www.bhf-bank.ch
- BHF-BANK (Schweiz) AG -
Issued by Thawte RSA CA 2018
About this certificate
This digital certificate with serial number 03:a7:69:66:d7:c4:06:63:2d:a4:7c:9c:94:d3:53:d0 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
BHF-BANK (Schweiz) AG
Organization:
BHF-BANK (Schweiz) AG
Organization unit: OPM
Organization unit: OPM
State / Province:
Zürich
Locality: Zürich
Country: CH
Locality: Zürich
Country: CH
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:a7:69:66:d7:c4:06:63:2d:a4:7c:9c:94:d3:53:d0Serial Number (int): 4856935363787280448982071319716910032
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: 59:58:2e:49:7a:6c:c4:71:bb:bb:b8:fd:9a:27:ca:14:2a:35:41:f6
AuthorityKeyId: a3:c8:5e:65:54:e5:30:78:c1:05:ea:07:0a:6a:59:cc:b9:fe:de:5a
Fingerprint (sha1): 92:00:17:0a:a8:94:4e:34:47:c8:95:59:ce:5c:af:80:84:cc:ea:fd
Fingerprint (sha256): aa:f4:1d:2f:67:f6:ba:c1:0f:a7:76:24:89:18:8d:ef:70:87:c9:bb:6b:a0:33:3a:f0:72:f3:7a:9d:20:e6:dd
Issuing Certificate URL: http://cacerts.thawte.com/ThawteRSACA2018.crt
Revocation information
OCSP Server: http://status.thawte.comCRL Distribution Point: http://cdp.thawte.com/ThawteRSACA2018.crl
Check the revocation status for certificate www.bhf-bank.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.bhf-bank.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.bhf-bank.ch
bhf-bank.ch
bhf-bank.ch
Other certificates including the domain name bhf-bank.ch
(limited to 100 certificates)
privat.bhf-bank.ch
securegw.bhf-bank.ch
webmail.oddo-bhf.ch
privat.bhf-bank.ch
*.bhf-bank.ch
privat.bhf-bank.ch
privat.bhf-bank.ch
privat.bhf-bank.ch
securegw.bhf-bank.ch
*.bhf-bank.ch
www.bhf-bank.ch
privat.bhf-bank.ch
privat.bhf-bank.ch
privat.bhf-bank.ch
webmail.oddo-bhf.ch
secure.bhf-bank.ch
www.bhf-bank.ch
secure.bhf-bank.ch
securegw.bhf-bank.ch
www.bhf-bank.ch
webmail.bhf-bank.ch
www.bhf-bank.ch
privat.bhf-bank.ch
webmail.bhf-bank.ch
www.bhf-bank.ch
secure.bhf-bank.ch
secure.bhf-bank.ch
webmail.bhf-bank.ch
privat.bhf-bank.ch
www.bhf-bank.ch
privat.bhf-bank.ch
www.bhf-bank.ch
securegw.bhf-bank.ch
securegw.bhf-bank.ch
webmail.oddo-bhf.ch
privat.bhf-bank.ch
*.bhf-bank.ch
privat.bhf-bank.ch
privat.bhf-bank.ch
privat.bhf-bank.ch
securegw.bhf-bank.ch
*.bhf-bank.ch
www.bhf-bank.ch
privat.bhf-bank.ch
privat.bhf-bank.ch
privat.bhf-bank.ch
webmail.oddo-bhf.ch
secure.bhf-bank.ch
www.bhf-bank.ch
secure.bhf-bank.ch
securegw.bhf-bank.ch
www.bhf-bank.ch
webmail.bhf-bank.ch
www.bhf-bank.ch
privat.bhf-bank.ch
webmail.bhf-bank.ch
www.bhf-bank.ch
secure.bhf-bank.ch
secure.bhf-bank.ch
webmail.bhf-bank.ch
privat.bhf-bank.ch
www.bhf-bank.ch
privat.bhf-bank.ch
www.bhf-bank.ch
securegw.bhf-bank.ch
Certificate
The complete raw certificate details for www.bhf-bank.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgIQA6dpZtfEBmMtpHyclNNT0DANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMRswGQYDVQQDExJUaGF3dGUgUlNBIENBIDIwMTgwHhcN MTgwNDI0MDAwMDAwWhcNMjAwNTIzMTIwMDAwWjB5MQswCQYDVQQGEwJDSDEQMA4G A1UECAwHWsO8cmljaDEQMA4GA1UEBwwHWsO8cmljaDEeMBwGA1UEChMVQkhGLUJB TksgKFNjaHdlaXopIEFHMQwwCgYDVQQLEwNPUE0xGDAWBgNVBAMTD3d3dy5iaGYt YmFuay5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALCvTQ3bouuL 7TibZXjUxPkFVipKVq5bAVXIXtW2r4HbG2SWmq5wzN4dxkW+y7bTAKNafCCas471 1Xiw6tyZW9g+GKhoQFkzo9ck2E/vbSBL+lZM6Kd/pM09hI/HxeeWm6x+rkZdQfIW HcxJZ5RJSzjWONKWFh/fZWn83EA0AuDoRfIeMKRIUVFgnv0/CuXlKW+wo2DxmZ63 TeiYl5VDproxl9EJJnWdzkmrdK6tQAPgfk5VUn79+mQaWYmi6AGM0KoO1vljWAED +0w1LKPEaWMVWSXnooGHcKXBtJXCVpiZsCupctBwxV6UD2+SKYjnAN6skynqZaQr QohQNn0ZyQMCAwEAAaOCAbcwggGzMB8GA1UdIwQYMBaAFKPIXmVU5TB4wQXqBwpq Wcy5/t5aMB0GA1UdDgQWBBRZWC5JemzEcbu7uP2aJ8oUKjVB9jAnBgNVHREEIDAe gg93d3cuYmhmLWJhbmsuY2iCC2JoZi1iYW5rLmNoMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOgYDVR0fBDMwMTAvoC2gK4Yp aHR0cDovL2NkcC50aGF3dGUuY29tL1RoYXd0ZVJTQUNBMjAxOC5jcmwwTAYDVR0g BEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGln aWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbwYIKwYBBQUHAQEEYzBhMCQGCCsGAQUF BzABhhhodHRwOi8vc3RhdHVzLnRoYXd0ZS5jb20wOQYIKwYBBQUHMAKGLWh0dHA6 Ly9jYWNlcnRzLnRoYXd0ZS5jb20vVGhhd3RlUlNBQ0EyMDE4LmNydDAJBgNVHRME AjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQDByR83 tyO1ZY8Bvl/gIt80ZjFJ9htQfwQ5CGTZ7sBM2AKJZxvLfKpt5iAIfDRbYFVwDGxj M87ObKrZ9svlh+RB8vwIeKXJGXuEStD0toplyg/AjxbPklz2NSUJmOPaX83ni6o7 QXXD6cFavY47Or98TteUZ27ZJC0h6WAyfl22r4k7U32KjeGeJ/mFOOlDi+crxsdT qNO8MTJbYObQSuH3V0AwtBvJlMKyo0hNVcH72q/rISWSDOUhC+HC/Hklo9KZcN3h c57mZ7NRX7zj5EFLGb876gASFbcPP06zadIAPXMr5kLISPlOQ7lkSa8FQfMrTIfb MhwW5I0D4mnYrP4G -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsK9NDdui64vtOJtleNTE +QVWKkpWrlsBVche1bavgdsbZJaarnDM3h3GRb7LttMAo1p8IJqzjvXVeLDq3Jlb 2D4YqGhAWTOj1yTYT+9tIEv6Vkzop3+kzT2Ej8fF55abrH6uRl1B8hYdzElnlElL ONY40pYWH99lafzcQDQC4OhF8h4wpEhRUWCe/T8K5eUpb7CjYPGZnrdN6JiXlUOm ujGX0QkmdZ3OSat0rq1AA+B+TlVSfv36ZBpZiaLoAYzQqg7W+WNYAQP7TDUso8Rp YxVZJeeigYdwpcG0lcJWmJmwK6ly0HDFXpQPb5IpiOcA3qyTKeplpCtCiFA2fRnJ AwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4856935363787280448982071319716910032 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-24 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-23 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zürich' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zürich' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BHF-BANK (Schweiz) AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'OPM' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.bhf-bank.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22304385815346721178771912576084478715985674689410386324409003541465737942654668920598954171224901220471271764780816902133522229773003187139816874505437212412495538608395335787132311239345256723058570161260340168773572272171928699211888217047134820219474526960941660223981007329087859052154404795609897420325106561862061984789661812910073803562314296110895695453937689666714001019873793627252887870326821473095667052491505166006770889872025375550539617615575720387309108026577429219778259331550994978209802401525459006694612959078669871331151373511137433885292217214143788070497531628447565350411556291569380885121283 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a3c85e6554e53078c105ea070a6a59ccb9fede5a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 59582e497a6cc471bbbbb8fd9a27ca142a3541f6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bhf-bank.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bhf-bank.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00c1c91f37b723b5658f01be5fe022df34663149f61b507f04390864d9eec04cd80289671bcb7caa6de620087c345b6055700c6c6333cece6caad9f6cbe587e441f2fc0878a5c9197b844ad0f4b68a65ca0fc08f16cf925cf635250998e3da5fcde78baa3b4175c3e9c15abd8e3b3abf7c4ed794676ed9242d21e960327e5db6af893b537d8a8de19e27f98538e9438be72bc6c753a8d3bc31325b60e6d04ae1f7574030b41bc994c2b2a3484d55c1fbdaafeb2125920ce5210be1c2fc7925a3d29970dde1739ee667b3515fbce3e4414b19bf3bea001215b70f3f4eb369d2003d732be642c848f94e43b96449af0541f32b4c87db321c16e48d03e269d8acfe06