www.lotto-bw.de

- Staatliche Toto-Lotto GmbH -

Issued by thawte Extended Validation SHA256 SSL CA

About this certificate

This digital certificate with serial number 18:d7:d2:59:ee:fb:b3:03:97:f0:90:4b:1b:69:92:a0 was issued on by thawte, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Staatliche Toto-Lotto GmbH

Company registration number: HRB 917
Organization: Staatliche Toto-Lotto GmbH
Organization unit: IV
State / Province: Baden-Wuerttemberg
Locality: Stuttgart
Country: DE

thawte, Inc.

Organization: thawte, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 18:d7:d2:59:ee:fb:b3:03:97:f0:90:4b:1b:69:92:a0
Serial Number (int): 33022082154707917598232974419057808032
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: 3b:24:c8:31:a0:b7:5a:d0:6a:b8:d2:ca:07:74:cc:1e:24:d4:c4:dc

Fingerprint (sha1): 81:a2:2d:14:2f:49:eb:10:ad:35:84:2a:21:3a:42:4c:d6:7a:2c:2a
Fingerprint (sha256): db:d1:b7:76:e7:db:7b:0d:81:ca:1b:73:fa:7b:33:28:90:4b:69:84:c4:d4:8f:9b:2d:35:8c:79:ea:f9:7b:1a

Issuing Certificate URL: http://tf.symcb.com/tf.crt

Revocation information

OCSP Server: http://tf.symcd.com
CRL Distribution Point: http://tf.symcb.com/tf.crl

Check the revocation status for certificate www.lotto-bw.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.lotto-bw.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

lotto-bw.de
www.lotto-bw.de

Other certificates including the domain name lotto-bw.de

(limited to 100 certificates)
www.lotto-bw.de
www.veranstaltung.lotto-bw.de
image.client.generali.ro
san-3-s50.tlsprovisioning.exacttarget.com
wunschgewinn.lotto-bw.de
extfs.lotto-bw.de
stl2.lotto-bw.de
image.client.generali.ro
www.lotto-bw.de
san-3-s50.tlsprovisioning.exacttarget.com
stl2.lotto-bw.de
www.lotto-bw.de
stl1.lotto-bw.de
www.veranstaltung.lotto-bw.de
stl2.lotto-bw.de
image.client.generali.ro
www.lotto-bw.de
www.lotto-bw.de
image.client.generali.ro
www.lotto-bw.de
schulung.lotto-bw.de
www.lotto-bw.de
www.lotto-bw.de
san-3-s50.tlsprovisioning.exacttarget.com
www.veranstaltung.lotto-bw.de
san-3-s50.tlsprovisioning.exacttarget.com
image.client.generali.ro
wunschgewinn.lotto-bw.de
wunschgewinn.lotto-bw.de
image.client.generali.ro
image.client.generali.ro
schulung.lotto-bw.de
www.veranstaltung.lotto-bw.de
www.lotto-bw.de
wunschgewinn.lotto-bw.de
www.lotto-bw.de
stl1.lotto-bw.de
wunschgewinn.lotto-bw.de
dev.marketing.lotto-bw.de
stl2.lotto-bw.de
kmsf2.lotto-bw.de
san-3-s50.tlsprovisioning.exacttarget.com
wunschgewinn.lotto-bw.de
marketing.lotto-bw.de
www.lotto-bw.de
wunschgewinn.lotto-bw.de
www.veranstaltung.lotto-bw.de
www.veranstaltung.lotto-bw.de
www.lotto-bw.de
schulung.lotto-bw.de
www.lotto-bw.de
san-3-s50.tlsprovisioning.exacttarget.com
test.marketing.lotto-bw.de
wunschgewinn.lotto-bw.de
image.client.generali.ro
www.veranstaltung.lotto-bw.de
www.lotto-bw.de
wunschgewinn.lotto-bw.de
stl1.lotto-bw.de
www.lotto-bw.de
wunschgewinn.lotto-bw.de
www.lotto-bw.de
wunschgewinn.lotto-bw.de
image.client.generali.ro
www.veranstaltung.lotto-bw.de
stl2.lotto-bw.de
extfs.lotto-bw.de

Certificate

The complete raw certificate details for www.lotto-bw.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG1zCCBb+gAwIBAgIQGNfSWe77swOX8JBLG2mSoDANBgkqhkiG9w0BAQsFADBX
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMTEwLwYDVQQDEyh0
aGF3dGUgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTSEEyNTYgU1NMIENBMB4XDTE1MDQw
OTAwMDAwMFoXDTE3MDQwODIzNTk1OVowgewxEzARBgsrBgEEAYI3PAIBAxMCREUx
GjAYBgsrBgEEAYI3PAIBARQJU3R1dHRnYXJ0MR0wGwYDVQQPExRQcml2YXRlIE9y
Z2FuaXphdGlvbjEjMCEGA1UECgwaU3RhYXRsaWNoZSBUb3RvLUxvdHRvIEdtYkgx
EDAOBgNVBAUTB0hSQiA5MTcxCzAJBgNVBAYTAkRFMRswGQYDVQQIDBJCYWRlbi1X
dWVydHRlbWJlcmcxEjAQBgNVBAcMCVN0dXR0Z2FydDELMAkGA1UECwwCSVYxGDAW
BgNVBAMMD3d3dy5sb3R0by1idy5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAOPa0wW4Y+ka6+LVyQq9Q4f4p9Z6kU1takcKiwUcI4ct2wHJ1X9g0V8p
IVPR5ioXwao/Ylg9kleaXazY34e9nLAebjgfftpVDGFU/Ap1rtUoyMk2wgH77olo
NEvJQU0YP/PJaVYMA4yDSBBboIzn33bnamijJ2v94LUV1mnNkQMNT5aFwq//bMxp
RPxul5lm0nSUHWCKVsIE1GCf3VUT82VYA2OIgJIds5mVPWtwEBB/mjcUjM/w51Cc
I5cTwT4y9gVLMcy60RN5oBP5iAb/OqcEwJJRx/Kz9Koizw7F0xig1BN+2XsiQ2MM
NRav9rsnJ1vlM29h4lVYJVuXanI1ON0CAwEAAaOCAwcwggMDMCcGA1UdEQQgMB6C
C2xvdHRvLWJ3LmRlgg93d3cubG90dG8tYncuZGUwCQYDVR0TBAIwADAOBgNVHQ8B
Af8EBAMCBaAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3RmLnN5bWNiLmNvbS90
Zi5jcmwwcwYDVR0gBGwwajBoBgtghkgBhvhFAQcwATBZMCYGCCsGAQUFBwIBFhpo
dHRwczovL3d3dy50aGF3dGUuY29tL2NwczAvBggrBgEFBQcCAjAjDCFodHRwczov
L3d3dy50aGF3dGUuY29tL3JlcG9zaXRvcnkwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
CCsGAQUFBwMCMB8GA1UdIwQYMBaAFDskyDGgt1rQarjSygd0zB4k1MTcMFcGCCsG
AQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL3RmLnN5bWNkLmNvbTAmBggr
BgEFBQcwAoYaaHR0cDovL3RmLnN5bWNiLmNvbS90Zi5jcnQwggGABgorBgEEAdZ5
AgQCBIIBcASCAWwBagB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQ
AAABTJ5EC/UAAAQDAEgwRgIhAL8aBDhWR1Yznoy4mRV50Kvgut+pcZVyb+OL6j1u
YgKPAiEA0kdlEfchjSEoTcjPty5rg+5LSixIMrOCcKWNuFcBchIAdwBWFAaaL9fC
7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAUyeRA1LAAAEAwBIMEYCIQDrr3So
0NIw25usd41SyO+MQsW4D+/JVqA9/Zd8PXLqfwIhAPeC/wkG0SnzggtOF1vy8JMo
EZyJ5eUi9FG5a/hbw/GuAHYAaPaY+B9kgr46jO65KB1M/HFRXWeT1ETRCmesu09P
+8QAAAFMnkQMGwAABAMARzBFAiEAxwqda5lFNxrnQvD/2e0HhfIkSXnZY3s68htB
sIWDMhkCIG7H4BgQmn+QZgwCFuAuo64aHR161MTleziGEnVtYU39MA0GCSqGSIb3
DQEBCwUAA4IBAQAYcLbSoWkmJWVziQp7YtSSZKepYbTdIepJFnCzBY9zlZt1sxxR
4LK7IoEt71/RTSCxFKSHHPCDX+2j9T4QogomSGW9SXf9ifIK6a1dqqi+/zsseUT2
OcLC5APh/Mh9AA28QRu08yOGm9js6A6Ojas/mxy6CGVnx+zOlKVttEJSABS8vplB
PbePJ/MSSpl0oqB2VdtFbRrwoQ+DG03TvhaTgVEN8vi9++Wel6dpVfL+AiaqUSaV
ZQOp5iZqNHERINvQrgz9soxRuRd2AJyzFKpDA9kLcAY9JuQrb0kAhD5eJHn8Nx4a
POY5aePM4sf/SoZBuaLuK8jdLs/BBWloUnPY
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49rTBbhj6Rrr4tXJCr1D
h/in1nqRTW1qRwqLBRwjhy3bAcnVf2DRXykhU9HmKhfBqj9iWD2SV5pdrNjfh72c
sB5uOB9+2lUMYVT8CnWu1SjIyTbCAfvuiWg0S8lBTRg/88lpVgwDjINIEFugjOff
dudqaKMna/3gtRXWac2RAw1PloXCr/9szGlE/G6XmWbSdJQdYIpWwgTUYJ/dVRPz
ZVgDY4iAkh2zmZU9a3AQEH+aNxSMz/DnUJwjlxPBPjL2BUsxzLrRE3mgE/mIBv86
pwTAklHH8rP0qiLPDsXTGKDUE37ZeyJDYww1Fq/2uycnW+Uzb2HiVVglW5dqcjU4
3QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 33022082154707917598232974419057808032
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte Extended Validation SHA256 SSL CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-04-09 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-04-08 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.1 (jurisdictionOfIncorporationL)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Stuttgart'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Staatliche Toto-Lotto GmbH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HRB 917'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Baden-Wuerttemberg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Stuttgart'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'IV'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.lotto-bw.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28764001514323293897032718222738694373095611710203497129018339297168649354395809248237116526066566202209145194780737860012123005183563737329045893571746452228409177920568459597570668294817567751057019840904738491300313427291792451283420689522479977751036375540976601448557494278875410845504716076867598049247791123957691511301917071825705843734663941033550230793780929725901575306721715834157905419742892225987096770077332440136157102813221092796079832678233213960163609258978539315798640622117700737990699259397497240260454791622510572643449677070032787785409975584913196307093396936242429545759533359065875256522973
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lotto-bw.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lotto-bw.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tf.symcb.com/tf.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.48.1 (Thawte EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3b24c831a0b75ad06ab8d2ca0774cc1e24d4c4dc
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tf.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tf.symcb.com/tf.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000014c9e440bf50000040300483046022100bf1a0438564756339e8cb8991579d0abe0badfa97195726fe38bea3d6e62028f022100d2476511f7218d21284dc8cfb72e6b83ee4b4a2c4832b38270a58db8570172120077005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd0000014c9e440d4b0000040300483046022100ebaf74a8d0d230db9bac778d52c8ef8c42c5b80fefc956a03dfd977c3d72ea7f022100f782ff0906d129f3820b4e175bf2f09328119c89e5e522f451b96bf85bc3f1ae00760068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc40000014c9e440c1b0000040300473045022100c70a9d6b9945371ae742f0ffd9ed0785f2244979d9637b3af21b41b08583321902206ec7e018109a7f90660c0216e02ea3ae1a1d1d7ad4c4e57b388612756d614dfd
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001870b6d2a16926256573890a7b62d49264a7a961b4dd21ea491670b3058f73959b75b31c51e0b2bb22812def5fd14d20b114a4871cf0835feda3f53e10a20a264865bd4977fd89f20ae9ad5daaa8beff3b2c7944f639c2c2e403e1fcc87d000dbc411bb4f323869bd8ece80e8e8dab3f9b1cba086567c7ecce94a56db442520014bcbe99413db78f27f3124a9974a2a07655db456d1af0a10f831b4dd3be169381510df2f8bdfbe59e97a76955f2fe0226aa5126956503a9e6266a34711120dbd0ae0cfdb28c51b91776009cb314aa4303d90b70063d26e42b6f4900843e5e2479fc371e1a3ce63969e3cce2c7ff4a8641b9a2ee2bc8dd2ecfc10569685273d8