stl2.lotto-bw.de

- Staatliche Toto-Lotto GmbH -

Issued by Thawte RSA CA 2018

About this certificate

This digital certificate with serial number 0f:17:5b:97:4d:67:09:30:91:65:e0:67:ab:9f:cc:d7 was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Staatliche Toto-Lotto GmbH

Organization: Staatliche Toto-Lotto GmbH
State / Province: Baden-Wuerttemberg
Locality: Stuttgart
Country: DE

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0f:17:5b:97:4d:67:09:30:91:65:e0:67:ab:9f:cc:d7
Serial Number (int): 20059700451201419597819828450461994199
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: d3:da:41:fa:43:48:1c:44:eb:83:1b:d0:83:84:19:57:c7:a7:81:19
AuthorityKeyId: a3:c8:5e:65:54:e5:30:78:c1:05:ea:07:0a:6a:59:cc:b9:fe:de:5a

Fingerprint (sha1): 5a:5f:95:8d:61:34:da:2f:a1:85:5d:bb:85:db:7d:e8:fd:69:33:4f
Fingerprint (sha256): f4:f7:41:f8:5d:e2:61:e9:9a:d3:36:6c:bb:4a:e8:08:99:db:a4:fb:6d:ac:a7:b8:8c:0c:75:64:fd:7f:a0:a2

Issuing Certificate URL: http://cacerts.thawte.com/ThawteRSACA2018.crt

Revocation information

OCSP Server: http://status.thawte.com
CRL Distribution Point: http://cdp.thawte.com/ThawteRSACA2018.crl

Check the revocation status for certificate stl2.lotto-bw.de

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for stl2.lotto-bw.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

stl2.lotto-bw.de

Other certificates including the domain name lotto-bw.de

(limited to 100 certificates)
www.lotto-bw.de
www.veranstaltung.lotto-bw.de
image.client.generali.ro
san-3-s50.tlsprovisioning.exacttarget.com
wunschgewinn.lotto-bw.de
extfs.lotto-bw.de
stl2.lotto-bw.de
image.client.generali.ro
www.lotto-bw.de
san-3-s50.tlsprovisioning.exacttarget.com
stl2.lotto-bw.de
www.lotto-bw.de
stl1.lotto-bw.de
www.veranstaltung.lotto-bw.de
stl2.lotto-bw.de
image.client.generali.ro
www.lotto-bw.de
www.lotto-bw.de
image.client.generali.ro
www.lotto-bw.de
schulung.lotto-bw.de
schulung.lotto-bw.de
www.lotto-bw.de
www.lotto-bw.de
san-3-s50.tlsprovisioning.exacttarget.com
www.veranstaltung.lotto-bw.de
san-3-s50.tlsprovisioning.exacttarget.com
image.client.generali.ro
wunschgewinn.lotto-bw.de
wunschgewinn.lotto-bw.de
image.client.generali.ro
image.client.generali.ro
schulung.lotto-bw.de
www.veranstaltung.lotto-bw.de
www.lotto-bw.de
wunschgewinn.lotto-bw.de
www.lotto-bw.de
stl1.lotto-bw.de
wunschgewinn.lotto-bw.de
dev.marketing.lotto-bw.de
stl2.lotto-bw.de
kmsf2.lotto-bw.de
san-3-s50.tlsprovisioning.exacttarget.com
wunschgewinn.lotto-bw.de
marketing.lotto-bw.de
www.lotto-bw.de
wunschgewinn.lotto-bw.de
www.veranstaltung.lotto-bw.de
www.veranstaltung.lotto-bw.de
www.lotto-bw.de
schulung.lotto-bw.de
www.lotto-bw.de
san-3-s50.tlsprovisioning.exacttarget.com
test.marketing.lotto-bw.de
wunschgewinn.lotto-bw.de
image.client.generali.ro
www.veranstaltung.lotto-bw.de
www.lotto-bw.de
wunschgewinn.lotto-bw.de
stl1.lotto-bw.de
www.lotto-bw.de
wunschgewinn.lotto-bw.de
www.lotto-bw.de
wunschgewinn.lotto-bw.de
image.client.generali.ro
www.veranstaltung.lotto-bw.de
stl2.lotto-bw.de
extfs.lotto-bw.de

Certificate

The complete raw certificate details for stl2.lotto-bw.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGfjCCBWagAwIBAgIQDxdbl01nCTCRZeBnq5/M1zANBgkqhkiG9w0BAQsFADBc
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMRswGQYDVQQDExJUaGF3dGUgUlNBIENBIDIwMTgwHhcN
MTgwNDA2MDAwMDAwWhcNMjAwNDMwMTIwMDAwWjB+MQswCQYDVQQGEwJERTEbMBkG
A1UECBMSQmFkZW4tV3VlcnR0ZW1iZXJnMRIwEAYDVQQHEwlTdHV0dGdhcnQxIzAh
BgNVBAoTGlN0YWF0bGljaGUgVG90by1Mb3R0byBHbWJIMRkwFwYDVQQDExBzdGwy
LmxvdHRvLWJ3LmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKdi
HC43aIPNIzruuQB0LMBaaAAtBxs+i3a/BSn8kTrd1Z920ofccfwRAL7rdZDjcKoX
TrqQkVjy4D9SLhk7xWoSBsYjkBQk7wH+DHaFox8tiz7yDa+W82DdWvQ4Z6i+K+lz
AuuMx/bt1FT3jxkBKkdztIdNTPRuMS1GLBA8OQxxp4mfWxvoxrikRQZuNo0S0zqw
lEjXaBSOsJydNDQ5uSw58SqGk1GORbPgRD+1Bo7pC8QwKxqTrRDIPcUDKgw94FTh
QztOAawv5apybJtvSydFuPWxuskgcxGT0oGLgCtgyZGfXZqQdD4zx6S+H5Oqb9F4
Fu+2P2DpB2o01k2mFQIDAQABo4IDGDCCAxQwHwYDVR0jBBgwFoAUo8heZVTlMHjB
BeoHCmpZzLn+3lowHQYDVR0OBBYEFNPaQfpDSBxE64Mb0IOEGVfHp4EZMBsGA1Ud
EQQUMBKCEHN0bDIubG90dG8tYncuZGUwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8v
Y2RwLnRoYXd0ZS5jb20vVGhhd3RlUlNBQ0EyMDE4LmNybDBMBgNVHSAERTBDMDcG
CWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5j
b20vQ1BTMAgGBmeBDAECAjBvBggrBgEFBQcBAQRjMGEwJAYIKwYBBQUHMAGGGGh0
dHA6Ly9zdGF0dXMudGhhd3RlLmNvbTA5BggrBgEFBQcwAoYtaHR0cDovL2NhY2Vy
dHMudGhhd3RlLmNvbS9UaGF3dGVSU0FDQTIwMTguY3J0MAkGA1UdEwQCMAAwggF+
BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLY
gwDEe4l6qP3LAAABYptKQhoAAAQDAEcwRQIhAIyeAWxNYUEGnF5XPJqm7ghBDKAT
KrRj2toojcoBFIBJAiBPaud/E5zMayPwxcwS+ZDkWM9XoyegMiOgisdQtKO6iwB1
AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABYptKQtkAAAQDAEYw
RAIgJzM5cyAaIy8FyP6PFImlnONmr1nCoPmKTEV1TtMUUkoCIBR/LpFXqtVKv39U
NwBYETynBBDFOSBUKBYoKdBp8k+iAHcAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUuga
kJZkNo4e0YUAAAFim0pCOgAABAMASDBGAiEAhY0i2oaDVDHgPAqbBLcHdkKM8zWh
oVcKreTVCoCuAz0CIQCmg9YCFqC5gNINpo5P3gH0GCk4BaEoBNmFNuhq4ApztTAN
BgkqhkiG9w0BAQsFAAOCAQEApmT8jG7U41mCnYcNz32JXacPTxU8AR/IsoqiPzIq
5LxrQ6qraHK2TqGNMcDD/Ha5Ww7GMckVJ3tEMYH/xopUvNDjybRLzjqautfTej3k
veWaOcNkK72pDPsbAMxe0d+C6wbUgC+7vUZgS1YS5WYL/SaHZpw+d0ugiKXr4zOo
RWSxrej4pd2QtEGL7DzFdNov/ohIdCAvBwrIykkedcqv/65lKKkvCX5IgTgFEDKW
1TsyfTzDB1Xh4+qJ9mgDrrxFO6WE9wGMj/ENtDNB4Rgrw92sQKztdiv9ZnDuz1Ab
uGdW037zvqkOxv7Bu0cAbipamxAVc33B/nnBkK01Hazw0g==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKdiHC43aIPNIzruuQB0
LMBaaAAtBxs+i3a/BSn8kTrd1Z920ofccfwRAL7rdZDjcKoXTrqQkVjy4D9SLhk7
xWoSBsYjkBQk7wH+DHaFox8tiz7yDa+W82DdWvQ4Z6i+K+lzAuuMx/bt1FT3jxkB
KkdztIdNTPRuMS1GLBA8OQxxp4mfWxvoxrikRQZuNo0S0zqwlEjXaBSOsJydNDQ5
uSw58SqGk1GORbPgRD+1Bo7pC8QwKxqTrRDIPcUDKgw94FThQztOAawv5apybJtv
SydFuPWxuskgcxGT0oGLgCtgyZGfXZqQdD4zx6S+H5Oqb9F4Fu+2P2DpB2o01k2m
FQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 20059700451201419597819828450461994199
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-30 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Baden-Wuerttemberg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Stuttgart'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Staatliche Toto-Lotto GmbH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'stl2.lotto-bw.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18260855668288319591901202489795425647679312102830072254751908335765815868022282029467446497412978954047636843025502605865460055325709818797700804848876974896919669943505134686123782782490471602363946509691149083678583478362180471907714916110594677264574087555315438808339789841160266098137858816323103973009981734374424017794758263884877957121307166727806568480821470262736646680397209865911233727507673293166029111140219472047837375043770988383008743331000652830889108007007096496665695307940977525235023127670327100136013578830765458188852393678056280011142667233088162150131893797139055388760387895544873260787221
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a3c85e6554e53078c105ea070a6a59ccb9fede5a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d3da41fa43481c44eb831bd083841957c7a78119
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stl2.lotto-bw.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb000001629b4a421a00000403004730450221008c9e016c4d6141069c5e573c9aa6ee08410ca0132ab463dada288dca0114804902204f6ae77f139ccc6b23f0c5cc12f990e458cf57a327a03223a08ac750b4a3ba8b0075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d913000001629b4a42d90000040300463044022027333973201a232f05c8fe8f1489a59ce366af59c2a0f98a4c45754ed314524a0220147f2e9157aad54abf7f54370058113ca70410c539205428162829d069f24fa2007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed185000001629b4a423a0000040300483046022100858d22da86835431e03c0a9b04b70776428cf335a1a1570aade4d50a80ae033d022100a683d60216a0b980d20da68e4fde01f418293805a12804d98536e86ae00a73b5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a664fc8c6ed4e359829d870dcf7d895da70f4f153c011fc8b28aa23f322ae4bc6b43aaab6872b64ea18d31c0c3fc76b95b0ec631c915277b443181ffc68a54bcd0e3c9b44bce3a9abad7d37a3de4bde59a39c3642bbda90cfb1b00cc5ed1df82eb06d4802fbbbd46604b5612e5660bfd2687669c3e774ba088a5ebe333a84564b1ade8f8a5dd90b4418bec3cc574da2ffe884874202f070ac8ca491e75caafffae6528a92f097e48813805103296d53b327d3cc30755e1e3ea89f66803aebc453ba584f7018c8ff10db43341e1182bc3ddac40aced762bfd6670eecf501bb86756d37ef3bea90ec6fec1bb47006e2a5a9b1015737dc1fe79c190ad351dacf0d2