ra.asb.co.nz
- ASB Bank Limited -
Issued by Entrust Certification Authority - L1M
About this certificate
This digital certificate with serial number d5:8b:91:4d:5b:73:ef:ff:00:00:00:00:54:ce:5c:f8 was issued on by Entrust, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
ASB Bank Limited
Company registration number:
398445
Organization: ASB Bank Limited
Organization: ASB Bank Limited
Locality:
Auckland
Country: NZ
Country: NZ
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): d5:8b:91:4d:5b:73:ef:ff:00:00:00:00:54:ce:5c:f8Serial Number (int): 283850239443787760771949338135406468344
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: b3:8b:2b:1e:3b:8e:b0:7d:2f:30:cb:2b:3a:42:b1:99:bb:10:1a:8e
AuthorityKeyId: c3:f7:d0:b5:2a:30:ad:af:0d:91:21:70:39:54:dd:bc:89:70:c7:3a
Fingerprint (sha1): d7:fe:a1:a9:11:0e:35:b1:87:fc:e2:38:9d:90:89:3a:12:43:2f:8e
Fingerprint (sha256): 03:02:83:76:51:31:40:59:c9:0c:a2:00:3c:49:76:dd:59:b8:37:a7:0e:ff:80:cc:6f:44:ba:2f:42:4b:62:fb
Issuing Certificate URL: http://aia.entrust.net/l1m-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1m.crl
Check the revocation status for certificate ra.asb.co.nz
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ra.asb.co.nz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ra.asb.co.nz
Other certificates including the domain name asb.co.nz
(limited to 100 certificates)
fbchat.asb.co.nz
receivables-suite.asb.co.nz
blog.asb.co.nz
qa.asb.co.nz
online.asb.co.nz
reports.asb.co.nz
ra.asb.co.nz
mobileapifnb.asb.co.nz
visaissuer.testservices.asb.co.nz
video.asb.co.nz
st.asb.co.nz
m.asb.co.nz
tr.asb.co.nz
fbchat.asb.co.nz
feedback.asb.co.nz
srapp.asb.co.nz
developer.asb.co.nz
api-pnz-partner.asb.co.nz
qa.asbsecurities.co.nz
careers4u.asb.co.nz
renovate.asb.co.nz
api.asb.co.nz
mobileapifnb.asb.co.nz
onboardingapi.asb.co.nz
sra.asb.co.nz
srx.asb.co.nz
links.mail.asb.co.nz
www.asb.co.nz
cardmanager.asb.co.nz
online.asb.co.nz
api.asb.co.nz
probe.asb.co.nz
renovate.asb.co.nz
succeedon.asb.co.nz
banner.asb.co.nz
reports.asb.co.nz
www.suburbseeker.asb.co.nz
sra.asb.co.nz
info.asb.co.nz
www.asb.co.nz
cards.asb.co.nz
datastreamclientlogs.asb.co.nz
feedback.asb.co.nz
www.suburbseeker.asb.co.nz
video.asb.co.nz
market-alerts.asb.co.nz
m.asb.co.nz
voiceofthecustomer.asb.co.nz
www.suburbseeker.asb.co.nz
onboardingapiqa.asb.co.nz
api-pnz-poc.asb.co.nz
receivables-suite.asb.co.nz
qadeveloper.asb.co.nz
video.asb.co.nz
visit.asb.co.nz
sra.asb.co.nz
gauntlet.asb.co.nz
developer.asb.co.nz
testservices.asb.co.nz
asb.co.nz
fnb.asb.co.nz
www.asb.co.nz
srapp.asb.co.nz
fbchat.asb.co.nz
gauntlet.asb.co.nz
vpnd.asb.co.nz
asb.co.nz
banner.asb.co.nz
media.asb.co.nz
online.asb.co.nz
ra.asb.co.nz
api.asb.co.nz
api.asb.co.nz
gauntlet.asb.co.nz
PXATCA15.prod.asbgroup.co.nz
ra.asb.co.nz
info.asb.co.nz
mail.asbdev.co.nz
gauntlet.asb.co.nz
snapshot.asb.co.nz
fnb.asb.co.nz
testservices.asb.co.nz
testservices.asb.co.nz
www.asb.co.nz
content.asb.co.nz
3desdecsign.dev.asb.co.nz
gauntlet.asb.co.nz
api.asb.co.nz
pages.asb.co.nz
cardmanager.asb.co.nz
content.asb.co.nz
ventures.asb.co.nz
developer.asb.co.nz
qa.asb.co.nz
paymark.asb.co.nz
devservices.asb.co.nz
datastreamclientlogs.asb.co.nz
thirdparty.asb.co.nz
vdi.asb.co.nz
mobileapiqa.asb.co.nz
receivables-suite.asb.co.nz
blog.asb.co.nz
qa.asb.co.nz
online.asb.co.nz
reports.asb.co.nz
ra.asb.co.nz
mobileapifnb.asb.co.nz
visaissuer.testservices.asb.co.nz
video.asb.co.nz
st.asb.co.nz
m.asb.co.nz
tr.asb.co.nz
fbchat.asb.co.nz
feedback.asb.co.nz
srapp.asb.co.nz
developer.asb.co.nz
api-pnz-partner.asb.co.nz
qa.asbsecurities.co.nz
careers4u.asb.co.nz
renovate.asb.co.nz
api.asb.co.nz
mobileapifnb.asb.co.nz
onboardingapi.asb.co.nz
sra.asb.co.nz
srx.asb.co.nz
links.mail.asb.co.nz
www.asb.co.nz
cardmanager.asb.co.nz
online.asb.co.nz
api.asb.co.nz
probe.asb.co.nz
renovate.asb.co.nz
succeedon.asb.co.nz
banner.asb.co.nz
reports.asb.co.nz
www.suburbseeker.asb.co.nz
sra.asb.co.nz
info.asb.co.nz
www.asb.co.nz
cards.asb.co.nz
datastreamclientlogs.asb.co.nz
feedback.asb.co.nz
www.suburbseeker.asb.co.nz
video.asb.co.nz
market-alerts.asb.co.nz
m.asb.co.nz
voiceofthecustomer.asb.co.nz
www.suburbseeker.asb.co.nz
onboardingapiqa.asb.co.nz
api-pnz-poc.asb.co.nz
receivables-suite.asb.co.nz
qadeveloper.asb.co.nz
video.asb.co.nz
visit.asb.co.nz
sra.asb.co.nz
gauntlet.asb.co.nz
developer.asb.co.nz
testservices.asb.co.nz
asb.co.nz
fnb.asb.co.nz
www.asb.co.nz
srapp.asb.co.nz
fbchat.asb.co.nz
gauntlet.asb.co.nz
vpnd.asb.co.nz
asb.co.nz
banner.asb.co.nz
media.asb.co.nz
online.asb.co.nz
ra.asb.co.nz
api.asb.co.nz
api.asb.co.nz
gauntlet.asb.co.nz
PXATCA15.prod.asbgroup.co.nz
ra.asb.co.nz
info.asb.co.nz
mail.asbdev.co.nz
gauntlet.asb.co.nz
snapshot.asb.co.nz
fnb.asb.co.nz
testservices.asb.co.nz
testservices.asb.co.nz
www.asb.co.nz
content.asb.co.nz
3desdecsign.dev.asb.co.nz
gauntlet.asb.co.nz
api.asb.co.nz
pages.asb.co.nz
cardmanager.asb.co.nz
content.asb.co.nz
ventures.asb.co.nz
developer.asb.co.nz
qa.asb.co.nz
paymark.asb.co.nz
devservices.asb.co.nz
datastreamclientlogs.asb.co.nz
thirdparty.asb.co.nz
vdi.asb.co.nz
mobileapiqa.asb.co.nz
Certificate
The complete raw certificate details for ra.asb.co.nz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGbTCCBVWgAwIBAgIRANWLkU1bc+//AAAAAFTOXPgwDQYJKoZIhvcNAQELBQAw gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg MjAxNCBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMU0wHhcN MTgwNDEwMDI1MjI1WhcNMTkwMTI0MDMyMjIyWjCBlzELMAkGA1UEBhMCTloxETAP BgNVBAcTCEF1Y2tsYW5kMRMwEQYLKwYBBAGCNzwCAQMTAk5aMRkwFwYDVQQKExBB U0IgQmFuayBMaW1pdGVkMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjEP MA0GA1UEBRMGMzk4NDQ1MRUwEwYDVQQDEwxyYS5hc2IuY28ubnowggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDlguacUXXWbqluwgwq82WkyPMFBCbc7aNl DcHdNm/txpDikSo+LiIKnNfSbWWC7whzq0fMyAf1coywW+JhND18d272sNZJ03/U hKyfNCbnvILPaAmknzVeBc5+7SeKvscAzBjBl1QMW8oV49awsCbG+VwvtW2UZVhg zZwkAZ23AJ2zGh43JLEjCIgvz1qdjSG2VKpnGJqzKRgqJjPeq8t5e8CPWnbbYbw+ txc7KEBChzQTj3fJFGN6MBIlwubOx4nq8c/aNj9bDuT9OXooqKLjFTH7Gii5Qy5T s5P1fxe4aPIAoNfH+eLveHmFiYoYXKIDdrY58S1nqzLwJE+1ah+Y+5qN5KFiCEri md9GpP3uuCKh7B6Z3RjChp18+SRBCapcEP84UUF1gt9VU4rU+2KJI2612NI+HV1z q7iRXrTigVRqQpgYf5YsJqly1d8hfH4jyihqlFUReYx8qgVIB1BK76C93aNUQ67S /eN4rwBs7KxTKCmb+1IcSogCUE+5pVA6YNSCzamYEbbwaz3903/u9q7H6uA9gYIJ tYLK1wxkArW60y+HtGXqpEcAM81DyHHFQBGp3cTfmM3nOMSdVzeKc3xbZLm+7Mr2 49P1fjS6v7FrbG9ZjHD72w/P4M+U85Fd5upE7TVJlsQwPFyTrPLXZPhKGOngl/kO YjgydlbJbQIDAQABo4IBjTCCAYkwEwYKKwYBBAHWeQIEAwEB/wQCBQAwFwYDVR0R BBAwDoIMcmEuYXNiLmNvLm56MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggr BgEFBQcDATBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3Nw LmVudHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0 L2wxbS1jaGFpbjI1Ni5jZXIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5l bnRydXN0Lm5ldC9sZXZlbDFtLmNybDBKBgNVHSAEQzBBMDYGCmCGSAGG+mwKAQIw KDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwBwYFZ4EM AQEwHwYDVR0jBBgwFoAUw/fQtSowra8NkSFwOVTdvIlwxzowHQYDVR0OBBYEFLOL Kx47jrB9LzDLKzpCsZm7EBqOMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEB AA9SC38mz9buf0bhPbDdxUL0G/bLjAGCJi7V5h4qn0Fho3tjvS+1oAMd8dUCgzM0 1ip6WUCJa6Hsjhe7pZvKpqbY6LiBBN16rhf1BtkdjIalzFzOhb1fIQtVbXOqe6MC hjJhunx9WSQAvCFffAKxwxJ3iVK0mFirulz2TCdB8ukJHgb630fcBQsP796m4oeg gX7vKxbr1NSBnouIH/gWmDizOjDXXtlVeftMaRcSk9xIsK70lajLryw1Z40WPf2E /3bIkMduchxb2pqu8a0BmnN5+uhu13I8nz8peEnfzYLlztNR3MPCHujJ1dzQynju HCX9ghwcaQ3DuseE/fm+pcE= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5YLmnFF11m6pbsIMKvNl pMjzBQQm3O2jZQ3B3TZv7caQ4pEqPi4iCpzX0m1lgu8Ic6tHzMgH9XKMsFviYTQ9 fHdu9rDWSdN/1ISsnzQm57yCz2gJpJ81XgXOfu0nir7HAMwYwZdUDFvKFePWsLAm xvlcL7VtlGVYYM2cJAGdtwCdsxoeNySxIwiIL89anY0htlSqZxiasykYKiYz3qvL eXvAj1p222G8PrcXOyhAQoc0E493yRRjejASJcLmzseJ6vHP2jY/Ww7k/Tl6KKii 4xUx+xoouUMuU7OT9X8XuGjyAKDXx/ni73h5hYmKGFyiA3a2OfEtZ6sy8CRPtWof mPuajeShYghK4pnfRqT97rgioewemd0YwoadfPkkQQmqXBD/OFFBdYLfVVOK1Pti iSNutdjSPh1dc6u4kV604oFUakKYGH+WLCapctXfIXx+I8ooapRVEXmMfKoFSAdQ Su+gvd2jVEOu0v3jeK8AbOysUygpm/tSHEqIAlBPuaVQOmDUgs2pmBG28Gs9/dN/ 7vaux+rgPYGCCbWCytcMZAK1utMvh7Rl6qRHADPNQ8hxxUARqd3E35jN5zjEnVc3 inN8W2S5vuzK9uPT9X40ur+xa2xvWYxw+9sPz+DPlPORXebqRO01SZbEMDxck6zy 12T4Shjp4Jf5DmI4MnZWyW0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 283850239443787760771949338135406468344 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2014 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1M' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-10 02:52:25 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-24 03:22:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NZ' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Auckland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NZ' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ASB Bank Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '398445' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ra.asb.co.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 936324541439636989153308756685454453829854136508985903296759024048723840578225399483110276018352648418566718890129043271054085046581436424230548758758447372565265030750542559696307034309966487795274875633010799533925511426699333067342967612605112604146567969343280832263147540655134676635699730610686069439418899044101418049191628397878091651211429202075812802987071870533897545887466375196458382876878220504312949839929350992431246926942302732566313493277628929752204043185036838129400819660695328862530828812832953255015558194034133704027350481040330906875963416210759746280721405711753022480506235508593639423557185316119135737120616703247914132618347638066409119037146191417231527363077870776172772935131669463777407277784930896774868391064865403503526314296446086599803899669594707822898619081954581733663459392949059046380468702496678794760534060520539281043585071536393414877429576452673191964956792268288982289222343766824012129442523748653836840186194404298235546473064387954828526614890081886523061758918505717516838585448850338554990873646629878545464078766696366883290241793249356105630551377362326093690435689250850697772823900968142475518206361158449924556994819967641974098516229726639756313032323552227570744225614189 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ra.asb.co.nz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1m-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1m.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.2 (Entrust EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c3f7d0b52a30adaf0d9121703954ddbc8970c73a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b38b2b1e3b8eb07d2f30cb2b3a42b199bb101a8e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000f520b7f26cfd6ee7f46e13db0ddc542f41bf6cb8c0182262ed5e61e2a9f4161a37b63bd2fb5a0031df1d502833334d62a7a5940896ba1ec8e17bba59bcaa6a6d8e8b88104dd7aae17f506d91d8c86a5cc5cce85bd5f210b556d73aa7ba302863261ba7c7d592400bc215f7c02b1c312778952b49858abba5cf64c2741f2e9091e06fadf47dc050b0fefdea6e287a0817eef2b16ebd4d4819e8b881ff8169838b33a30d75ed95579fb4c69171293dc48b0aef495a8cbaf2c35678d163dfd84ff76c890c76e721c5bda9aaef1ad019a7379fae86ed7723c9f3f297849dfcd82e5ced351dcc3c21ee8c9d5dcd0ca78ee1c25fd821c1c690dc3bac784fdf9bea5c1