secure1.canon.com

- CANON INC. -

Issued by SECOM Passport for Web SR 2.0 CA

About this certificate

This digital certificate with serial number 42:d7:2b:40:5e:66:7b:29 was issued on by SECOM Trust Systems CO.,LTD..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

CANON INC.

Organization: CANON INC.
Organization unit: Web Communications Dept.
State / Province: Tokyo
Locality: Ohta-ku
Country: JP

SECOM Trust Systems CO.,LTD.

Organization: SECOM Trust Systems CO.,LTD.
Country: JP

This certificate has expire since

Certificate Details

Serial Number (hex): 42:d7:2b:40:5e:66:7b:29
Serial Number (int): 4816365881957710633
Serial Number lenght: 63 bits, 8 octets

SubjectKeyId: 39:82:bc:d5:87:b4:db:55:f2:5d:52:9d:01:a4:46:40:8d:57:65:bb
AuthorityKeyId: 30:9a:00:57:99:44:63:6b:c9:b2:f2:3d:8d:83:6b:3b:d7:9d:ef:64

Fingerprint (sha1): c2:a4:d0:18:c3:f0:90:b8:5d:17:50:f2:3f:d3:5f:29:47:81:fb:9a
Fingerprint (sha256): 01:71:ce:37:60:31:26:f3:6e:a5:d1:f1:e9:b2:f4:02:03:74:1d:8b:d8:2a:4a:2c:0c:c4:32:d4:cc:e3:7b:5b


Revocation information

OCSP Server: http://sr20.ocsp.secomtrust.net
CRL Distribution Point: http://repo1.secomtrust.net/spcpp/pfw/pfwsr2ca/fullcrl.crl

Check the revocation status for certificate secure1.canon.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for secure1.canon.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

secure1.canon.com

Other certificates including the domain name canon.com

(limited to 100 certificates)
secure07.stage.lithium.com
quickscan.ciis.canon.com
magentoapi.usa.canon.com
canammobileconnect.usa.canon.com
nwstg.cusa.canon.com
lfsstorefront.com
*.dev-apps.cusa.canon.com
www.cfsdealerportal.com
nyrhdz21.cusa.canon.com
WMBMQPRD.cusa.canon.com
commerce.mylan.csa.canon.com
cusa.canon.com
taxserviceqa.usa.canon.com
secure1.canon.com
essdmtes1qa.cusa.canon.com
nyrhdz20.cusa.canon.com
s21fsrcbrqa.cusa.canon.com
access.ciis.canon.com
Replenish.usa.canon.com
thinkinkdigital.com
www.employee-rewards.cusa.canon.com
secure1.canon.com
essdmtes2qa.cusa.canon.com
ecarriers.csa.canon.com
www.developersupport.canon.com
canonusaextranets.cusa.canon.com
chatbot-dev.ciis.canon.com
www.cla.canon.com
mps.cbps.canon.com
contentqa.cusa.canon.com
www.developersupport.canon.com
ereturn.usa.canon.com
www.support.cusa.canon.com
csa.canon.com
secure04.lithium.com
adseast.solutions.canon.com
msdjira.sc.rd.canon.com
s21.cusa.canon.com
ereturn.usa.canon.com
secure04.lithium.com
s21fsrcbrop.cusa.canon.com
ereturn.usa.canon.com
shop.usa.canon.com
shop.dev.csa.canon.com
mycanon.stg.cusa.canon.com
events.biggestfantour.com
shopqa-auth.cusa.canon.com
cdf.dt-ext.vpn.ciis.canon.com
learn.usa.canon.com
shop.usa.canon.com
imagination.usa.canon.com
web1cdvny.cfs.canon.com
esbprd.cusa.canon.com
ereturn.usa.canon.com
thinkinkdigital.com
secure04.lithium.com
globaldispatchsolution.api.esb.usa.canon.com
ccldev.cusa.canon.com
www.servicetrainingsolutions.cusa.canon.com
adscentral.solutions.canon.com
preview.partnernet.usa.canon.com
canonva.cvi.canon.com
cvi.canon.com
rtbcx.jp.canon.com
VAARCOTFORT.CUSA.CANON.COM
in-fedservice.cusa.canon.com
unbe.sxg.cusa.canon.com
ciis.canon.com
vapgp01.cusa.canon.com
cpfprismadirect.cusa.canon.com
akamai-san195.exacttarget.com
magentocloud37.map.fastly.net
www.cla.canon.com
esbqa-2.cusa.canon.com
raise.usa.canon.com
magentocloud52.map.fastly.net
www.developersupport.canon.com
secure11.lithium.com
mycsa.s21qa.csa.canon.com
ess1.csa.canon.com
lsarprx.cusa.canon.com
upload-photos.dtp-community.usa.canon.com
shortstack.usa.canon.com
email2.cusa.canon.com
varhdv117.cusa.canon.com
www.support.cusa.canon.com
secure11.lithium.com
impact-uat.csa.canon.com
kbsupport.cusa.canon.com
events.ciis.canon.com
ereturn.usa.canon.com
cfsdealerportal.com
taxservice.usa.canon.com
secure07.stage.lithium.com
*.cusa.canon.com
www.support.cusa.canon.com
travelexpensecusaqa.cusa.canon.com
oneweb.api-stg.esb.usa.canon.com
mnyacs1121.cusa.canon.com
smarterdocs.corp.cbps.canon.com

Certificate

The complete raw certificate details for secure1.canon.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIIQtcrQF5meykwDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UE
BhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKTAn
BgNVBAMTIFNFQ09NIFBhc3Nwb3J0IGZvciBXZWIgU1IgMi4wIENBMB4XDTE0MDkx
ODA0NTMzMFoXDTE2MTAxODE0NTk1OVowgYMxCzAJBgNVBAYTAkpQMQ4wDAYDVQQI
EwVUb2t5bzEQMA4GA1UEBxMHT2h0YS1rdTETMBEGA1UEChMKQ0FOT04gSU5DLjEh
MB8GA1UECxMYV2ViIENvbW11bmljYXRpb25zIERlcHQuMRowGAYDVQQDExFzZWN1
cmUxLmNhbm9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMUf
DIahAdD/iUsCSGyhXWZ2cbD4OXm7wJ3PlzrMQDvDb90il9FcISEa1n7fXUd8O2/T
u6gg9cJ2Dl9JmhrPwiEYOyPpR9o7h0Ro0TXiednO48LWeA51vBuGKT0sfMl/rduY
WSv22FG4xlMI/8Lx7MCzg2WTVCcfJ20KQxZ27+ES8iQIhAShp55TfI9tX4epiNHB
v318YoWlT6X1Qzq6H6H+/uCwFmr1FDhbi+rgeGSaG2gKzvGK+xhK3C913ZyrizQT
b0XwtPkoj9gCVdEoQfsARIpD7OqqOxYnL6NPOwn6u+cgrxrrxMOYXuXiXQaUS9xe
N/mD5QaIW3EGJLuLkQMCAwEAAaOCAX0wggF5MA4GA1UdDwEB/wQEAwIFoDATBgNV
HSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQUOYK81Ye021XyXVKdAaRGQI1XZbsw
HwYDVR0jBBgwFoAUMJoAV5lEY2vJsvI9jYNrO9ed72QwHAYDVR0RBBUwE4IRc2Vj
dXJlMS5jYW5vbi5jb20wVwYDVR0gBFAwTjBMBgoqgwiMmxtkhWUBMD4wPAYIKwYB
BQUHAgEWMGh0dHBzOi8vcmVwbzEuc2Vjb210cnVzdC5uZXQvc3BjcHAvcGZ3L3Bm
d3NyMmNhLzBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vcmVwbzEuc2Vjb210cnVz
dC5uZXQvc3BjcHAvcGZ3L3Bmd3NyMmNhL2Z1bGxjcmwuY3JsMDsGCCsGAQUFBwEB
BC8wLTArBggrBgEFBQcwAYYfaHR0cDovL3NyMjAub2NzcC5zZWNvbXRydXN0Lm5l
dDARBglghkgBhvhCAQEEBAMCBkAwDQYJKoZIhvcNAQEFBQADggEBACB2M5qdi6f7
76sOFkzE4PXxUkoj+FVuxSbo7RRsUF/q2287492HLFuo0HuHC2BDdn6/j2XuKvvS
NAGhdJ+YsZ+L4MQyHFbxaUYLnQUe/prGL0s5JsUVJKYNbb0G8HGKQJTTCgtcaPZa
fXSgXJ4t5TfuWqGiRebT0vFHWOKG1FTZAQ3x0CtbX0bSRslyKUaS0CrBXb3R7bDl
abFgRzida0nYD61FRNiXb+/vQHwtEKInUeBNN31m9NroQB/Dw6HILwpS+5zfVb8Q
GLmrtLboAXi6l+NF6+Edi9qqVE6gu8WPt3j6d1Wu8XM9yAA2r7OA+aReoVexztw5
7CKQCGxkWvQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxR8MhqEB0P+JSwJIbKFd
ZnZxsPg5ebvAnc+XOsxAO8Nv3SKX0VwhIRrWft9dR3w7b9O7qCD1wnYOX0maGs/C
IRg7I+lH2juHRGjRNeJ52c7jwtZ4DnW8G4YpPSx8yX+t25hZK/bYUbjGUwj/wvHs
wLODZZNUJx8nbQpDFnbv4RLyJAiEBKGnnlN8j21fh6mI0cG/fXxihaVPpfVDOrof
of7+4LAWavUUOFuL6uB4ZJobaArO8Yr7GErcL3XdnKuLNBNvRfC0+SiP2AJV0ShB
+wBEikPs6qo7Ficvo087Cfq75yCvGuvEw5he5eJdBpRL3F43+YPlBohbcQYku4uR
AwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 4816365881957710633
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Trust Systems CO.,LTD.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Passport for Web SR 2.0 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-09-18 04:53:30 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-10-18 14:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tokyo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ohta-ku'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CANON INC.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Web Communications Dept.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'secure1.canon.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24884256875980050773406008082244052191109971033670591982677389801817986047758037943073474609691582289320152450876827578088772495869381458193157618792956855124508920770472318428139590689147671492260967224099886330414866032404100346812186468969438076713733601979982890947341272965835301112451527764912775266439352728218196588430284121189728810870718788576029051917850394919910173015604604083563131112402366821581144346233538474283278562610679377047992983060441358742217633334589317134187774213184126301529613633765808044449781263842655358323758053514593040748602810014975060455561017892909598230323223306553789799698691
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3982bcd587b4db55f25d529d01a446408d5765bb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 309a00579944636bc9b2f23d8d836b3bd79def64
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure1.canon.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.392.200091.100.741.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repo1.secomtrust.net/spcpp/pfw/pfwsr2ca/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repo1.secomtrust.net/spcpp/pfw/pfwsr2ca/fullcrl.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://sr20.ocsp.secomtrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113730.1.1 (netscape-cert-type)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2 bits)
							0640
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002076339a9d8ba7fbefab0e164cc4e0f5f1524a23f8556ec526e8ed146c505feadb6f3be3dd872c5ba8d07b870b6043767ebf8f65ee2afbd23401a1749f98b19f8be0c4321c56f169460b9d051efe9ac62f4b3926c51524a60d6dbd06f0718a4094d30a0b5c68f65a7d74a05c9e2de537ee5aa1a245e6d3d2f14758e286d454d9010df1d02b5b5f46d246c972294692d02ac15dbdd1edb0e569b16047389d6b49d80fad4544d8976fefef407c2d10a22751e04d377d66f4dae8401fc3c3a1c82f0a52fb9cdf55bf1018b9abb4b6e80178ba97e345ebe11d8bdaaa544ea0bbc58fb778fa7755aef1733dc80036afb380f9a45ea157b1cedc39ec2290086c645af4