libertycolombia.com

- Liberty Mutual Group -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 32:9b:0e:fa:4f:4c:3d:62:8f:66:b0:ae:ee:f9:8d:2c was issued on by Entrust, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Liberty Mutual Group

Organization: Liberty Mutual Group
State / Province: New Hampshire
Locality: Portsmouth
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 32:9b:0e:fa:4f:4c:3d:62:8f:66:b0:ae:ee:f9:8d:2c
Serial Number (int): 67266509587635255637729400771409710380
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 66:14:bb:35:b5:70:4d:1d:ab:53:a4:9b:79:2d:74:b8:4e:6a:a4:8e
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): 4b:0b:87:3f:c7:c2:6e:cf:8e:5c:33:50:ff:f6:e8:10:3e:88:fe:a6
Fingerprint (sha256): 00:65:e7:92:55:bf:1e:dc:64:7a:ad:09:50:d7:c2:5c:9e:a2:0b:65:7c:a3:d4:ad:92:b3:16:9c:a0:43:2a:60

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate libertycolombia.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for libertycolombia.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

libertycolombia.com

Other certificates including the domain name libertycolombia.com

(limited to 100 certificates)
libertycolombia.com
cobognicesmb.libertycolombia.com
ews.libertycolombia.com
sip.libertycolombia.com
oficinaenlineaadm.libertycolombia.com
sas.libertyseguros.co
sip-kdc-03.libertymutual.com
soanonprod.libertycolombia.com
sip-pdc-03.libertymutual.com
bpm-uat.libertycolombia.com
co-reportes-dwh.libertycolombia.com
conferencia.libertyseguros.co
portaldev.libertycolombia.com
awsuat.libertycolombia.com
mailcol.libertycolombia.com
bpmuat.libertycolombia.com
bpmuat.libertycolombia.com
cero.libertycolombia.com
cobogavacrm01.libertycolombia.com
co-reportes-dwh.libertycolombia.com
oficinaenlineatrv.libertyseguros.co
soauat.libertycolombia.com
conferencia.libertyseguros.co
oficinaenlineadev.libertycolombia.com
cobogpldap2012.libertycolombia.com
ews.libertycolombia.com
soatest.libertycolombia.com
coawsprodsql04.libertycolombia.com
aru.libertycolombia.com
ews.libertycolombia.com
aplicaciones.libertyseguros.co
mailcol.libertycolombia.com
mailcol.libertycolombia.com.co
mailcol.libertycolombia.com
AplicacionesQA.libertycolombia.com
oficinaenlineaadm.libertyseguros.co
webmail.libertycolombia.com.co
conferencia.libertyseguros.co
aru.libertycolombia.com
cs-pool-03k.lm.lmig.com
cobogniceair01.libertycolombia.com
instaladores.libertycolombia.com
ews.libertycolombia.com
mailcol.libertycolombia.com
cobognicesent01.libertycolombia.com
sip.libertycolombia.com
evault11.libertycolombia.com
webmail.libertycolombia.com.co
sip.libertycolombia.com
cobogserv11.libertycolombia.com
sip.libertycolombia.com
aru.libertycolombia.com
ews.libertycolombia.com
cobogvcms.cms.libertycolombia.com
experianauthnoprod.libertycolombia.com
ews.libertycolombia.com
oficinaenlineauat.libertycolombia.com
colnxappresoag1.libertycolombia.com
COBOGNICEUS01.libertycolombia.com
sip.libertycolombia.com
cs-pool-03p.lm.lmig.com
awsnonprodci.libertycolombia.com
wsqa.libertycolombia.com
coboguscech.libertycolombia.com
soadev.libertycolombia.com
sip.libertycolombia.com
dynamic-pricing.libertycolombia.com
gitlab.libertycolombia.com
hybrid.libertycolombia.com
aru.libertycolombia.com
cobogexpresswayc.libertycolombia.com
ews.libertycolombia.com
wsqa.libertycolombia.com
soauat.libertycolombia.com
mailcol.libertycolombia.com
awsdev.libertycolombia.com
hybrid.libertycolombia.com
libertycolombia.com
webmail.libertycolombia.com.co
coawsprodsql04.libertycolombia.com
cobogniceair02.libertycolombia.com
soauat.libertycolombia.com
sas.libertyseguros.co
co-dev-reportes-dwh.libertycolombia.com
experianauthprod.libertycolombia.com
conferencia.libertyseguros.co
cobognicesear01.libertycolombia.com
core.libertycolombia.com
mailcol.libertycolombia.com
aru.libertycolombia.com
ews.libertycolombia.com
intermediariosdev.libertycolombia.com
cobognpldap01.libertycolombia.com
sip-kdc-03.libertymutual.com
awsnonprod.libertycolombia.com
sip.libertycolombia.com
soa1dev.libertycolombia.com
sas.libertyseguros.co
soa.libertycolombia.com

Certificate

The complete raw certificate details for libertycolombia.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIQMpsO+k9MPWKPZrCu7vmNLDANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y
MjEyMjEyMDA3MDhaFw0yNDAxMjEyMDA3MDhaMHcxCzAJBgNVBAYTAlVTMRYwFAYD
VQQIEw1OZXcgSGFtcHNoaXJlMRMwEQYDVQQHEwpQb3J0c21vdXRoMR0wGwYDVQQK
ExRMaWJlcnR5IE11dHVhbCBHcm91cDEcMBoGA1UEAxMTbGliZXJ0eWNvbG9tYmlh
LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN08HiPFqqXXrCq3
+fA5o5GZE4h7JZiVh7v+Hs/ls6o7UZd/yxOpGWWI1fLXbIzDj87QOYa33WHYoQcE
Ng7dfYaFPLtDd71fJhLKyCWZRtIRBkh7zIBBrRAPIpB4TmVdLpyW9F3YAhSDLT7x
3Zk08O8QYFas2pybLn2MeUFmhgpT04wAKsbvL/9xX2O1h0thKfoIeOxrfwas+bgU
+3vDXbBK+xkpMvdvUHn6jGzknPQJkiZU4+5wG7Eul41Cys3qChJAQP+nOVs1jCTd
VXI/N8HfudXJKxAnvE2xvXnzhdO9ZNdjqI/ipQqzL7ZbItofP5yFI/jMIcnjhpMD
gFgNdlECAwEAAaOCAaMwggGfMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFGYUuzW1
cE0dq1Okm3ktdLhOaqSOMB8GA1UdIwQYMBaAFIKicHTdvFM/z3vU981/p2DGCky/
MGgGCCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVz
dC5uZXQwMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFrLWNo
YWluMjU2LmNlcjAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3Qu
bmV0L2xldmVsMWsuY3JsMB4GA1UdEQQXMBWCE2xpYmVydHljb2xvbWJpYS5jb20w
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBM
BgNVHSAERTBDMDcGCmCGSAGG+mwKAQUwKTAnBggrBgEFBQcCARYbaHR0cHM6Ly93
d3cuZW50cnVzdC5uZXQvcnBhMAgGBmeBDAECAjATBgorBgEEAdZ5AgQDAQH/BAIF
ADANBgkqhkiG9w0BAQsFAAOCAQEAdUrKGdC3Ylm78TLqUJEJ2iaSuVn/HqGtZ0Eu
X6tVrg/ig7VN2cN3TT2Sex6OOePTYnweRLs5/qXD7mjKQgY1WwyBTpwQ12JQvgwY
Brd9Q8Pd9svgTUw/sr6EKVUMyWlS6LQDv3HfcyTM03zei27GXCiX8eduXO/12eJT
R+yj7gaWKt7qgWiuknh8c/9pyBUkZrphqAu8nuZckBHWLWo7Edls9J/TaUlkEYjY
cahfpqPKNXTdRwa5+dEc+sK+O28EMP2gv8msx6WG/m+rYJjzeHvgzBNomqdJJElV
pBU87Q6MjaeB57jhk9LgVTex/pFa3eOTLWfx3jSx4INKe59Z3Q==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TweI8WqpdesKrf58Dmj
kZkTiHslmJWHu/4ez+WzqjtRl3/LE6kZZYjV8tdsjMOPztA5hrfdYdihBwQ2Dt19
hoU8u0N3vV8mEsrIJZlG0hEGSHvMgEGtEA8ikHhOZV0unJb0XdgCFIMtPvHdmTTw
7xBgVqzanJsufYx5QWaGClPTjAAqxu8v/3FfY7WHS2Ep+gh47Gt/Bqz5uBT7e8Nd
sEr7GSky929QefqMbOSc9AmSJlTj7nAbsS6XjULKzeoKEkBA/6c5WzWMJN1Vcj83
wd+51ckrECe8TbG9efOF071k12Ooj+KlCrMvtlsi2h8/nIUj+MwhyeOGkwOAWA12
UQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 67266509587635255637729400771409710380
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-21 20:07:08 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-21 20:07:08 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Hampshire'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Portsmouth'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Liberty Mutual Group'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'libertycolombia.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27928310556698859731860521895072954161699824163124772166342814319835450384692438514186463837779865019055036277132321603787861856287465722506251679255339005314682200430537583880294463691875611258048707203028243769057134460422879405586897674808710968806050691792294625515470769809038553395237014113186895937184613941103718945399023265644693166766239076338957045313717270859800475030508130454407392451304496798748381005565052005643347211304589971147211673302540803462747883703971497248624222116119730070712460541026317302809925418237273959624048216453906459575362604539004085011617554365109538574109490361867368622028369
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6614bb35b5704d1dab53a49b792d74b84e6aa48e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'libertycolombia.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00754aca19d0b76259bbf132ea509109da2692b959ff1ea1ad67412e5fab55ae0fe283b54dd9c3774d3d927b1e8e39e3d3627c1e44bb39fea5c3ee68ca4206355b0c814e9c10d76250be0c1806b77d43c3ddf6cbe04d4c3fb2be8429550cc96952e8b403bf71df7324ccd37cde8b6ec65c2897f1e76e5ceff5d9e25347eca3ee06962adeea8168ae92787c73ff69c8152466ba61a80bbc9ee65c9011d62d6a3b11d96cf49fd36949641188d871a85fa6a3ca3574dd4706b9f9d11cfac2be3b6f0430fda0bfc9acc7a586fe6fab6098f3787be0cc13689aa749244955a4153ced0e8c8da781e7b8e193d2e05537b1fe915adde3932d67f1de34b1e0834a7b9f59dd