hp-mbr-admn-crdc.kp.org

- Kaiser Foundation Health Plan, Inc. -

Issued by COMODO RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number 90:d1:a0:7d:47:c5:6e:bc:e4:19:5a:80:40:0e:fb:62 was issued on by COMODO CA Limited.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Kaiser Foundation Health Plan, Inc.

Organization: Kaiser Foundation Health Plan, Inc.
Organization unit: KPIT
Organization unit: InstantSSL
Address: 1 Kaiser Plaza
Postal code: 94612
State / Province: CA
Locality: Oakland
Country: US

COMODO CA Limited

Organization: COMODO CA Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 90:d1:a0:7d:47:c5:6e:bc:e4:19:5a:80:40:0e:fb:62
Serial Number (int): 192497276547730680251337972333564328802
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: f5:bf:96:ab:ad:c3:12:a4:7a:2c:af:e5:fe:d4:ef:2a:a8:ea:c3:0e
AuthorityKeyId: 9a:f3:2b:da:cf:ad:4f:b6:2f:bb:2a:48:48:2a:12:b7:1b:42:c1:24

Fingerprint (sha1): 98:65:e1:2d:10:14:c5:ea:11:c0:f9:c7:42:38:a2:38:6d:d4:fd:f9
Fingerprint (sha256): 02:eb:1a:26:a1:52:09:08:e6:e4:86:e0:b6:c6:e6:78:a7:03:09:c0:45:12:4b:9b:a8:cc:1b:25:28:99:7f:11

Issuing Certificate URL: http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.comodoca.com
CRL Distribution Point: http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate hp-mbr-admn-crdc.kp.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for hp-mbr-admn-crdc.kp.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

hp-mbr-admn-crdc.kp.org
www.hp-mbr-admn-crdc.kp.org

Other certificates including the domain name kp.org

(limited to 100 certificates)
idm-uat.kp.org
nplms.kp.org
national-implantregistries.kaiserpermanente.org
cl.kp.org
paultestcertone.venafi-qa.kp.org
kplocator.kp.org
cnndcsqlp040.nndc.kp.org
ive-crdc.kp.org
opscpos01102.appl.kp.org
physiciancareers-ncal.kp.org
kpfaxwebdev.appl.kp.org
epiclink-oh.kp.org
cnndcappgrp080.ccst.kp.org
opncpos02447.appl.kp.org
kpwapdcdrvpn.appl.kp.org
opscpos01152.appl.kp.org
cnndcsmrp216.nndc.kp.org
finesse-amcimc2.appl.kp.org
digiphobcs.appl.kp.org
lzpoc.kp.org
tpmghr.kp.org
digitalproductroadmaptool.kp.org
cnqmsiarc.appl.kp.org
cscdcimppm01.crdc.kp.org
onelinkinfo.kp.org
test1.uat.kp.org
venafipatchninecsorp.venafi-qa.kp.org
essearch.tro-splunk.kp.org
nps-dev.appl.kp.org
residency.kp.org
ivvpexip.appl.kp.org
csbdc-vmax0247-emgmt1.bcdc.kp.org
myit-ws-xm.kp.org
kpgadatamart.ga.kp.org
finesse-amcimc1.appl.kp.org
tpmghcm-rpt.appl.kp.org
copdf-temp.ssdc.kp.org
afl-wa.appl.kp.org
czapwb8.crdc.kp.org
onelinktax.appl.kp.org
csc2cwn00000309.cloud.kp.org
staffprovider-qa-appl.wa.kp.org
czapwb7.crdc.kp.org
ncalethics.kp.org
myit-xm-uat.kp.org
ncalethics.kp.org
nw-inventrix-prod.appl.kp.org
kpschedule.kp.org
appsdev.kp.org
hits-dev.appl.kp.org
test1csr.md.uat.kp.org
coats-uat.kp.org
api-services-pp.kp.org
singledomain5.demo.kp.org
vcoltme21.ntwk.kp.org
downey-physicianpeersurvey.appl.kp.org
apps.kp.org
ndc1ctxnsa.nndc.kp.org
*.clm1-ezp.kp.org
*.sts.ext-svc-bmxp.appl.kp.org
*.kpvv.int-svc.bmxnp.appl.kp.org
mobileiron50.kp.org
mobileiron13.kp.org
wdcvnx5400-mgm3.wpoc.kp.org
econsult-dev.kp.org
ccsp.appl.kp.org
aaccesp.kp.org
prod-npl.eglb.kp.org
izadap8.ivdc.kp.org
securemail.kp.org
aperturepatchsixninegfgnj.venafi-qa.kp.org
velocity-preprod-intranet.crdc.kp.org
bookingservice-p1.kpaths.appl.kp.org
cnlenam3900303.len.ca.kp.org
pdasweb-uat-tmp.appl.kp.org
kpa-prod.kaiserpermanente.org
violenceprevention.kp.org
csc2cwn00000330.cloud.kp.org
hp-mbr-admn-crdc.kp.org
scpmghcmint.kp.org
onelinkppt-uat.appl.kp.org
downey-isitepics.appl.kp.org
csidcwvzp537.ccst.kp.org
aperturepatchsixninegjgfj.venafi-qa.kp.org
jira-aes.kp.org
jenkins.mobilepipeline.kp.org
vcarwce11.ntwk.kp.org
mars-dev.appl.kp.org
venafipatchninesyjfg.venafi-qa.kp.org
csc2cwp00000862.cloud.kp.org
aperturepatchsixninehwkvl.venafi-qa.kp.org
msonet-ncal.kp.org
ezrpt-qa.appl.kp.org
pacts-qa.appl.kp.org
nps-pt.appl.kp.org
mec-uat.appl.kp.org
healthplans.kaiserpermanente.org
wmbqakpsb25.appl.kp.org
tableau-sandboxprod2.appl.kp.org
cskpcloudwp6115.cloud.kp.org

Certificate

The complete raw certificate details for hp-mbr-admn-crdc.kp.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHbTCCBlWgAwIBAgIRAJDRoH1HxW685BlagEAO+2IwDQYJKoZIhvcNAQELBQAw
gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYD
VQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBT
ZXJ2ZXIgQ0EwHhcNMTgwODE2MDAwMDAwWhcNMjAwODE1MjM1OTU5WjCByTELMAkG
A1UEBhMCVVMxDjAMBgNVBBETBTk0NjEyMQswCQYDVQQIEwJDQTEQMA4GA1UEBxMH
T2FrbGFuZDEXMBUGA1UECRMOMSBLYWlzZXIgUGxhemExLDAqBgNVBAoTI0thaXNl
ciBGb3VuZGF0aW9uIEhlYWx0aCBQbGFuLCBJbmMuMQ0wCwYDVQQLEwRLUElUMRMw
EQYDVQQLEwpJbnN0YW50U1NMMSAwHgYDVQQDExdocC1tYnItYWRtbi1jcmRjLmtw
Lm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM5GoLRx1QUcZzCW
7Sf1W0rIMfvuXNWcXvDXP9aNRyA+p+dFGHjLIraJRHZMUoikGmoqm89Ld9sYxaPH
hmqYVkfz5acvoEw9YGDN4mSel12Pv+0geOkEnRcyZOFj8rQ21sAr88BSYVMFfI6w
rA144d3vMTHRKdoVymYktAWrrk8oVnmySfxwgspZhGVovzk7FMHkPYP4R2FZfk1B
MGeF1WLj4r4y0UqC2Nk2EMIAJXemTc/euhFQOLsHghHEFsuY08u+kWt7Sf4VjfiO
mF2m9XHD8FK/Rg3YSdsM0LskWsw0P5gscYlBnTYQwpsMIFBB5zeRlqvysaS6Xpd2
cVpspQ0CAwEAAaOCA38wggN7MB8GA1UdIwQYMBaAFJrzK9rPrU+2L7sqSEgqErcb
QsEkMB0GA1UdDgQWBBT1v5arrcMSpHosr+X+1O8qqOrDDjAOBgNVHQ8BAf8EBAMC
BaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
UAYDVR0gBEkwRzA7BgwrBgEEAbIxAQIBAwQwKzApBggrBgEFBQcCARYdaHR0cHM6
Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BN
oEuGSWh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlv
blZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYsGCCsGAQUFBwEBBH8wfTBV
BggrBgEFBQcwAoZJaHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBT3Jn
YW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAkBggrBgEFBQcw
AYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMD8GA1UdEQQ4MDaCF2hwLW1ici1h
ZG1uLWNyZGMua3Aub3Jnght3d3cuaHAtbWJyLWFkbW4tY3JkYy5rcC5vcmcwggF9
BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLY
gwDEe4l6qP3LAAABZUQoTqkAAAQDAEcwRQIgCByybWkDZ3tYlFW6zDluETUVCUzP
Fh8zqyxYT203/9kCIQDHOJAAaSzw0TkQo0LON2dPpBkBC51EXtu31yDsxu1D+wB1
AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABZUQoTvgAAAQDAEYw
RAIgDcLago5FSxqERe4g2X/wqR9whK36jRY2cJRqhxDZ+TICIEeCUsmAcLwIQFwV
qGKa3gfpTcXGfmcFdzyzxA+EXAbKAHYAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgX
L6OqHQcT0wwAAAFlRChOygAABAMARzBFAiEAv111xHHhkxBBx/eALdEtp/ratiWH
lEfcKUvm7CDx+B4CIEHtELBWwjHXQImMW+fFrrmkfEo4XEBwi/ytuwHm0qFgMA0G
CSqGSIb3DQEBCwUAA4IBAQCCHZ0rUWAteyCK5r6X9vqhmHbLcomxcx8XXHytHEmF
DtiNofE068aUk0io/x064vrvCCT+J1PEIu+q1M6I/kOA8+NVAR2YoDIOqkEO/USJ
Z4WPb8ubiyPMAdQ7OuIELAFGRSx2eomTykwZEW93Uuw7HCGHfen/KTqelgSu7lk2
fcQrnPwr/azjQiQYulbIHBbrGk1/Krg5ON468JhcRYchLD8ruM0eHhl+QBfyhJTf
IJiv9SlxP60Uz/eWOA4Ve65sdPOJuzTCXCgQsuAhrtcKxgzwYE8Hewe5bSFElusA
Ul9kwVsdJb4w9V8qmzMB/l8N7Aw0NthhVbrh7cF1Z96R
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkagtHHVBRxnMJbtJ/Vb
Ssgx++5c1Zxe8Nc/1o1HID6n50UYeMsitolEdkxSiKQaaiqbz0t32xjFo8eGaphW
R/Plpy+gTD1gYM3iZJ6XXY+/7SB46QSdFzJk4WPytDbWwCvzwFJhUwV8jrCsDXjh
3e8xMdEp2hXKZiS0BauuTyhWebJJ/HCCylmEZWi/OTsUweQ9g/hHYVl+TUEwZ4XV
YuPivjLRSoLY2TYQwgAld6ZNz966EVA4uweCEcQWy5jTy76Ra3tJ/hWN+I6YXab1
ccPwUr9GDdhJ2wzQuyRazDQ/mCxxiUGdNhDCmwwgUEHnN5GWq/KxpLpel3ZxWmyl
DQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 192497276547730680251337972333564328802
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-16 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-15 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '94612'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oakland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1 Kaiser Plaza'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Kaiser Foundation Health Plan, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'KPIT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InstantSSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hp-mbr-admn-crdc.kp.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26039918666244814753563669326721266081860561902160483787823972963085881294082993272574278094820713630142775725455788705334916809061304323672392062669971305420311859219240484312518019840921712205421772972578744212968636767795260143172021220428862290069767565048648696536364899147238626405440161306667141556661182145818166309419692011323288241677931981190386636127094069135205166610966669200658978606875444534878724307131396034129199407842874370215291839316574238242050162346562550306987336447976099979592314197827364801361382851357613530670303852683817169434250128343352668793818429289267907219565735389028594123318541
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9af32bdacfad4fb62fbb2a48482a12b71b42c124
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f5bf96abadc312a47a2cafe5fed4ef2aa8eac30e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (127 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hp-mbr-admn-crdc.kp.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hp-mbr-admn-crdc.kp.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016544284ea900000403004730450220081cb26d6903677b589455bacc396e113515094ccf161f33ab2c584f6d37ffd9022100c7389000692cf0d13910a342ce37674fa419010b9d445edbb7d720ecc6ed43fb0075005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016544284ef8000004030046304402200dc2da828e454b1a8445ee20d97ff0a91f7084adfa8d163670946a8710d9f9320220478252c98070bc08405c15a8629ade07e94dc5c67e6705773cb3c40f845c06ca0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016544284eca0000040300473045022100bf5d75c471e1931041c7f7802dd12da7fadab625879447dc294be6ec20f1f81e022041ed10b056c231d740898c5be7c5aeb9a47c4a385c40708bfcadbb01e6d2a160
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00821d9d2b51602d7b208ae6be97f6faa19876cb7289b1731f175c7cad1c49850ed88da1f134ebc6949348a8ff1d3ae2faef0824fe2753c422efaad4ce88fe4380f3e355011d98a0320eaa410efd448967858f6fcb9b8b23cc01d43b3ae2042c0146452c767a8993ca4c19116f7752ec3b1c21877de9ff293a9e9604aeee59367dc42b9cfc2bfdace3422418ba56c81c16eb1a4d7f2ab83938de3af0985c4587212c3f2bb8cd1e1e197e4017f28494df2098aff529713fad14cff796380e157bae6c74f389bb34c25c2810b2e021aed70ac60cf0604f077b07b96d214496eb00525f64c15b1d25be30f55f2a9b3301fe5f0dec0c3436d86155bae1edc17567de91