einvoice.seb.com

- SEB Developpement -

Issued by GlobalSign Organization Validation CA - SHA256 - G2

About this certificate

This digital certificate with serial number 50:3e:94:c5:48:3f:c9:39:35:4e:a7:53 was issued on by GlobalSign nv-sa.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

SEB Developpement

Organization: SEB Developpement
State / Province: Rhone-Alpes
Locality: Ecully
Country: FR

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate has expire since

Certificate Details

Serial Number (hex): 50:3e:94:c5:48:3f:c9:39:35:4e:a7:53
Serial Number (int): 24834456735977860676895811411
Serial Number lenght: 95 bits, 12 octets

SubjectKeyId: 15:ce:23:dc:cc:df:d2:11:03:9c:00:f3:da:77:0e:5c:94:be:30:2f
AuthorityKeyId: 96:de:61:f1:bd:1c:16:29:53:1c:c0:cc:7d:3b:83:00:40:e6:1a:7c

Fingerprint (sha1): a0:d2:c2:79:8c:e6:ad:5e:4b:96:cd:ca:fa:7d:fb:83:d2:58:a0:85
Fingerprint (sha256): ca:79:94:00:8e:54:56:b0:67:3b:59:12:70:48:bf:d6:bc:00:bf:6a:b7:40:c8:2e:96:40:ce:e0:7e:aa:e5:e0

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsorganizationvalsha2g2
CRL Distribution Point: http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl

Check the revocation status for certificate einvoice.seb.com

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for einvoice.seb.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

einvoice.seb.com
turkey.einvoice.seb.com
turkeytest.einvoice.seb.com

Other certificates including the domain name seb.com

(limited to 100 certificates)
account.rcu.seb.com
horoquartz-qual.seb.com
vpn.seb.com
horoquartz.seb.com
qa.openfoodsystem.com
horoquartz.seb.com
seb.com
vpn.seb.com
bastion.seb.com
mail-eu.seb.com
horoquartz-qual.seb.com
sp00i361.seb.com
sp07t002.seb.com
sebasiahress.seb.com
myitatseb.seb.com
einvoice.seb.com
mdm.seb.com
mdm.seb.com
fs.seb.com
*.wp.seb.com
brazil.transport.seb.com
mdm.seb.com
myitatseb.seb.com
qual.hrdataviz.seb.com
account.rcu.seb.com
account.rcu.seb.com
hrdataviz.seb.com
fs.seb.com
sebasiahress.seb.com
jenkins.dcp.seb.com
qliksense.seb.com
jira.seb.com
account.rcu.1.seb.com
dam.seb.com
jenkins.dcp.seb.com
sp00i361.seb.com
www.seb.com
mail-eu.seb.com
notilus-prod.seb.com
turkey.btob.seb.com
fs.seb.com
mail-eu.seb.com
mail-eu.seb.com
account.rcu.seb.com
sebasiahress.seb.com
vpn.seb.com
jiraqual.seb.com
seb.com
bastion.seb.com
easyo.seb.com
seb.com
account.rcu.2.seb.com
jiraqual.seb.com
fs.seb.com
account.rcu.2.seb.com
account.rcu.2.seb.com
fs2.seb.com
account.rcu.seb.com
qliksense.seb.com
bastion.seb.com
easyo.seb.com
sp07t002.seb.com
mdm.seb.com
einvoice.seb.com
account.rcu.seb.com
account.rcu.2.seb.com
seb.com
seb.com
seb.com
jira.seb.com
www.seb.com
brazil.transport.seb.com
einvoice.seb.com
jira.seb.com
qa.openfoodsystem.com
account.rcu.2.seb.com
account.rcu.2.seb.com
saml.seb.com
mail-eu.seb.com
mail-eu.seb.com
mail-eu.seb.com
fs2.seb.com
jenkins.dcp.seb.com
turkey.einvoice.seb.com
mdm.seb.com
vpn.seb.com
vpn.seb.com
jenkins.dcp.seb.com
qa.openfoodsystem.com
boardconnector.groupe-seb.com
qual.qliksense.seb.com
*.wp.seb.com
account.rcu.seb.com
boardconnector-qual.groupe-seb.com
vpn.seb.com

Certificate

The complete raw certificate details for einvoice.seb.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIMUD6UxUg/yTk1TqdTMA0GCSqGSIb3DQEBCwUAMGYxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNH
bG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g
RzIwHhcNMTYwOTIxMTYyMTAzWhcNMTkxMTE1MDczNjA0WjBrMQswCQYDVQQGEwJG
UjEUMBIGA1UECBMLUmhvbmUtQWxwZXMxDzANBgNVBAcTBkVjdWxseTEaMBgGA1UE
ChMRU0VCIERldmVsb3BwZW1lbnQxGTAXBgNVBAMTEGVpbnZvaWNlLnNlYi5jb20w
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSwbjD2QTEx7NgrnDu/NnU
gf/c3dMaX3Xd+/jL7aHUvsjaRP3ZuLNO965rxXufuK7gYQgOf8ZcFVgpsPR9FzC0
/2XUqccSVlqq3UIdVEAV8FdjSOVUUL/YuvRertlsxFMAkGdv/+JHboCrzGN8YsPA
fJp6DO3a7eXGMv44Ce8KhCpc8VBEcCVZdKjQoMrKHsr/4P87FsCrhBdC/gt1ogpp
8Pqqog88TvSj9NtjURlEdrzF+lslBTC0fStb/XgoA3jhiWNvUEN6ryZD2/X/oIq5
AnW66D6bp9CRwtETKQvbL37dEdoh2o7qU3Wkal7NG7+HGcRzGILFRnjZvKvwcpG5
AgMBAAGjggIXMIICEzAOBgNVHQ8BAf8EBAMCBaAwgaAGCCsGAQUFBwEBBIGTMIGQ
ME0GCCsGAQUFBzAChkFodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2Vy
dC9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMnIxLmNydDA/BggrBgEFBQcwAYYzaHR0
cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzb3JnYW5pemF0aW9udmFsc2hhMmcy
MFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v
d3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjAJBgNVHRME
AjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20v
Z3MvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIuY3JsMFEGA1UdEQRKMEiCEGVpbnZv
aWNlLnNlYi5jb22CF3R1cmtleS5laW52b2ljZS5zZWIuY29tght0dXJrZXl0ZXN0
LmVpbnZvaWNlLnNlYi5jb20wHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
MB0GA1UdDgQWBBQVziPczN/SEQOcAPPadw5clL4wLzAfBgNVHSMEGDAWgBSW3mHx
vRwWKVMcwMx9O4MAQOYafDANBgkqhkiG9w0BAQsFAAOCAQEAqAhwcnxqu3RHcQrv
py6iynEhiui95frQ9gQIdP8iOZxtYHkmGtgOE8EaWtgLq7x96M5O1esMUWjs6lfA
2uEp1rIEqzym4qZaxhV1mn7XoX7gbwPHCnxVpullcoFGMRAkJjcptc0GrjAAvHPo
y+DQKB9LGoYw8XmAc5S/I4lqVQgakdD2WR4lwf5DFKD54zDjc5YsaQjvtvJfYi/U
L3v94KLzCWYW75x1irqB6MEYmpgrovpkTLiJCdiSrT4PDuLIYoYH2VpuwF+56oer
KYzCUEVp2toPIc/d2sTxK4kYOJpOTmQwOpOk/5ZhJ0gpVqR5m1vGzEG6pyCQ9wQm
98lupQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sG4w9kExMezYK5w7vzZ
1IH/3N3TGl913fv4y+2h1L7I2kT92bizTveua8V7n7iu4GEIDn/GXBVYKbD0fRcw
tP9l1KnHElZaqt1CHVRAFfBXY0jlVFC/2Lr0Xq7ZbMRTAJBnb//iR26Aq8xjfGLD
wHyaegzt2u3lxjL+OAnvCoQqXPFQRHAlWXSo0KDKyh7K/+D/OxbAq4QXQv4LdaIK
afD6qqIPPE70o/TbY1EZRHa8xfpbJQUwtH0rW/14KAN44Yljb1BDeq8mQ9v1/6CK
uQJ1uug+m6fQkcLREykL2y9+3RHaIdqO6lN1pGpezRu/hxnEcxiCxUZ42byr8HKR
uQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 24834456735977860676895811411
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Organization Validation CA - SHA256 - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-09-21 16:21:03 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-15 07:36:04 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rhone-Alpes'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ecully'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SEB Developpement'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'einvoice.seb.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26605571792444933313757683099971670169666353312304912721305838161842528636178309056762554921328206686667166823951356993909080122596036892721095534049047742488870950369070164182356997683164110469250935665190058022532606139828867154679718970029067917898950264964694905589135093525980042140409257818978631517742556685732817531183412636875001095300929269536700152817150895135206506765958225771110386069660053777774214406777747167347134658018905015573478143992856140079595402548674814580118745948848336642436796495096867149544228094463206966282084694635363400508984932597643386861946626009832443377320213857007439768097209
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (147 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsorganizationvalsha2g2'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'einvoice.seb.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'turkey.einvoice.seb.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'turkeytest.einvoice.seb.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							15ce23dcccdfd211039c00f3da770e5c94be302f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 96de61f1bd1c1629531cc0cc7d3b830040e61a7c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a80870727c6abb7447710aefa72ea2ca71218ae8bde5fad0f6040874ff22399c6d6079261ad80e13c11a5ad80babbc7de8ce4ed5eb0c5168ecea57c0dae129d6b204ab3ca6e2a65ac615759a7ed7a17ee06f03c70a7c55a6e965728146311024263729b5cd06ae3000bc73e8cbe0d0281f4b1a8630f179807394bf23896a55081a91d0f6591e25c1fe4314a0f9e330e373962c6908efb6f25f622fd42f7bfde0a2f3096616ef9c758aba81e8c1189a982ba2fa644cb88909d892ad3e0f0ee2c8628607d95a6ec05fb9ea87ab298cc2504569dada0f21cfdddac4f12b8918389a4e4e64303a93a4ff966127482956a4799b5bc6cc41baa72090f70426f7c96ea5