcGT+UuYp
mkryRkjG/D8VbvqI3EPncWEHTkenRWZE5BJuyexdy51aFuZ84xKYGimWp37Jhv3Q
3lSg7DlMhiC2cHOIduLXIJvDYndFOVjFqkTRz92QNnziieEUPNezXwZG3G1uXFE=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dSjtO3CW2WJG/mc5ZUU
IiHdZhEUSEz/PRa34xolNzo3L354EBcQp1UoK7+sw2KGF/L4xiYlwYt9OVcmLcEy
mki1CZGXhT7QUN/0Wb32Nr/NBV7KOZvFChzQaXpljdHgsWI6PDkn4NEoFmY+s33n
OC7EiHYCuk3fwqtmiHZdi/zSFYxHyZ2XnFNgDEhrup8Mp+m2RbnxkpbcPNPv72tH
/EoERRvQN0EiiDdj60ChPzBAtd2uLZnWvFPWHf3EmVc99hBP5J2unyhKGSoi6/Ba
cfpmY9MyQaz5PtgO/9n3Jw8ebJOlzCAGtcwkQiMEj42nepIpV+Xt1qJFmpg9QmE2
WQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 46274784334491370350259661227750784983
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Terms of use at https://www.thawte.com/cps (c)06'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte Extended Validation SSL CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-01-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-01-13 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '326 817 442'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'VAL D'OISE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'SARCELLES'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'AGENCE NATIONALE POUR LES CHEQUES-VACANCES E.P.I.C.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'boutique-en-ligne.ancv.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26488662173302335845207207234694891075927834292434096558303628872143378951551260269005336295806824991815883390508795364213935156222027326418991966837383923249511208167065396055991423093617320854451648802378077877286430253976302044586711994251525596219408910955189281967761177528981784262425833007086538947818547671455388521468401816862596129987794546142497503973958562188114936672317970897052364041037172055333521966675290811122015195382869527949053310427611842961365591608974311986579944708737975230515519151766822672117836574754171355039487651337349506604511759212905916880381199695566377841991405601789882012874329
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'boutique-en-ligne.ancv.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.thawte.com/ThawteEVCA2006.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (59 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.48.1 (Thawte EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName cd32e2f25d254702aa8f794b32ee0399fd3049d1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.thawte.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.thawte.com/ThawteEVCA2006.cer'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00610f700e9d43ec78029bb280cf8247d3cec980e2ca32976518a6595f733410e365f7d2b797148bfbc130b9eee991dacd273c6e4523f8dd5355c320ce059db1b0f847eaacc01956c9ff78ce9cd4d8b4cbe04d1aeb369e371d562afc2bc89fe00e73931de9b54709e3109d73403e472754782a6dcf524b092861b6e0928162e6508a4123319a5db496d3ef65c8485712767d1545bcecbbabdba76cd87064fe52e6299a4af24648c6fc3f156efa88dc43e77161074e47a7456644e4126ec9ec5dcb9d5a16e67ce312981a2996a77ec986fdd0de54a0ec394c8620b670738876e2d7209bc36277453958c5aa44d1cfdd90367ce289e1143cd7b35f0646dc6d6e5c51