firewall.pmb.ox.ac.uk
- University of Oxford -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number 0a:4d:74:cd:b1:b8:b9:22:6b:81:ff:a7:ad:fc:88:8e was issued on by Entrust, Inc..
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
University of Oxford
Organization:
University of Oxford
Locality:
Oxford
Country: GB
Country: GB
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0a:4d:74:cd:b1:b8:b9:22:6b:81:ff:a7:ad:fc:88:8eSerial Number (int): 13694455872245842836315855630431455374
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: ff:60:cf:fd:c1:bb:29:31:6d:ac:35:91:be:f9:41:78:c8:cd:de:26
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 80:70:9c:24:54:a5:47:54:ff:f5:2c:b9:dc:d4:1d:ca:95:44:f9:66
Fingerprint (sha256): 01:2e:59:44:e3:01:63:55:ee:04:96:97:bb:97:bf:51:0f:02:2d:24:f0:a6:7f:72:6d:96:d9:20:54:b1:f9:3b
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate firewall.pmb.ox.ac.uk
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for firewall.pmb.ox.ac.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
firewall.pmb.ox.ac.uk
Other certificates including the domain name ox.ac.uk
(limited to 100 certificates)
idp.iamtest.ox.ac.uk
scheduler.new.ox.ac.uk
sn.sdc.ox.ac.uk
toothless.glam.ox.ac.uk
asmeals.chch.ox.ac.uk
sbs-libprox.sbs.ox.ac.uk
grasp-bestpractice.octru.ox.ac.uk
drupal-pilot-rai.it.ox.ac.uk
seldenmap.bodleian.ox.ac.uk
bits.uas.ox.ac.uk
web.crested-test.haiku.fry-it.com
www.ict.ox.ac.uk
webcms-app-td.nsms.ox.ac.uk
community.bsg.ox.ac.uk
community.bsg.ox.ac.uk
ball.gtc.ox.ac.uk
autodiscover.nexus.ox.ac.uk
trac.conted.ox.ac.uk
mobile.chorus.ox.ac.uk
golab.bsg.ox.ac.uk
tabul.ndorms.ox.ac.uk
print.new.ox.ac.uk
gbrowse.molbiol.ox.ac.uk
webmail.isis.ox.ac.uk
*.web.ox.ac.uk
isupplier.uas.ox.ac.uk
network.rhodeshouse.ox.ac.uk
castrovalva.it.ox.ac.uk
ssl1.aluminati.net
dpuk.fmrib.ox.ac.uk
grasp-bestpractice.octru.ox.ac.uk
ouclf.law.ox.ac.uk
www2.oxford-man.ox.ac.uk
exprodo.fmrib.ox.ac.uk
trainforpedhiv.conted.ox.ac.uk
zoo-godfray.zoo.ox.ac.uk
print.lmh.ox.ac.uk
zoo-kfoster.zoo.ox.ac.uk
openclinica2.ocdem.ox.ac.uk
e2.shared.global.fastly.net
be-staging-b.cud.ox.ac.uk
hrisprd.uas.ox.ac.uk
zoo-oxlel.zoo.ox.ac.uk
status.museums.ox.ac.uk
minerva.maths.ox.ac.uk
lists.maths.ox.ac.uk
e2.shared.global.fastly.net
incapsula.com
dev.pubmlst.org
www.alumniweb.ox.ac.uk
epos.merton.ox.ac.uk
dars-project-training.bsp.ox.ac.uk
ibme-linuxdev.eng.ox.ac.uk
talks-dev.oucs.ox.ac.uk
rramp-test.octru.ox.ac.uk
bits.uas.ox.ac.uk
zoo-nercdtp.zoo.ox.ac.uk
fe1.chorus.ox.ac.uk
www.ml.ox.ac.uk
firewall.pmb.ox.ac.uk
mimas.sgc.ox.ac.uk
webcms-1.nsms.ox.ac.uk
archives.bodleian.ox.ac.uk
admn-sql03.connect.ox.ac.uk
cposxfs01.physics.ox.ac.uk
nsmsweb44.nsms.ox.ac.uk
printing.wadham.ox.ac.uk
app-vadalog.cs.ox.ac.uk
www.conted.ox.ac.uk
rramp-test.octru.ox.ac.uk
www.occt.ox.ac.uk
mysite.nexus.ox.ac.uk
www.bodleian.ox.ac.uk
spivey.oriel.ox.ac.uk
office-nextcloud-mmsid.ouce.ox.ac.uk
dars-website-test-one.bsp.ox.ac.uk
case-sql01.connect.ox.ac.uk
ridd.octru.ox.ac.uk
gower.octru.ox.ac.uk
sjc-kx.sjc.ox.ac.uk
test-short-44.conted.ox.ac.uk
malmecc.eu
webmail.earth.ox.ac.uk
dse.oucs.ox.ac.uk
sansonegroup.eng.ox.ac.uk
rpcsql1.rpc.ox.ac.uk
files.new.ox.ac.uk
analytics.spc.ox.ac.uk
medievalpaternosterwheels.bodleian.ox.ac.uk
tolkien.bodleian.ox.ac.uk
munki.orchard.ox.ac.uk
www.greenlightcreative.co.uk
staging.gatewayticketing.hosting
nsmsweb44.nsms.ox.ac.uk
www.mpls.ox.ac.uk
shapestacks.robots.ox.ac.uk
incapsula.com
webmail.earth.ox.ac.uk
owa.nexus.ox.ac.uk
live2.podcasts.ox.ac.uk
scheduler.new.ox.ac.uk
sn.sdc.ox.ac.uk
toothless.glam.ox.ac.uk
asmeals.chch.ox.ac.uk
sbs-libprox.sbs.ox.ac.uk
grasp-bestpractice.octru.ox.ac.uk
drupal-pilot-rai.it.ox.ac.uk
seldenmap.bodleian.ox.ac.uk
bits.uas.ox.ac.uk
web.crested-test.haiku.fry-it.com
www.ict.ox.ac.uk
webcms-app-td.nsms.ox.ac.uk
community.bsg.ox.ac.uk
community.bsg.ox.ac.uk
ball.gtc.ox.ac.uk
autodiscover.nexus.ox.ac.uk
trac.conted.ox.ac.uk
mobile.chorus.ox.ac.uk
golab.bsg.ox.ac.uk
tabul.ndorms.ox.ac.uk
print.new.ox.ac.uk
gbrowse.molbiol.ox.ac.uk
webmail.isis.ox.ac.uk
*.web.ox.ac.uk
isupplier.uas.ox.ac.uk
network.rhodeshouse.ox.ac.uk
castrovalva.it.ox.ac.uk
ssl1.aluminati.net
dpuk.fmrib.ox.ac.uk
grasp-bestpractice.octru.ox.ac.uk
ouclf.law.ox.ac.uk
www2.oxford-man.ox.ac.uk
exprodo.fmrib.ox.ac.uk
trainforpedhiv.conted.ox.ac.uk
zoo-godfray.zoo.ox.ac.uk
print.lmh.ox.ac.uk
zoo-kfoster.zoo.ox.ac.uk
openclinica2.ocdem.ox.ac.uk
e2.shared.global.fastly.net
be-staging-b.cud.ox.ac.uk
hrisprd.uas.ox.ac.uk
zoo-oxlel.zoo.ox.ac.uk
status.museums.ox.ac.uk
minerva.maths.ox.ac.uk
lists.maths.ox.ac.uk
e2.shared.global.fastly.net
incapsula.com
dev.pubmlst.org
www.alumniweb.ox.ac.uk
epos.merton.ox.ac.uk
dars-project-training.bsp.ox.ac.uk
ibme-linuxdev.eng.ox.ac.uk
talks-dev.oucs.ox.ac.uk
rramp-test.octru.ox.ac.uk
bits.uas.ox.ac.uk
zoo-nercdtp.zoo.ox.ac.uk
fe1.chorus.ox.ac.uk
www.ml.ox.ac.uk
firewall.pmb.ox.ac.uk
mimas.sgc.ox.ac.uk
webcms-1.nsms.ox.ac.uk
archives.bodleian.ox.ac.uk
admn-sql03.connect.ox.ac.uk
cposxfs01.physics.ox.ac.uk
nsmsweb44.nsms.ox.ac.uk
printing.wadham.ox.ac.uk
app-vadalog.cs.ox.ac.uk
www.conted.ox.ac.uk
rramp-test.octru.ox.ac.uk
www.occt.ox.ac.uk
mysite.nexus.ox.ac.uk
www.bodleian.ox.ac.uk
spivey.oriel.ox.ac.uk
office-nextcloud-mmsid.ouce.ox.ac.uk
dars-website-test-one.bsp.ox.ac.uk
case-sql01.connect.ox.ac.uk
ridd.octru.ox.ac.uk
gower.octru.ox.ac.uk
sjc-kx.sjc.ox.ac.uk
test-short-44.conted.ox.ac.uk
malmecc.eu
webmail.earth.ox.ac.uk
dse.oucs.ox.ac.uk
sansonegroup.eng.ox.ac.uk
rpcsql1.rpc.ox.ac.uk
files.new.ox.ac.uk
analytics.spc.ox.ac.uk
medievalpaternosterwheels.bodleian.ox.ac.uk
tolkien.bodleian.ox.ac.uk
munki.orchard.ox.ac.uk
www.greenlightcreative.co.uk
staging.gatewayticketing.hosting
nsmsweb44.nsms.ox.ac.uk
www.mpls.ox.ac.uk
shapestacks.robots.ox.ac.uk
incapsula.com
webmail.earth.ox.ac.uk
owa.nexus.ox.ac.uk
live2.podcasts.ox.ac.uk
Certificate
The complete raw certificate details for firewall.pmb.ox.ac.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFEDCCA/igAwIBAgIQCk10zbG4uSJrgf+nrfyIjjANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y NDA2MDMwODI2NTBaFw0yNTA1MzEwODI2NDlaMF0xCzAJBgNVBAYTAkdCMQ8wDQYD VQQHEwZPeGZvcmQxHTAbBgNVBAoTFFVuaXZlcnNpdHkgb2YgT3hmb3JkMR4wHAYD VQQDExVmaXJld2FsbC5wbWIub3guYWMudWswggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCs40oSux3iWDAVP7l6lEfhrV/R6i892u84NepQRb1KrXikDuAZ vk8Y63+knvBc5fgHHw44qgf8Wwtxs2bGZtafu+CmizrCOJvXVnO/Flllnzpc87NB g6ujAGw9MH91NICCILzKDYeeqOqveAcb2z0vKGNFLvuJrsviP5rjCVhO+fiIccOf i+SahPk1oHFWHvGRz3xUXShi9WZc3WrrT06yricHViGCWLeDclZcQBObDx5KdJn+ ENcMx1kzbk82zmaTI6J1mC75l2a7F66clcGsS1WInBnAcOA5KmA7OkSadYBpOuLl pDEE5Qw7il59D2iXE9ZbpZ+9j4ayQdEZb/BtAgMBAAGjggFsMIIBaDAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBT/YM/9wbspMW2sNZG++UF4yM3eJjAfBgNVHSMEGDAW gBSConB03bxTP8971PfNf6dgxgpMvzBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUH MAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8v YWlhLmVudHJ1c3QubmV0L2wxay1jaGFpbjI1Ni5jZXIwMwYDVR0fBCwwKjAooCag JIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNybDAgBgNVHREEGTAX ghVmaXJld2FsbC5wbWIub3guYWMudWswDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjATBgNVHSAEDDAKMAgGBmeBDAECAjATBgor BgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjE4UL/6MbLAWazy+ wUrdYSTN4s7OzNuNQ2p3TVCDt7CfeFXViQZ8Zaf28dAJ/vsv+SiF8m5wNze1NyVV axtdGDmwroAWXZevvbOVR8zr98mKXmm4GpT/s43XuERS/blqSXwd+/DZGkokVfT1 GrYFwxz951fY9Oe0PzZ1XmZYFwV+xcLCDn9zYGSJp3YppVorrvka2zmyLUVG6Cow UwAx3vdJG+3ehmnogXluE6Ww9/hiOjPAx+vdkTsxe3qIxuqewKlGF9HEGwocJEGJ VC1A+cIOYzGC7DMfnD4b+VDZ9tEW370TKDYDKEOKtqKR1z/LSvh4/f7ojA5M625K za49Mw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArONKErsd4lgwFT+5epRH 4a1f0eovPdrvODXqUEW9Sq14pA7gGb5PGOt/pJ7wXOX4Bx8OOKoH/FsLcbNmxmbW n7vgpos6wjib11ZzvxZZZZ86XPOzQYOrowBsPTB/dTSAgiC8yg2Hnqjqr3gHG9s9 LyhjRS77ia7L4j+a4wlYTvn4iHHDn4vkmoT5NaBxVh7xkc98VF0oYvVmXN1q609O sq4nB1Yhgli3g3JWXEATmw8eSnSZ/hDXDMdZM25PNs5mkyOidZgu+ZdmuxeunJXB rEtViJwZwHDgOSpgOzpEmnWAaTri5aQxBOUMO4pefQ9olxPWW6WfvY+GskHRGW/w bQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 13694455872245842836315855630431455374 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-03 08:26:50 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-31 08:26:49 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oxford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of Oxford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'firewall.pmb.ox.ac.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21825069009113839785334601896077999845369384595722942793005814440542163280056547901327921977578055324049256175094484279067577304456678730625621814173549456803934354990880466678712484531682677884491334873610615476761409759642214821618217200591162742175384355845559056085493452273678905575772929456852749026868966709051808104552846586295527915112891785693853021667887948713363367406134123545129172338993334776011745223264799989544215899348159143084775534475689280011753713226645792342865571119125744885309684437481698165610080025165221507339096154591797596556986874803159209999900909728859696617597229284447058257768557 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ff60cffdc1bb29316dac3591bef94178c8cdde26 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'firewall.pmb.ox.ac.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008c4e142ffe8c6cb0166b3cbec14add6124cde2cececcdb8d436a774d5083b7b09f7855d589067c65a7f6f1d009fefb2ff92885f26e703737b53725556b1b5d1839b0ae80165d97afbdb39547ccebf7c98a5e69b81a94ffb38dd7b84452fdb96a497c1dfbf0d91a4a2455f4f51ab605c31cfde757d8f4e7b43f36755e665817057ec5c2c20e7f73606489a77629a55a2baef91adb39b22d4546e82a30530031def7491bedde8669e881796e13a5b0f7f8623a33c0c7ebdd913b317b7a88c6ea9ec0a94617d1c41b0a1c244189542d40f9c20e633182ec331f9c3e1bf950d9f6d116dfbd1328360328438ab6a291d73fcb4af878fdfee88c0e4ceb6e4acdae3d33