tfs.niaid.nih.gov
- National Institutes of Health -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number 7c:51:8c:a7:f3:c2:e0:2e:d2:38:c1:25:89:d1:b3:dd was issued on by Entrust, Inc..
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
National Institutes of Health
Organization:
National Institutes of Health
State / Province:
Maryland
Locality: Rockville
Country: US
Locality: Rockville
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 7c:51:8c:a7:f3:c2:e0:2e:d2:38:c1:25:89:d1:b3:ddSerial Number (int): 165247700366758988063369326079262176221
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 6a:9e:59:43:e5:30:fb:2a:ae:b3:c2:92:3b:d7:7b:66:9d:7b:b9:34
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 6d:9d:1d:8e:4f:69:8d:a9:ef:5d:06:e7:39:b0:50:f7:d0:c4:02:e7
Fingerprint (sha256): 01:b3:1b:c8:eb:a4:07:ee:d5:a3:d0:e3:0f:57:e3:25:fd:8d:ae:cd:1d:bb:b4:5b:a1:1e:06:ba:3c:38:1b:63
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate tfs.niaid.nih.gov
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tfs.niaid.nih.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tfs.niaid.nih.gov
Other certificates including the domain name nih.gov
(limited to 100 certificates)
*.nihms.nih.gov
*.nei.nih.gov
*.niaid.nih.gov
dkgbt.niddk.nih.gov
soatest.ha.nih.gov
*.nlm.nih.gov
3dprintqa.niaid.nih.gov
www.niaaa.nih.gov
citrix.niehs.nih.gov
oma.od.nih.gov
drupal.nihlibrary.com
internet.csr.nih.gov
jamfdmz.niaaa.nih.gov
nei1.nih.gov
*.niams.nih.gov
biobeat.nigms.nih.gov
pots.nci.nih.gov
*.nlm.nih.gov
meetings.nigms.nih.gov
*.nlm.nih.gov
neidatacommons.nei.nih.gov
catalog.nei.nih.gov
devstageerawebserviceaccess.nichd.nih.gov
tls.automattic.com
assettrack.cc.nih.gov
mirror.nih.gov
sisterstudy.niehs.nih.gov
*.nci.nih.gov
3dprintqa.niaid.nih.gov
sbrblood.nhgri.nih.gov
*.apps.nciconnectstg.nci.nih.gov
excessproductcatalog.od.nih.gov
madb.nci.nih.gov
biomedicalresearchworkforce.nih.gov
intranet.cit.nih.gov
ai-cs105otdqa1.niaid.nih.gov
*.nci.nih.gov
obssr.od.nih.gov
posit-package-manager.niaid.nih.gov
myitsm.nih.gov
nihguide.od.nih.gov
2019-BTH-TIC-VPN-EG-03-A.NET.NIH.GOV
ucceventsupport.cit.nih.gov
APF-Access.niaid.nih.gov
etsplab.ninds.nih.gov
dev.radx-hub.nih.gov
www.safetytraining.nih.gov
recovery.nih.gov
*.niddk.nih.gov
sni.cloudflaressl.com
authproxy.ha.nih.gov
pdbp-dd-uat.cit.nih.gov
ai-appauthfoochiprd1.niaid.nih.gov
ncias-p595.nci.nih.gov
ccpharmrees.cc.nih.gov
parkinsontrial.ninds.nih.gov
jats.nlm.nih.gov
otds16-dev.niaid.nih.gov
www.smokefree.gov
intranet.nccih.nih.gov
intranet.nccam.nih.gov
fitbir-stage.cit.nih.gov
www.cc.nih.gov
cancergenome.nih.gov
aghealth.nci.nih.gov
ncif5-d013-v.nci.nih.gov
acdwg.od.nih.gov
activenav-dev.niaid.nih.gov
apps.cc.nih.gov
sptest.nibib.nih.gov
healthyeating.nhlbi.nih.gov
medialibrary.nei.nih.gov
*.nlm.nih.gov
salivaryproteome.nidcr.nih.gov
ncatswnspfpdv34.nih.gov
ocrtme.cc.nih.gov
itbweb.nhgri.nih.gov
pots.nia.nih.gov
dcb.cit.nih.gov
devwebeditor.nichd.nih.gov
tfs.niaid.nih.gov
toolkit.ncats.nih.gov
bricsguid.nia.nih.gov
nisc.nih.gov
pedmatch.nci.nih.gov
tls.automattic.com
eracert137.era.nih.gov
*.nlm.nih.gov
erss-vip.niaid.nih.gov
sa66gl.wpc.edgecastcdn.net
isupplierext.qa.nih.gov
oacu.od.nih.gov
videocast.niehs.nih.gov
depot.tbportals.niaid.nih.gov
ecollab.niaid.nih.gov
ccapps.cc.nih.gov
resresources.nci.nih.gov
rnai.nih.gov
authdev.ha.nih.gov
www.nigms.nih.gov
*.nei.nih.gov
*.niaid.nih.gov
dkgbt.niddk.nih.gov
soatest.ha.nih.gov
*.nlm.nih.gov
3dprintqa.niaid.nih.gov
www.niaaa.nih.gov
citrix.niehs.nih.gov
oma.od.nih.gov
drupal.nihlibrary.com
internet.csr.nih.gov
jamfdmz.niaaa.nih.gov
nei1.nih.gov
*.niams.nih.gov
biobeat.nigms.nih.gov
pots.nci.nih.gov
*.nlm.nih.gov
meetings.nigms.nih.gov
*.nlm.nih.gov
neidatacommons.nei.nih.gov
catalog.nei.nih.gov
devstageerawebserviceaccess.nichd.nih.gov
tls.automattic.com
assettrack.cc.nih.gov
mirror.nih.gov
sisterstudy.niehs.nih.gov
*.nci.nih.gov
3dprintqa.niaid.nih.gov
sbrblood.nhgri.nih.gov
*.apps.nciconnectstg.nci.nih.gov
excessproductcatalog.od.nih.gov
madb.nci.nih.gov
biomedicalresearchworkforce.nih.gov
intranet.cit.nih.gov
ai-cs105otdqa1.niaid.nih.gov
*.nci.nih.gov
obssr.od.nih.gov
posit-package-manager.niaid.nih.gov
myitsm.nih.gov
nihguide.od.nih.gov
2019-BTH-TIC-VPN-EG-03-A.NET.NIH.GOV
ucceventsupport.cit.nih.gov
APF-Access.niaid.nih.gov
etsplab.ninds.nih.gov
dev.radx-hub.nih.gov
www.safetytraining.nih.gov
recovery.nih.gov
*.niddk.nih.gov
sni.cloudflaressl.com
authproxy.ha.nih.gov
pdbp-dd-uat.cit.nih.gov
ai-appauthfoochiprd1.niaid.nih.gov
ncias-p595.nci.nih.gov
ccpharmrees.cc.nih.gov
parkinsontrial.ninds.nih.gov
jats.nlm.nih.gov
otds16-dev.niaid.nih.gov
www.smokefree.gov
intranet.nccih.nih.gov
intranet.nccam.nih.gov
fitbir-stage.cit.nih.gov
www.cc.nih.gov
cancergenome.nih.gov
aghealth.nci.nih.gov
ncif5-d013-v.nci.nih.gov
acdwg.od.nih.gov
activenav-dev.niaid.nih.gov
apps.cc.nih.gov
sptest.nibib.nih.gov
healthyeating.nhlbi.nih.gov
medialibrary.nei.nih.gov
*.nlm.nih.gov
salivaryproteome.nidcr.nih.gov
ncatswnspfpdv34.nih.gov
ocrtme.cc.nih.gov
itbweb.nhgri.nih.gov
pots.nia.nih.gov
dcb.cit.nih.gov
devwebeditor.nichd.nih.gov
tfs.niaid.nih.gov
toolkit.ncats.nih.gov
bricsguid.nia.nih.gov
nisc.nih.gov
pedmatch.nci.nih.gov
tls.automattic.com
eracert137.era.nih.gov
*.nlm.nih.gov
erss-vip.niaid.nih.gov
sa66gl.wpc.edgecastcdn.net
isupplierext.qa.nih.gov
oacu.od.nih.gov
videocast.niehs.nih.gov
depot.tbportals.niaid.nih.gov
ecollab.niaid.nih.gov
ccapps.cc.nih.gov
resresources.nci.nih.gov
rnai.nih.gov
authdev.ha.nih.gov
www.nigms.nih.gov
Certificate
The complete raw certificate details for tfs.niaid.nih.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgIQfFGMp/PC4C7SOMElidGz3TANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y NDA1MDIxMjU3MzlaFw0yNTA1MTMxMjU3MzhaMHgxCzAJBgNVBAYTAlVTMREwDwYD VQQIEwhNYXJ5bGFuZDESMBAGA1UEBxMJUm9ja3ZpbGxlMSYwJAYDVQQKEx1OYXRp b25hbCBJbnN0aXR1dGVzIG9mIEhlYWx0aDEaMBgGA1UEAxMRdGZzLm5pYWlkLm5p aC5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY6VGutomDdO+f q6sK9a7KKpybA0LAGjTfkMRGlzs3VZ6ECaa1SN//0NCR6EQlL/th/Ira4L7MrZ5G H8ax8VbIDoVYNBh1Ixx6sxZLtWqH2dANST0rMQrFbfpcugzbE9pdUenV/ErIj9t/ Hne2xQ7Y3M4xHOKDdhhvwlsnjtIOSstyc/nvbAcSbgx7/pbax1inEdrd9qpugTUR 6GsbSW/ZuA2ymYCgo+Xee4r2++dMzKopGqD2TCp4Pu2TGNrir0/UEf5I7m4IKoBb PuFMK28Ro6MIgGVxDPglMdilcROPiolSOJfjLAmtXEz7hyQyhkkWSuLkrAP0xCJU nnQIhEa9AgMBAAGjggFoMIIBZDAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRqnllD 5TD7Kq6zwpI713tmnXu5NDAfBgNVHSMEGDAWgBSConB03bxTP8971PfNf6dgxgpM vzBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1 c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0L2wxay1j aGFpbjI1Ni5jZXIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0 Lm5ldC9sZXZlbDFrLmNybDAcBgNVHREEFTATghF0ZnMubmlhaWQubmloLmdvdjAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBMG A1UdIAQMMAowCAYGZ4EMAQICMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3 DQEBCwUAA4IBAQBfaKjJO/6kUOYn1hWnK7JL0OaEuI2tukxZ0Eis2JYOSv6GA8H0 AiDMF3gdtKVmHeC58KLPJZ733ST/LCYZMAph71zCiHU3Ys3O3FL1ZnP4An6ZZuOo DRuU+WXZnu8URtklO7ZZjikzdXk0+BK4JzVtpEmdZI/6wP649af4uEAPTeCFrazJ E3GeGEEF9S3r/oB8OP61p+Rj0pFrb7R/p4QP/NcfwKo13dZaXvgMiPMvow9Utby1 0I0U2wESmCgfy2pNbsCWPlrISugE6sz+5rjwmPKYdH1MSsUMatD+DCXmdH/qPcQ4 HzcDCu6fKjQT1HXZqlMDuD75ps1tRQHxs/d7 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OlRrraJg3Tvn6urCvWu yiqcmwNCwBo035DERpc7N1WehAmmtUjf/9DQkehEJS/7YfyK2uC+zK2eRh/GsfFW yA6FWDQYdSMcerMWS7Vqh9nQDUk9KzEKxW36XLoM2xPaXVHp1fxKyI/bfx53tsUO 2NzOMRzig3YYb8JbJ47SDkrLcnP572wHEm4Me/6W2sdYpxHa3faqboE1EehrG0lv 2bgNspmAoKPl3nuK9vvnTMyqKRqg9kwqeD7tkxja4q9P1BH+SO5uCCqAWz7hTCtv EaOjCIBlcQz4JTHYpXETj4qJUjiX4ywJrVxM+4ckMoZJFkri5KwD9MQiVJ50CIRG vQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 165247700366758988063369326079262176221 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-02 12:57:39 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-13 12:57:38 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Maryland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rockville' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'National Institutes of Health' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tfs.niaid.nih.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27382527795268861912712417082232506779997325709801934188300950306577308736322539307878273832999353038819012287655764102121042687722983047769033766113419902716231620916517474694920045648611282567322227692805692985191053353406241768305857969275009555801541107146150670705658737248824599714758844952444157543310219799357343110164496566107012284673971163271166375463404439863114453959119078793074436750423964641981486661586127467390838399470982981568977080226637051138273657577709899828850234041882956825005627081005495300209113061584439718205283377067194635181933264618344245955986571977886458683929589267688784153298621 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6a9e5943e530fb2aaeb3c2923bd77b669d7bb934 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tfs.niaid.nih.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005f68a8c93bfea450e627d615a72bb24bd0e684b88dadba4c59d048acd8960e4afe8603c1f40220cc17781db4a5661de0b9f0a2cf259ef7dd24ff2c2619300a61ef5cc288753762cdcedc52f56673f8027e9966e3a80d1b94f965d99eef1446d9253bb6598e2933757934f812b827356da4499d648ffac0feb8f5a7f8b8400f4de085adacc913719e184105f52debfe807c38feb5a7e463d2916b6fb47fa7840ffcd71fc0aa35ddd65a5ef80c88f32fa30f54b5bcb5d08d14db011298281fcb6a4d6ec0963e5ac84ae804eaccfee6b8f098f298747d4c4ac50c6ad0fe0c25e6747fea3dc4381f37030aee9f2a3413d475d9aa5303b83ef9a6cd6d4501f1b3f77b