help.ap.org
- The Associated Press -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number a3:08:35:b8:6b:db:dc:8f:00:00:00:00:50:eb:ac:d6 was issued on by Entrust, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
The Associated Press
Organization:
The Associated Press
State / Province:
New Jersey
Locality: Cranbury
Country: US
Locality: Cranbury
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): a3:08:35:b8:6b:db:dc:8f:00:00:00:00:50:eb:ac:d6Serial Number (int): 216706791266881154431409541219317689558
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 22:81:5a:fe:fb:dd:bd:33:25:d1:0b:ed:5b:02:10:7e:d4:71:cb:2c
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): b3:86:a5:cd:ba:9c:8f:4e:34:65:aa:da:ea:24:82:ef:30:26:08:b1
Fingerprint (sha256): 02:34:95:3f:0a:c9:44:4f:ac:98:b6:d5:d6:b7:26:e3:69:57:48:61:dc:c1:5b:cf:cc:d6:d9:3d:db:8b:4b:1c
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate help.ap.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for help.ap.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
help.ap.org
ctcbomgar01.ap.org
ctcbomgar01.ap.org
Other certificates including the domain name ap.org
(limited to 100 certificates)
feedback.ap.org
ervaring.nedvice.nl
ervaring.nedvice.nl
playbook.ap.org
ervaring.nedvice.nl
www.ap.org
help.ap.org
nycwlcdmz1.ap.org
ap.org
apipreview.ap.org
careers.ap.org
appbnom11.ap.org
ervaring.nedvice.nl
ctchive01.ap.org
inside.ap.org
cwa-ctc.ap.org
ap.org
partners.apvideohub.ap.org
discover.ap.org
ASSP-EXPC-P.ap.org
ap.org
ap.org
epix.ap.org
mail-ctc.ap.org
ap.org
ap.org
ervaring.nedvice.nl
backup.ap.org
ervaring.nedvice.nl
eapws.ap.org
developer.ap.org
ervaring.nedvice.nl
datakit.ap.org
login.ap.org
kibana.associatedpress.com
api.ap.org
DeveloperAPIPreview.ap.org
ap.org
blog.ap.org
sunshine.ap.org
ipdlonbackhaul.ap.org
approdpbnom11.ap.org
careers.ap.org
easyvista.ap.org
ap.org
ssrpm.ap.org
vault.ap.org
tokive01.ap.org
login.ap.org
ctcgsscasper01.ap.org
ap.org
easyvista.ap.org
crmgw.ap.org
api.ap.org
ervaring.nedvice.nl
ervaring.nedvice.nl
preview.apvideohub.ap.org
ervaring.nedvice.nl
ap.org
sunshine.ap.org
store.ap.org
store.ap.org
origin.hosted.ap.org
ap.org
ap.org
blog.ap.org
store.ap.org
tokive01.ap.org
ap.org
approdpbnom12.ap.org
apipreview.ap.org
ap.org
apvideohub.ap.org
Developerapi.ap.org
eapadmin2.ap.org
ervaring.nedvice.nl
mysap.ap.org
blog.ap.org
discover.ap.org
inside.ap.org
wfm.ap.org
ap.org
discover.ap.org
IMSIPAPGW01.ap.org
ap.org
api-qa.ap.org
ap.org
partners.apvideohub.ap.org
blog.ap.org
store.ap.org
apvideohub.ap.org
sports.ap.org
bejive01.ap.org
discover.ap.org
gamestream.ap.org
apipreview.ap.org
ervaring.nedvice.nl
discover.ap.org
tokive01.ap.org
ervaring.nedvice.nl
ervaring.nedvice.nl
ervaring.nedvice.nl
playbook.ap.org
ervaring.nedvice.nl
www.ap.org
help.ap.org
nycwlcdmz1.ap.org
ap.org
apipreview.ap.org
careers.ap.org
appbnom11.ap.org
ervaring.nedvice.nl
ctchive01.ap.org
inside.ap.org
cwa-ctc.ap.org
ap.org
partners.apvideohub.ap.org
discover.ap.org
ASSP-EXPC-P.ap.org
ap.org
ap.org
epix.ap.org
mail-ctc.ap.org
ap.org
ap.org
ervaring.nedvice.nl
backup.ap.org
ervaring.nedvice.nl
eapws.ap.org
developer.ap.org
ervaring.nedvice.nl
datakit.ap.org
login.ap.org
kibana.associatedpress.com
api.ap.org
DeveloperAPIPreview.ap.org
ap.org
blog.ap.org
sunshine.ap.org
ipdlonbackhaul.ap.org
approdpbnom11.ap.org
careers.ap.org
easyvista.ap.org
ap.org
ssrpm.ap.org
vault.ap.org
tokive01.ap.org
login.ap.org
ctcgsscasper01.ap.org
ap.org
easyvista.ap.org
crmgw.ap.org
api.ap.org
ervaring.nedvice.nl
ervaring.nedvice.nl
preview.apvideohub.ap.org
ervaring.nedvice.nl
ap.org
sunshine.ap.org
store.ap.org
store.ap.org
origin.hosted.ap.org
ap.org
ap.org
blog.ap.org
store.ap.org
tokive01.ap.org
ap.org
approdpbnom12.ap.org
apipreview.ap.org
ap.org
apvideohub.ap.org
Developerapi.ap.org
eapadmin2.ap.org
ervaring.nedvice.nl
mysap.ap.org
blog.ap.org
discover.ap.org
inside.ap.org
wfm.ap.org
ap.org
discover.ap.org
IMSIPAPGW01.ap.org
ap.org
api-qa.ap.org
ap.org
partners.apvideohub.ap.org
blog.ap.org
store.ap.org
apvideohub.ap.org
sports.ap.org
bejive01.ap.org
discover.ap.org
gamestream.ap.org
apipreview.ap.org
ervaring.nedvice.nl
discover.ap.org
tokive01.ap.org
ervaring.nedvice.nl
Certificate
The complete raw certificate details for help.ap.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHQTCCBimgAwIBAgIRAKMINbhr29yPAAAAAFDrrNYwDQYJKoZIhvcNAQELBQAw gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg MjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcN MTkwMTAyMTYyNTQ3WhcNMjEwMTAyMTY1NTQ3WjBqMQswCQYDVQQGEwJVUzETMBEG A1UECBMKTmV3IEplcnNleTERMA8GA1UEBxMIQ3JhbmJ1cnkxHTAbBgNVBAoTFFRo ZSBBc3NvY2lhdGVkIFByZXNzMRQwEgYDVQQDEwtoZWxwLmFwLm9yZzCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMpO6np9jrZxZGYXS4s0F6sZeQDNwuZY ObZYSqFn/Iy2BosyqtvVDaoVBfwcidfvVePKCKS+JWctBvoHvcpW7M1t2xMrBYkU 7yZmSEutS7RFzC39Vst1gFO9YrI+RsSfMyAY3S5kn74cmTuA6XlG69fYv20ixiJV 4qYg6eH6TkiDFM+9CPTP5oZm2i06KOX9eVczTHbBe2y7oCXcFna6pbFhD7b/QEUP Ku/Ou3D7PviCO+Btop8t7GEIQDHWcPF50o1yuStNo9oSD7EtItwainwbkbw1xzMc PaD0bNMJiz5n/azzYpuXqpeAj/9XapATOhsSeXip2olJjgDuM0qK6d0CAwEAAaOC A48wggOLMCoGA1UdEQQjMCGCC2hlbHAuYXAub3JnghJjdGNib21nYXIwMS5hcC5v cmcwggH1BgorBgEEAdZ5AgQCBIIB5QSCAeEB3wB2AId1v+dZfPiMQ5lfvfNu/1aN R1Y2/0q1YMG06v9eoIMPAAABaA9+Gr8AAAQDAEcwRQIhAPqDVwTqhVRVKZ3oCpGe W0vysQCdzqM1O0/8v1ux6UGdAiBAatv5mi50D1QonCwIXjl4dgACG0EM4/mkMsB5 SHbBZgB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABaA9+GswA AAQDAEcwRQIgSRBQQELO/vYPl5utYUrKS0b8Ii/yV6e7mU/Z3oa7XIsCIQCMq/RW OuBCHqwjzc4om4ojL9wEFrBK0O40NfrkJjd7iwB2AFYUBpov18Ls0/XhvUSyPsdG drm8mRFcwO+UmFXWidDdAAABaA9+GuIAAAQDAEcwRQIhAKArRjHRLnK+o6GzxPI2 WCNcviAUPdPGgtwsYgihxkq5AiBdl13msMHExQ2HXwp7tpD5gT2XA28Nml0dgD33 4qR00gB1ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABaA9+GuQA AAQDAEYwRAIgaJwS4AXkKCPLcbbrL/3FbBWrpTokgHFfyLBCS1aJa7ICIBevC8yU If/fB35jPCtY0OjHHDqCL1HAr2L6zUUFWrspMA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwMwYDVR0fBCwwKjAooCagJIYiaHR0 cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNybDBLBgNVHSAERDBCMDYGCmCG SAGG+mwKAQUwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9y cGEwCAYGZ4EMAQICMGgGCCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDov L29jc3AuZW50cnVzdC5uZXQwMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVz dC5uZXQvbDFrLWNoYWluMjU2LmNlcjAfBgNVHSMEGDAWgBSConB03bxTP8971PfN f6dgxgpMvzAdBgNVHQ4EFgQUIoFa/vvdvTMl0QvtWwIQftRxyywwCQYDVR0TBAIw ADANBgkqhkiG9w0BAQsFAAOCAQEAOgtZLBX1ugUXSdZ06dTtnalSIiEVnkkMP6OI C2WXM86yBc5r9MFfgO5zfmCh4vGMNXjCGj9B5TiyatUmgecW/CRW6B2eDbU0M+l4 LPWRgyn9eUNgEdoGYHHPo98B34l3dJiSTcm0iPypEu6EKRvaJ3aCjll+syOtZhfL ldhlhNIfYIa/Z81uoIPlwRwIuh7p6V9NZ6NmpSv285Vtrczbv+0XKYplSjFCX73O nsnjIuPDTTAqjA7EA12/G1QP+iFCRBqDIIJ2EWDbR8aIEQFuw5G0Lo7mTnpH5TYJ vxW5GuDX2wn9ZbO7ALgGNRN7PqKVRVMLW5TIZVnIXNnVp84e+g== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyk7qen2OtnFkZhdLizQX qxl5AM3C5lg5tlhKoWf8jLYGizKq29UNqhUF/ByJ1+9V48oIpL4lZy0G+ge9ylbs zW3bEysFiRTvJmZIS61LtEXMLf1Wy3WAU71isj5GxJ8zIBjdLmSfvhyZO4DpeUbr 19i/bSLGIlXipiDp4fpOSIMUz70I9M/mhmbaLToo5f15VzNMdsF7bLugJdwWdrql sWEPtv9ARQ8q7867cPs++II74G2iny3sYQhAMdZw8XnSjXK5K02j2hIPsS0i3BqK fBuRvDXHMxw9oPRs0wmLPmf9rPNim5eql4CP/1dqkBM6GxJ5eKnaiUmOAO4zSorp 3QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 216706791266881154431409541219317689558 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-02 16:25:47 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-02 16:55:47 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Jersey' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cranbury' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Associated Press' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'help.ap.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25539052499372186588562801920903470537385636211717467008310302492587980554646587705060228102062767008682265592031239581780252943021498302663339129590329214346658091680493558101963245328492814589467573193673727333838427994460555063133521824782098990159987298373692239057494459946109601668487323733836532534031217193781797752788704393902266969018134289579014343506338256234772493120644348924814946708027078487145810057562322040814811082714600567857251615033760344471355435372183795852706473135161670845944479672968987263612708881547348827295869727063595876643918384921340841826849379956358086337053790226018295698090461 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (35 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'help.ap.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ctcbomgar01.ap.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (481 bytes) 01df0076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f000001680f7e1abf0000040300473045022100fa835704ea855455299de80a919e5b4bf2b1009dcea3353b4ffcbf5bb1e9419d0220406adbf99a2e740f54289c2c085e39787600021b410ce3f9a432c0794876c1660076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001680f7e1acc000004030047304502204910504042cefef60f979bad614aca4b46fc222ff257a7bb994fd9de86bb5c8b0221008cabf4563ae0421eac23cdce289b8a232fdc0416b04ad0ee3435fae426377b8b0076005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd000001680f7e1ae20000040300473045022100a02b4631d12e72bea3a1b3c4f23658235cbe20143dd3c682dc2c6208a1c64ab902205d975de6b0c1c4c50d875f0a7bb690f9813d97036f0d9a5d1d803df7e2a474d2007500bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed185000001680f7e1ae400000403004630440220689c12e005e42823cb71b6eb2ffdc56c15aba53a2480715fc8b0424b56896bb2022017af0bcc9421ffdf077e633c2b58d0e8c71c3a822f51c0af62facd45055abb29 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 22815afefbddbd3325d10bed5b02107ed471cb2c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003a0b592c15f5ba051749d674e9d4ed9da9522221159e490c3fa3880b659733ceb205ce6bf4c15f80ee737e60a1e2f18c3578c21a3f41e538b26ad52681e716fc2456e81d9e0db53433e9782cf5918329fd79436011da066071cfa3df01df89777498924dc9b488fca912ee84291bda2776828e597eb323ad6617cb95d86584d21f6086bf67cd6ea083e5c11c08ba1ee9e95f4d67a366a52bf6f3956dadccdbbfed17298a654a31425fbdce9ec9e322e3c34d302a8c0ec4035dbf1b540ffa2142441a832082761160db47c68811016ec391b42e8ee64e7a47e53609bf15b91ae0d7db09fd65b3bb00b80635137b3ea29545530b5b94c86559c85cd9d5a7ce1efa