dtsproweb.defensetravel.osd.mil

- U.S. Government -

Issued by DOD ID SW CA-37

About this certificate

This digital certificate with serial number 01:19:f2 was issued on by U.S. Government.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: subject:localityName MUST appear if subject:organizationName, subject:givenName, or subject:surname fields are present but the subject:stateOrProvinceName field is absent. (BRs: 7.1.4.2.2)
  • Subscriber Certificate: subject:stateOrProvinceName MUST appear if the subject:organizationName, subject:givenName, or subject:surname fields are present and subject:localityName is absent. (BRs: 7.1.4.2.2)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber Certificate: extKeyUsage values other than id-kp-serverAuth, id-kp-clientAuth, and id-kp-emailProtection SHOULD NOT be present. (BRs: 7.1.2.3)

U.S. Government

Organization: U.S. Government
Organization unit: DoD
Organization unit: PKI
Organization unit: OSD
Country: US

U.S. Government

Organization: U.S. Government
Organization unit: DoD
Organization unit: PKI
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 01:19:f2
Serial Number (int): 72178
Serial Number lenght: 17 bits, 3 octets

SubjectKeyId: ac:2d:69:33:d5:f2:31:f2:57:9f:b2:fe:fa:7c:0b:9e:77:e3:a3:d0
AuthorityKeyId: 16:24:7e:f7:2d:c1:ef:92:3f:be:44:e7:54:5e:e9:fe:17:ba:f3:a1

Fingerprint (sha1): cc:aa:0c:d7:bc:ed:f0:0a:52:5c:62:91:b2:e2:7a:9a:5d:d1:a5:6e
Fingerprint (sha256): 02:30:16:61:f9:f2:c6:08:da:5f:57:35:b4:f9:3f:e7:bd:19:bd:8c:c4:2f:46:15:ab:93:53:38:28:3c:fa:2a

Issuing Certificate URL: http://crl.disa.mil/sign/DODIDSWCA_37.cer

Revocation information

OCSP Server: http://ocsp.disa.mil
CRL Distribution Point: http://crl.disa.mil/crl/DODIDSWCA_37.crl

Check the revocation status for certificate dtsproweb.defensetravel.osd.mil

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for dtsproweb.defensetravel.osd.mil

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

dtsproweb.defensetravel.osd.mil

Other certificates including the domain name osd.mil

(limited to 100 certificates)
myafn.dodmedia.osd.mil
secureapps.osd.mil
eRoom.tma.osd.mil
stg.service.cade.osd.mil
kbs.nsoc.health.mil
nmcp-root.med.osd.mil
www.dma.mil
bea.osd.mil
repi.osd.mil
nmcsd-root.med.osd.mil
www.dma.mil
afnconnect.myafn.dodmedia.osd.mil
mhse2e.med.osd.mil
cade.osd.mil
titus.cpms.osd.mil
opmverify.dmdc.osd.mil
dtsproweb.defensetravel.osd.mil
compos.dcpds.cpms.osd.mil
www.dma.mil
www.defense.gov
www.dma.mil
repi.osd.mil
www.pentagon.mil
www.dma.mil
afnconnect.myafn.dodmedia.osd.mil
dodmerb.tricare.osd.mil
webct2.dmdc.osd.mil
CAPE eRoom
cade.osd.mil
citrixsg.osd.mil
www.pentagon.mil
web-06-r-p.fhppub.dhhq.local
repi.osd.mil
jacks.jpeocbd.army.mil
jds.cape.osd.mil
repi.osd.mil
dach-era.med.osd.mil
guidanceweb.ousdc.osd.mil
afnconnect.myafn.dodmedia.osd.mil
pentagontours.osd.mil
dmdc.osd.mil
rcc.osd.mil
www.usace.army.mil
myafn.dodmedia.osd.mil
repi.osd.mil
www.pentagon.mil
systemarchitect.tma.osd.mil
*.jacks.jpeocbrnd.army.mil
secureapps.osd.mil
dtscdcvpn02.defensetravel.osd.mil
snap.cape.osd.mil
fermion.dmea.osd.mil
*.jacks.jpeocbrnd.army.mil
myafn.dodmedia.osd.mil
www.usace.army.mil
lms.dcpas.osd.mil
denix.osd.mil
fermion.dmea.osd.mil
SNAP.CAPE.OSD.MIL
bach-era.med.osd.mil
denix.osd.mil
lrmc-root.med.osd.mil
listserver.tma.osd.mil
godefense.dcpas.osd.mil
service.cade.osd.mil
guidanceweb.ousdc.osd.mil
fcom.cape.osd.mil
macstg.ousdc.osd.mil
login.myafn.dodmedia.osd.mil
hrnetapps.cpms.osd.mil
kbs.nsoc.health.mil
jsp-ipm.osd.mil
sepsii.tricare.osd.mil
DORWARD.jte.osd.mil
jcoc.osd.mil
uranus.cpms.osd.mil
itbudget.osd.mil
dod-executiveagent.osd.mil
cerebro-ct.dmdc.osd.mil
denix.osd.mil
dodcioext.osd.mil
www.public.navy.mil
mhse2erecv.med.osd.mil
www.dma.mil
afnconnect.myafn.dodmedia.osd.mil
www.pentagon.mil
ircmstrn.cpms.osd.mil
bolly.cpms.osd.mil
repi.osd.mil
wasp-ad.dmdc.osd.mil
art.tma.osd.mil
webst.dmdc.osd.mil
fmonline.ousdc.osd.mil
fsm.cape.osd.mi
repi.osd.mil
dmdc.mil
dmdc.mil
dmdc.mil
www.dma.mil
learning1.dmdc.osd.mil

Certificate

The complete raw certificate details for dtsproweb.defensetravel.osd.mil in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEvDCCA6SgAwIBAgIDARnyMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNVBAYTAlVT
MRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UE
CxMDUEtJMRgwFgYDVQQDEw9ET0QgSUQgU1cgQ0EtMzcwHhcNMTYxMjIyMTg0NTUx
WhcNMTkxMjIzMTg0NTUxWjB7MQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBH
b3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsTA1BLSTEMMAoGA1UECxMD
T1NEMSgwJgYDVQQDEx9kdHNwcm93ZWIuZGVmZW5zZXRyYXZlbC5vc2QubWlsMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxUxXTvBiotGZNUjMMEKdw48
30ZLFLZCnB0Zc26mdZtWVJWBxhpe+p9o4KCoRZ16+OmZmO5U/Y270PN5HYYbexDv
T/ffeEI5pGGy7HRpsII16SjOQ8Npa+/qOcO9DURKw643RW48bcjftTsce99lgWeN
M7fJ9Ai5+rPKpi4o0BzQNXqo9LWVLBwkOPGD/ESwGoGcIDJeGFiaklx1vn4PQKha
yH3O3OHlncsGHTe9XFZ/nVNLl6hI0ZtygOyYzymt0csJzb5uELZuYON3in6fDm9q
bANbPHntnP5p1DLURlHp8GwYpCVXt8vtZOcO5NHrKd85iGn+3gK+Gg9enRpFAwID
AQABo4IBZTCCAWEwHwYDVR0jBBgwFoAUFiR+9y3B75I/vkTnVF7p/he686EwHQYD
VR0OBBYEFKwtaTPV8jHyV5+y/vp8C55346PQMGcGCCsGAQUFBwEBBFswWTA1Bggr
BgEFBQcwAoYpaHR0cDovL2NybC5kaXNhLm1pbC9zaWduL0RPRElEU1dDQV8zNy5j
ZXIwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3NwLmRpc2EubWlsMA4GA1UdDwEB/wQE
AwIFoDA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLmRpc2EubWlsL2NybC9E
T0RJRFNXQ0FfMzcuY3JsMCoGA1UdEQQjMCGCH2R0c3Byb3dlYi5kZWZlbnNldHJh
dmVsLm9zZC5taWwwFgYDVR0gBA8wDTALBglghkgBZQIBCycwJwYDVR0lBCAwHgYI
KwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQgCAjANBgkqhkiG9w0BAQsFAAOCAQEA
AjStt5ZIiUjBshm5d2TnBXt/9jGDnJNyD6udjhMOYy2vujBqtxBXq0znCc26w3UZ
PkuZwvUNA+Ob7B1JRXT7ahuPkaHPeRbFkMB1Wyb7FTk1BDDD4soguvFBNypfsGDk
13mS2VGyxdhRrzMX51UlEr1K//mR6ztl5Zly5JX+TBnRSeOgm12eF8ZTZpX7zJdD
zz0fVT91GsqqoJ1Q5/sL5bloXYyHeO5LH2fgbLEo5VySl4wCLUghtei0sTuRTcdz
gHI7DU4SObHinPzUE0BVDw3FAcygu+GcCCEJikk80PY8WERm3K01zYkubo+Kpf+8
kBfajhfFXfV/+bZA0DsvBg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxUxXTvBiotGZNUjMMEK
dw4830ZLFLZCnB0Zc26mdZtWVJWBxhpe+p9o4KCoRZ16+OmZmO5U/Y270PN5HYYb
exDvT/ffeEI5pGGy7HRpsII16SjOQ8Npa+/qOcO9DURKw643RW48bcjftTsce99l
gWeNM7fJ9Ai5+rPKpi4o0BzQNXqo9LWVLBwkOPGD/ESwGoGcIDJeGFiaklx1vn4P
QKhayH3O3OHlncsGHTe9XFZ/nVNLl6hI0ZtygOyYzymt0csJzb5uELZuYON3in6f
Dm9qbANbPHntnP5p1DLURlHp8GwYpCVXt8vtZOcO5NHrKd85iGn+3gK+Gg9enRpF
AwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 72178
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'U.S. Government'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DoD'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DOD ID SW CA-37'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-12-22 18:45:51 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-23 18:45:51 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'U.S. Government'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DoD'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'OSD'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dtsproweb.defensetravel.osd.mil'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20082341063021819927206842481917776420198358290321737134416120779522554507924479891679910813484134112228080808538863944613459572562455866304828084901985979744622063497912501174147928567295182772938331510866019964218777585723436917815710481674737674858389731317660605581130329852177836445557559320640054657331959317328996945540009159873343549177765179737806594921725737974805542245078719922080583541388528145642853856271230839483523921591930309120598433652285258449480693981526000628248038619259583352218461763657917369115550557075360940651504963086813310138388772807103574701870359511747379935841307268165265069327619
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 16247ef72dc1ef923fbe44e7545ee9fe17baf3a1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ac2d6933d5f231f2579fb2fefa7c0b9e77e3a3d0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.disa.mil/sign/DODIDSWCA_37.cer'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.disa.mil'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.disa.mil/crl/DODIDSWCA_37.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (35 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dtsproweb.defensetravel.osd.mil'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.2.1.11.39
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.8.2.2 (iKEIntermediate)
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000234adb796488948c1b219b97764e7057b7ff631839c93720fab9d8e130e632dafba306ab71057ab4ce709cdbac375193e4b99c2f50d03e39bec1d494574fb6a1b8f91a1cf7916c590c0755b26fb1539350430c3e2ca20baf141372a5fb060e4d77992d951b2c5d851af3317e7552512bd4afff991eb3b65e59972e495fe4c19d149e3a09b5d9e17c6536695fbcc9743cf3d1f553f751acaaaa09d50e7fb0be5b9685d8c8778ee4b1f67e06cb128e55c92978c022d4821b5e8b4b13b914dc77380723b0d4e1239b1e29cfcd41340550f0dc501cca0bbe19c0821098a493cd0f63c584466dcad35cd892e6e8f8aa5ffbc9017da8e17c55df57ff9b640d03b2f06