retirees-stg-cdc.aa.com
- American Airlines Inc -
Issued by Entrust Certification Authority - L1M
About this certificate
This digital certificate with serial number 2c:61:2b:10:9f:ad:84:e6:3c:f8:ae:07:1f:51:56:75 was issued on by Entrust, Inc..
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
American Airlines Inc
Company registration number:
332421
Organization: American Airlines Inc
Organization: American Airlines Inc
State / Province:
Texas
Locality: Fort Worth
Country: US
Locality: Fort Worth
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 2c:61:2b:10:9f:ad:84:e6:3c:f8:ae:07:1f:51:56:75Serial Number (int): 58990558070495622265700125327720797813
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: 9f:02:a2:e1:03:d7:e9:d6:49:28:f9:f0:c6:52:d2:ae:db:41:6b:36
AuthorityKeyId: c3:f7:d0:b5:2a:30:ad:af:0d:91:21:70:39:54:dd:bc:89:70:c7:3a
Fingerprint (sha1): 90:1a:79:1e:61:a0:07:b5:ae:ce:05:ee:74:23:2f:71:f4:37:0e:f0
Fingerprint (sha256): 01:5b:6c:b1:02:f4:de:bf:cc:bd:50:30:59:b7:d3:56:c8:f0:54:4f:56:be:f6:7b:aa:c6:4d:19:45:3c:f9:b5
Issuing Certificate URL: http://aia.entrust.net/l1m-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1m.crl
Check the revocation status for certificate retirees-stg-cdc.aa.com
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for retirees-stg-cdc.aa.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
retirees-stg-cdc.aa.com
www.retirees-stg-cdc.aa.com
www.retirees-stg.aa.com
www.retirees-stg-mg.aa.com
retirees-stg.aa.com
retirees-stg-mg.aa.com
www.retirees-stg-cdc.aa.com
www.retirees-stg.aa.com
www.retirees-stg-mg.aa.com
retirees-stg.aa.com
retirees-stg-mg.aa.com
Other certificates including the domain name aa.com
(limited to 100 certificates)
psastage.aa.com
bc-stage.aa.com
boss-cdc.stage.aa.com
dtr.phx.aa.com
fos.aa.com
custhubmdm-grp1.tul.aa.com
mdmds.test.aa.com
aspectwfm.cdc.aa.com
nrsqa.test.qcorpaa.aa.com
mfa.aa.com
admin.aa.com
aemes.envoy.aa.com
loyaltypartnercitibenefit.stage.aa.com
pilotpbs-sb.aa.com
pilot-tts.aa.com
techopsk2.uat.corpaa.aa.com
smetrics.aa.com
americanwaymagazine.com
c3008011sme001-ms.corpaa.aa.com
stage.aa.com
cass.qcorpaa.aa.com
Aircraft.mx.techops.stage.aa.com
apps.usairways.com
wb.etm.aa.com
yada-beta.stage.aa.com
wifi-cc-stg.zeaus.aa.com
fb-pdc.aa.com
mclastage.aa.com
aagrc.aa.com
cka.aa.com
*.apps.cpepaas.aa.com
owrcm.aa.com
airportal-pdc.aa.com
handpunch.aa.com
fapbsbvr-ws.aa.com
get.azpw.aa.com
itas.aa.com
admin.awarenessnetworks.com
tmscsurvey-test.aa.com
release.psaairlines.com
aacloud.qa.esoa.qcorpaa.aa.com
pilots.aa.com
mercury.aa.com
aaapac-expcluster-e01-hon1.aa.com
cass-stage.aa.com
checkfree-stage.aa.com
americaneagle.aa.com
spe-nonprod.aa.com
aotsceptrexlrp3.corpaa.aa.com
bw-a.pdc.aa.com
racf.stage.aa.com
lmo.me.aa.com
ifs.aa.com
vpsx.azure.qa.techops.aa.com
salt-np.aa.com
scdfwappp1000001.corpaa.aa.com
aacs.stage.esoa.aa.com
pssi.stage.esoa.aa.com
aapilots.com
qa-cdn.flyaa.aa.com
retirees-stg-cdc.aa.com
aana-expcluster-e01-bv1.aa.com
cbjocaz.aa.com
newemployeetravel.test.aa.com
diversions-stg.lka.aa.com
res-keystar.stage.aa.com
jamfpro.aa.com
aasales.dev.esoa.qcorpaa.aa.com
aiops.aa.com
ssofedpdc.aa.com
aepp.jetnet.aa.com
airport360.aa.com
esdfwovp0000001.DFWD1.aa.com
app.aa.com
wb.etm.aa.com
smlogin.qtcorpaa.aa.com
eworkforce.aa.com
Aircraft-cdc.mx.techops.aa.com
uagzeusn.aa.com
ecmappservices-dr.aa.com
facet9.aa.com
premium.stage.aa.com
mercury-cert.aa.com
yada-beta.stage.aa.com
etqstage.aa.com
*.cloud-np.aa.com
webref.stage.aa.com
ox-d.aa.com
isolve.aa.com
ltuappp04.corpaa.aa.com
www.aa.com
elite-qa.aa.com
ecmcsservices-stg-acs1.aa.com
yada.aa.com
lmo.stage.me.aa.com
crewwatch-stg.ido.horizon.cherokee.aa.com
mopsmanager.qcorpaa.aa.com
cciweb-stg.aa.com
concourse.ci.qcorpaa.aa.com
hub.aa.com
bc-stage.aa.com
boss-cdc.stage.aa.com
dtr.phx.aa.com
fos.aa.com
custhubmdm-grp1.tul.aa.com
mdmds.test.aa.com
aspectwfm.cdc.aa.com
nrsqa.test.qcorpaa.aa.com
mfa.aa.com
admin.aa.com
aemes.envoy.aa.com
loyaltypartnercitibenefit.stage.aa.com
pilotpbs-sb.aa.com
pilot-tts.aa.com
techopsk2.uat.corpaa.aa.com
smetrics.aa.com
americanwaymagazine.com
c3008011sme001-ms.corpaa.aa.com
stage.aa.com
cass.qcorpaa.aa.com
Aircraft.mx.techops.stage.aa.com
apps.usairways.com
wb.etm.aa.com
yada-beta.stage.aa.com
wifi-cc-stg.zeaus.aa.com
fb-pdc.aa.com
mclastage.aa.com
aagrc.aa.com
cka.aa.com
*.apps.cpepaas.aa.com
owrcm.aa.com
airportal-pdc.aa.com
handpunch.aa.com
fapbsbvr-ws.aa.com
get.azpw.aa.com
itas.aa.com
admin.awarenessnetworks.com
tmscsurvey-test.aa.com
release.psaairlines.com
aacloud.qa.esoa.qcorpaa.aa.com
pilots.aa.com
mercury.aa.com
aaapac-expcluster-e01-hon1.aa.com
cass-stage.aa.com
checkfree-stage.aa.com
americaneagle.aa.com
spe-nonprod.aa.com
aotsceptrexlrp3.corpaa.aa.com
bw-a.pdc.aa.com
racf.stage.aa.com
lmo.me.aa.com
ifs.aa.com
vpsx.azure.qa.techops.aa.com
salt-np.aa.com
scdfwappp1000001.corpaa.aa.com
aacs.stage.esoa.aa.com
pssi.stage.esoa.aa.com
aapilots.com
qa-cdn.flyaa.aa.com
retirees-stg-cdc.aa.com
aana-expcluster-e01-bv1.aa.com
cbjocaz.aa.com
newemployeetravel.test.aa.com
diversions-stg.lka.aa.com
res-keystar.stage.aa.com
jamfpro.aa.com
aasales.dev.esoa.qcorpaa.aa.com
aiops.aa.com
ssofedpdc.aa.com
aepp.jetnet.aa.com
airport360.aa.com
esdfwovp0000001.DFWD1.aa.com
app.aa.com
wb.etm.aa.com
smlogin.qtcorpaa.aa.com
eworkforce.aa.com
Aircraft-cdc.mx.techops.aa.com
uagzeusn.aa.com
ecmappservices-dr.aa.com
facet9.aa.com
premium.stage.aa.com
mercury-cert.aa.com
yada-beta.stage.aa.com
etqstage.aa.com
*.cloud-np.aa.com
webref.stage.aa.com
ox-d.aa.com
isolve.aa.com
ltuappp04.corpaa.aa.com
www.aa.com
elite-qa.aa.com
ecmcsservices-stg-acs1.aa.com
yada.aa.com
lmo.stage.me.aa.com
crewwatch-stg.ido.horizon.cherokee.aa.com
mopsmanager.qcorpaa.aa.com
cciweb-stg.aa.com
concourse.ci.qcorpaa.aa.com
hub.aa.com
Certificate
The complete raw certificate details for retirees-stg-cdc.aa.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHsDCCBpigAwIBAgIQLGErEJ+thOY8+K4HH1FWdTANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDE0IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxTTAeFw0y NDA0MjQyMTI0MjFaFw0yNTA0MjQyMTI0MjBaMIHUMQswCQYDVQQGEwJVUzEOMAwG A1UECBMFVGV4YXMxEzARBgNVBAcTCkZvcnQgV29ydGgxEzARBgsrBgEEAYI3PAIB AxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVsYXdhcmUxHjAcBgNVBAoTFUFtZXJp Y2FuIEFpcmxpbmVzIEluYzEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24x DzANBgNVBAUTBjMzMjQyMTEgMB4GA1UEAxMXcmV0aXJlZXMtc3RnLWNkYy5hYS5j b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXr1+wD9VOUbK00LLs WFmSr99MR2JuNfyTfBD18ngkyiCgb8OA2Hx1iW7CBLp+ZW7GI05PJbynkBTIQcvG 8yA6gR9PyzFSsNTPr4N9wPrX3vGfsSRB/lbnjzoAclZEwky25XWlOfHe786Zq3Pw wN3YWN7OVP1Gy5bnXlFVNSJtpMJHY0IGJyoUhFQ7wk6aH6Jrcpg/SQH/WXBx7kE8 VXDLFlrJQkDuvaEB4prSLG/DEGZnixLMS9/snFtolJqP3UVSLjCE1Nb+1vDKQDL1 mtzFKkbBGrN+MLZtUNr7oQJ4L69GT7R1VFJS2cHPir6QY6pqOfDFYgyPuCmcZn6h WCSpAgMBAAGjggOUMIIDkDAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSfAqLhA9fp 1kko+fDGUtKu20FrNjAfBgNVHSMEGDAWgBTD99C1KjCtrw2RIXA5VN28iXDHOjBo BggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3Qu bmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0L2wxbS1jaGFp bjI1Ni5jZXIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5l dC9sZXZlbDFtLmNybDCBowYDVR0RBIGbMIGYghdyZXRpcmVlcy1zdGctY2RjLmFh LmNvbYIbd3d3LnJldGlyZWVzLXN0Zy1jZGMuYWEuY29tghd3d3cucmV0aXJlZXMt c3RnLmFhLmNvbYIad3d3LnJldGlyZWVzLXN0Zy1tZy5hYS5jb22CE3JldGlyZWVz LXN0Zy5hYS5jb22CFnJldGlyZWVzLXN0Zy1tZy5hYS5jb20wDgYDVR0PAQH/BAQD AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBLBgNVHSAERDBCMAcG BWeBDAEBMDcGCmCGSAGG+mwKAQIwKTAnBggrBgEFBQcCARYbaHR0cHM6Ly93d3cu ZW50cnVzdC5uZXQvcnBhMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgCi4wrk Re+9rZt+OO1HZ3dT14JbhJTXK14bLMS5UKRH5wAAAY8R/sqvAAAEAwBHMEUCIQCp wMWwkex8Pc5TrhUbjCoCH8/GZtzvMw2JmYrPhp9xRQIgJybUGZ1/hmD4Bu6WCv9N iHJ/kbBKoBjqNbk2q16CqzsAdgDm0jFjQHeMwRBBBtdxuc7B0kD2loSG+7qHMh39 HjeOUAAAAY8R/srjAAAEAwBHMEUCIEYGpSN7ZdPvMqyxB7z3dxEGJEtFWgj4TZKp MWWXvKorAiEAgBjgFK7fLaqN4H1v/ww++DTdXAobNF0UQwGmUtlyvWkAdQBOdaMn XJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY8R/srtAAAEAwBGMEQCIFVV MWvPz01qay2NF7GzY2BujVOvCPLMCn6iKZ28VejpAiBLWaFBDBADJeVd34XElVP5 ErOdu08EhrvAU0u3hFh75zANBgkqhkiG9w0BAQsFAAOCAQEAi2CMZJkiVZtwC4gD 5haum8B/EqptyA9yn9miLRK/8n830JYdNlDKbB6Kggd2SNM8TcZeUjoLILAIDwJM VBjf3NbGtPTUUnLA5b6KtHmENHuaNPNChMLM3Teh1Jx3fGQ2ktg8BanwWHowRXZG /8aK4fh+wZ5Ad4wVcKMTYyn7+IUIH947Sk1OLC2oLOJDmL6gFVgHaEOJOvyea0DE SGjWPArR8PfqgUrxnTELJVxuWMTIQO1HrRMCRLR3LuNYPIzKZPbFO1m7aKVnBlkx xcAs77dEza6jH3Ai1PK44l2U5MfvXTgZiiFLMYj5PEGyQtkrfKKKMKTATu6q11qy iK+e4w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA169fsA/VTlGytNCy7FhZ kq/fTEdibjX8k3wQ9fJ4JMogoG/DgNh8dYluwgS6fmVuxiNOTyW8p5AUyEHLxvMg OoEfT8sxUrDUz6+DfcD6197xn7EkQf5W5486AHJWRMJMtuV1pTnx3u/Omatz8MDd 2FjezlT9RsuW515RVTUibaTCR2NCBicqFIRUO8JOmh+ia3KYP0kB/1lwce5BPFVw yxZayUJA7r2hAeKa0ixvwxBmZ4sSzEvf7JxbaJSaj91FUi4whNTW/tbwykAy9Zrc xSpGwRqzfjC2bVDa+6ECeC+vRk+0dVRSUtnBz4q+kGOqajnwxWIMj7gpnGZ+oVgk qQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 58990558070495622265700125327720797813 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2014 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1M' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-24 21:24:21 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-24 21:24:20 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Texas' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Fort Worth' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'American Airlines Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '332421' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'retirees-stg-cdc.aa.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27227715601894262081041983774262445212333190753367134613882161340196947812994976376317319366310583329131341151913237562732513066955800157599950462680893421891134334212506245110292177851583926002227580154239892747150926054630798094626475732536862113572856047427155733137473507654688548295839640498450586635178795479922890369370155662012786924894542092649266238462708225386782069837823967886233336654173124601522056811150719364528157056112485079639208040097509086684526295945269129443646615818760830356288493775392347883518186877584313720693012794768217899175377233572372321826775105418682251664626481133719937720263849 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9f02a2e103d7e9d64928f9f0c652d2aedb416b36 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c3f7d0b52a30adaf0d9121703954ddbc8970c73a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1m-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1m.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (155 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'retirees-stg-cdc.aa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.retirees-stg-cdc.aa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.retirees-stg.aa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.retirees-stg-mg.aa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'retirees-stg.aa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'retirees-stg-mg.aa.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.2 (Entrust EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.entrust.net/rpa' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007600a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018f11fecaaf0000040300473045022100a9c0c5b091ec7c3dce53ae151b8c2a021fcfc666dcef330d89998acf869f714502202726d4199d7f8660f806ee960aff4d88727f91b04aa018ea35b936ab5e82ab3b007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018f11fecae3000004030047304502204606a5237b65d3ef32acb107bcf7771106244b455a08f84d92a9316597bcaa2b0221008018e014aedf2daa8de07d6fff0c3ef834dd5c0a1b345d144301a652d972bd690075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f11fecaed000004030046304402205555316bcfcf4d6a6b2d8d17b1b363606e8d53af08f2cc0a7ea2299dbc55e8e902204b59a1410c100325e55ddf85c49553f912b39dbb4f0486bbc0534bb784587be7 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008b608c649922559b700b8803e616ae9bc07f12aa6dc80f729fd9a22d12bff27f37d0961d3650ca6c1e8a82077648d33c4dc65e523a0b20b0080f024c5418dfdcd6c6b4f4d45272c0e5be8ab47984347b9a34f34284c2ccdd37a1d49c777c643692d83c05a9f0587a30457646ffc68ae1f87ec19e40778c1570a3136329fbf885081fde3b4a4d4e2c2da82ce24398bea01558076843893afc9e6b40c44868d63c0ad1f0f7ea814af19d310b255c6e58c4c840ed47ad130244b4772ee3583c8cca64f6c53b59bb68a567065931c5c02cefb744cdaea31f7022d4f2b8e25d94e4c7ef5d38198a214b3188f93c41b242d92b7ca28a30a4c04eeeaad75ab288af9ee3