*.tchibo.com.hk

- Tchibo GmbH -

Issued by Trusted Secure Certificate Authority 5

About this certificate

This digital certificate with serial number 56:7b:5b:27:9c:ff:78:60:0d:88:41:51:1f:d4:fc:62 was issued on by Corporation Service Company.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Tchibo GmbH

Organization: Tchibo GmbH
Organization unit: IT
Organization unit: Enterprise SSL Wildcard
Address: Ueberseering 18
Postal code: 22297
State / Province: Hamburg
Locality: Hamburg
Country: DE

Corporation Service Company

Organization: Corporation Service Company
State / Province: DE
Locality: Wilmington
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 56:7b:5b:27:9c:ff:78:60:0d:88:41:51:1f:d4:fc:62
Serial Number (int): 114954108988863325298326441310851234914
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 60:fc:79:f0:4d:c2:06:5e:68:5b:66:7b:7e:f9:7c:90:2c:88:7e:76
AuthorityKeyId: f2:bb:55:ee:fc:8f:cf:d0:3f:14:68:1a:95:7e:79:0e:ab:17:30:f4

Fingerprint (sha1): ad:f8:73:63:fd:29:55:da:7a:a8:62:bf:a1:25:ef:82:31:fb:38:76
Fingerprint (sha256): d3:e8:0f:5c:e8:16:bd:f7:1f:f2:18:a4:f1:4f:b6:76:9b:fe:a5:80:85:f6:39:bf:34:72:f1:c7:7c:10:8b:28

Issuing Certificate URL: http://crt.usertrust.com/TrustedSecureCertificateAuthority5.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.usertrust.com/TrustedSecureCertificateAuthority5.crl

Check the revocation status for certificate *.tchibo.com.hk

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.tchibo.com.hk

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.tchibo.com.hk
tchibo.com.hk

Other certificates including the domain name tchibo.com.hk

(limited to 100 certificates)
smtp.tchibo.com.hk
ssl.tchibo.com.hk
www.tchibo.com.hk
ots.tchibo.com.hk
access.tchibo.com
sip.tchibo.com
owa.tchibo.com.hk
owa.tchibo.com.hk
smtp.tchibo.com.hk
owa.tchibo.com.hk
ots.tchibo.com.hk
owa.tchibo.com.hk
www.tchibo.com
ots.tchibo.com.hk
access.tchibo.com
ots.tchibo.com.hk
smtp.tchibo.com.hk
www.tchibo.com
ots.tchibo.com.hk
*.tchibo.com.hk
ots.tchibo.com.hk

Certificate

The complete raw certificate details for *.tchibo.com.hk in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHIjCCBgqgAwIBAgIQVntbJ5z/eGANiEFRH9T8YjANBgkqhkiG9w0BAQsFADCB
hjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkRFMRMwEQYDVQQHEwpXaWxtaW5ndG9u
MSQwIgYDVQQKExtDb3Jwb3JhdGlvbiBTZXJ2aWNlIENvbXBhbnkxLzAtBgNVBAMT
JlRydXN0ZWQgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSA1MB4XDTE5MDYx
ODAwMDAwMFoXDTIxMDYxNzIzNTk1OVowgboxCzAJBgNVBAYTAkRFMQ4wDAYDVQQR
EwUyMjI5NzEQMA4GA1UECBMHSGFtYnVyZzEQMA4GA1UEBxMHSGFtYnVyZzEYMBYG
A1UECRMPVWViZXJzZWVyaW5nIDE4MRQwEgYDVQQKEwtUY2hpYm8gR21iSDELMAkG
A1UECxMCSVQxIDAeBgNVBAsTF0VudGVycHJpc2UgU1NMIFdpbGRjYXJkMRgwFgYD
VQQDDA8qLnRjaGliby5jb20uaGswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDeA5s/WnGSZ/IZROdeIVivFuKw0xtQSzyHrKIf8Pj47Vzyv3o7nfd3iH8G
wWXCIMEfywk1flkWI9DEbGK8HrOmyl6FU09XoMbDTNEpurR/V0TWSfcuK9ot/5ce
/J2t4wRm/oIVlxNaHCOkzmrgU2QOdoFcSOHaWIlzSV1Jc9UUX8osH+PyhrGcaF2L
zGg1UYFPq2SXTvznI7GTIrlqxyjn9X1T8gABMrl7qaXtvm7wPkRkry1nZjgVF6A/
kiQptjLpn7361mPkhPl3X+ML8PsUDUiFFkkXorvZXrs9h5WSeJHdEZIJMp1FKr29
A6j2+R3MZdAETc7GRJ/VEvmzOyx9AgMBAAGjggNUMIIDUDAfBgNVHSMEGDAWgBTy
u1Xu/I/P0D8UaBqVfnkOqxcw9DAdBgNVHQ4EFgQUYPx58E3CBl5oW2Z7fvl8kCyI
fnYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYB
BQUHAwEGCCsGAQUFBwMCMEsGA1UdIAREMEIwNgYLKwYBBAGyMQECAggwJzAlBggr
BgEFBQcCARYZaHR0cHM6Ly9jcHMudXNlcnRydXN0LmNvbTAIBgZngQwBAgIwUAYD
VR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1RydXN0ZWRT
ZWN1cmVDZXJ0aWZpY2F0ZUF1dGhvcml0eTUuY3JsMIGCBggrBgEFBQcBAQR2MHQw
SwYIKwYBBQUHMAKGP2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9UcnVzdGVkU2Vj
dXJlQ2VydGlmaWNhdGVBdXRob3JpdHk1LmNydDAlBggrBgEFBQcwAYYZaHR0cDov
L29jc3AudXNlcnRydXN0LmNvbTApBgNVHREEIjAggg8qLnRjaGliby5jb20uaGuC
DXRjaGliby5jb20uaGswggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB3ALvZ37wf
inG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABa2pyILIAAAQDAEgwRgIhAL+Y
fGbP68KjAYlwlKU5q6Fuvfymczr57qeHUh6LQ2QLAiEA6tLdvYlz5LlaJVRdQcPd
bEDImSOKSF8IjgLg50VMlicAdgBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/0zOW
tbaBqAAAAWtqciDRAAAEAwBHMEUCIArHv8R+bofActIyzZR8JTNU92MZjIfS7j6x
7knkqASVAiEA8F8RBvUt0xAvRIF/gwSSgPk5Ibm6jKe7FcgEB4nmCA4AdwBvU3as
MfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAWtqciDSAAAEAwBIMEYCIQDs
cxQERltaFeG78ZJJO5md2HrJzVc+Q4MhbBdKg3TzTQIhAK9JG2bFAY7ccdkkVgDk
aPnMYVcXtGhQgeyR7pQBaCu1MA0GCSqGSIb3DQEBCwUAA4IBAQAbfiOk1LoJNH1M
V7sfHRwinJpRH283LjHMHUmJo/lIcWxpHsSMYcM1YC51PsmUZSXnw/OdAtTIS/pc
9zALVU5HTQAXvueIH/SSl9Mjde5RlK7ybne4GdlHWWUxwQYstJqKYby66RLjQWwk
voSDMhr8jkUNjw+RD184QMJaKtk+stvc47EuBHR8xg9ouI5qBYWbd56CJc6ZnlZZ
vAf7tj3abiAFBBKsyUWbIiWLZhz3sSCSmue+rM6Qpa1Kyp/Xv+FkgzCCTVWj0RxF
1u+2fHNfskXxMGe3mEZ9vniGh0ZDEZKoYGiuZk0K0P2TfaEI7O4968zs2OZ7EmAR
MU6Ccgdx
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gObP1pxkmfyGUTnXiFY
rxbisNMbUEs8h6yiH/D4+O1c8r96O533d4h/BsFlwiDBH8sJNX5ZFiPQxGxivB6z
pspehVNPV6DGw0zRKbq0f1dE1kn3LivaLf+XHvydreMEZv6CFZcTWhwjpM5q4FNk
DnaBXEjh2liJc0ldSXPVFF/KLB/j8oaxnGhdi8xoNVGBT6tkl0785yOxkyK5asco
5/V9U/IAATK5e6ml7b5u8D5EZK8tZ2Y4FRegP5IkKbYy6Z+9+tZj5IT5d1/jC/D7
FA1IhRZJF6K72V67PYeVkniR3RGSCTKdRSq9vQOo9vkdzGXQBE3OxkSf1RL5szss
fQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 114954108988863325298326441310851234914
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Wilmington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Corporation Service Company'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trusted Secure Certificate Authority 5'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-18 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-06-17 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '22297'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hamburg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hamburg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ueberseering 18'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tchibo GmbH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Enterprise SSL Wildcard'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.tchibo.com.hk'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28026682102064593368262835940133047026909189317930096929366750258340093781814618520695906666181268916671440322576859932887186694338258264592934636836143166954448040671069445253538060859195395494575453715168475654123246669075791664176001235237108781599807678707201516683565702099466763047286964093430552351205144031268100330603256104157964694488878878498263504336233801003023158822915986381953355782829770967254703447404183969787222921680583340082729822399118456603364478813705167865481441677327114727023799035610203179418123507877554620454432736009185258466595116489912501387083775617338763053940967516596478748077181
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f2bb55eefc8fcfd03f14681a957e790eab1730f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							60fc79f04dc2065e685b667b7ef97c902c887e76
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.8
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/TrustedSecureCertificateAuthority5.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/TrustedSecureCertificateAuthority5.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tchibo.com.hk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tchibo.com.hk'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016b6a7220b20000040300483046022100bf987c66cfebc2a301897094a539aba16ebdfca6733af9eea787521e8b43640b022100ead2ddbd8973e4b95a25545d41c3dd6c40c899238a485f088e02e0e7454c96270076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016b6a7220d1000004030047304502200ac7bfc47e6e87c072d232cd947c253354f763198c87d2ee3eb1ee49e4a80495022100f05f1106f52dd3102f44817f83049280f93921b9ba8ca7bb15c8040789e6080e0077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016b6a7220d20000040300483046022100ec731404465b5a15e1bbf192493b999dd87ac9cd573e4383216c174a8374f34d022100af491b66c5018edc71d9245600e468f9cc615717b4685081ec91ee9401682bb5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001b7e23a4d4ba09347d4c57bb1f1d1c229c9a511f6f372e31cc1d4989a3f948716c691ec48c61c335602e753ec9946525e7c3f39d02d4c84bfa5cf7300b554e474d0017bee7881ff49297d32375ee5194aef26e77b819d947596531c1062cb49a8a61bcbae912e3416c24be8483321afc8e450d8f0f910f5f3840c25a2ad93eb2dbdce3b12e04747cc60f68b88e6a05859b779e8225ce999e5659bc07fbb63dda6e20050412acc9459b22258b661cf7b120929ae7beacce90a5ad4aca9fd7bfe1648330824d55a3d11c45d6efb67c735fb245f13067b798467dbe78868746431192a86068ae664d0ad0fd937da108ecee3debccecd8e67b126011314e82720771