AMEDDENCB4001.dencom.army.mil

- U.S. Government -

Issued by DOD CA-21

About this certificate

This digital certificate with serial number 01:6d:1a was issued on by U.S. Government.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:

  • SAN DNSName contains duplicate values (awslabs certlint)

U.S. Government

Organization: U.S. Government
Organization unit: DoD
Organization unit: PKI
Organization unit: USA
Country: US

U.S. Government

Organization: U.S. Government
Organization unit: DoD
Organization unit: PKI
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 01:6d:1a
Serial Number (int): 93466
Serial Number lenght: 17 bits, 3 octets

SubjectKeyId: 3f:09:58:e8:eb:81:bf:ba:31:5f:c4:20:0d:18:6d:cd:f9:46:55:54
AuthorityKeyId: 09:99:13:e2:a3:d5:e7:74:d8:f6:3f:b5:dc:fb:d4:b5:16:ed:4c:d3

Fingerprint (sha1): a7:ad:d8:e2:e8:b5:54:97:ea:04:81:88:27:f0:1f:ba:c1:0a:4e:06
Fingerprint (sha256): 00:3b:18:dc:b5:60:70:58:4d:0f:29:29:34:8d:72:c4:c3:b4:65:99:c3:4d:d7:2b:b6:2f:48:ea:0f:0e:77:16

Issuing Certificate URL: http://crl.disa.mil/sign/DODCA_21.cer

Revocation information

OCSP Server: http://ocsp.disa.mil
CRL Distribution Point: http://crl.disa.mil/crl/DODCA_21.crl
CRL Distribution Point: ldap://crl.gds.disa.mil/cn%3dDOD%20CA-21%2cou%3dPKI%2cou%3dDoD%2co%3dU.S.%20Government%2cc%3dUS?certificaterevocationlist;binary

Check the revocation status for certificate AMEDDENCB4001.dencom.army.mil

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for AMEDDENCB4001.dencom.army.mil


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication
Any

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

AMEDDENCB4001.dencom.army.mil
AMEDDENCB4001.dencom.army.mil

Certificate

The complete raw certificate details for AMEDDENCB4001.dencom.army.mil in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIDAW0aMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNVBAYTAlVT
MRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UE
CxMDUEtJMRIwEAYDVQQDEwlET0QgQ0EtMjEwHhcNMTEwNjA2MTcwNDU5WhcNMTQw
NjA2MTcwNDU5WjCBqDELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJu
bWVudDEMMAoGA1UECxMDRG9EMQwwCgYDVQQLEwNQS0kxDDAKBgNVBAsTA1VTQTEm
MCQGA1UEAxMdQU1FRERFTkNCNDAwMS5kZW5jb20uYXJteS5taWwxLTArBgkqhkiG
9w0BCQIWHmFtZWRkZW5jYjQwMDEuYW1lZC5kcy5hcm15Lm1pbDCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAMPZmawgyfeL/5W8GwcsFinLr1oPh+TEvgZ6
5OeCHhORbal6NE3MUQp1LOA4+kQx5TNYyNBPlIAu4fOiqPwUlhKWSR7Q6G8nDXv6
LRofv0CzTVGrpEbDHhkWqtpG1ULdErAP7/7H85oLY0J9wgUDuDg8obGa/qs3xna1
uVreHIiOYqppwSI34IQdDUNlh7j9DV8UoSf/4yTtt+OGu7gxgXcgNtQcNZr/yFX3
12VnFB/R9YdefQql0hR42kJZJbjIy3pFxhPcnsXj0shjDLOuJ9OiWn1cMhRVziPX
4cWMsIdDNw/dPIVaoQGOtaVtp4UnlKIMboS+un0bxMUKBV9JBlkCAwEAAaOCAhww
ggIYMB8GA1UdIwQYMBaAFAmZE+Kj1ed02PY/tdz71LUW7UzTMB0GA1UdDgQWBBQ/
CVjo64G/ujFfxCANGG3N+UZVVDBjBggrBgEFBQcBAQRXMFUwMQYIKwYBBQUHMAKG
JWh0dHA6Ly9jcmwuZGlzYS5taWwvc2lnbi9ET0RDQV8yMS5jZXIwIAYIKwYBBQUH
MAGGFGh0dHA6Ly9vY3NwLmRpc2EubWlsMA4GA1UdDwEB/wQEAwIFoDCBwwYDVR0f
BIG7MIG4MCqgKKAmhiRodHRwOi8vY3JsLmRpc2EubWlsL2NybC9ET0RDQV8yMS5j
cmwwgYmggYaggYOGgYBsZGFwOi8vY3JsLmdkcy5kaXNhLm1pbC9jbiUzZERPRCUy
MENBLTIxJTJjb3UlM2RQS0klMmNvdSUzZERvRCUyY28lM2RVLlMuJTIwR292ZXJu
bWVudCUyY2MlM2RVUz9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0O2JpbmFyeTBH
BgNVHREEQDA+gh1BTUVEREVOQ0I0MDAxLmRlbmNvbS5hcm15Lm1pbIIdQU1FRERF
TkNCNDAwMS5kZW5jb20uYXJteS5taWwwIwYDVR0gBBwwGjALBglghkgBZQIBCwUw
CwYJYIZIAWUCAQsSMC0GA1UdJQQmMCQGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYB
BQUIAgIGBFUdJQAwDQYJKoZIhvcNAQEFBQADggEBAKG/RLRHdOwlR3dcomexiXgY
E7KskZZtjli+oLw0Qvku673zSQ+/4ht7edjKrIIOrx3dtt0tU5Ka3SLYVeK01jtw
ArC+4LV+X4DR44vE7RyKNpgdtelR54SVwwcNXXKwOkN+QkPScyOx4XlSExZ63CGW
VExbO1Nq5u7FEMGpWTTnA14ac7SiIRWifQFWCni5kIhSdBG4PHjhe/jriW5ugtH6
IHnQnUZ9kSNYqsldqx5sLRG41w4cwAlC1mv9f1Nf0XzlH1j3BjWdRGFMYrSCZ+/h
CiUHWsLu6rulId4j3r+AjQhCJd5ClGFHnZGgZsuuey1V9b7hU9EmCBtJCAc37OI=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9mZrCDJ94v/lbwbBywW
KcuvWg+H5MS+Bnrk54IeE5FtqXo0TcxRCnUs4Dj6RDHlM1jI0E+UgC7h86Ko/BSW
EpZJHtDobycNe/otGh+/QLNNUaukRsMeGRaq2kbVQt0SsA/v/sfzmgtjQn3CBQO4
ODyhsZr+qzfGdrW5Wt4ciI5iqmnBIjfghB0NQ2WHuP0NXxShJ//jJO2344a7uDGB
dyA21Bw1mv/IVffXZWcUH9H1h159CqXSFHjaQlkluMjLekXGE9yexePSyGMMs64n
06JafVwyFFXOI9fhxYywh0M3D908hVqhAY61pW2nhSeUogxuhL66fRvExQoFX0kG
WQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 93466
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'U.S. Government'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DoD'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DOD CA-21'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2011-06-06 17:04:59 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-06-06 17:04:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'U.S. Government'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DoD'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'USA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AMEDDENCB4001.dencom.army.mil'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.2 (unstructuredName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'ameddencb4001.amed.ds.army.mil'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24723772167015081857458257049461675605731594919263117667036960616774125721815610204771557291849840544148447544414162258970725178851282757231891518491062396325681700908440682858131212487587882420677943385978415258115616210180769515827952640190770104870797757280676079356898729409403917853717676099405442486768535319000929809145203832553246728137256866691767401805067700720594548273774579621689377113034194778649207211817847338690467914012933682353401191934266272460750840932606574211157115074979890985954109985730989862903926751153657013774284476962648893979322314055320236289214096181314099244707612875783704861541977
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 099913e2a3d5e774d8f63fb5dcfbd4b516ed4cd3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3f0958e8eb81bfba315fc4200d186dcdf9465554
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.disa.mil/sign/DODCA_21.cer'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.disa.mil'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (187 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.disa.mil/crl/DODCA_21.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://crl.gds.disa.mil/cn%3dDOD%20CA-21%2cou%3dPKI%2cou%3dDoD%2co%3dU.S.%20Government%2cc%3dUS?certificaterevocationlist;binary'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (64 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'AMEDDENCB4001.dencom.army.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'AMEDDENCB4001.dencom.army.mil'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.2.1.11.5 (usDODClass3)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.2.1.11.18
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.8.2.2 (iKEIntermediate)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37.0 (anyExtendedKeyUsage)
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a1bf44b44774ec2547775ca267b189781813b2ac91966d8e58bea0bc3442f92eebbdf3490fbfe21b7b79d8caac820eaf1dddb6dd2d53929add22d855e2b4d63b7002b0bee0b57e5f80d1e38bc4ed1c8a36981db5e951e78495c3070d5d72b03a437e4243d27323b1e1795213167adc2196544c5b3b536ae6eec510c1a95934e7035e1a73b4a22115a27d01560a78b99088527411b83c78e17bf8eb896e6e82d1fa2079d09d467d912358aac95dab1e6c2d11b8d70e1cc00942d66bfd7f535fd17ce51f58f706359d44614c62b48267efe10a25075ac2eeeabba521de23debf808d084225de429461479d91a066cbae7b2d55f5bee153d126081b49080737ece2