nl.yves-rocher.be

- Laboratoires de Biologie Vegetale Yves Rocher -

Issued by Sectigo RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number 6e:8b:db:13:29:79:3b:71:08:43:f1:5d:64:13:0c:b8 was issued on by Sectigo Limited.

With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Laboratoires de Biologie Vegetale Yves Rocher

Organization: Laboratoires de Biologie Vegetale Yves Rocher
Organization unit: Dep_SSI
Address: La Croix des Archers
Postal code: 56200
State / Province: Brittany
Locality: La Gacilly
Country: FR

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 6e:8b:db:13:29:79:3b:71:08:43:f1:5d:64:13:0c:b8
Serial Number (int): 146941252165550820678178446891224861880
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 1f:88:90:15:ba:2d:18:07:8a:a0:03:42:5a:0e:39:37:2a:23:8f:f3
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb

Fingerprint (sha1): 30:1d:b7:94:f1:df:da:00:d6:12:d1:72:c4:08:e7:e3:e5:7d:09:e6
Fingerprint (sha256): d7:f8:d8:f1:d9:81:f1:9e:c6:b5:f8:d5:c1:58:a9:33:6c:53:14:3e:f5:35:36:90:0f:c5:63:a2:02:ca:3f:a7

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate nl.yves-rocher.be

13

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for nl.yves-rocher.be

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

nl.yves-rocher.be
nl.yves-rocher-kz.com
nl.yves-rocher-usa.com
nl.yves-rocher.at
nl.yves-rocher.ca
nl.yves-rocher.ch
nl.yves-rocher.com.tr
nl.yves-rocher.dk
nl.yves-rocher.fi
nl.yves-rocher.nl
nl.yves-rocher.no
nl.yves-rocher.se
nl.yves-rocher.ua

Other certificates including the domain name yves-rocher.be

(limited to 100 certificates)
www.yves-rocher.fr
san-19-s50.tlsprovisioning.exacttarget.com
search.yves-rocher.at
san-19-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.fr
www.yves-rocher.fr
secureorder.yves-rocher.be
prod.yves-rocher.de
search.yves-rocher.at
www.yves-rocher.fr
san-19-s50.tlsprovisioning.exacttarget.com
san-19-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.de
san-19-s50.tlsprovisioning.exacttarget.com
san-19-s50.tlsprovisioning.exacttarget.com
secureorder.yves-rocher.be
san-19-s50.tlsprovisioning.exacttarget.com
san-19-s50.tlsprovisioning.exacttarget.com
san-19-s50.tlsprovisioning.exacttarget.com
nl.yves-rocher.be
nl.yves-rocher.be
san-19-s50.tlsprovisioning.exacttarget.com
san-19-s50.tlsprovisioning.exacttarget.com
search.yves-rocher.at
san-19-s50.tlsprovisioning.exacttarget.com
san-19-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.fr
secureorder.m.yves-rocher.fr
newsletter.yves-rocher.be
search.yves-rocher.be
san-19-s50.tlsprovisioning.exacttarget.com
newsletter.yves-rocher.be
san-19-s50.tlsprovisioning.exacttarget.com
search.yves-rocher.at
secureorder.m.yvesrocher.com.tr
t-w.yves-rocher.es
newsletter.yves-rocher.be
newsletter.yves-rocher.be
secureorder.m.yves-rocher.fr
san-19-s50.tlsprovisioning.exacttarget.com
san-19-s50.tlsprovisioning.exacttarget.com
secureorder.yves-rocher.be
www.yves-rocher.fr
san-19-s50.tlsprovisioning.exacttarget.com
nl.yves-rocher.be
www.yves-rocher.de
www.yves-rocher.fr
www.yves-rocher.de
search.yves-rocher.at
san-19-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.fr
san-19-s50.tlsprovisioning.exacttarget.com
secureorder.yves-rocher.be
www.yves-rocher.es
www.yves-rocher.fr
san-19-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.es
search.yves-rocher.be
san-19-s50.tlsprovisioning.exacttarget.com
san-19-s50.tlsprovisioning.exacttarget.com
newsletter.yves-rocher.be
search.yves-rocher.be
san-19-s50.tlsprovisioning.exacttarget.com
san-19-s50.tlsprovisioning.exacttarget.com
secureorder.yves-rocher.be
san-19-s50.tlsprovisioning.exacttarget.com
san-19-s50.tlsprovisioning.exacttarget.com
nl.yves-rocher.be
www.yves-rocher.fr
prod.yves-rocher.de
www.yves-rocher.fr
prod.yves-rocher.de
search.yves-rocher.at
san-19-s50.tlsprovisioning.exacttarget.com
san-19-s50.tlsprovisioning.exacttarget.com
san-19-s50.tlsprovisioning.exacttarget.com
nl.yves-rocher.be
www.yves-rocher.fr
san-19-s50.tlsprovisioning.exacttarget.com
newsletter.yves-rocher.be
secureorder.m.yvesrocher.com.tr
san-19-s50.tlsprovisioning.exacttarget.com
san-19-s50.tlsprovisioning.exacttarget.com
secureorder.yves-rocher.be
secureorder.yves-rocher.be
san-19-s50.tlsprovisioning.exacttarget.com
nl.yves-rocher.be
secureorder.yves-rocher.be

Certificate

The complete raw certificate details for nl.yves-rocher.be in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHwTCCBqmgAwIBAgIQbovbEyl5O3EIQ/FdZBMMuDANBgkqhkiG9w0BAQsFADCB
lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD
EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy
dmVyIENBMB4XDTIwMDMwMjAwMDAwMFoXDTIxMDMwMjIzNTk1OVowgcoxCzAJBgNV
BAYTAkZSMQ4wDAYDVQQREwU1NjIwMDERMA8GA1UECBMIQnJpdHRhbnkxEzARBgNV
BAcTCkxhIEdhY2lsbHkxHTAbBgNVBAkTFExhIENyb2l4IGRlcyBBcmNoZXJzMTYw
NAYDVQQKEy1MYWJvcmF0b2lyZXMgZGUgQmlvbG9naWUgVmVnZXRhbGUgWXZlcyBS
b2NoZXIxEDAOBgNVBAsMB0RlcF9TU0kxGjAYBgNVBAMTEW5sLnl2ZXMtcm9jaGVy
LmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqX67/Hg2gMhZSA0
UEKdcRqg/hHSbpEFK4omyH5EoSGcOEZWwV4rGab5xKtYcTOxaW7mxQtS3HBopJ3a
KRaxPehDINEwKda94rBmhC6Au1gW6m8Aif3M9p3mwwRE/Cdwppapq6bSlOGzS/PM
ozMIkCtgX/TPsdsT5cgZ+tiJ29obHsOc0J+TRiu/Qlz/O6DPjW9lLBHXYiqBt4RW
xxq87ydzAii2o2wcwZKmEykeAsqTk5ZvYYj9vEbKnmFoHo4wEIUSmiqNxE7g3YEa
+yIzDHZdeD4zS4XgRzpN3fjQf4rBVpUEPhy5Eq/SHpKS5IwrH6JVx0M+alSSPFjL
1gQ4QwIDAQABo4ID1DCCA9AwHwYDVR0jBBgwFoAUF9nWJSdn+THCSUPZMDZEjGyp
T+swHQYDVR0OBBYEFB+IkBW6LRgHiqADQloOOTcqI4/zMA4GA1UdDwEB/wQEAwIF
oDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBK
BgNVHSAEQzBBMDUGDCsGAQQBsjEBAgEDBDAlMCMGCCsGAQUFBwIBFhdodHRwczov
L3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0
cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRh
dGlvblNlY3VyZVNlcnZlckNBLmNybDCBigYIKwYBBQUHAQEEfjB8MFUGCCsGAQUF
BzAChklodHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRp
b25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRw
Oi8vb2NzcC5zZWN0aWdvLmNvbTCCAREGA1UdEQSCAQgwggEEghFubC55dmVzLXJv
Y2hlci5iZYIVbmwueXZlcy1yb2NoZXIta3ouY29tghZubC55dmVzLXJvY2hlci11
c2EuY29tghFubC55dmVzLXJvY2hlci5hdIIRbmwueXZlcy1yb2NoZXIuY2GCEW5s
Lnl2ZXMtcm9jaGVyLmNoghVubC55dmVzLXJvY2hlci5jb20udHKCEW5sLnl2ZXMt
cm9jaGVyLmRrghFubC55dmVzLXJvY2hlci5maYIRbmwueXZlcy1yb2NoZXIubmyC
EW5sLnl2ZXMtcm9jaGVyLm5vghFubC55dmVzLXJvY2hlci5zZYIRbmwueXZlcy1y
b2NoZXIudWEwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwB9PvL4j/+IVWgkwsDK
nlKJeSvFDngJfy5ql2iZfiLw1wAAAXCanDQdAAAEAwBIMEYCIQDzetyqGkUW9TrH
dShDESxJ6VEk0iZRMgYsXarHzmdsBQIhAL9zUUqZrWTKq/1W78o5TDTZWpeYIloc
3VgLuEHdceidAHYAlCC8Ho7VjWyIcx+CiyIsDdHaTV5sT5Q9YdtOL1hNosIAAAFw
mpw0LAAABAMARzBFAiBg6cq1QdbUvfZv/uQya+cuY7j+ivU5hXyQKqn00228OAIh
AO8S088KkYX/dfDrhKMLZebfKW8DQh0E5ABK3Sk1Boc9MA0GCSqGSIb3DQEBCwUA
A4IBAQAoJWpklP+zdgRI54OD5UwINMFriuwkaI5l6ixAbLTTkq5O+cvk5XhG+HNv
JG50/+1xGLcaauhjkB3CWZ2FrrDbTDOlQ+99psE/JauoV8xm7kRtilaS60296Gzu
tIrgsxakfiZgiZltBQaGbd/MxUCMZAmjAY8F4PAOEP/wyIr0/HYnTJrXzrwwLlb4
ZF27m3aRttGy8KwcvTQaTpfMzDlaM2PCX9NSC4wuL0gOwFvn1HRxnniZww1EO3YX
stqxOUHVoWGmqceNd4IwRDOLK8Vmxcas6kh2T/R2x4WcNXJi/YnT7m59Ao+MQcW3
u8M/h3Jc72XDECvhccdKCynhfOV4
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqX67/Hg2gMhZSA0UEKd
cRqg/hHSbpEFK4omyH5EoSGcOEZWwV4rGab5xKtYcTOxaW7mxQtS3HBopJ3aKRax
PehDINEwKda94rBmhC6Au1gW6m8Aif3M9p3mwwRE/Cdwppapq6bSlOGzS/PMozMI
kCtgX/TPsdsT5cgZ+tiJ29obHsOc0J+TRiu/Qlz/O6DPjW9lLBHXYiqBt4RWxxq8
7ydzAii2o2wcwZKmEykeAsqTk5ZvYYj9vEbKnmFoHo4wEIUSmiqNxE7g3YEa+yIz
DHZdeD4zS4XgRzpN3fjQf4rBVpUEPhy5Eq/SHpKS5IwrH6JVx0M+alSSPFjL1gQ4
QwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 146941252165550820678178446891224861880
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-02 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-02 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '56200'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Brittany'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'La Gacilly'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'La Croix des Archers'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Laboratoires de Biologie Vegetale Yves Rocher'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Dep_SSI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nl.yves-rocher.be'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24067125842403935969490741769935718393946493566613670761685497733853065041803312235444403852219193358214673737426754811317581418294184224498942424574878412172367539421804205541012034656376908258931497530997963839754942351088165114957777919523909461873800607876004927158745370804738017104009093769464330486915555882255585798736427995194534234019519402733171106681961303832500305384411265916994783328813707949118449930035828386804982084624361570831053990814529895382540924620842412640428793990635718789039538026078852192559199178605245224231953464055435857730491426762926180079453749044370266220106369856774444828342339
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1f889015ba2d18078aa003425a0e39372a238ff3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (264 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.yves-rocher.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.yves-rocher-kz.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.yves-rocher-usa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.yves-rocher.at'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.yves-rocher.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.yves-rocher.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.yves-rocher.com.tr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.yves-rocher.dk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.yves-rocher.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.yves-rocher.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.yves-rocher.no'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.yves-rocher.se'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.yves-rocher.ua'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10077007d3ef2f88fff88556824c2c0ca9e5289792bc50e78097f2e6a9768997e22f0d7000001709a9c341d0000040300483046022100f37adcaa1a4516f53ac7752843112c49e95124d2265132062c5daac7ce676c05022100bf73514a99ad64caabfd56efca394c34d95a9798225a1cdd580bb841dd71e89d0076009420bc1e8ed58d6c88731f828b222c0dd1da4d5e6c4f943d61db4e2f584da2c2000001709a9c342c0000040300473045022060e9cab541d6d4bdf66ffee4326be72e63b8fe8af539857c902aa9f4d36dbc38022100ef12d3cf0a9185ff75f0eb84a30b65e6df296f03421d04e4004add293506873d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0028256a6494ffb3760448e78383e54c0834c16b8aec24688e65ea2c406cb4d392ae4ef9cbe4e57846f8736f246e74ffed7118b71a6ae863901dc2599d85aeb0db4c33a543ef7da6c13f25aba857cc66ee446d8a5692eb4dbde86ceeb48ae0b316a47e266089996d0506866ddfccc5408c6409a3018f05e0f00e10fff0c88af4fc76274c9ad7cebc302e56f8645dbb9b7691b6d1b2f0ac1cbd341a4e97cccc395a3363c25fd3520b8c2e2f480ec05be7d474719e7899c30d443b7617b2dab13941d5a161a6a9c78d77823044338b2bc566c5c6acea48764ff476c7859c357262fd89d3ee6e7d028f8c41c5b7bbc33f87725cef65c3102be171c74a0b29e17ce578