www9.kankyo.metro.tokyo.lg.jp

- Tokyo Metropolitan Government -

Issued by SECOM Passport for Web SR 3.0 CA

About this certificate

This digital certificate with serial number 2f:b0:c2:21:b9:fa:69:45:c9:0d:7f:cd:41:77:a7:ad was issued on by SECOM Trust Systems CO.,LTD..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

Tokyo Metropolitan Government

Organization: Tokyo Metropolitan Government
Organization unit: Kankyokyoku Chikyukankyoenerugibu Soryosakugenka
State / Province: Tokyo
Locality: Shinjuku-ku
Country: JP

SECOM Trust Systems CO.,LTD.

Organization: SECOM Trust Systems CO.,LTD.
Country: JP

This certificate has expire since

Certificate Details

Serial Number (hex): 2f:b0:c2:21:b9:fa:69:45:c9:0d:7f:cd:41:77:a7:ad
Serial Number (int): 63391497508543102491531599043150456749
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 39:0f:2a:1e:c3:7f:5f:ff:43:76:ed:ab:1c:8a:09:c2:35:a3:17:12
AuthorityKeyId: cb:ef:3d:ef:83:74:a1:a8:42:f0:3b:40:36:fa:6d:82:94:a9:27:36

Fingerprint (sha1): bb:82:07:47:5b:5f:7b:dd:16:fd:c1:6c:e0:a5:cc:1a:da:7f:c6:b8
Fingerprint (sha256): 02:bd:59:c5:3d:4a:39:d8:6a:7a:71:94:d6:a2:98:f9:bf:b3:f2:fa:c9:74:c5:09:42:1e:7a:c5:a9:0d:49:5f


Revocation information

OCSP Server: http://sr30.ocsp.secomtrust.net
CRL Distribution Point: http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl

Check the revocation status for certificate www9.kankyo.metro.tokyo.lg.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www9.kankyo.metro.tokyo.lg.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www9.kankyo.metro.tokyo.lg.jp

Other certificates including the domain name tokyo.lg.jp

(limited to 100 certificates)
www.ecosystem.metro.tokyo.lg.jp
en.sports-tokyo-info.metro.tokyo.lg.jp
www.tokyo-danjo.metro.tokyo.lg.jp
csyouboudoui-irai.tfd.metro.tokyo.lg.jp
www.kyoin-saiyo.tems.metro.tokyo.lg.jp
www9.kankyo.metro.tokyo.lg.jp
www.sports-tokyo-info.metro.tokyo.lg.jp
smooth-biz.metro.tokyo.lg.jp
ijime.metro.tokyo.lg.jp
www.locationbox.metro.tokyo.lg.jp
www.meisai.tems.metro.tokyo.lg.jp
www.digitalservice.metro.tokyo.lg.jp
stg.apr.applicant-api.2021.jitan.metro.tokyo.lg.jp
shuyojoho.metro.tokyo.lg.jp
www.hikaku.metro.tokyo.lg.jp
www.kankyo.metro.tokyo.lg.jp
www2.fukushihoken.metro.tokyo.lg.jp
yoyaku.sports.metro.tokyo.lg.jp
stg.kodomo-smile.metro.tokyo.lg.jp
www2.fukushihoken.metro.tokyo.lg.jp
koshikawakaikei.lfv.jp
nenryou-taisaku.metro.tokyo.lg.jp
wwwdojou.kankyo.metro.tokyo.lg.jp
www.kaisyahakken.metro.tokyo.lg.jp
stopcovid19.metro.tokyo.lg.jp
www.kodomo-dokusho.metro.tokyo.lg.jp
gairaisyu.metro.tokyo.lg.jp
futari-story.metro.tokyo.lg.jp
mypage.018support-system.metro.tokyo.lg.jp
www.wakanavi-tokyo.metro.tokyo.lg.jp
map-origin.bousai.metro.tokyo.lg.jp
www.lwb-expo.metro.tokyo.lg.jp
www.conrepo.metro.tokyo.lg.jp
catalog.data.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
stg.kenkou-hataraku.metro.tokyo.lg.jp
www5.kankyo.metro.tokyo.lg.jp
www8.kankyo.metro.tokyo.lg.jp
toritsuko.metro.tokyo.lg.jp
www.e-rule.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
www.hikaku.metro.tokyo.lg.jp
www.medclar.ro
www.hataraku.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
wwwdojou.kankyo.metro.tokyo.lg.jp
www.maedatei.metro.tokyo.lg.jp
search.metro.tokyo.lg.jp
filets01.metro.tokyo.lg.jp
www.tamajimu.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
portal.data.metro.tokyo.lg.jp
www.ecosystem.metro.tokyo.lg.jp
www.investtokyo.metro.tokyo.lg.jp
poc-ground.metro.tokyo.lg.jp
nihongoup.metro.tokyo.lg.jp
staff2.shintosei.metro.tokyo.lg.jp
suidonet.waterworks.metro.tokyo.lg.jp
wannyan.metro.tokyo.lg.jp
www3.kankyo.metro.tokyo.lg.jp
cms.hataraku.metro.tokyo.lg.jp
catalog.library.metro.tokyo.lg.jp
www.kyoin-saiyo.metro.tokyo.lg.jp
api.data.metro.tokyo.lg.jp
gamcheatsheet.com
futari-story.metro.tokyo.lg.jp
catalog.data.metro.tokyo.lg.jp
cms.hataraku.metro.tokyo.lg.jp
sabisapp-stage.websays.com
nihongoup.metro.tokyo.lg.jp
fukushikensa.metro.tokyo.lg.jp
*.support-navi.metro.tokyo.lg.jp
catalog.data.metro.tokyo.lg.jp
tems.kjssj.metro.tokyo.lg.jp
www.taiki.kankyo.metro.tokyo.lg.jp
www.anzenedu.metro.tokyo.lg.jp
www.mentor-cafe.metro.tokyo.lg.jp
018support-system.metro.tokyo.lg.jp
tokyovaccine-rsv.metro.tokyo.lg.jp
www.keishicho.metro.tokyo.lg.jp
www.takken.metro.tokyo.lg.jp
www.snsdouga.metro.tokyo.lg.jp
www.conrepo.metro.tokyo.lg.jp
www.tmiph.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
sumasapo.metro.tokyo.lg.jp
webtest.tfd.metro.tokyo.lg.jp
www.zeroemission-life.metro.tokyo.lg.jp
kodomosafetypj.metro.tokyo.lg.jp
www.kouwan.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
www.taiki.kankyo.metro.tokyo.lg.jp
kosodateswitch.metro.tokyo.lg.jp
www.fsis.metro.tokyo.lg.jp
futari-story.metro.tokyo.lg.jp
www.ifarc.metro.tokyo.lg.jp
www.kaisyahakken.metro.tokyo.lg.jp
stg.kenkou-hataraku.metro.tokyo.lg.jp
www.fukuho-kodomotsu.metro.tokyo.lg.jp
manabu.metro.tokyo.lg.jp

Certificate

The complete raw certificate details for www9.kankyo.metro.tokyo.lg.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGrDCCBZSgAwIBAgIQL7DCIbn6aUXJDX/NQXenrTANBgkqhkiG9w0BAQsFADBf
MQswCQYDVQQGEwJKUDElMCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4s
TFRELjEpMCcGA1UEAxMgU0VDT00gUGFzc3BvcnQgZm9yIFdlYiBTUiAzLjAgQ0Ew
HhcNMTkxMjEyMDgxMjI1WhcNMjExMjEyMTQ1OTU5WjCBvjELMAkGA1UEBhMCSlAx
DjAMBgNVBAgTBVRva3lvMRQwEgYDVQQHEwtTaGluanVrdS1rdTEmMCQGA1UEChMd
VG9reW8gTWV0cm9wb2xpdGFuIEdvdmVybm1lbnQxOTA3BgNVBAsTMEthbmt5b2t5
b2t1IENoaWt5dWthbmt5b2VuZXJ1Z2lidSBTb3J5b3Nha3VnZW5rYTEmMCQGA1UE
AxMdd3d3OS5rYW5reW8ubWV0cm8udG9reW8ubGcuanAwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCyRPFMsngCJsyHYkCGJUFVvqLzRaqqIv4+pimC8Ern
ikvGo06pVKQHzWxWxtaoNn5KKfK6waAcO6yFAuMk3lRN6LwM4cFPklha+vllAfLB
F+/ATnf4m94zzMUVud1zTZgmzPDqn1s53ZE9TPqC3zntHNb/yS2PKKsTawDTbuDD
Ylki2L3nL4maKx8d5zxtx2iIl2vgyJwj1KCbkalTf4FWnaHvoDeZtIYpIGaxLGJe
d+ta66qMHZLDrhCf1nAt9kESuhyrYchN9hQcI3ex7jTBL/iachjEgWz6sklReKch
9lCvLDrO905XaYnMCFAcWntJU8T6+fhiJrAEA3PnmO1ZAgMBAAGjggMCMIIC/jAf
BgNVHSMEGDAWgBTL7z3vg3ShqELwO0A2+m2ClKknNjA7BggrBgEFBQcBAQQvMC0w
KwYIKwYBBQUHMAGGH2h0dHA6Ly9zcjMwLm9jc3Auc2Vjb210cnVzdC5uZXQwKAYD
VR0RBCEwH4Idd3d3OS5rYW5reW8ubWV0cm8udG9reW8ubGcuanAwYQYDVR0gBFow
WDBMBgoqgwiMmxtkhW8BMD4wPAYIKwYBBQUHAgEWMGh0dHBzOi8vcmVwbzEuc2Vj
b210cnVzdC5uZXQvc3BjcHAvcGZ3L3Bmd3NyM2NhLzAIBgZngQwBAgIwEwYDVR0l
BAwwCgYIKwYBBQUHAwEwTAYDVR0fBEUwQzBBoD+gPYY7aHR0cDovL3JlcG8xLnNl
Y29tdHJ1c3QubmV0L3NwY3BwL3Bmdy9wZndzcjNjYS9mdWxsY3JsMi5jcmwwHQYD
VR0OBBYEFDkPKh7Df1//Q3btqxyKCcI1oxcSMA4GA1UdDwEB/wQEAwIFoDCCAX0G
CisGAQQB1nkCBAIEggFtBIIBaQFnAHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+4
43fNDsgN3BAAAAFu+TO15AAABAMARjBEAiB5FCUvxIckn3qGhvXA+hAxBlA0WdD7
klxKikSyVUeEPgIgNy3FhbjI2m9GQ6jfOoKYRAcHsX0mA7JNtkaW4FRb3+AAdwDu
S723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAW75M7gOAAAEAwBIMEYC
IQCFp07XbqA62bVNhsE88c+VRksNMQ8j3kMWwBg8ngbgkwIhAM8N28LgIpJv2Dch
gvhmKO348tmXz6mUZXKqTZ7ALMerAHUAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQAp
Bo2yCJo32RMAAAFu+TO7vgAABAMARjBEAiAzm5SwNpAtZTjwNzXVpFJeydNWfVQ+
cukKBS4xv36nEAIgfTd3keyat5WIDvaJzBgb7rS1402/8np8znaUsumbwKIwDQYJ
KoZIhvcNAQELBQADggEBADHYdsNUwarvZbufEKlTyxJ+mB3WZiwECi4BVLTdbqJn
3Kr7JYwcpXqDaTJ7VNqneHKKozUtsRS81akeKJAEVWBB9Tcx+ohSgx8E5ks7EsKn
mz8FCo4x3oh5pCIZ9yHii6aXjBeYG1/k+YemqntiWTa10gEhTa9qyccPHTfyGz/2
XWAlNPLsp4kRV7UTVTs2Cuswrr/E73a4YU1KlzIH3xV8ijtX0IZxyDptTTOAdFZT
uSCb57SHxCBmX9Z5NjHssUgtlysiChP/MyyfMOzwnmkdEqq019L3IQbLZb0cezWA
aHhj9LE8c0gy3zd8739G83HXHhXOYAupUjRFUMTr+Ug=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskTxTLJ4AibMh2JAhiVB
Vb6i80WqqiL+PqYpgvBK54pLxqNOqVSkB81sVsbWqDZ+SinyusGgHDushQLjJN5U
Tei8DOHBT5JYWvr5ZQHywRfvwE53+JveM8zFFbndc02YJszw6p9bOd2RPUz6gt85
7RzW/8ktjyirE2sA027gw2JZIti95y+JmisfHec8bcdoiJdr4MicI9Sgm5GpU3+B
Vp2h76A3mbSGKSBmsSxiXnfrWuuqjB2Sw64Qn9ZwLfZBErocq2HITfYUHCN3se40
wS/4mnIYxIFs+rJJUXinIfZQryw6zvdOV2mJzAhQHFp7SVPE+vn4YiawBANz55jt
WQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 63391497508543102491531599043150456749
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Trust Systems CO.,LTD.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Passport for Web SR 3.0 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-12 08:12:25 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-12 14:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tokyo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Shinjuku-ku'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tokyo Metropolitan Government'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Kankyokyoku Chikyukankyoenerugibu Soryosakugenka'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www9.kankyo.metro.tokyo.lg.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22504415135537980633559757661489489301846074753492192365468224535423359318340959426761302867965121724141359920602916343454864037863933916123063546143887150705007681444945396933601264677893674291246791447857041098570926200119356063018695340573202896727659663155147246177520485768319894261359412359934149381281361588107312237538566543408220789079847492341563115650383612985735161795188267009198683323437775724961311765890354470347194070387305909000945869290341229543046007465721149910593004854874440239167083901577690603682160441559493452581563563276092145086205117752098176623894325145126081889300544099467389444877657
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName cbef3def8374a1a842f03b4036fa6d8294a92736
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://sr30.ocsp.secomtrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www9.kankyo.metro.tokyo.lg.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.392.200091.100.751.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							390f2a1ec37f5fff4376edab1c8a09c235a31712
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016ef933b5e4000004030046304402207914252fc487249f7a8686f5c0fa103106503459d0fb925c4a8a44b25547843e0220372dc585b8c8da6f4643a8df3a8298440707b17d2603b24db64696e0545bdfe0007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016ef933b80e000004030048304602210085a74ed76ea03ad9b54d86c13cf1cf95464b0d310f23de4316c0183c9e06e093022100cf0ddbc2e022926fd8372182f86628edf8f2d997cfa9946572aa4d9ec02cc7ab0075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016ef933bbbe00000403004630440220339b94b036902d6538f03735d5a4525ec9d3567d543e72e90a052e31bf7ea71002207d377791ec9ab795880ef689cc181beeb4b5e34dbff27a7cce7694b2e99bc0a2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0031d876c354c1aaef65bb9f10a953cb127e981dd6662c040a2e0154b4dd6ea267dcaafb258c1ca57a8369327b54daa778728aa3352db114bcd5a91e289004556041f53731fa8852831f04e64b3b12c2a79b3f050a8e31de8879a42219f721e28ba6978c17981b5fe4f987a6aa7b625936b5d201214daf6ac9c70f1d37f21b3ff65d602534f2eca7891157b513553b360aeb30aebfc4ef76b8614d4a973207df157c8a3b57d08671c83a6d4d3380745653b9209be7b487c420665fd6793631ecb1482d972b220a13ff332c9f30ecf09e691d12aab4d7d2f72106cb65bd1c7b3580687863f4b13c734832df377cef7f46f371d71e15ce600ba952344550c4ebf948