*.kiehls.nl

Issued by Trusted Secure Certificate Authority 5

About this certificate


This digital certificate with serial number 1b:1a:7d:41:02:d9:8a:4f:e8:22:f7:97:85:1c:6a:41 was issued on by Corporation Service Company .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

L’OREAL

Organization: L’OREAL
Organization unit: L'Oreal
Organization unit: Enterprise SSL Wildcard
Address: 3 rue du 8 Mai 45
Postal code: 92110
State / Province: Clichy
Locality: Clichy
Country: FR

Corporation Service Company

Organization: Corporation Service Company
Postal code: 92110
State / Province: Clichy
Locality: Clichy
Country: FR

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 1b:1a:7d:41:02:d9:8a:4f:e8:22:f7:97:85:1c:6a:41
Serial Number (int): 36026696056427614055823207217504217665
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: d5:05:5e:a3:6d:68:bd:45:2c:1b:8e:71:2a:aa:37:55:e7:67:f8:65
AuthorityKeyId: f2:bb:55:ee:fc:8f:cf:d0:3f:14:68:1a:95:7e:79:0e:ab:17:30:f4

Fingerprint (sha1): eb:3a:12:d7:ba:45:19:be:33:c9:b8:24:b4:95:70:78:f0:98:ee:2d
Fingerprint (sha256): 05:1b:7d:f6:57:3c:c4:20:b7:8d:6b:a9:ac:fd:99:8a:f1:69:af:6c:cc:2b:31:ac:be:dc:e5:83:62:c3:f6:1c

Issuing Certificate URL: http://crt.usertrust.com/TrustedSecureCertificateAuthority5.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.usertrust.com/TrustedSecureCertificateAuthority5.crl

Check the revocation status for the current certificate on *.kiehls.nl
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

*.kiehls.nl
kiehls.nl

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIQGxp9QQLZik/oIveXhRxqQTANBgkqhkiG9w0BAQsFADCB hjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkRFMRMwEQYDVQQHEwpXaWxtaW5ndG9u MSQwIgYDVQQKExtDb3Jwb3JhdGlvbiBTZXJ2aWNlIENvbXBhbnkxLzAtBgNVBAMT JlRydXN0ZWQgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSA1MB4XDTE1MTIx NTAwMDAwMFoXDTE3MTIxNDIzNTk1OVowgbkxCzAJBgNVBAYTAkZSMQ4wDAYDVQQR EwU5MjExMDEPMA0GA1UECBMGQ2xpY2h5MQ8wDQYDVQQHEwZDbGljaHkxGjAYBgNV BAkTETMgcnVlIGR1IDggTWFpIDQ1MRIwEAYDVQQKDAlM4oCZT1JFQUwxEDAOBgNV BAsTB0wnT3JlYWwxIDAeBgNVBAsTF0VudGVycHJpc2UgU1NMIFdpbGRjYXJkMRQw EgYDVQQDDAsqLmtpZWhscy5ubDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALIbMwjfxDrlTUnDZBhRLG7NJpMSEhUH1M+Zzn8flmgx42MPZMfepfMPjhhj wqfvjGqiReFDTNZ2WV/wjP4oRWB3SgjZyGlNLe6o4s+GAOBAaeD6n5mBJ05skrVK ultL8VrwMeO8jG6ubVocFwZ3l/pVGjRN8ciJFP9E9uWBs/dYc11pOdhbeA99VhMZ z3p47f73OlJwXO3c5NcfK6gAkmk0M5ix8FqhPkakB+WNNXbY04mCa4jQ3Rmy8o59 kqF1ZITRfJLLThbcnD1MhJT9s5djy/qw+X8u+A2kTNu0zJMc8byp8TrodXwdz/UB zblra97dGJm2U6jsdw28+fK47W8CAwEAAaOCAcgwggHEMB8GA1UdIwQYMBaAFPK7 Ve78j8/QPxRoGpV+eQ6rFzD0MB0GA1UdDgQWBBTVBV6jbWi9RSwbjnEqqjdV52f4 ZTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwSwYDVR0gBEQwQjA2BgsrBgEEAbIxAQICCDAnMCUGCCsG AQUFBwIBFhlodHRwczovL2Nwcy51c2VydHJ1c3QuY29tMAgGBmeBDAECAjBQBgNV HR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVHJ1c3RlZFNl Y3VyZUNlcnRpZmljYXRlQXV0aG9yaXR5NS5jcmwwgYIGCCsGAQUFBwEBBHYwdDBL BggrBgEFBQcwAoY/aHR0cDovL2NydC51c2VydHJ1c3QuY29tL1RydXN0ZWRTZWN1 cmVDZXJ0aWZpY2F0ZUF1dGhvcml0eTUuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8v b2NzcC51c2VydHJ1c3QuY29tMCEGA1UdEQQaMBiCCyoua2llaGxzLm5sgglraWVo bHMubmwwDQYJKoZIhvcNAQELBQADggEBAIJn7YWQyMIff29GcxTw5qmvPLkviB8j +9WQcKM6eO8bbO7bQ2w9sLWwS+8Qjg6/t1lmE/DsrdtB9OkEQZoXWre8gdmoK+5A AAcPJeb7mS/QpLl4a0EgX3RR/q8MkMADz2u06o2RDPEKt5vDjqrWEIradXQT/kba lr0JcnVEl1NWMdvgVhtnJ+zsOrhkNrFDcATEdMctFQG31PESnL4bNDswV5jELnlW +D0cv/sbjq7Zgz2RaLyIoFA1Iwf8s2C610zNPC/S2b9JYefMa5iVcAGTRvAr+npo LYPLUfHx5AyOMoxB5JuTIPnyfEFd8WnP17mU/NJoT/bOUVpP80F7tzs= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshszCN/EOuVNScNkGFEs bs0mkxISFQfUz5nOfx+WaDHjYw9kx96l8w+OGGPCp++MaqJF4UNM1nZZX/CM/ihF YHdKCNnIaU0t7qjiz4YA4EBp4PqfmYEnTmyStUq6W0vxWvAx47yMbq5tWhwXBneX +lUaNE3xyIkU/0T25YGz91hzXWk52Ft4D31WExnPenjt/vc6UnBc7dzk1x8rqACS aTQzmLHwWqE+RqQH5Y01dtjTiYJriNDdGbLyjn2SoXVkhNF8kstOFtycPUyElP2z l2PL+rD5fy74DaRM27TMkxzxvKnxOuh1fB3P9QHNuWtr3t0YmbZTqOx3Dbz58rjt bwIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 36026696056427614055823207217504217665 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Wilmington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Corporation Service Company' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trusted Secure Certificate Authority 5' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-12-15 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-12-14 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '92110' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Clichy' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Clichy' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '3 rue du 8 Mai 45' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'L’OREAL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'L'Oreal' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Enterprise SSL Wildcard' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.kiehls.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22483830785384437960723263063472886355864232379240236743341597890675457347885025116689226633190187511427115133982232203383690386100046878709306580484781797786932180562392631864289123506425118414386015192949695567045098626866600332256213083477840146376261236274137007551174624259010380166086109908988537763134848177826218001635770907747866924498693665234554329835056981004189351881723890696504563805706859408996106715339898837384673176443715359303606155428214770740635905741160691174361673747282636928297375708397532689285751042493223239637043936974182716922957040129767184310752853869187828317528619755485278011714927 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f2bb55eefc8fcfd03f14681a957e790eab1730f4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d5055ea36d68bd452c1b8e712aaa3755e767f865 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/TrustedSecureCertificateAuthority5.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/TrustedSecureCertificateAuthority5.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kiehls.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kiehls.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008267ed8590c8c21f7f6f467314f0e6a9af3cb92f881f23fbd59070a33a78ef1b6ceedb436c3db0b5b04bef108e0ebfb7596613f0ecaddb41f4e904419a175ab7bc81d9a82bee4000070f25e6fb992fd0a4b9786b41205f7451feaf0c90c003cf6bb4ea8d910cf10ab79bc38eaad6108ada757413fe46da96bd0972754497535631dbe0561b6727ecec3ab86436b1437004c474c72d1501b7d4f1129cbe1b343b305798c42e7956f83d1cbffb1b8eaed9833d9168bc88a050352307fcb360bad74ccd3c2fd2d9bf4961e7cc6b989570019346f02bfa7a682d83cb51f1f1e40c8e328c41e49b9320f9f27c415df169cfd7b994fcd2684ff6ce515a4ff3417bb73b