*.paas.xh1.lilly.com

- Eli Lilly and Company -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 7c:30:ab:93:1f:b9:54:39:00:00:00:00:50:fa:6e:bf was issued on by Entrust, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Eli Lilly and Company

Organization: Eli Lilly and Company
State / Province: Indiana
Locality: Indianapolis
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 7c:30:ab:93:1f:b9:54:39:00:00:00:00:50:fa:6e:bf
Serial Number (int): 165076981674939438310081037310285737663
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 82:1f:4d:db:db:16:c6:e8:c7:39:71:45:0e:39:5e:9d:c1:14:fa:c6
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): f2:43:47:6d:c8:37:32:8f:52:ea:ae:d3:cc:d5:5e:3d:45:05:59:a7
Fingerprint (sha256): 01:f7:a4:2d:4f:cd:e9:1b:44:dd:7c:15:8b:d1:fe:35:7f:ef:f5:ff:cc:23:d0:f2:ae:d1:5c:99:9d:0a:13:17

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate *.paas.xh1.lilly.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.paas.xh1.lilly.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.paas.xh1.lilly.com
paas.xh1.lilly.com

Other certificates including the domain name lilly.com

(limited to 100 certificates)
asp-t.lilly.com
mi-lb-z1-v1.xh1.lilly.com
dev-element.lilly.com
connect.lilly.com
impact-qa.am.lilly.com
enginframe-t.am.lilly.com
Lyncpoolz1fe.rf.lilly.com
www.cialis.co.nz
www.lilly.net.br
chinalccp-q.lillyadmin.cn
SB-JPN-KOBE-02.rf.lilly.com
sappipci.d52.lilly.com
www.lilly.co.za
alscsoa-dr.am.lilly.com
credit360.xh1.lilly.com
artritrereumatoide.xh2.lilly.com
olumiantreview.lilly.com
ects-qatss.am.lilly.com
iwrstrans-qa.xh1.lilly.com
lillypad.lilly.com
MQZl4igel.am.lilly.com
mdutranslate.lilly.com
ct2-dev.lilly.com
sapepqci.d52.lilly.com
SBC-O365-USA-INDY-TEST-01.lilly.com
lillyscience.lilly.com
webtop.ema.lilly.com
SBCTEAMS-USA-INDY-01.XH1.lilly.com
image.partnerapp1.myworld.com
dctmlrlextadmin.am.lilly.com
chinagamification.xh3.lilly.com
leo-app-d.am.lilly.com
plmssd.am.lilly.com
elementadmin-qa.lilly.com
connect.lilly.com
*.paas.xh1.lilly.com
lilly.connect.lilly.com
bpmpc-z1-86.am.lilly.com
api.data-q.rids.lilly.com
srvstgweb.d52.lilly.com
chinami-d.xh3.lilly.com
srvbes.am.lilly.com
dmw.am.lilly.com
elancophotocontestportugal.xh2.lilly.com
SB-SLO-BRAT-01.rf.lilly.com
myequity.xh1.lilly.com
je3svr272.ap.lilly.com
SB-USA-WASH-01.RF.lilly.com
sbt-chi-suzh-01.ap.lilly.com
mail141qas1.am.lilly.com
lillyru-d.xh1.lilly.com
dmw-dev.am.lilly.com
lillyapp105-qa.am.lilly.com
reset-dc.xh1.lilly.com
lillyakademi.com
www.d-diabetes.com
chinacmp.xh3.lilly.com
cst.lilly.com
www.36saat.com
ifolio.lilly.com
RWE.lilly.com
mydesktop.ap.lilly.com
www.lillyhcp.com
mail141qae2.xh1.lilly.com
lillyconnect-sa.com
rwe.lilly.com
lilly.com
osf.lilly.com
statsclstr4-2node.am.lilly.com
soag-z1-d.am.lilly.com
www.d-diabetes.com
EIPCC.am.lilly.com
iwrs.lilly.com
sac-test.lilly.com
pages.mc.lilly.com
www.lillypod.com.au
akamai-san35.exacttarget.com
image.partnerapp1.myworld.com
try.connect.lilly.com
ics-mdit-ctsup-d.lilly.com
lillyakademi.com
insulinsimulator.lilly.com
sapsmqci.aws.lilly.com
global-boilerplate-nuxt.heroku-apps.lilly.com
*.domino.aws.lilly.com
SB-PHI-MANI-01.rf.lilly.com
chinalccp-q-new.xh3.lilly.com
copay.lilly.com
leo-app-q.am.lilly.com
federate-qa.xh1.lilly.com
MQZWORKSPACE.am.lilly.com
ie2b2mestest-mfg.ema.lilly.com
mail141prds1smtp.am.lilly.com
ie43mesprod-mfg.ema.lilly.COM
salesreporting-q.am.lilly.com
mytransfer2.lilly.com
ltc-lfd-ad-gc-lb.lfd.lilly.com
transparency.lilly.com
plmsst.am.lilly.com
*.connect.lilly.com

Certificate

The complete raw certificate details for *.paas.xh1.lilly.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIQfDCrkx+5VDkAAAAAUPpuvzANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0x
OTExMTkyMDQ0NDFaFw0yMTExMTkyMTE0NDBaMHUxCzAJBgNVBAYTAlVTMRAwDgYD
VQQIEwdJbmRpYW5hMRUwEwYDVQQHEwxJbmRpYW5hcG9saXMxHjAcBgNVBAoTFUVs
aSBMaWxseSBhbmQgQ29tcGFueTEdMBsGA1UEAwwUKi5wYWFzLnhoMS5saWxseS5j
b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9ruAX6ATLLGDYuAXe
I7vJfeGkVNJgEHnobb4x8udHx1JuonXtvRrI6vJwg3wCnJOCpgMwUBvjutoZcmD2
AhFA7J/U/cnrRZyLbq+2+vJNdZLIIhc+KLQRARc1yq+WsyyM4DqE4sVFV9h86B/g
/F/o+4Nquu3MyM14rVzTFL6mt0MEItuMEUiCwEN2YT6lSSvNdT+hojk4ZBM8jz2V
7KaHtQAsQb4zmooHBWwUX4GPaOWeS1iGfdY3fjRgc+ALHFq0P2ASjhPGwONuO1Ib
7FELJB4VZxJpPj45ORJK+hjavSn2eYAPNBJvqAb2nvSwVKyd1bu/2DKt7fGz2IdJ
AbvnAgMBAAGjggG0MIIBsDATBgorBgEEAdZ5AgQDAQH/BAIFADAzBgNVHREELDAq
ghQqLnBhYXMueGgxLmxpbGx5LmNvbYIScGFhcy54aDEubGlsbHkuY29tMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwMwYDVR0f
BCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNybDBL
BgNVHSAERDBCMDYGCmCGSAGG+mwKAQUwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3
dy5lbnRydXN0Lm5ldC9ycGEwCAYGZ4EMAQICMGgGCCsGAQUFBwEBBFwwWjAjBggr
BgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYIKwYBBQUHMAKGJ2h0
dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFrLWNoYWluMjU2LmNlcjAfBgNVHSMEGDAW
gBSConB03bxTP8971PfNf6dgxgpMvzAdBgNVHQ4EFgQUgh9N29sWxujHOXFFDjle
ncEU+sYwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAINdTzwpgdZZCDOyV
5CdxawLNAp6XGFbjdOWH+Stx5sV07dIrkTVXjojebRe9PjLmhKaIt8L94jilC/xo
6eV4PWlLFKXQyu8t3DiV/UUmeBNU+h37TKjJBldHhf/jA1n+Zte+xSCb6vWPNl8x
wYPmrBufDeAPo1ZqQspBXF7bFLSrdpkqm1w6y6zlD9JvYEy3XJORhmuHNJ3nU4qE
mSfNbuUztoNxzpO2Njk8I9b0c+2t+VLWTkLeuCXx1NF+7MGa0/9PYqQ/Cs23Wxqy
mmCHxW7pY3e+LEAvQVaWTIrYapbRyJ8O6bZQKK28ueNbV6xHiGGT22O2ndQCV2EB
iQiA7A==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAva7gF+gEyyxg2LgF3iO7
yX3hpFTSYBB56G2+MfLnR8dSbqJ17b0ayOrycIN8ApyTgqYDMFAb47raGXJg9gIR
QOyf1P3J60Wci26vtvryTXWSyCIXPii0EQEXNcqvlrMsjOA6hOLFRVfYfOgf4Pxf
6PuDarrtzMjNeK1c0xS+prdDBCLbjBFIgsBDdmE+pUkrzXU/oaI5OGQTPI89leym
h7UALEG+M5qKBwVsFF+Bj2jlnktYhn3WN340YHPgCxxatD9gEo4TxsDjbjtSG+xR
CyQeFWcSaT4+OTkSSvoY2r0p9nmADzQSb6gG9p70sFSsndW7v9gyre3xs9iHSQG7
5wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 165076981674939438310081037310285737663
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-19 20:44:41 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-11-19 21:14:40 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Indiana'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Indianapolis'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Eli Lilly and Company'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.paas.xh1.lilly.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23945273894953607199944621920616205248989449169378629256990787343605711886482812548645314942327161301636941988759877003415211824656087070062663130450337764424324602752552444539527606594746697184128163126245643400519331784590235739039356837209836564873500882397135942208513802901800910048158969909770734425960780132232209394065093361207446600012302171156238350998521020463540145611819320678463378274050114392712366471291779601973481845408094817675797904250277121223967654863441636600798398416567322293375928785080227873232200169785851999423493092415086976155976297574288125538953839515671092265139357641525058068397031
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.paas.xh1.lilly.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paas.xh1.lilly.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							821f4ddbdb16c6e8c73971450e395e9dc114fac6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0020d753cf0a607596420cec95e427716b02cd029e971856e374e587f92b71e6c574edd22b9135578e88de6d17bd3e32e684a688b7c2fde238a50bfc68e9e5783d694b14a5d0caef2ddc3895fd4526781354fa1dfb4ca8c906574785ffe30359fe66d7bec5209beaf58f365f31c183e6ac1b9f0de00fa3566a42ca415c5edb14b4ab76992a9b5c3acbace50fd26f604cb75c9391866b87349de7538a849927cd6ee533b68371ce93b636393c23d6f473edadf952d64e42deb825f1d4d17eecc19ad3ff4f62a43f0acdb75b1ab29a6087c56ee96377be2c402f4156964c8ad86a96d1c89f0ee9b65028adbcb9e35b57ac47886193db63b69dd402576101890880ec