vpnportal.davita.com
- DaVita Inc. -
Issued by Entrust Certification Authority - L1C
About this certificate
This digital certificate with serial number 4c:1a:dd:eb was issued on by Entrust, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
DaVita Inc.
Organization:
DaVita Inc.
Organization unit: IT
Organization unit: IT
State / Province:
California
Locality: El Segundo
Country: US
Locality: El Segundo
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 4c:1a:dd:ebSerial Number (int): 1276829163
Serial Number lenght: 31 bits, 4 octets
SubjectKeyId: 2b:ef:de:ca:10:0d:6e:13:86:47:ef:f9:e0:e8:56:c6:24:4c:03:17
AuthorityKeyId: 1e:f1:ab:89:06:f8:49:0f:01:33:77:ee:14:7a:ee:19:7c:93:28:4d
Fingerprint (sha1): a0:cb:09:ed:d0:13:94:73:b2:fe:03:ba:b4:58:24:3a:21:e8:9e:c3
Fingerprint (sha256): 00:97:6d:36:55:c6:e9:bb:fd:bd:68:fc:85:e1:9a:ef:98:ca:cb:e6:48:91:0a:d5:6d:1c:39:8e:e7:4c:88:9b
Issuing Certificate URL: http://aia.entrust.net/l1c-chain.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1c.crl
Check the revocation status for certificate vpnportal.davita.com
0
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for vpnportal.davita.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
This certificate doesn't contain any subject alternative names.
Other certificates including the domain name davita.com
(limited to 100 certificates)
vpnportal.davita.com
tacomavpn.davita.com
falcon.davita.com
ourcommunity.davita.com
bcc2.talentera.com
pressreleases.davita.com
bcc2.talentera.com
leapfrog-ssl-22.gcs-web.com
bcc2.talentera.com
isevpn.davita.com
emailmktg.davita.com
falconmobile.davita.com
vpnportal.davita.com
bcc2.talentera.com
davita.com
aslax.davita.com
davita.com
tmcentral.davita.com
*.reportsnp.davita.com
dsp.davita.com
clearpass.davita.com
bcc2.talentera.com
bcc2.talentera.com
falcondialysisqa.davita.com
falconbiebf.davita.com
bcc2.talentera.com
app.clinicalstudybiling.davita.com
bcc2.talentera.com
*.artifactory.davita.com
app.hrm.epe.davita.com
perf.physician-np.davita.com
brand.davita.com
DEN3T1CEXPCA01.davita.com
sso.starpoint.davita.com
support.cdnetworks.net
bcc2.talentera.com
bcc2.talentera.com
dsp.davita.com
app.physportalqa.davita.com
bcc2.talentera.com
tacomavpn.davita.com
bcc2.talentera.com
ola10.davita.com
bcc2.talentera.com
fe.paapp.davita.com
leapfrog-ssl-22.gcs-web.com
bcc2.talentera.com
redwoods.davita.com
ola10.davita.com
*.physiciansolutions.davita.com
bcc2.talentera.com
bcc2.talentera.com
5720147234914304-fe1.pantheonsite.io
5659118702428160-fe2.pantheonsite.io
prod.middleware.davita.com
bcc2.talentera.com
bcc2.talentera.com
denver.davita.com
*.intranet.davita.com
dsp.davita.com
help.oneviewdps.davita.com
bcc2.talentera.com
leapfrog-ssl-22.gcs-web.com
pressreleases.davita.com
www.davita.com
bcc2.talentera.com
api.piet-app.davita.com
bcc2.talentera.com
prod-podservice.rx-np.davita.com
feat-logging-test.ogb-np.davita.com
w3mail.davita.com
drvpn.davita.com
denver.davita.com
falcongithub.davita.com
5720147234914304-fe1.pantheonsite.io
bcc2.talentera.com
licensepartners.davita.com
backend-04c53-ckd.patient-np.davita.com
careers.davita.com
bcc2.talentera.com
seavpn.davita.com
davita.com
vertex-dev3.davita.com
leapfrog-ssl-22.gcs-web.com
apps.stagemcp.davita.com
bcc2.talentera.com
bcc2.talentera.com
backend-e26b1-upp-admin.patient-np.davita.com
bcc2.talentera.com
netmri.davita.com
adfs.davita.com
sharedapp.davita.com
den4-clinic-raduis1.davita.com
xenweb.davita.com
jobs.davita.com
vault-cassandra.davita.com
bcc2.talentera.com
netmri.davita.com
den3-lancopesmc.davita.com
*.davita.com
tacomavpn.davita.com
falcon.davita.com
ourcommunity.davita.com
bcc2.talentera.com
pressreleases.davita.com
bcc2.talentera.com
leapfrog-ssl-22.gcs-web.com
bcc2.talentera.com
isevpn.davita.com
emailmktg.davita.com
falconmobile.davita.com
vpnportal.davita.com
bcc2.talentera.com
davita.com
aslax.davita.com
davita.com
tmcentral.davita.com
*.reportsnp.davita.com
dsp.davita.com
clearpass.davita.com
bcc2.talentera.com
bcc2.talentera.com
falcondialysisqa.davita.com
falconbiebf.davita.com
bcc2.talentera.com
app.clinicalstudybiling.davita.com
bcc2.talentera.com
*.artifactory.davita.com
app.hrm.epe.davita.com
perf.physician-np.davita.com
brand.davita.com
DEN3T1CEXPCA01.davita.com
sso.starpoint.davita.com
support.cdnetworks.net
bcc2.talentera.com
bcc2.talentera.com
dsp.davita.com
app.physportalqa.davita.com
bcc2.talentera.com
tacomavpn.davita.com
bcc2.talentera.com
ola10.davita.com
bcc2.talentera.com
fe.paapp.davita.com
leapfrog-ssl-22.gcs-web.com
bcc2.talentera.com
redwoods.davita.com
ola10.davita.com
*.physiciansolutions.davita.com
bcc2.talentera.com
bcc2.talentera.com
5720147234914304-fe1.pantheonsite.io
5659118702428160-fe2.pantheonsite.io
prod.middleware.davita.com
bcc2.talentera.com
bcc2.talentera.com
denver.davita.com
*.intranet.davita.com
dsp.davita.com
help.oneviewdps.davita.com
bcc2.talentera.com
leapfrog-ssl-22.gcs-web.com
pressreleases.davita.com
www.davita.com
bcc2.talentera.com
api.piet-app.davita.com
bcc2.talentera.com
prod-podservice.rx-np.davita.com
feat-logging-test.ogb-np.davita.com
w3mail.davita.com
drvpn.davita.com
denver.davita.com
falcongithub.davita.com
5720147234914304-fe1.pantheonsite.io
bcc2.talentera.com
licensepartners.davita.com
backend-04c53-ckd.patient-np.davita.com
careers.davita.com
bcc2.talentera.com
seavpn.davita.com
davita.com
vertex-dev3.davita.com
leapfrog-ssl-22.gcs-web.com
apps.stagemcp.davita.com
bcc2.talentera.com
bcc2.talentera.com
backend-e26b1-upp-admin.patient-np.davita.com
bcc2.talentera.com
netmri.davita.com
adfs.davita.com
sharedapp.davita.com
den4-clinic-raduis1.davita.com
xenweb.davita.com
jobs.davita.com
vault-cassandra.davita.com
bcc2.talentera.com
netmri.davita.com
den3-lancopesmc.davita.com
*.davita.com
Certificate
The complete raw certificate details for vpnportal.davita.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE+jCCA+KgAwIBAgIETBrd6zANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMC VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 Lm5ldC9ycGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW KGMpIDIwMDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZp Y2F0aW9uIEF1dGhvcml0eSAtIEwxQzAeFw0xMTA4MDEyMzQyNTFaFw0xMzA3MjEw NDU4NTZaMHkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYD VQQHEwpFbCBTZWd1bmRvMRQwEgYDVQQKEwtEYVZpdGEgSW5jLjELMAkGA1UECxMC SVQxHTAbBgNVBAMTFHZwbnBvcnRhbC5kYXZpdGEuY29tMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEArMD/SnBDoUZA8+8Do05kYCO2q4iGJL1RR/Df3m7W YoIUk1t+Gg+JsuqqrJ47yK1OPP+JaeDKLNkVs41iuplx7EVyR0uFv91RHBv8bsjn lNbVxr7+TrGWYF0hQee8gjFClekIToGVSmNNXQvwRkPs0TaSXYitvM+lfiX6PFqc qBwuiMDizdQxJxLoxVtC97uY2+svw5nNC4AjAln0ixx68hxkjBMB76+vL40DrLuJ VXjY8pxYqjlHOjLMxmziqh9G5vm5PMyumZb3MRPKSi1hacoW862hmP30QIS4HnD5 ybD0SGU85iPELNnXuP4wrCKPfX0RzhHn/xhUYwsOlWVO0QIDAQABo4IBTzCCAUsw CwYDVR0PBAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMDMGA1UdHwQsMCowKKAm oCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwxYy5jcmwwZQYIKwYBBQUH AQEEWTBXMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAwBggr BgEFBQcwAoYkaHR0cDovL2FpYS5lbnRydXN0Lm5ldC9sMWMtY2hhaW4uY2VyMEAG A1UdIAQ5MDcwNQYJKoZIhvZ9B0sCMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cu ZW50cnVzdC5uZXQvcnBhMB8GA1UdIwQYMBaAFB7xq4kG+EkPATN37hR67hl8kyhN MB0GA1UdDgQWBBQr797KEA1uE4ZH7/ng6FbGJEwDFzAJBgNVHRMEAjAAMA0GCSqG SIb3DQEBBQUAA4IBAQA7cv2UGvrEijeKOZDiiJwC9j8b/7S3oORRAMloO0y/zW4X wB+v8CMFrdzjc1o0c7P9NXFJrdWylv609DVig95qJEUuteJkJcGlCzKjsiAP9yKj 9EXtUSTWlgUhj1SwgzLbNGlQ2KAHZZTXcF6bMG7kcC2pERtIfuO2p2SJ44vBs9qa WLG+Sjq9NwMQw2uwGnhkD8eSaKXLcIPBNYpgWXrCZWbHPNQC7OZc79XoeA7Yqx1Q CLNZYnOlpQ/FDAANl/+0dqAEwBCft2gRlYxP8OprtWGtQjtqDhLyPqJisu48YhlJ I8Ax+sZGuzZDLtPf2yhGO0BFIKgxOfvH9v7Hgnj2 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMD/SnBDoUZA8+8Do05k YCO2q4iGJL1RR/Df3m7WYoIUk1t+Gg+JsuqqrJ47yK1OPP+JaeDKLNkVs41iuplx 7EVyR0uFv91RHBv8bsjnlNbVxr7+TrGWYF0hQee8gjFClekIToGVSmNNXQvwRkPs 0TaSXYitvM+lfiX6PFqcqBwuiMDizdQxJxLoxVtC97uY2+svw5nNC4AjAln0ixx6 8hxkjBMB76+vL40DrLuJVXjY8pxYqjlHOjLMxmziqh9G5vm5PMyumZb3MRPKSi1h acoW862hmP30QIS4HnD5ybD0SGU85iPELNnXuP4wrCKPfX0RzhHn/xhUYwsOlWVO 0QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1276829163 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.entrust.net/rpa is incorporated by reference' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2009 Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1C' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2011-08-01 23:42:51 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-07-21 04:58:56 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'El Segundo' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DaVita Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'vpnportal.davita.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21808158935126228730263621158185850145235299571826884616638398090504724965490949010188837798073470165479273270117299517137966083924397333542220241501889356985606876395647001263389922383267854944415999150294255883200066815517606868114685968491144433691393055173084493489122833877430227975870865565285844523825272431169480939065194869310488609495046280136170952506893564523472221781325178706264813961628912095428858226001088693470703737625610593366171501218761398083768002575715273185733834447229729979255490894305351249462248790220088491995581441568434743311425245205540243943665103915733006324476534709154011815431889 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1c.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1c-chain.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113533.7.75.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1ef1ab8906f8490f013377ee147aee197c93284d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2befdeca100d6e138647eff9e0e856c6244c0317 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003b72fd941afac48a378a3990e2889c02f63f1bffb4b7a0e45100c9683b4cbfcd6e17c01faff02305addce3735a3473b3fd357149add5b296feb4f4356283de6a24452eb5e26425c1a50b32a3b2200ff722a3f445ed5124d69605218f54b08332db346950d8a0076594d7705e9b306ee4702da9111b487ee3b6a76489e38bc1b3da9a58b1be4a3abd370310c36bb01a78640fc79268a5cb7083c1358a60597ac26566c73cd402ece65cefd5e8780ed8ab1d5008b3596273a5a50fc50c000d97ffb476a004c0109fb76811958c4ff0ea6bb561ad423b6a0e12f23ea262b2ee3c62194923c031fac646bb36432ed3dfdb28463b404520a83139fbc7f6fec78278f6