bnp08s.bnpparibas.com

- BNP PARIBAS SA -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 02:07:53:fc:43:b5:b1:ef:e8:99:d5:c7:dc:a8:48:4c was issued on by DigiCert Inc.

With 80 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

BNP PARIBAS SA

Organization: BNP PARIBAS SA
State / Province: Ile de France
Locality: MONTREUIL
Country: FR

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 02:07:53:fc:43:b5:b1:ef:e8:99:d5:c7:dc:a8:48:4c
Serial Number (int): 2696505496028783738245920361378498636
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 57:14:81:10:20:8a:1f:45:ee:f6:ed:98:fc:5b:d9:4f:bc:72:74:42
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): 85:14:78:0d:5d:66:1d:e9:4d:f6:fe:ce:bb:3c:08:47:96:7b:7b:c1
Fingerprint (sha256): df:6d:a8:94:ba:c7:05:3e:41:4d:04:f6:6d:63:ac:93:56:e9:af:f4:97:f6:86:00:02:34:a4:81:88:3f:e7:20

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g7.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g7.crl

Check the revocation status for certificate bnp08s.bnpparibas.com

80

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for bnp08s.bnpparibas.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.ubci.tn
www.privatebankingaemcoll.bnl.it
www.privatebankingaem.bnpparibas.it
www.privatebankingaem.bnl.it
www.privatebanking.bnpparibas.it
www.irb-central.bnpparibas.com
www.central.antilles-guyane.bnpparibas
www.bnpparibas.re
www.bnpparibas.nc
www.bnpparibas.dz
www.bicis.sn
www.bicigui.org
www.bicici.com
www.bicibourse.com
www.biciab.bf
www.bankingaemcoll.hellobank.it
www.antilles-guyane.bnpparibas
www.algerie.bnpparibas.com
www.algeria.bnpparibas.com
us-issuing.paying.rec.bnpparibas.com
ubci.tn
thailandsocialsecurity.staging.bnpparibas.com
thailandsocialsecurity.bnpparibas.com
sygmabnpparibas-pf.com
staging.workspace.realestate.bnpparibas.com
sgrboletoissuance-stg.bnpparibas.com.br
riendutout.bnpparibas.com
recebiveis.bnpparibas.com.br
recebiveis.bnpparibas.com
recebiveis-stg.bnpparibas.com.br
recebiveis-files-stg.bnpparibas.com.br
privatebankingaemcoll.bnl.it
privatebankingaem.bnpparibas.it
privatebankingaem.bnl.it
privatebanking.bnpparibas.it
private.staging.bnpparibas-am.com
portailsygma-preprod.sygmabnpparibas-pf.com
myfpx.bnpparibas.com
monitor.primebroker.com
monepargne.ere.staging.bnpparibas
monepargne.ere.bnpparibas
media.youmanist.it
media.youmanist.bnl.it
mbswl.bnpparibas.com
mbswl-uat.bnpparibas.com
irb-central.bnpparibas.com
ges.bnpparibas.com
ges-pb.bnpparibas.com
fxpb.staging.bnpparibas.com
fxpb.bnpparibas.com
fxpb-dr.bnpparibas.com
ebroker.sygmabnpparibas-pf.com
ebroker-preprod.sygmabnpparibas-pf.com
demo-monere-api.ere.staging.bnpparibas
demo-monere-api.ere.bnpparibas
demo-monepargne.ere.staging.bnpparibas
demo-monepargne.ere.bnpparibas
corporatesac.bnl.it
connexion.ere.staging.bnpparibas
connexion.ere.bnpparibas
central.antilles-guyane.bnpparibas
boleto.bnpparibas.com.br
bnpparibas.re
bnpparibas.nc
bnpparibas.dz
bnppam-private.staging.bnpparibas.com
bnp08s.bnpparibas.com
bicis.sn
bicigui.org
bicici.com
bicibourse.com
biciab.bf
bankingaemcoll.hellobank.it
b2ctest.ecredit.it
antilles-guyane.bnpparibas
alis.v16.dev.staging.bnpparibas
alis.int.staging.bnpparibas
alis-qual-int.staging.bnpparibas
algerie.bnpparibas.com
algeria.bnpparibas.com

Other certificates including the domain name bnpparibas.com

(limited to 100 certificates)
bnp16b.bnpparibas.com
porta.bnpparibas.com
bnp04s.bnpparibas.com
bnp05b.bnpparibas.com
bnp12b.bnpparibas.com
bnp11b.bnpparibas.com
dna-wp.bnpparibas.com
pls-mytools-rec3.staging.bnpparibas.com
cdx-rec.bnpparibas.com
us-cortex.bnpparibas.com
planetshares-mytools.bnpparibas.com
eqd-globalmarkets.bnpparibas.com
securitiesrec-bluegreen.bnpparibas.com
vulcan-brio.sso-stg.bnpparibas.com
bnp02tpc.bnpparibas.com
f17aaabc20bfe045075927934fed52d21.bnpparibas.com
www.vendor-academy.leasingsolutions.bnpparibas.com
www.cards.bnpparibas.com
f17aaabc20bfe045075927934fed52d21.bnpparibas.com
group.bnpparibas.com
wow.bnpparibas.com
apis.bcef.caledonie.bnpparibas.com
indices-globalmarkets.bnpparibas.com
connexissupplychain.uat3.bnpparibas.com
clientportfolio.smartderivatives.bnpparibas.com
us-cortexfx.bnpparibas.com
europagoderec2.bnpparibas.com
bnp02tpc.bnpparibas.com
bnp05s.bnpparibas.com
bnp09b.bnpparibas.com
auth.staging.bnpparibas.com
bnp07s.bnpparibas.com
eqresearch.bnpparibas.com
front-rec.bnpparibas.com
www.gps-protocol.bnpparibas.com
india-netpay.bnpparibas.com
apac-faststream02.bnpparibas.com
mymobility-qual.staging.bnpparibas.com
bnp03sw.bnpparibas.com
imactions.uat.bnpparibas.com
bnp05b.bnpparibas.com
welcome-qual.staging.bnpparibas.com
connexissupplychain.uat1.bnpparibas.com
gctabsreporting-staging.bnpparibas.com
expe-122-opf.bnpparibas.com
bnp13b.bnpparibas.com
connexistrade-ls.bnpparibas.com
cxt-uat-ls.bnpparibas.com
staging.intdistrib-am.bnpparibas.com
brio.sso-stg.bnpparibas.com
int-qa2-cciweb.bnpparibas.com
sinmail3.asia.bnpparibas.com
bnp06s.bnpparibas.com
bnp05s.bnpparibas.com
entreprises.ere.bnpparibas
2016-u.leasingsolutions.bnpparibas.com
bnp07b.bnpparibas.com
smartderivatives.bnpparibas.com
account.onebank.bnpparibas.com
bnppf-dgi-collection.bnpparibas.com
fr-sdpp-prd-internet-stream01.bnpparibas.com
bnp07b.bnpparibas.com
int-bfx-newscci.bnpparibas.com
bnp03s.bnpparibas.com
bnp19b.bnpparibas.com
marketlinkedproducts.bnpparibas.com
wealthmanagement-staging.bnpparibas.com
wsgateway.bnpparibas.com
jp-cortexfx.bnpparibas.com
bnp01sw.bnpparibas.com
securitiesrec-link.bnpparibas.com
bnp09b.bnpparibas.com
bnp04s.bnpparibas.com
rewardsatwork.be
www.bnpparibas.com.br
spotbuying.mediaprocessing.bnpparibas.com
group.bnpparibas
clientportfolio.smartderivatives.bnpparibas.com
cce.bnpparibas.com
cdc-securities-link.portail-investisseur.com
markets360-test.bnpparibas.com
www.privalto.fr
push.connexiscash.bnpparibas.com
bnp09s.bnpparibas.com
matisse-compta.bnpparibas.com
ews-itg-ext.test.bnpparibas.com
www.primebroker.com
obbligazioni.bnpparibas.com
webtrends.bnpparibas.com
fao.bnpparibas.com
dna-promoter.bnpparibas.com
globalmarkets-pp.bnpparibas.com
bnp09b.bnpparibas.com
bnp04b.bnpparibas.com
cardif-asia-demo.dev.bnpparibas.com
bnp03s.bnpparibas.com
push.bnpparibas.com
bnp19b.bnpparibas.com
keys.bnpparibas.com
sinmail4.asia.bnpparibas.com

Certificate

The complete raw certificate details for bnp08s.bnpparibas.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIINnDCCDISgAwIBAgIQAgdT/EO1se/omdXH3KhITDANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjEwNzEzMDAwMDAwWhcN
MjIwNzE4MjM1OTU5WjByMQswCQYDVQQGEwJGUjEWMBQGA1UECBMNSWxlIGRlIEZy
YW5jZTESMBAGA1UEBxMJTU9OVFJFVUlMMRcwFQYDVQQKEw5CTlAgUEFSSUJBUyBT
QTEeMBwGA1UEAxMVYm5wMDhzLmJucHBhcmliYXMuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAxvsH3WSRw+hdz+D2nyiJx4Cr0bUIihJ0OoAwqo13
9l66KaC7bbmrc7z1DW24ZxKGniyP8cP+stkoQl60iXNugtfAeB7MC++YeA/Aj/5b
jukRcfKnpWwxrIFMtopN1MN54NADFzwj4xCk3iwF6AqYJclDszVPUqo361tjaY1q
6BtBD0ps6aUsi37+N6K0TqEm8dq/DQ/5vLrF7yF1n5jdEGLpN+YInr8uDjaJj7WS
vz/idD+JN7huoiCtp1XGv7tosZPCszcaIVgWXSrEjO/evutvkK1RKXSrj1cQHBnX
fPfNZrVFtz1Sgz/OvD1aY0HJcXZQcJxDmdCSj3myf95YUwIDAQABo4IKUTCCCk0w
HwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFFcUgRAg
ih9F7vbtmPxb2U+8cnRCMIIIjAYDVR0RBIIIgzCCCH+CC3d3dy51YmNpLnRugiB3
d3cucHJpdmF0ZWJhbmtpbmdhZW1jb2xsLmJubC5pdIIjd3d3LnByaXZhdGViYW5r
aW5nYWVtLmJucHBhcmliYXMuaXSCHHd3dy5wcml2YXRlYmFua2luZ2FlbS5ibmwu
aXSCIHd3dy5wcml2YXRlYmFua2luZy5ibnBwYXJpYmFzLml0gh53d3cuaXJiLWNl
bnRyYWwuYm5wcGFyaWJhcy5jb22CJnd3dy5jZW50cmFsLmFudGlsbGVzLWd1eWFu
ZS5ibnBwYXJpYmFzghF3d3cuYm5wcGFyaWJhcy5yZYIRd3d3LmJucHBhcmliYXMu
bmOCEXd3dy5ibnBwYXJpYmFzLmR6ggx3d3cuYmljaXMuc26CD3d3dy5iaWNpZ3Vp
Lm9yZ4IOd3d3LmJpY2ljaS5jb22CEnd3dy5iaWNpYm91cnNlLmNvbYINd3d3LmJp
Y2lhYi5iZoIfd3d3LmJhbmtpbmdhZW1jb2xsLmhlbGxvYmFuay5pdIIed3d3LmFu
dGlsbGVzLWd1eWFuZS5ibnBwYXJpYmFzghp3d3cuYWxnZXJpZS5ibnBwYXJpYmFz
LmNvbYIad3d3LmFsZ2VyaWEuYm5wcGFyaWJhcy5jb22CJHVzLWlzc3VpbmcucGF5
aW5nLnJlYy5ibnBwYXJpYmFzLmNvbYIHdWJjaS50boItdGhhaWxhbmRzb2NpYWxz
ZWN1cml0eS5zdGFnaW5nLmJucHBhcmliYXMuY29tgiV0aGFpbGFuZHNvY2lhbHNl
Y3VyaXR5LmJucHBhcmliYXMuY29tghZzeWdtYWJucHBhcmliYXMtcGYuY29tgitz
dGFnaW5nLndvcmtzcGFjZS5yZWFsZXN0YXRlLmJucHBhcmliYXMuY29tgidzZ3Ji
b2xldG9pc3N1YW5jZS1zdGcuYm5wcGFyaWJhcy5jb20uYnKCGXJpZW5kdXRvdXQu
Ym5wcGFyaWJhcy5jb22CHHJlY2ViaXZlaXMuYm5wcGFyaWJhcy5jb20uYnKCGXJl
Y2ViaXZlaXMuYm5wcGFyaWJhcy5jb22CIHJlY2ViaXZlaXMtc3RnLmJucHBhcmli
YXMuY29tLmJygiZyZWNlYml2ZWlzLWZpbGVzLXN0Zy5ibnBwYXJpYmFzLmNvbS5i
coIccHJpdmF0ZWJhbmtpbmdhZW1jb2xsLmJubC5pdIIfcHJpdmF0ZWJhbmtpbmdh
ZW0uYm5wcGFyaWJhcy5pdIIYcHJpdmF0ZWJhbmtpbmdhZW0uYm5sLml0ghxwcml2
YXRlYmFua2luZy5ibnBwYXJpYmFzLml0giFwcml2YXRlLnN0YWdpbmcuYm5wcGFy
aWJhcy1hbS5jb22CK3BvcnRhaWxzeWdtYS1wcmVwcm9kLnN5Z21hYm5wcGFyaWJh
cy1wZi5jb22CFG15ZnB4LmJucHBhcmliYXMuY29tghdtb25pdG9yLnByaW1lYnJv
a2VyLmNvbYIhbW9uZXBhcmduZS5lcmUuc3RhZ2luZy5ibnBwYXJpYmFzghltb25l
cGFyZ25lLmVyZS5ibnBwYXJpYmFzghJtZWRpYS55b3VtYW5pc3QuaXSCFm1lZGlh
LnlvdW1hbmlzdC5ibmwuaXSCFG1ic3dsLmJucHBhcmliYXMuY29tghhtYnN3bC11
YXQuYm5wcGFyaWJhcy5jb22CGmlyYi1jZW50cmFsLmJucHBhcmliYXMuY29tghJn
ZXMuYm5wcGFyaWJhcy5jb22CFWdlcy1wYi5ibnBwYXJpYmFzLmNvbYIbZnhwYi5z
dGFnaW5nLmJucHBhcmliYXMuY29tghNmeHBiLmJucHBhcmliYXMuY29tghZmeHBi
LWRyLmJucHBhcmliYXMuY29tgh5lYnJva2VyLnN5Z21hYm5wcGFyaWJhcy1wZi5j
b22CJmVicm9rZXItcHJlcHJvZC5zeWdtYWJucHBhcmliYXMtcGYuY29tgiZkZW1v
LW1vbmVyZS1hcGkuZXJlLnN0YWdpbmcuYm5wcGFyaWJhc4IeZGVtby1tb25lcmUt
YXBpLmVyZS5ibnBwYXJpYmFzgiZkZW1vLW1vbmVwYXJnbmUuZXJlLnN0YWdpbmcu
Ym5wcGFyaWJhc4IeZGVtby1tb25lcGFyZ25lLmVyZS5ibnBwYXJpYmFzghNjb3Jw
b3JhdGVzYWMuYm5sLml0giBjb25uZXhpb24uZXJlLnN0YWdpbmcuYm5wcGFyaWJh
c4IYY29ubmV4aW9uLmVyZS5ibnBwYXJpYmFzgiJjZW50cmFsLmFudGlsbGVzLWd1
eWFuZS5ibnBwYXJpYmFzghhib2xldG8uYm5wcGFyaWJhcy5jb20uYnKCDWJucHBh
cmliYXMucmWCDWJucHBhcmliYXMubmOCDWJucHBhcmliYXMuZHqCJWJucHBhbS1w
cml2YXRlLnN0YWdpbmcuYm5wcGFyaWJhcy5jb22CFWJucDA4cy5ibnBwYXJpYmFz
LmNvbYIIYmljaXMuc26CC2JpY2lndWkub3JnggpiaWNpY2kuY29tgg5iaWNpYm91
cnNlLmNvbYIJYmljaWFiLmJmghtiYW5raW5nYWVtY29sbC5oZWxsb2JhbmsuaXSC
EmIyY3Rlc3QuZWNyZWRpdC5pdIIaYW50aWxsZXMtZ3V5YW5lLmJucHBhcmliYXOC
H2FsaXMudjE2LmRldi5zdGFnaW5nLmJucHBhcmliYXOCG2FsaXMuaW50LnN0YWdp
bmcuYm5wcGFyaWJhc4IgYWxpcy1xdWFsLWludC5zdGFnaW5nLmJucHBhcmliYXOC
FmFsZ2VyaWUuYm5wcGFyaWJhcy5jb22CFmFsZ2VyaWEuYm5wcGFyaWJhcy5jb20w
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBr
BgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1z
aGEyLWc3LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Et
c2hhMi1nNy5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYb
aHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMHwGCCsGAQUFBwEBBHAwbjAkBggr
BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpo
dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2Vy
dmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJ
KoZIhvcNAQELBQADggEBALTDJaSzpi+eArXxlUs1QRomD9fn/i1ABicLil5T0BtV
9HM9O8NBnu7SCMr7MzC7qghszmRzULAedU0VYH8VFT2EK+Zq3ASDWLheYAvBozQp
x/cXvE9x9b3SfJIJO8n8YleiylfjonQuEYKpWFg4DdIAXVTS1utCxzJEnTcvWWIy
XPNvprC3tQ2YLb3aKlngeNPPAHhcKLi8UhJEDg2oRv7dSoH8cH+xOZZmcCy7iq2a
VnuOv6etVlZsztfSdCRbHGcavlFUSSFEpmHPX7Oqsa2nmVCEM8uF1AMy6/jOOoPu
RIHhxbcfjyGTBqnk0NdrM4fTj6O1CeEKJ2sC3Ey5YMY=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvsH3WSRw+hdz+D2nyiJ
x4Cr0bUIihJ0OoAwqo139l66KaC7bbmrc7z1DW24ZxKGniyP8cP+stkoQl60iXNu
gtfAeB7MC++YeA/Aj/5bjukRcfKnpWwxrIFMtopN1MN54NADFzwj4xCk3iwF6AqY
JclDszVPUqo361tjaY1q6BtBD0ps6aUsi37+N6K0TqEm8dq/DQ/5vLrF7yF1n5jd
EGLpN+YInr8uDjaJj7WSvz/idD+JN7huoiCtp1XGv7tosZPCszcaIVgWXSrEjO/e
vutvkK1RKXSrj1cQHBnXfPfNZrVFtz1Sgz/OvD1aY0HJcXZQcJxDmdCSj3myf95Y
UwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 2696505496028783738245920361378498636
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-07-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-18 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ile de France'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MONTREUIL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BNP PARIBAS SA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bnp08s.bnpparibas.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25118972245903458154135523642704662591159861259878113325246309275240774355625179296015414234759299978361521415906079671831719265665345892375612816094376797579907748597175185730655407638030124293165981771592273528499666161820609547541848872889809848779917607506153142326632727681282562251059232634419920930500822535493452193473005406754521892674957972276332265813126949846214997704802198728634431173348171099787214364717944431698371143919829334765526717256839951499286436637380314190959294643764335432432501324840771431314657901988445828225817285188549020349078826401027140941513031448923992329153937650298408895666259
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							57148110208a1f45eef6ed98fc5bd94fbc727442
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2179 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ubci.tn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.privatebankingaemcoll.bnl.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.privatebankingaem.bnpparibas.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.privatebankingaem.bnl.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.privatebanking.bnpparibas.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.irb-central.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.central.antilles-guyane.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bnpparibas.re'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bnpparibas.nc'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bnpparibas.dz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bicis.sn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bicigui.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bicici.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bicibourse.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.biciab.bf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bankingaemcoll.hellobank.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.antilles-guyane.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.algerie.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.algeria.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'us-issuing.paying.rec.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ubci.tn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thailandsocialsecurity.staging.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thailandsocialsecurity.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sygmabnpparibas-pf.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.workspace.realestate.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sgrboletoissuance-stg.bnpparibas.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'riendutout.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'recebiveis.bnpparibas.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'recebiveis.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'recebiveis-stg.bnpparibas.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'recebiveis-files-stg.bnpparibas.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'privatebankingaemcoll.bnl.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'privatebankingaem.bnpparibas.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'privatebankingaem.bnl.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'privatebanking.bnpparibas.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'private.staging.bnpparibas-am.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portailsygma-preprod.sygmabnpparibas-pf.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'myfpx.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'monitor.primebroker.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'monepargne.ere.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'monepargne.ere.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'media.youmanist.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'media.youmanist.bnl.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mbswl.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mbswl-uat.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'irb-central.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ges.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ges-pb.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fxpb.staging.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fxpb.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fxpb-dr.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ebroker.sygmabnpparibas-pf.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ebroker-preprod.sygmabnpparibas-pf.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'demo-monere-api.ere.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'demo-monere-api.ere.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'demo-monepargne.ere.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'demo-monepargne.ere.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corporatesac.bnl.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'connexion.ere.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'connexion.ere.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'central.antilles-guyane.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'boleto.bnpparibas.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bnpparibas.re'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bnpparibas.nc'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bnpparibas.dz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bnppam-private.staging.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bnp08s.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bicis.sn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bicigui.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bicici.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bicibourse.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'biciab.bf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bankingaemcoll.hellobank.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'b2ctest.ecredit.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'antilles-guyane.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alis.v16.dev.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alis.int.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alis-qual-int.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'algerie.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'algeria.bnpparibas.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g7.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g7.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b4c325a4b3a62f9e02b5f1954b35411a260fd7e7fe2d4006270b8a5e53d01b55f4733d3bc3419eeed208cafb3330bbaa086cce647350b01e754d15607f15153d842be66adc048358b85e600bc1a33429c7f717bc4f71f5bdd27c92093bc9fc6257a2ca57e3a2742e1182a95858380dd2005d54d2d6eb42c732449d372f5962325cf36fa6b0b7b50d982dbdda2a59e078d3cf00785c28b8bc5212440e0da846fedd4a81fc707fb1399666702cbb8aad9a567b8ebfa7ad56566cced7d274245b1c671abe5154492144a661cf5fb3aab1ada799508433cb85d40332ebf8ce3a83ee4481e1c5b71f8f219306a9e4d0d76b3387d38fa3b509e10a276b02dc4cb960c6