*.sonax.de
Issued by Thawte TLS RSA CA G1
About this certificate
This digital certificate with serial number 0b:e2:a9:ce:9e:21:75:93:e0:10:42:4f:87:e3:cb:61 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.sonax.de
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0b:e2:a9:ce:9e:21:75:93:e0:10:42:4f:87:e3:cb:61Serial Number (int): 15798411140826522065260116967556369249
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 47:04:73:ce:e8:2d:23:f2:74:ec:15:24:b5:f7:66:d5:41:b7:80:e1
AuthorityKeyId: a5:8c:fe:32:cc:eb:0f:2c:d4:19:c6:08:b8:00:24:88:5d:c3:c5:b7
Fingerprint (sha1): cf:1c:87:c6:44:81:65:a1:07:f5:a0:2b:98:15:26:bb:2e:10:db:2b
Fingerprint (sha256): d7:e7:20:2e:e4:6d:e9:b8:72:67:a0:be:e5:6c:b3:0e:93:79:fa:4f:c1:9c:1a:d2:82:cc:99:a5:86:8f:de:4c
Issuing Certificate URL: http://cacerts.thawte.com/ThawteTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.thawte.comCRL Distribution Point: http://cdp.thawte.com/ThawteTLSRSACAG1.crl
Check the revocation status for certificate *.sonax.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.sonax.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.sonax.de
sonax.de
sonax.de
Other certificates including the domain name sonax.de
(limited to 100 certificates)
extranet.sonax.de
qr.sonax.com
admin.sonax.at
*.sonax.de
facebook.sonax.de
mobile.sonax.de
facebook.sonax.de
mobile.sonax.de
facebook.sonax.de
m.profi.sonax.de
mobile.profi.sonax.de
sonax.de
sonax.de
www.sonax.es
mobile.profi.sonax.de
blick.sonax.de
activesync.sonax.de
www.sonax.de
www.sonax.fi
blick.sonax.de
es.sonax.com
extranet.sonax.de
export.sonax.de
profi-mobile.sonax.de
m.profi.sonax.de
www.sonax.fi
m.profi.sonax.de
*.sonax.de
cc-one.sonax.de
www.sonax.de
dtm.sonax.de
extranet.sonax.de
facebook.sonax.de
blick.sonax.de
facebook.sonax.de
*.sonax.de
pflege.sonax.de
export.sonax.de
admin.sonax.at
*.sonax.de
*.sonax.de
mobile.sonax.de
*.sonax.de
admin.sonax.at
export.sonax.de
blick.sonax.de
admin.sonax.by
profi-mobile.sonax.de
pflege.sonax.de
mobile.profi.sonax.de
blick.sonax.de
admin.sonax.at
export.sonax.de
www.sonax.es
export.sonax.de
export.sonax.de
*.sonax.de
admin.sonax.at
pflege.sonax.de
m.profi.sonax.de
*.sonax.de
extranet.sonax.de
www.sonax.fi
blick.sonax.de
admin.sonax.at
mobile.sonax.de
admin.sonax.at
admin.sonax.by
*.sonax.de
extranet.sonax.de
admin.sonax.at
mobile.sonax.de
extranet.sonax.de
pim.sonax.de
profi-mobile.sonax.de
*.sonax.de
*.sonax.de
www.sonax.fi
pflege.sonax.de
pflege.sonax.de
coatings.sonax.de
*.sonax.de
extranet.sonax.de
extranet.sonax.de
facebook.sonax.de
sonax.de
admin.sonax.be
mobile.profi.sonax.de
pflege.sonax.de
profi-mobile.sonax.de
www.sonax.fi
admin.sonax.at
profi-mobile.sonax.de
extranet.sonax.de
admin.sonax.at
qr.sonax.com
admin.sonax.at
*.sonax.de
facebook.sonax.de
mobile.sonax.de
facebook.sonax.de
mobile.sonax.de
facebook.sonax.de
m.profi.sonax.de
mobile.profi.sonax.de
sonax.de
sonax.de
www.sonax.es
mobile.profi.sonax.de
blick.sonax.de
activesync.sonax.de
www.sonax.de
www.sonax.fi
blick.sonax.de
es.sonax.com
extranet.sonax.de
export.sonax.de
profi-mobile.sonax.de
m.profi.sonax.de
www.sonax.fi
m.profi.sonax.de
*.sonax.de
cc-one.sonax.de
www.sonax.de
dtm.sonax.de
extranet.sonax.de
facebook.sonax.de
blick.sonax.de
facebook.sonax.de
*.sonax.de
pflege.sonax.de
export.sonax.de
admin.sonax.at
*.sonax.de
*.sonax.de
mobile.sonax.de
*.sonax.de
admin.sonax.at
export.sonax.de
blick.sonax.de
admin.sonax.by
profi-mobile.sonax.de
pflege.sonax.de
mobile.profi.sonax.de
blick.sonax.de
admin.sonax.at
export.sonax.de
www.sonax.es
export.sonax.de
export.sonax.de
*.sonax.de
admin.sonax.at
pflege.sonax.de
m.profi.sonax.de
*.sonax.de
extranet.sonax.de
www.sonax.fi
blick.sonax.de
admin.sonax.at
mobile.sonax.de
admin.sonax.at
admin.sonax.by
*.sonax.de
extranet.sonax.de
admin.sonax.at
mobile.sonax.de
extranet.sonax.de
pim.sonax.de
profi-mobile.sonax.de
*.sonax.de
*.sonax.de
www.sonax.fi
pflege.sonax.de
pflege.sonax.de
coatings.sonax.de
*.sonax.de
extranet.sonax.de
extranet.sonax.de
facebook.sonax.de
sonax.de
admin.sonax.be
mobile.profi.sonax.de
pflege.sonax.de
profi-mobile.sonax.de
www.sonax.fi
admin.sonax.at
profi-mobile.sonax.de
extranet.sonax.de
admin.sonax.at
Certificate
The complete raw certificate details for *.sonax.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHEzCCBfugAwIBAgIQC+Kpzp4hdZPgEEJPh+PLYTANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRUaGF3dGUgVExTIFJTQSBDQSBHMTAe Fw0yNDAxMTAwMDAwMDBaFw0yNTAyMDkyMzU5NTlaMBUxEzARBgNVBAMMCiouc29u YXguZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDg190MjxR3JqYR NcpNCnOd1SywKwWMXKJysPQlcOMnaCnXU38tDOJTuqPp6roPAoRw3W51bjadPMma JmiKr1/CTM3fVbCsocA04A+ZUFVAvZuWW0Z4gDgv9XwXw0gOCcYzZ7Z7xuDyn5Li CaTqZUh0bDZI35aBOEBXljT/vL67OYn5UuNeNbgCffhZ6NYKVrOCYA4O00BOgQyY VadvbsS0OQmo9QjiYJ9lOAqSsAbHs5rAF6/h2+0Vw6faipyzG5kObOQXgLEukeyL 0i4NVmz7fiAwrT6sSl889C+hcLgfDBWhfkI9NVsFkF9n0k+HgM6fhodhuEifGpS3 cG3JJbtJWtJR0SckW1U3PX6Tz8+V4qMok3m9HFWUW2KYA+kEbfLG2mH8Zi09jYYd 3VuTWwSezySKwz71PsyI5cjRqUw6OExJQh+2xDs4ZOc5j9fafd7icn3HyCWpfx6L pIE6lAHoNcJIZ7U18iKdero6nrSoCB6nnNYsKnBqyeWkHIUP1UrE8e0txBtggfVo ghHCX2z7mP+UmYatG4ZMiMxmruZ0ciiU51YbsfeS/k7iEiEC7u1aTWHrNBLb1oWo 0yE0KPdyKu8ach2px7llU/IZ5W5tKtawIiJem43ZIC0sXJf45PAl6QsTn7ui0VJY 1BLa/CkSps5IhTQXQWv4h5JbMxfLaQIDAQABo4IDFDCCAxAwHwYDVR0jBBgwFoAU pYz+MszrDyzUGcYIuAAkiF3DxbcwHQYDVR0OBBYEFEcEc87oLSPydOwVJLX3ZtVB t4DhMB8GA1UdEQQYMBaCCiouc29uYXguZGWCCHNvbmF4LmRlMD4GA1UdIAQ3MDUw MwYGZ4EMAQIBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29t L0NQUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jZHAudGhhd3RlLmNvbS9UaGF3 dGVUTFNSU0FDQUcxLmNybDBwBggrBgEFBQcBAQRkMGIwJAYIKwYBBQUHMAGGGGh0 dHA6Ly9zdGF0dXMudGhhd3RlLmNvbTA6BggrBgEFBQcwAoYuaHR0cDovL2NhY2Vy dHMudGhhd3RlLmNvbS9UaGF3dGVUTFNSU0FDQUcxLmNydDAMBgNVHRMBAf8EAjAA MIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdwBOdaMnXJoQwzhbbNTfP1LrHfDg jhuNacCx+mSxYpo53wAAAYzyMpjCAAAEAwBIMEYCIQCHRnjziraAPsNQrZEDCXs1 kzUUt5eYcpFqQrqpxmgwHQIhAPtgzHCa1zwPozNybhiB6ac1g2xEciFRkl4p49OI UVGpAHcAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGM8jKY+gAA BAMASDBGAiEAk0yqbPwauzBNpniXyHB0gT/kTMBdez5ZNVwl+ODFOQcCIQCkaJHW pKG2m10vdZ48EcHgSGhKJeXWqc6q4KNcIGmtYAB1AObSMWNAd4zBEEEG13G5zsHS QPaWhIb7uocyHf0eN45QAAABjPIymSUAAAQDAEYwRAIgDGw/zfdfpVPsRrgfRiQ8 +64VxJNkM/DexygqL5HY9GECIALhUV5TZDWU/l+JWKvWBY2YQIoErR+g3yqo3tJK pJ//MA0GCSqGSIb3DQEBCwUAA4IBAQBw2hQKdFtyOFvFASyln9a19jhvms0ffLYQ wFU2qTOtKU2WYRQXp15Juii6tMjCu5EAyMJnB5hVyGdn9FA7sfmQppOS6plfNeiD uFENrFSNOk0NcLfADgIZc+YSNLqFnDgVbGeje0BUKrVXVPy43ZKB3M+ILkCx0WQq tD2MZODFvPi3E8pyJj97fQemxUlINYvl1djr0kt+71f8xWOPwBU6/OCx89OicYCN R8nA2sDNOv6v4tBxM+g0qEFOJn5oPMSJFPD4V9OYs0K1Szy/0889ww7plgmY85Ja HXCPHNeP+M/1qQvyl74M53vaz1xOPbDNHEWQRh5SugmBwADyTu3a -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4NfdDI8UdyamETXKTQpz ndUssCsFjFyicrD0JXDjJ2gp11N/LQziU7qj6eq6DwKEcN1udW42nTzJmiZoiq9f wkzN31WwrKHANOAPmVBVQL2blltGeIA4L/V8F8NIDgnGM2e2e8bg8p+S4gmk6mVI dGw2SN+WgThAV5Y0/7y+uzmJ+VLjXjW4An34WejWClazgmAODtNAToEMmFWnb27E tDkJqPUI4mCfZTgKkrAGx7OawBev4dvtFcOn2oqcsxuZDmzkF4CxLpHsi9IuDVZs +34gMK0+rEpfPPQvoXC4HwwVoX5CPTVbBZBfZ9JPh4DOn4aHYbhInxqUt3BtySW7 SVrSUdEnJFtVNz1+k8/PleKjKJN5vRxVlFtimAPpBG3yxtph/GYtPY2GHd1bk1sE ns8kisM+9T7MiOXI0alMOjhMSUIftsQ7OGTnOY/X2n3e4nJ9x8glqX8ei6SBOpQB 6DXCSGe1NfIinXq6Op60qAgep5zWLCpwasnlpByFD9VKxPHtLcQbYIH1aIIRwl9s +5j/lJmGrRuGTIjMZq7mdHIolOdWG7H3kv5O4hIhAu7tWk1h6zQS29aFqNMhNCj3 cirvGnIdqce5ZVPyGeVubSrWsCIiXpuN2SAtLFyX+OTwJekLE5+7otFSWNQS2vwp EqbOSIU0F0Fr+IeSWzMXy2kCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15798411140826522065260116967556369249 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-10 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-09 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.sonax.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 917280295207806106658523518672711721247873230364340235553970540195346237426947085060344957836194252939361858725441658800034971523634736936440211064590841866529031290614162947174038484709882197941791640459944059145671849509285360791948828961193375220421593076123849500468070537737806724333307387224680817456322279279322712869386985214465020161511004891724496624220852477223843441829909396352481460363659369534765400261946825590582728481866514416374070845918232967969158949099640037205499947754246581895461578749809460067621698193493932179982025444159355464956404307662049039063284561518545171654649472680519729331599077919257094104380383802581179020317506514677227818908834167181726836259842618218664611592487652740990395788239309556622351987384830357762113072369275876505045163157206283772206477118720858404505446865570489041549185641447616153984688399899167770984526729306233396642574153712539907438322930403607000544589924590910588732125745097966972920692183515413361317909952755830404707737392168990185212480216299904408260763305796457824044855926212357237590247554917350651395730344441067977183379210181088098365887805042122020898518195419644833353853112619169284961316020312867229923942901015317442454220313688840611951996816233 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a58cfe32cceb0f2cd419c608b80024885dc3c5b7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 470473cee82d23f274ec1524b5f766d541b780e1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sonax.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sonax.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 01690077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018cf23298c20000040300483046022100874678f38ab6803ec350ad9103097b35933514b7979872916a42baa9c668301d022100fb60cc709ad73c0fa333726e1881e9a735836c44722151925e29e3d3885151a90077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018cf23298fa0000040300483046022100934caa6cfc1abb304da67897c87074813fe44cc05d7b3e59355c25f8e0c53907022100a46891d6a4a1b69b5d2f759e3c11c1e048684a25e5d6a9ceaae0a35c2069ad60007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018cf2329925000004030046304402200c6c3fcdf75fa553ec46b81f46243cfbae15c4936433f0dec7282a2f91d8f461022002e1515e53643594fe5f8958abd6058d98408a04ad1fa0df2aa8ded24aa49fff . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0070da140a745b72385bc5012ca59fd6b5f6386f9acd1f7cb610c05536a933ad294d96611417a75e49ba28bab4c8c2bb9100c8c267079855c86767f4503bb1f990a69392ea995f35e883b8510dac548d3a4d0d70b7c00e021973e61234ba859c38156c67a37b40542ab55754fcb8dd9281dccf882e40b1d1642ab43d8c64e0c5bcf8b713ca72263f7b7d07a6c54948358be5d5d8ebd24b7eef57fcc5638fc0153afce0b1f3d3a271808d47c9c0dac0cd3afeafe2d07133e834a8414e267e683cc48914f0f857d398b342b54b3cbfd3cf3dc30ee9960998f3925a1d708f1cd78ff8cff5a90bf297be0ce77bdacf5c4e3db0cd1c4590461e52ba0981c000f24eedda