FRIAR.SAFERCAR.GOV

- NATIONAL HIGHWAY TRAFFIC SAFETY ADMINISTRATION -

Issued by thawte SSL CA - G2

About this certificate

This digital certificate with serial number 37:e3:f8:14:b1:96:d1:4d:6a:fc:14:0f:04:53:65:8f was issued on by thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

NATIONAL HIGHWAY TRAFFIC SAFETY ADMINISTRATION

Organization: NATIONAL HIGHWAY TRAFFIC SAFETY ADMINISTRATION
State / Province: Massachusetts
Locality: Cambridge
Country: US

thawte, Inc.

Organization: thawte, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 37:e3:f8:14:b1:96:d1:4d:6a:fc:14:0f:04:53:65:8f
Serial Number (int): 74291222832163908794961245460208248207
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: c2:4f:48:57:fc:d1:4f:9a:c0:5d:38:7d:0e:05:db:d9:2e:b5:52:60

Fingerprint (sha1): 54:8d:5f:59:66:a9:fb:11:bd:a2:2a:7f:05:a7:f4:fa:32:9f:c1:1a
Fingerprint (sha256): a1:7c:4e:ec:62:21:a9:38:fd:67:83:04:ee:cc:7e:cf:81:b8:f8:98:a5:dd:f7:4a:9f:4f:52:69:f0:6c:42:3c

Issuing Certificate URL: http://tj.symcb.com/tj.crt

Revocation information

OCSP Server: http://tj.symcd.com
CRL Distribution Point: http://tj.symcb.com/tj.crl

Check the revocation status for certificate FRIAR.SAFERCAR.GOV

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for FRIAR.SAFERCAR.GOV

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

FRIAR.SAFERCAR.GOV

Other certificates including the domain name SAFERCAR.GOV

(limited to 100 certificates)

Certificate

The complete raw certificate details for FRIAR.SAFERCAR.GOV in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgIQN+P4FLGW0U1q/BQPBFNljzANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTcwNTI1MDAwMDAwWhcNMTkwNTI1MjM1OTU5
WjCBjzELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDU1hc3NhY2h1c2V0dHMxEjAQBgNV
BAcMCUNhbWJyaWRnZTE3MDUGA1UECgwuTkFUSU9OQUwgSElHSFdBWSBUUkFGRklD
IFNBRkVUWSBBRE1JTklTVFJBVElPTjEbMBkGA1UEAwwSRlJJQVIuU0FGRVJDQVIu
R09WMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkZWtEhHGkcRjNkiT
GQNJbW3sluF51TXUnpC5VpWP52f+pUG7QF7Hfcv/V4dvFSPNBYjoeUesE8QHf0ow
Eax4QiFtWKldJKQOKZ4K/FcVMBUGfmGYDnueeak7gNB31zslx6daZmRJnpYJNTxs
34NWKYvcgh2ZGzJnEP61H+GK1mmAoAFKAO8/Jub3xbjw9uRT+bynaWCimlM5C2sP
qVIzecbxCfWjMz3J6hyAvufxCMj+Abrw2a4sFZPMlr4adw3HjzbaGY90EOifNoxX
7VHX90+DvRMjZ+p0iK+FPIkizipGsmIPPmj4ZoeUUUEYfx46QURllzjnzxpbeadj
Z1hATaQrfoWJCQL4obdPduwsU6gb8q24YjlNBsAbMzc/veA3oYZTbbN2W8nanmjN
XpIN9kQm+o8QUQAvm9dd9vngUb55ToW2qBZBL10Z8TKFlipTSc63jJySu/qOEmDM
Pgg5ipLy00OKl4C4VUlvlKSkMDWUcEDOy0SX/QdDpdn0+kin2G5axMc8nxJhSmvz
o3h4dfocsrDneEtpLnfhQokx8+lIOxc1cNsyE3XXNOJBS6LXQtC3MfEcwGUH7t5B
dhXEuojpfmVvAZWuMPiWiGus/0Pt06DWbv4M2iaeI+67xaqY+12SPuuHbaCjHEpT
YYME5qxURBJbacInPu5FpLB8798CAwEAAaOCAYkwggGFMB0GA1UdEQQWMBSCEkZS
SUFSLlNBRkVSQ0FSLkdPVjAJBgNVHRMEAjAAMG4GA1UdIARnMGUwYwYGZ4EMAQIC
MFkwJgYIKwYBBQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzMC8GCCsG
AQUFBwICMCMMIWh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vcmVwb3NpdG9yeTAOBgNV
HQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUwk9IV/zRT5rAXTh9DgXb2S61UmAwKwYD
VR0fBCQwIjAgoB6gHIYaaHR0cDovL3RqLnN5bWNiLmNvbS90ai5jcmwwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFcGCCsGAQUFBwEBBEswSTAfBggrBgEF
BQcwAYYTaHR0cDovL3RqLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3Rq
LnN5bWNiLmNvbS90ai5jcnQwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcN
AQELBQADggEBAFEQLlooprAmnyttp6y4OsTO502BopeXhGLaPFPmZTxBrXJD8+oI
3bBtluBjl80YfyHSv2QiKF/pgKkQIp8GOWxkkSNgrgEpqCzUBmSjnnGta0RF/Iti
PqLKuvwU1nyB4eoEq33fo6J+nwPyH2jI7FT4X25wZxayj6ar7eP+JRC9VrTCmBsr
Cm+8/ZM0OyBHjI7QSc+5ECnrjhgqn0wqM14AmHH2pTMBMShBKgX5MWPvNBEeg9uN
MLUszFnl03qm0//dWxPbExUgWuDCWnNHXAIKfF0M7ThZqgL1fTGIuREJ35VMdH06
obW0L1S8qJaI6uUXdq9Aa3b5xDqre0HYepE=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkZWtEhHGkcRjNkiTGQNJ
bW3sluF51TXUnpC5VpWP52f+pUG7QF7Hfcv/V4dvFSPNBYjoeUesE8QHf0owEax4
QiFtWKldJKQOKZ4K/FcVMBUGfmGYDnueeak7gNB31zslx6daZmRJnpYJNTxs34NW
KYvcgh2ZGzJnEP61H+GK1mmAoAFKAO8/Jub3xbjw9uRT+bynaWCimlM5C2sPqVIz
ecbxCfWjMz3J6hyAvufxCMj+Abrw2a4sFZPMlr4adw3HjzbaGY90EOifNoxX7VHX
90+DvRMjZ+p0iK+FPIkizipGsmIPPmj4ZoeUUUEYfx46QURllzjnzxpbeadjZ1hA
TaQrfoWJCQL4obdPduwsU6gb8q24YjlNBsAbMzc/veA3oYZTbbN2W8nanmjNXpIN
9kQm+o8QUQAvm9dd9vngUb55ToW2qBZBL10Z8TKFlipTSc63jJySu/qOEmDMPgg5
ipLy00OKl4C4VUlvlKSkMDWUcEDOy0SX/QdDpdn0+kin2G5axMc8nxJhSmvzo3h4
dfocsrDneEtpLnfhQokx8+lIOxc1cNsyE3XXNOJBS6LXQtC3MfEcwGUH7t5BdhXE
uojpfmVvAZWuMPiWiGus/0Pt06DWbv4M2iaeI+67xaqY+12SPuuHbaCjHEpTYYME
5qxURBJbacInPu5FpLB8798CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 74291222832163908794961245460208248207
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte SSL CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-05-25 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-25 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Massachusetts'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Cambridge'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NATIONAL HIGHWAY TRAFFIC SAFETY ADMINISTRATION'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'FRIAR.SAFERCAR.GOV'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 593933643917344121433303856179349625769701730374993030620478396822847438392493427830780349453512623951396159949323501188772819126710549041547352617813706172594934715642173415966852314066699272977752678491045109118423518261241877090012748239585421303488264430661907136185894311474145708072254524414413387974796109145042848360930311486791335376752579037738755705931363753699208043656792980834331046570553630363376480672558659678294876294248243470271174095628584994384222151584306714221306616077839652548749902637240518023894357764503970011350751414495628958320830932564694682392859160260166364785279836886990196978078435411671516541898361770647474198598227567045582662908525813777153228375553993630836760296375279033218027585308422512113434215260170017645568882442007361967542378204387993186227564055238420662930449004759991967780848840193081054754076651639109389810803445079701483564091566675673235979494204029682380964344949169296157183292597919309778465144927192853810521891918964399655377569615059968314061450750772603915634754442036044743820878025501109846711132373557251937287244368526416765323156822880063742007763424865183836237454220676363975796745292371563071350897630904848692069949105713561231526068969661959504423911485407
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'FRIAR.SAFERCAR.GOV'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c24f4857fcd14f9ac05d387d0e05dbd92eb55260
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0051102e5a28a6b0269f2b6da7acb83ac4cee74d81a297978462da3c53e6653c41ad7243f3ea08ddb06d96e06397cd187f21d2bf6422285fe980a910229f06396c64912360ae0129a82cd40664a39e71ad6b4445fc8b623ea2cabafc14d67c81e1ea04ab7ddfa3a27e9f03f21f68c8ec54f85f6e706716b28fa6abede3fe2510bd56b4c2981b2b0a6fbcfd93343b20478c8ed049cfb91029eb8e182a9f4c2a335e009871f6a533013128412a05f93163ef34111e83db8d30b52ccc59e5d37aa6d3ffdd5b13db1315205ae0c25a73475c020a7c5d0ced3859aa02f57d3188b91109df954c747d3aa1b5b42f54bca89688eae51776af406b76f9c43aab7b41d87a91