idp.iamtest.ox.ac.uk
- University of Oxford -
Issued by AffirmTrust Certificate Authority - OV1
About this certificate
This digital certificate with serial number 51:3c:16:84:8a:b5:a6:48:00:00:00:00:58:09:1f:f7 was issued on by AffirmTrust.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
University of Oxford
Organization:
University of Oxford
State / Province:
Oxfordshire
Locality: Oxford
Country: GB
Locality: Oxford
Country: GB
AffirmTrust
Organization:
AffirmTrust
Organization unit: See www.affirmtrust.com/repository
Organization unit: See www.affirmtrust.com/repository
Country:
CA
This certificate has expire since
Certificate Details
Serial Number (hex): 51:3c:16:84:8a:b5:a6:48:00:00:00:00:58:09:1f:f7Serial Number (int): 107979462184147539752259687884102639607
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 0b:6c:cf:da:fa:85:2e:4a:49:e5:7d:c9:80:25:f1:55:c1:76:05:3c
AuthorityKeyId: fe:60:c3:0d:a4:a2:9d:21:4f:7a:78:4c:62:c5:db:14:fc:39:78:c4
Fingerprint (sha1): 2b:a9:74:98:0e:d2:d0:4f:b9:3a:71:1e:b1:f0:47:c1:7b:6c:28:6f
Fingerprint (sha256): 00:04:5d:93:54:ba:e5:ea:ea:f0:52:ed:5e:9e:3c:b7:bf:fc:16:73:43:ea:4c:32:9d:65:3f:07:16:32:29:2d
Issuing Certificate URL: http://aia.affirmtrust.com/aftov1ca.crt
Revocation information
OCSP Server: http://ocsp.affirmtrust.comCRL Distribution Point: http://crl.affirmtrust.com/crl/aftov1ca.crl
Check the revocation status for certificate idp.iamtest.ox.ac.uk
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for idp.iamtest.ox.ac.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
idp.iamtest.ox.ac.uk
Other certificates including the domain name ox.ac.uk
(limited to 100 certificates)
idp.iamtest.ox.ac.uk
sn.sdc.ox.ac.uk
toothless.glam.ox.ac.uk
asmeals.chch.ox.ac.uk
sbs-libprox.sbs.ox.ac.uk
grasp-bestpractice.octru.ox.ac.uk
drupal-pilot-rai.it.ox.ac.uk
seldenmap.bodleian.ox.ac.uk
bits.uas.ox.ac.uk
web.crested-test.haiku.fry-it.com
www.ict.ox.ac.uk
webcms-app-td.nsms.ox.ac.uk
community.bsg.ox.ac.uk
community.bsg.ox.ac.uk
ball.gtc.ox.ac.uk
autodiscover.nexus.ox.ac.uk
mobile.chorus.ox.ac.uk
golab.bsg.ox.ac.uk
tabul.ndorms.ox.ac.uk
print.new.ox.ac.uk
gbrowse.molbiol.ox.ac.uk
webmail.isis.ox.ac.uk
*.web.ox.ac.uk
isupplier.uas.ox.ac.uk
network.rhodeshouse.ox.ac.uk
castrovalva.it.ox.ac.uk
ssl1.aluminati.net
dpuk.fmrib.ox.ac.uk
grasp-bestpractice.octru.ox.ac.uk
ouclf.law.ox.ac.uk
www2.oxford-man.ox.ac.uk
exprodo.fmrib.ox.ac.uk
trainforpedhiv.conted.ox.ac.uk
zoo-godfray.zoo.ox.ac.uk
print.lmh.ox.ac.uk
zoo-kfoster.zoo.ox.ac.uk
openclinica2.ocdem.ox.ac.uk
e2.shared.global.fastly.net
hrisprd.uas.ox.ac.uk
zoo-oxlel.zoo.ox.ac.uk
status.museums.ox.ac.uk
minerva.maths.ox.ac.uk
lists.maths.ox.ac.uk
e2.shared.global.fastly.net
incapsula.com
www.alumniweb.ox.ac.uk
epos.merton.ox.ac.uk
dars-project-training.bsp.ox.ac.uk
ibme-linuxdev.eng.ox.ac.uk
talks-dev.oucs.ox.ac.uk
rramp-test.octru.ox.ac.uk
bits.uas.ox.ac.uk
zoo-nercdtp.zoo.ox.ac.uk
fe1.chorus.ox.ac.uk
www.ml.ox.ac.uk
mimas.sgc.ox.ac.uk
webcms-1.nsms.ox.ac.uk
admn-sql03.connect.ox.ac.uk
cposxfs01.physics.ox.ac.uk
nsmsweb44.nsms.ox.ac.uk
printing.wadham.ox.ac.uk
app-vadalog.cs.ox.ac.uk
www.conted.ox.ac.uk
rramp-test.octru.ox.ac.uk
www.occt.ox.ac.uk
mysite.nexus.ox.ac.uk
www.bodleian.ox.ac.uk
spivey.oriel.ox.ac.uk
office-nextcloud-mmsid.ouce.ox.ac.uk
dars-website-test-one.bsp.ox.ac.uk
case-sql01.connect.ox.ac.uk
ridd.octru.ox.ac.uk
gower.octru.ox.ac.uk
sjc-kx.sjc.ox.ac.uk
malmecc.eu
webmail.earth.ox.ac.uk
dse.oucs.ox.ac.uk
sansonegroup.eng.ox.ac.uk
files.new.ox.ac.uk
analytics.spc.ox.ac.uk
medievalpaternosterwheels.bodleian.ox.ac.uk
tolkien.bodleian.ox.ac.uk
munki.orchard.ox.ac.uk
www.greenlightcreative.co.uk
staging.gatewayticketing.hosting
nsmsweb44.nsms.ox.ac.uk
www.mpls.ox.ac.uk
shapestacks.robots.ox.ac.uk
incapsula.com
webmail.earth.ox.ac.uk
owa.nexus.ox.ac.uk
live2.podcasts.ox.ac.uk
portal.stats.ox.ac.uk
bcfw.balliol.ox.ac.uk
www.kellogg.ox.ac.uk
drupaldev.conted.ox.ac.uk
worc-argon.worc.ox.ac.uk
members.hmc.ox.ac.uk
muninn.pmb.ox.ac.uk
mail.physiol.ox.ac.uk
sn.sdc.ox.ac.uk
toothless.glam.ox.ac.uk
asmeals.chch.ox.ac.uk
sbs-libprox.sbs.ox.ac.uk
grasp-bestpractice.octru.ox.ac.uk
drupal-pilot-rai.it.ox.ac.uk
seldenmap.bodleian.ox.ac.uk
bits.uas.ox.ac.uk
web.crested-test.haiku.fry-it.com
www.ict.ox.ac.uk
webcms-app-td.nsms.ox.ac.uk
community.bsg.ox.ac.uk
community.bsg.ox.ac.uk
ball.gtc.ox.ac.uk
autodiscover.nexus.ox.ac.uk
mobile.chorus.ox.ac.uk
golab.bsg.ox.ac.uk
tabul.ndorms.ox.ac.uk
print.new.ox.ac.uk
gbrowse.molbiol.ox.ac.uk
webmail.isis.ox.ac.uk
*.web.ox.ac.uk
isupplier.uas.ox.ac.uk
network.rhodeshouse.ox.ac.uk
castrovalva.it.ox.ac.uk
ssl1.aluminati.net
dpuk.fmrib.ox.ac.uk
grasp-bestpractice.octru.ox.ac.uk
ouclf.law.ox.ac.uk
www2.oxford-man.ox.ac.uk
exprodo.fmrib.ox.ac.uk
trainforpedhiv.conted.ox.ac.uk
zoo-godfray.zoo.ox.ac.uk
print.lmh.ox.ac.uk
zoo-kfoster.zoo.ox.ac.uk
openclinica2.ocdem.ox.ac.uk
e2.shared.global.fastly.net
hrisprd.uas.ox.ac.uk
zoo-oxlel.zoo.ox.ac.uk
status.museums.ox.ac.uk
minerva.maths.ox.ac.uk
lists.maths.ox.ac.uk
e2.shared.global.fastly.net
incapsula.com
www.alumniweb.ox.ac.uk
epos.merton.ox.ac.uk
dars-project-training.bsp.ox.ac.uk
ibme-linuxdev.eng.ox.ac.uk
talks-dev.oucs.ox.ac.uk
rramp-test.octru.ox.ac.uk
bits.uas.ox.ac.uk
zoo-nercdtp.zoo.ox.ac.uk
fe1.chorus.ox.ac.uk
www.ml.ox.ac.uk
mimas.sgc.ox.ac.uk
webcms-1.nsms.ox.ac.uk
admn-sql03.connect.ox.ac.uk
cposxfs01.physics.ox.ac.uk
nsmsweb44.nsms.ox.ac.uk
printing.wadham.ox.ac.uk
app-vadalog.cs.ox.ac.uk
www.conted.ox.ac.uk
rramp-test.octru.ox.ac.uk
www.occt.ox.ac.uk
mysite.nexus.ox.ac.uk
www.bodleian.ox.ac.uk
spivey.oriel.ox.ac.uk
office-nextcloud-mmsid.ouce.ox.ac.uk
dars-website-test-one.bsp.ox.ac.uk
case-sql01.connect.ox.ac.uk
ridd.octru.ox.ac.uk
gower.octru.ox.ac.uk
sjc-kx.sjc.ox.ac.uk
malmecc.eu
webmail.earth.ox.ac.uk
dse.oucs.ox.ac.uk
sansonegroup.eng.ox.ac.uk
files.new.ox.ac.uk
analytics.spc.ox.ac.uk
medievalpaternosterwheels.bodleian.ox.ac.uk
tolkien.bodleian.ox.ac.uk
munki.orchard.ox.ac.uk
www.greenlightcreative.co.uk
staging.gatewayticketing.hosting
nsmsweb44.nsms.ox.ac.uk
www.mpls.ox.ac.uk
shapestacks.robots.ox.ac.uk
incapsula.com
webmail.earth.ox.ac.uk
owa.nexus.ox.ac.uk
live2.podcasts.ox.ac.uk
portal.stats.ox.ac.uk
bcfw.balliol.ox.ac.uk
www.kellogg.ox.ac.uk
drupaldev.conted.ox.ac.uk
worc-argon.worc.ox.ac.uk
members.hmc.ox.ac.uk
muninn.pmb.ox.ac.uk
mail.physiol.ox.ac.uk
Certificate
The complete raw certificate details for idp.iamtest.ox.ac.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHHDCCBgSgAwIBAgIQUTwWhIq1pkgAAAAAWAkf9zANBgkqhkiG9w0BAQsFADCB gjELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYDVQQLEyJT ZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTAwLgYDVQQDEydBZmZp cm1UcnVzdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBPVjEwHhcNMTkxMDA4MDk1 NjE1WhcNMjExMTA2MTAyNjEzWjByMQswCQYDVQQGEwJHQjEUMBIGA1UECBMLT3hm b3Jkc2hpcmUxDzANBgNVBAcTBk94Zm9yZDEdMBsGA1UEChMUVW5pdmVyc2l0eSBv ZiBPeGZvcmQxHTAbBgNVBAMTFGlkcC5pYW10ZXN0Lm94LmFjLnVrMIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLXCnvDBW2NIMbOrZDkMN/ZK9L3N2fyv lH0vOnU++E+BSF1ZM+0DisuP09Zld7YnQORa7IuLed1Rp/L34eZPytGGk1YYa9c4 jqJGexs+GOHhjk7R+zak0TrWJG/VI4jnE7f3gfUA0wbvZPZSlrOsI3kfX83q6I4x GulOqthdDDEbXM7Nwr0to1MtR3HdmlrU+EgnbiTyIpiH26YXxbGjBotkabkagTPf w6Zzs5udArNDBjqXWdCqHAvZp3rnX2g0i4AEJlQ1VtTvPUYkydwaMzIkUxlPTnWi koP6azOoJpltsC5XDSNJipbdiSXhcvU3JQ8uFn3QMk1nCOIUzMszSQIDAQABo4ID mzCCA5cwHwYDVR0RBBgwFoIUaWRwLmlhbXRlc3Qub3guYWMudWswggHzBgorBgEE AdZ5AgQCBIIB4wSCAd8B3QB1AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0H E9MMAAABbarnvLwAAAQDAEYwRAIgEZprrW19vYtwGatoKFAKQlGRlXnx7XMZpjyv BYchXWICIBQIkSGAP5ATw7j+rPl11i1NcQknsGyIxvoaa0VqlSlsAHUAh3W/51l8 +IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFtque8xAAABAMARjBEAiA3Uq3z WpXBk8Z4saSWVCOQCf0Lxgd15PvpZqgg18aB6QIgeh4NFavv/2mR3IrD2Y3FxO7k kmolhaKMsYGbZ4GiIb0AdgBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/0zOWtbaB qAAAAW2q57ynAAAEAwBHMEUCICTIChmDvJtJBcmB+6sdP490utEP78uh2TcMY/15 ZBk9AiEA9LuWB4tIbQ/UL9ybAMJ2r5/LJtXUrUdnukFLtxf8KuEAdQC72d+8H4px tZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAW2q57yDAAAEAwBGMEQCIH5PkqCY 0AMIzYCUvJDnOOBGPck1pt2IZgo7HPXUB/21AiBvEy4+cDVgXEgijh7iL2mBY7R+ jg0+f2tYRhUq/SX2+jAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMAkGA1UdEwQCMAAwbAYIKwYBBQUHAQEEYDBeMCcGCCsGAQUF BzABhhtodHRwOi8vb2NzcC5hZmZpcm10cnVzdC5jb20wMwYIKwYBBQUHMAKGJ2h0 dHA6Ly9haWEuYWZmaXJtdHJ1c3QuY29tL2FmdG92MWNhLmNydDBXBgNVHSAEUDBO MEIGCisGAQQBgo8JAgUwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuYWZmaXJt dHJ1c3QuY29tL3JlcG9zaXRvcnkwCAYGZ4EMAQICMDwGA1UdHwQ1MDMwMaAvoC2G K2h0dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29tL2NybC9hZnRvdjFjYS5jcmwwHwYD VR0jBBgwFoAU/mDDDaSinSFPenhMYsXbFPw5eMQwHQYDVR0OBBYEFAtsz9r6hS5K SeV9yYAl8VXBdgU8MA0GCSqGSIb3DQEBCwUAA4IBAQCtTMthBEaN62MTrLzMgkaH QH9xHhvXabNUASDsbvmJqUO6CfOtvLcghvnzx3agvEwxWtJpExZRdUnNTed5v8Lv p0gxQ6pefAqJTIuIpKr+Zy7We87F9VeCqmJ7pDtal7iSw61DnpbaNoY6tHTaWV06 YtC3Ikmg/pDC6E3+v7EkRMxwjtBkT/Sz9ucObZMuJUH4smpGXfxFF/d7XWYROl5S OkT2+WhG4Hhz+9TmcrJ1hEDd8BOHwnMGuHAm9WyY58NFyh4ycqSFy5otmrjRBSaN Ht4D+TWTVCgox4gljzBT6M4X1rRyYLAMjBO8DYR9X6ywOs2IiScJX5EWBZ5DR/7r -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLXCnvDBW2NIMbOrZDkM N/ZK9L3N2fyvlH0vOnU++E+BSF1ZM+0DisuP09Zld7YnQORa7IuLed1Rp/L34eZP ytGGk1YYa9c4jqJGexs+GOHhjk7R+zak0TrWJG/VI4jnE7f3gfUA0wbvZPZSlrOs I3kfX83q6I4xGulOqthdDDEbXM7Nwr0to1MtR3HdmlrU+EgnbiTyIpiH26YXxbGj BotkabkagTPfw6Zzs5udArNDBjqXWdCqHAvZp3rnX2g0i4AEJlQ1VtTvPUYkydwa MzIkUxlPTnWikoP6azOoJpltsC5XDSNJipbdiSXhcvU3JQ8uFn3QMk1nCOIUzMsz SQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 107979462184147539752259687884102639607 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AffirmTrust' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.affirmtrust.com/repository' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AffirmTrust Certificate Authority - OV1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-08 09:56:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-11-06 10:26:13 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oxfordshire' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oxford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of Oxford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'idp.iamtest.ox.ac.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21802617767921359263956040239244718092406887700088959809041483138646776710793987912678745811262190922039098166621379758308696435890540299934883679745380161621350321442612202940406361670676817280892692625345476408563260717756939572001876979451834417398500061579063557103597018204152882030547978735505132960654779577122789817502309954345548297125974290434803010834223593398249802772928504910838797457424213579585430692241996933945103526586568732930981516780410923985394490804567509375996673689748572662319682372399464783565979365875831406609269213560475169806818938209317027256743374970295133885004159876570881263874889 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idp.iamtest.ox.ac.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (479 bytes) 01dd0075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016daae7bcbc00000403004630440220119a6bad6d7dbd8b7019ab6828500a4251919579f1ed7319a63caf0587215d62022014089121803f9013c3b8feacf975d62d4d710927b06c88c6fa1a6b456a95296c0075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016daae7bcc4000004030046304402203752adf35a95c193c678b1a49654239009fd0bc60775e4fbe966a820d7c681e902207a1e0d15abefff6991dc8ac3d98dc5c4eee4926a2585a28cb1819b6781a221bd0076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016daae7bca70000040300473045022024c80a1983bc9b4905c981fbab1d3f8f74bad10fefcba1d9370c63fd7964193d022100f4bb96078b486d0fd42fdc9b00c276af9fcb26d5d4ad4767ba414bb717fc2ae1007500bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016daae7bc83000004030046304402207e4f92a098d00308cd8094bc90e738e0463dc935a6dd88660a3b1cf5d407fdb502206f132e3e7035605c48228e1ee22f698163b47e8e0d3e7f6b5846152afd25f6fa . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.affirmtrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.affirmtrust.com/aftov1ca.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.34697.2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.affirmtrust.com/repository' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.affirmtrust.com/crl/aftov1ca.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName fe60c30da4a29d214f7a784c62c5db14fc3978c4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0b6ccfdafa852e4a49e57dc98025f155c176053c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00ad4ccb6104468deb6313acbccc824687407f711e1bd769b3540120ec6ef989a943ba09f3adbcb72086f9f3c776a0bc4c315ad2691316517549cd4de779bfc2efa7483143aa5e7c0a894c8b88a4aafe672ed67bcec5f55782aa627ba43b5a97b892c3ad439e96da36863ab474da595d3a62d0b72249a0fe90c2e84dfebfb12444cc708ed0644ff4b3f6e70e6d932e2541f8b26a465dfc4517f77b5d66113a5e523a44f6f96846e07873fbd4e672b2758440ddf01387c27306b87026f56c98e7c345ca1e3272a485cb9a2d9ab8d105268d1ede03f93593542828c788258f3053e8ce17d6b47260b00c8c13bc0d847d5facb03acd888927095f9116059e4347feeb