www.toulouse-pyrenees.veoliaeau.fr

- VEOLIA ENVIRONNEMENT -

Issued by thawte SSL CA - G2

About this certificate

This digital certificate with serial number 62:91:ae:03:23:d8:45:ac:ee:f7:3e:bc:51:ba:f3:6b was issued on by thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

VEOLIA ENVIRONNEMENT

Organization: VEOLIA ENVIRONNEMENT
Organization unit: VEOLIA ENVIRONNEMENT
State / Province: Paris
Locality: PARIS
Country: FR

thawte, Inc.

Organization: thawte, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 62:91:ae:03:23:d8:45:ac:ee:f7:3e:bc:51:ba:f3:6b
Serial Number (int): 131020756019458260838287230147053155179
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: c2:4f:48:57:fc:d1:4f:9a:c0:5d:38:7d:0e:05:db:d9:2e:b5:52:60

Fingerprint (sha1): 10:48:58:5f:fd:70:b5:6e:8a:81:e8:54:92:6d:75:9e:e9:b0:9d:2e
Fingerprint (sha256): cb:6c:ff:55:1b:33:ed:eb:5d:89:e5:a4:b6:28:1f:4c:4c:d9:2f:35:e9:6f:22:5c:f5:75:fa:77:d0:57:0a:52

Issuing Certificate URL: http://tj.symcb.com/tj.crt

Revocation information

OCSP Server: http://tj.symcd.com
CRL Distribution Point: http://tj.symcb.com/tj.crl

Check the revocation status for certificate www.toulouse-pyrenees.veoliaeau.fr

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.toulouse-pyrenees.veoliaeau.fr

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.toulouse-pyrenees.veoliaeau.fr

Other certificates including the domain name veoliaeau.fr

(limited to 100 certificates)
www.service-client.veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
www.service-client.veoliaeau.fr
veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
extranet.veoliaeau.fr
extranet.veoliaeau.fr
pp.service-client.veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr
veoliaeau.fr
extranet.veoliaeau.fr
www.service-client.veoliaeau.fr
www.service-client.veoliaeau.fr
www.service-client.veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
veoliaeau.fr
veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
www.canalo.veoliaeau.fr
extranet.veoliaeau.fr
*.nps.exploitation.veoliaeau.fr
www.canalo.veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
extranet.veoliaeau.fr
extranet.veoliaeau.fr
www.service-client.veoliaeau.fr
www.service-client.veoliaeau.fr
extranet.veoliaeau.fr
www.toulouse-pyrenees.veoliaeau.fr
veoliaeau.fr

Certificate

The complete raw certificate details for www.toulouse-pyrenees.veoliaeau.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgIQYpGuAyPYRazu9z68UbrzazANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTYwNjI3MDAwMDAwWhcNMTcwNzI3MjM1OTU5
WjCBmDELMAkGA1UEBhMCRlIxDjAMBgNVBAgMBVBhcmlzMQ4wDAYDVQQHDAVQQVJJ
UzEdMBsGA1UECgwUVkVPTElBIEVOVklST05ORU1FTlQxHTAbBgNVBAsMFFZFT0xJ
QSBFTlZJUk9OTkVNRU5UMSswKQYDVQQDDCJ3d3cudG91bG91c2UtcHlyZW5lZXMu
dmVvbGlhZWF1LmZyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlv3P
Z42sqU2hRqYd8wlHbMRTUAdYMPCf33d/ivwFZOSMaF5DuPqx4SUZa6PRjcefswdE
bGWlBVt+ZOHwy+F8/qYUBy1ljKTm/RiCwcAo3Cj3HXvwUCjLVFIpeBOEvsflrKqG
XoJj/uzxQgnIw6eRc2uUBX2MT4pT1ZolQgAdZkyn4I9a6irTVUA/QPYEq6vXRezo
+5jDbPvszdeDCBfcOGNkEgj8jMISXM86TZi6MBNL+ftpjQB11Jn5fACLBWHQXPnK
au4QJeJMvdynS+QZMUwSF/aNu1AoeYR1orTEspJgcRuzXruB4cv74Yiv28jYgiQD
NOjtygiTlsZzMxhJuwIDAQABo4ICizCCAocwLQYDVR0RBCYwJIIid3d3LnRvdWxv
dXNlLXB5cmVuZWVzLnZlb2xpYWVhdS5mcjAJBgNVHRMEAjAAMG4GA1UdIARnMGUw
YwYGZ4EMAQICMFkwJgYIKwYBBQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20v
Y3BzMC8GCCsGAQUFBwICMCMMIWh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vcmVwb3Np
dG9yeTAOBgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUwk9IV/zRT5rAXTh9DgXb
2S61UmAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3RqLnN5bWNiLmNvbS90ai5j
cmwwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFcGCCsGAQUFBwEBBEsw
STAfBggrBgEFBQcwAYYTaHR0cDovL3RqLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYa
aHR0cDovL3RqLnN5bWNiLmNvbS90ai5jcnQwggEDBgorBgEEAdZ5AgQCBIH0BIHx
AO8AdQDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+zAAAAVWQw9cuAAAE
AwBGMEQCIGMBNQK1TVK0ssW0PUAK4sR6D91xzK1IFwMZ6y8m8sfdAiAk5y8vFvN4
bP6KcYnbxwSJOKyfTByQqyTpGnxxQwCtSQB2AKS5CZC0GFgUh7sTosxncAo8NZgE
+RvfuON3zQ7IDdwQAAABVZDD12UAAAQDAEcwRQIgXQHlJRGTfChFKSDz+YmWc1X3
h7C/3SC21W1EK6jbraECIQCwrwjJ9FjkZ1Xbhh++nN39we6kJKHAk3g6MfjT0cVk
3DANBgkqhkiG9w0BAQsFAAOCAQEApL327crmNrQDaPG7Lf34b5EhEi3+YCym6lP0
54ReU1D7wnlekLgyLg+XGbrGAx1J8PIDd2QOQED2NZ+3O+cR8A/iyx/7g9CfChVe
mrQCa260RChZqGyLdMPNQlN1WRen5SE8jgb1HsaN/Qik0pPftxldVANFvg/HiI54
ppOdK3N3PZkNNPDtK1MJocE/wQ3mKIaHK/fRUEi7plHpD/GNkL2EtFu9nu+b2yDf
C0/Z7QNm7t3hOpxwth23RvnL5lUCHVTKjSgHWcJYF/M9fRVqs+Ty9Fra/kBI4G27
Ls31sAnYynnhYP25vov5kEMLYKES2dgSo8xfPzcEkmkUTu3KzA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlv3PZ42sqU2hRqYd8wlH
bMRTUAdYMPCf33d/ivwFZOSMaF5DuPqx4SUZa6PRjcefswdEbGWlBVt+ZOHwy+F8
/qYUBy1ljKTm/RiCwcAo3Cj3HXvwUCjLVFIpeBOEvsflrKqGXoJj/uzxQgnIw6eR
c2uUBX2MT4pT1ZolQgAdZkyn4I9a6irTVUA/QPYEq6vXRezo+5jDbPvszdeDCBfc
OGNkEgj8jMISXM86TZi6MBNL+ftpjQB11Jn5fACLBWHQXPnKau4QJeJMvdynS+QZ
MUwSF/aNu1AoeYR1orTEspJgcRuzXruB4cv74Yiv28jYgiQDNOjtygiTlsZzMxhJ
uwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 131020756019458260838287230147053155179
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte SSL CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-06-27 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-07-27 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Paris'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'PARIS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'VEOLIA ENVIRONNEMENT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'VEOLIA ENVIRONNEMENT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.toulouse-pyrenees.veoliaeau.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19060904206353834247212574724045189043705349571575283543586916462353169701074991076694103791413851309441627817322961053449763977252871491701881241981129407652540534609919329579153783913656829918509181508720644758446623900376692916803533216513864103612430780764669325957828134562031349725758272895395849159196293738700910066278250738824117926856510369609067471571873390341361834388760037276696372798471787636820690203257022488515718339468792376318901198304060455379513526002825102179201171579186592618987702887874033337307675227259119837566761314712072073114829997763152828369832167677318356000919364540299046993545659
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.toulouse-pyrenees.veoliaeau.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c24f4857fcd14f9ac05d387d0e05dbd92eb55260
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015590c3d72e0000040300463044022063013502b54d52b4b2c5b43d400ae2c47a0fdd71ccad48170319eb2f26f2c7dd022024e72f2f16f3786cfe8a7189dbc7048938ac9f4c1c90ab24e91a7c714300ad49007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015590c3d765000004030047304502205d01e52511937c28452920f3f989967355f787b0bfdd20b6d56d442ba8dbada1022100b0af08c9f458e46755db861fbe9cddfdc1eea424a1c093783a31f8d3d1c564dc
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a4bdf6edcae636b40368f1bb2dfdf86f9121122dfe602ca6ea53f4e7845e5350fbc2795e90b8322e0f9719bac6031d49f0f20377640e4040f6359fb73be711f00fe2cb1ffb83d09f0a155e9ab4026b6eb4442859a86c8b74c3cd4253755917a7e5213c8e06f51ec68dfd08a4d293dfb7195d540345be0fc7888e78a6939d2b73773d990d34f0ed2b5309a1c13fc10de62886872bf7d15048bba651e90ff18d90bd84b45bbd9eef9bdb20df0b4fd9ed0366eedde13a9c70b61db746f9cbe655021d54ca8d280759c25817f33d7d156ab3e4f2f45adafe4048e06dbb2ecdf5b009d8ca79e160fdb9be8bf990430b60a112d9d812a3cc5f3f37049269144eedcacc