www.haveabreak.nl

Issued by Nestle External CA

About this certificate


This digital certificate with serial number 15:a7:8e:f4:00:01:00:00:20:bb was issued on by Nestle .

While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • ERROR: KeyUsage extension SHOULD be marked as critical when present
  • WARNING: Certificate contains unknown extension ([1.2.840.113549.1.9.15])
  • ERROR: Certificate doesn't contain any subjectAltName
  • ERROR: Certificate CN is not listed in subjectAltName

Nestlé

Organization: Nestlé
Organization unit: ssl
State / Province: NH
Locality: Amsterdam
Country: NL

Nestle

Organization: Nestle
Organization unit: IS/IT
State / Province: NH
Locality: Amsterdam
Country: NL

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 15:a7:8e:f4:00:01:00:00:20:bb
Serial Number (int): 102260603258824042750139
Serial Number lenght: 77 bits, 10 octets

SubjectKeyId: f6:6f:d8:5c:f9:0a:c1:82:bf:b8:14:5f:95:c9:a0:46:c3:dd:21:f8
AuthorityKeyId: ab:12:9a:d0:62:96:3b:a6:95:83:ee:54:26:a8:cd:d7:6f:71:0b:e2

Fingerprint (sha1): e2:7c:31:b7:6f:3b:6a:16:13:2b:b7:23:dd:19:96:31:ee:92:34:b1
Fingerprint (sha256): a1:06:48:27:14:d6:7e:0c:b3:c8:d2:a9:90:15:3c:b4:50:57:2c:40:15:ab:1e:41:1a:0a:e5:5e:cb:9c:86:35

Issuing Certificate URL: http://crl.nestle.com/Nestle%20External%20CA(1).crt

Revocation information

CRL Distribution Point: http://crl.nestle.com/Nestle%20External%20CA(1).crl

Check the revocation status for the current certificate on www.haveabreak.nl
0
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any subject alternative names (DNS Name).

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIGcDCCBFigAwIBAgIKFaeO9AABAAAguzANBgkqhkiG9w0BAQUFADCBljELMAkG A1UEBhMCQ0gxDTALBgNVBAgTBFZhdWQxDjAMBgNVBAcTBVZldmV5MQ8wDQYDVQQK EwZOZXN0bGUxDjAMBgNVBAsTBUlTL0lUMRswGQYDVQQDExJOZXN0bGUgRXh0ZXJu YWwgQ0ExKjAoBgkqhkiG9w0BCQEWG3BraS1zZWN1cml0eS1leHRAbmVzdGxlLmNv bTAeFw0xMzA5MDIxMzA4MDVaFw0xNjA5MDExMzA4MDVaMGoxCzAJBgNVBAYTAk5M MQswCQYDVQQIEwJOSDESMBAGA1UEBxMJQW1zdGVyZGFtMRAwDgYDVQQKDAdOZXN0 bMOpMQwwCgYDVQQLEwNzc2wxGjAYBgNVBAMTEXd3dy5oYXZlYWJyZWFrLm5sMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZN/lZgyPkZXhG5n7Ffc8EOa rMjUI1xK0pvH/5Xdy6RYCdDUSynaK1t84M0Tt+DAF00IjhFe95lpXHHql/qzrIJF 89GA/gBFfKJW6z2n5Z70Zjll/uBzOnAdlflm4+OY95qzBRMRqGZy7FxowArIbtyv Q2RnKuv5YX8YMHgbsovh4pXms1qT0Qdj1CJ7ujViFcUxYv19VcynQfXG+FBhJ1We F5iduKHXeAnB+YiZvKDH1fJRy7DFbXtZ+2ysQew1j6mSnVdZSSurmkEBguGJE0sN GldQBcV4ccA3eVrMWDTii0NRMIUri88+naoqzDjWNA8XSvBU1ez835jjH/plmQID AQABo4IB6TCCAeUwCwYDVR0PBAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr BgEFBQcDATB4BgkqhkiG9w0BCQ8EazBpMA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG 9w0DBAICAIAwCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBLTALBglghkgBZQMEAQIw CwYJYIZIAWUDBAEFMAcGBSsOAwIHMAoGCCqGSIb3DQMHMB0GA1UdDgQWBBT2b9hc +QrBgr+4FF+VyaBGw90h+DAfBgNVHSMEGDAWgBSrEprQYpY7ppWD7lQmqM3Xb3EL 4jBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLm5lc3RsZS5jb20vTmVzdGxl JTIwRXh0ZXJuYWwlMjBDQSgxKS5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUF BzAChjNodHRwOi8vY3JsLm5lc3RsZS5jb20vTmVzdGxlJTIwRXh0ZXJuYWwlMjBD QSgxKS5jcnQwPQYJKwYBBAGCNxUHBDAwLgYmKwYBBAGCNxUIh6bQIoKMmAqG1YsM hZ66G4TTlQ12gYLtC4PA0VwCAWQCAQgwJwYJKwYBBAGCNxUKBBowGDAKBggrBgEF BQcDAjAKBggrBgEFBQcDATANBgkqhkiG9w0BAQUFAAOCAgEAaaPaZZ7sPwgQAog/ aVn3AepHlWqyVcB7oEVh/JP/sncaH8PlBLXM9YkrGQZCJ0x5EUe479FoyWnRT3AS Ckjd6WQvKkDy3cb+Ak5Vfb9Bsw2dpVuPA0xXzyklD2w2DbEi9VVprwvj081HgzAT kIt5yl6L774JE4fToRmpP1tSTBEy6YvyRLQi1LaXwawMka3WUh14+2NqLWzgJphB tWYhc+LF5bIIIXou5+CB2Pzcgt9zV+H1qvnYYxmaPCMyAFfFY8Adj7JS25Gx5vT6 AWY3GAPTeTyv+npRwSIR9ti15ZdH+ehp4OU4hU8XJnyDRwOotBXIsMnpVzD7266C FKjeDWRPntJPxA1FaEQB9zmW+EqK4Wg2hNtKyvNGjMifFXhQLS+5caa74WCmYT8O tyTEM0QA6AM87MUYSfwIf2oPSGzoCJc/ikSrsqYbNYXW8MHJgp2nhid3hbzZwkE6 09qBnpb8U99q1rPtjL8WCIAY3z/YMYXpV6DONdoDimgzFGjmn3hkXPWEB9j/Arxj w/2hZDptw161zymapqPNR9tuAp9//lnhRmo+4rUzgRw5oIJgMi6LnN2ZmNeKmQr9 DxDwM1d3eFeEb4WBFpm4vBA/mIYKOoSI6UfAa6niqkhUulftJBeYxJbpZzaMPfbD D0uHl5n/VLHA+fE4Yb/QT+NL2rM= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZN/lZgyPkZXhG5n7Ffc 8EOarMjUI1xK0pvH/5Xdy6RYCdDUSynaK1t84M0Tt+DAF00IjhFe95lpXHHql/qz rIJF89GA/gBFfKJW6z2n5Z70Zjll/uBzOnAdlflm4+OY95qzBRMRqGZy7FxowArI btyvQ2RnKuv5YX8YMHgbsovh4pXms1qT0Qdj1CJ7ujViFcUxYv19VcynQfXG+FBh J1WeF5iduKHXeAnB+YiZvKDH1fJRy7DFbXtZ+2ysQew1j6mSnVdZSSurmkEBguGJ E0sNGldQBcV4ccA3eVrMWDTii0NRMIUri88+naoqzDjWNA8XSvBU1ez835jjH/pl mQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 102260603258824042750139 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Vaud' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Vevey' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Nestle' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IS/IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Nestle External CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-09-02 13:08:05 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-09-01 13:08:05 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amsterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Nestlé' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ssl' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.haveabreak.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27466446337867553857668309993352999100978282486789399431801277323123886520381139700186107455400339365241536263243259190547404312152485456242489929875992218243355276409920003874218727507452083627487747802149900114827493789277666015154747746816672775554742072246058325641103162218858102879570310037223416319833374177573890726855380173255520419741377712324249225487394037020779778225537206402434793236379066657707954441697864271052542962311349999397874624698960849910192128330092403723296740850109026794823344972020444160107606807851622191658018101605225301164544245530271119860228890257975223276806962781211505947469209 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.15 (sMIMECapabilities) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (107 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.3.2 (rc2CBC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 128 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.3.4 (rc4) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 128 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.3.4.1.42 (aes256-CBC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.3.4.1.45 (aes256-wrap) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.3.4.1.2 (aes128-CBC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.3.4.1.5 (aes128-wrap) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.14.3.2.7 (desCBC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.3.7 (des-EDE3-CBC) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f66fd85cf90ac182bfb8145f95c9a046c3dd21f8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ab129ad062963ba69583ee5426a8cdd76f710be2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.nestle.com/Nestle%20External%20CA(1).crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.nestle.com/Nestle%20External%20CA(1).crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15312930.4393994.13976972.10984731.9751181.118.2143883.7350492 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0069a3da659eec3f081002883f6959f701ea47956ab255c07ba04561fc93ffb2771a1fc3e504b5ccf5892b190642274c791147b8efd168c969d14f70120a48dde9642f2a40f2ddc6fe024e557dbf41b30d9da55b8f034c57cf29250f6c360db122f55569af0be3d3cd47833013908b79ca5e8befbe091387d3a119a93f5b524c1132e98bf244b422d4b697c1ac0c91add6521d78fb636a2d6ce0269841b5662173e2c5e5b208217a2ee7e081d8fcdc82df7357e1f5aaf9d863199a3c23320057c563c01d8fb252db91b1e6f4fa0166371803d3793caffa7a51c12211f6d8b5e59747f9e869e0e538854f17267c834703a8b415c8b0c9e95730fbdbae8214a8de0d644f9ed24fc40d45684401f73996f84a8ae1683684db4acaf3468cc89f1578502d2fb971a6bbe160a6613f0eb724c4334400e8033cecc51849fc087f6a0f486ce808973f8a44abb2a61b3585d6f0c1c9829da786277785bcd9c2413ad3da819e96fc53df6ad6b3ed8cbf16088018df3fd83185e957a0ce35da038a68331468e69f78645cf58407d8ff02bc63c3fda1643a6dc35eb5cf299aa6a3cd47db6e029f7ffe59e1466a3ee2b533811c39a08260322e8b9cdd9998d78a990afd0f10f03357777857846f85811699b8bc103f98860a3a8488e947c06ba9e2aa4854ba57ed241798c496e967368c3df6c30f4b879799ff54b1c0f9f13861bfd04fe34bdab3