cmm.firstniagara.com
- First Niagara Bank, N.A. -
Issued by Entrust Certification Authority - L1M
About this certificate
This digital certificate with serial number 7f:23:e5:24:00:00:00:00:54:cc:81:e0 was issued on by Entrust, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
First Niagara Bank, N.A.
Company registration number:
16004
Organization: First Niagara Bank, N.A.
Organization: First Niagara Bank, N.A.
State / Province:
New York
Locality: Buffalo
Country: US
Locality: Buffalo
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 7f:23:e5:24:00:00:00:00:54:cc:81:e0Serial Number (int): 39347990737004699552882393568
Serial Number lenght: 95 bits, 12 octets
SubjectKeyId: 9d:83:88:da:31:36:42:86:3e:07:67:60:61:78:bb:1a:01:db:00:d6
AuthorityKeyId: c3:f7:d0:b5:2a:30:ad:af:0d:91:21:70:39:54:dd:bc:89:70:c7:3a
Fingerprint (sha1): 16:3b:ed:15:56:2c:c2:d8:0a:40:26:1b:a3:b4:db:78:b8:99:91:9c
Fingerprint (sha256): 03:a0:f3:e8:50:ab:cb:17:87:7c:f4:57:fd:fd:9c:e4:75:27:ed:df:72:86:49:74:3b:cc:24:d3:5e:3e:f6:7d
Issuing Certificate URL: http://aia.entrust.net/l1m-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1m.crl
Check the revocation status for certificate cmm.firstniagara.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cmm.firstniagara.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cmm.firstniagara.com
www.cmm.firstniagara.com
www.cmm.firstniagara.com
Other certificates including the domain name firstniagara.com
(limited to 100 certificates)
Onlinebanking.FirstNiagara.com
cmm.firstniagara.com
firstniagara.com
qa-bolbwpl.fnfg.com
ebenefitsbilling.firstniagara.com
www.firstniagara.com
ebenefitsbilling.firstniagara.com
firstniagara.com
firstniagara.com
firstniagara.com
mft.firstniagara.com
fundstransfer.firstniagara.com
myfilegateway.firstniagara.com
firstniagara.keybank.com
firstniagara.com
firstniagara.com
firstniagara.com
apply.firstniagara.com
stage2.firstniagara.com
firstniagara.com
ebenefitsbilling.firstniagara.com
abl.firstniagara.com
stage2.firstniagara.com
www.firstniagara.com
mobile.firstniagara.com
www.firstniagara.com
firstniagara.com
firstniagara.com
mobile.firstniagara.com
richchannel02.firstniagara.com
dmyfilegateway.firstniagara.com
onlineservices.firstniagara.com
firstniagara.com
myfilegateway.firstniagara.com
abl.firstniagara.com
mobile.firstniagara.com
test-fundstransfer.firstniagara.com
abl.firstniagara.com
apply.firstniagara.com
richchannel02.firstniagara.com
richchannel02.firstniagara.com
firstniagara.com
abl.firstniagara.com
abl.firstniagara.com
qmyfilegateway.firstniagara.com
cmm.firstniagara.com
firstniagara.com
qa-bolbwpl.fnfg.com
ebenefitsbilling.firstniagara.com
www.firstniagara.com
ebenefitsbilling.firstniagara.com
firstniagara.com
firstniagara.com
firstniagara.com
mft.firstniagara.com
fundstransfer.firstniagara.com
myfilegateway.firstniagara.com
firstniagara.keybank.com
firstniagara.com
firstniagara.com
firstniagara.com
apply.firstniagara.com
stage2.firstniagara.com
firstniagara.com
ebenefitsbilling.firstniagara.com
abl.firstniagara.com
stage2.firstniagara.com
www.firstniagara.com
mobile.firstniagara.com
www.firstniagara.com
firstniagara.com
firstniagara.com
mobile.firstniagara.com
richchannel02.firstniagara.com
dmyfilegateway.firstniagara.com
onlineservices.firstniagara.com
firstniagara.com
myfilegateway.firstniagara.com
abl.firstniagara.com
mobile.firstniagara.com
test-fundstransfer.firstniagara.com
abl.firstniagara.com
apply.firstniagara.com
richchannel02.firstniagara.com
richchannel02.firstniagara.com
firstniagara.com
abl.firstniagara.com
abl.firstniagara.com
qmyfilegateway.firstniagara.com
Certificate
The complete raw certificate details for cmm.firstniagara.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHmDCCBoCgAwIBAgIMfyPlJAAAAABUzIHgMA0GCSqGSIb3DQEBCwUAMIG6MQsw CQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2Vl IHd3dy5lbnRydXN0Lm5ldC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMTQg RW50cnVzdCwgSW5jLiAtIGZvciBhdXRob3JpemVkIHVzZSBvbmx5MS4wLAYDVQQD EyVFbnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gTDFNMB4XDTE2MDIw ODE4MzA0MVoXDTE4MDIwODE5MDAzOFowgbgxCzAJBgNVBAYTAlVTMREwDwYDVQQI EwhOZXcgWW9yazEQMA4GA1UEBxMHQnVmZmFsbzETMBEGCysGAQQBgjc8AgEDEwJV UzEhMB8GA1UEChMYRmlyc3QgTmlhZ2FyYSBCYW5rLCBOLkEuMR0wGwYDVQQPExRQ cml2YXRlIE9yZ2FuaXphdGlvbjEOMAwGA1UEBRMFMTYwMDQxHTAbBgNVBAMTFGNt bS5maXJzdG5pYWdhcmEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvA6SRUlwBrTqvGF62oJRRPPz821AXXBWs2UVU4fprXShuNeeDrm+spkqJcgu vGsw9O1/+Cw2lgL/etdYhyQabK8rxemNSxePIpBw35VEyqE2rxLDn/n1kBiAa1cd HAHOMFWQI0bmEkjAM/9u8V48EowvmfYmJArxrNI+806B5yhddWpMM+86D5jftTne QR0d399gsBYdAy4toRUAqy1MvARmvomMFIL//NEek0xwxjX1AJiVvMyrCpDLdv8/ xqlAeXx10Z8fKj+5MzGtspDs8vXLahQzpVaumSujlPoGaqfuRt+PpTvN7gniN/Oc vcj+baqrS7RqK+waBC098xFyxQIDAQABo4IDnDCCA5gwOQYDVR0RBDIwMIIUY21t LmZpcnN0bmlhZ2FyYS5jb22CGHd3dy5jbW0uZmlyc3RuaWFnYXJhLmNvbTCCAfcG CisGAQQB1nkCBAIEggHnBIIB4wHhAHcAaPaY+B9kgr46jO65KB1M/HFRXWeT1ETR Cmesu09P+8QAAAFSwkHbqgAABAMASDBGAiEAmF4CvTTLsIx2argEpbhM3qNcFgaY RnNtitIzGIFW6QYCIQC68LUcOea8Ue4H3W0Zu9jx5jSTALJhvnwtmHJpj/BnSQB1 AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAABUsJB3sgAAAQDAEYw RAIgNvYBOR1ix7HhbNll5ILXuGgFtWNwrchQNhxkiGs113wCIA3+MFm9Hv+WF6dc t1yyvSXAaxYNXma+l6IVvv6eoPekAHcAdGG0oJz7PUHXUVlXWy52SaRFqNJ3CbDM VkpkgrfrQaMAAAFSwkHhTgAABAMASDBGAiEAlmHafG3vbT12m0rC+ArB4JPNiFdj Oae/hoFAQcbAAmwCIQCBZQFX/rqwjz5GgBQt9xdL5NcdT3zT7DJ3fVkNxQdyFAB2 AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABUsJB4nwAAAQDAEcw RQIhAKTYBO+v7c3TfTnmwYXE5gBQQbNvmEOBUKpa200geVGkAiAQbo7qrq45w0XN ezEzArswrGRKiiCXKw0f5S92NTi/ZTALBgNVHQ8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMGgGCCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYX aHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEu ZW50cnVzdC5uZXQvbDFtLWNoYWluMjU2LmNlcjAzBgNVHR8ELDAqMCigJqAkhiJo dHRwOi8vY3JsLmVudHJ1c3QubmV0L2xldmVsMW0uY3JsMEoGA1UdIARDMEEwNgYK YIZIAYb6bAoBAjAoMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0 L3JwYTAHBgVngQwBATAfBgNVHSMEGDAWgBTD99C1KjCtrw2RIXA5VN28iXDHOjAd BgNVHQ4EFgQUnYOI2jE2QoY+B2dgYXi7GgHbANYwCQYDVR0TBAIwADANBgkqhkiG 9w0BAQsFAAOCAQEAZ5zXy1dqxYSYTpUXPDH2GSI86FFnh2LOQHpNjCccj9sHaB/w 899EtFAfCeXIg1lGrO29DyxJd77Tu6YNy2C5vH6L5gpZbfZ6kA8qoF1mZHAutZKb JcZ8CwWQZOkK434/kEb1tr0JIJikdEC+0Qp1ll9BlKBKSUueZg2J377hfezkioad MR0ThPM07Oc51AccBkFcY13USXRgiGMGAGFIoCmKpCxj5rQ0U0RAMX7dpIv2Y/eE f/NgsG0X9aOKxi6XXIWnvvqtHAgs+QtstnTr2K7Zfaj2hSMLfVw3yCZae6Plzr6P e1UcqHIGEccWzv4z8rKiOiWEgkSYgp81EYqynw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvA6SRUlwBrTqvGF62oJR RPPz821AXXBWs2UVU4fprXShuNeeDrm+spkqJcguvGsw9O1/+Cw2lgL/etdYhyQa bK8rxemNSxePIpBw35VEyqE2rxLDn/n1kBiAa1cdHAHOMFWQI0bmEkjAM/9u8V48 EowvmfYmJArxrNI+806B5yhddWpMM+86D5jftTneQR0d399gsBYdAy4toRUAqy1M vARmvomMFIL//NEek0xwxjX1AJiVvMyrCpDLdv8/xqlAeXx10Z8fKj+5MzGtspDs 8vXLahQzpVaumSujlPoGaqfuRt+PpTvN7gniN/Ocvcj+baqrS7RqK+waBC098xFy xQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 39347990737004699552882393568 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2014 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1M' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-02-08 18:30:41 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-02-08 19:00:38 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Buffalo' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'First Niagara Bank, N.A.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '16004' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cmm.firstniagara.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23739986743838598782941991207044082704560436966666035376794717618125632554932891203787109051456220300621457747459008756156716093509020311952022907664374855085295907508752642845316234787220745348476338775136535409039106692269179169981598205840731471053284606615404930783289122291142950351315445718277992197509515415481296730741565995550285152889687706253103712002536971129831989357051412849493000503989947514147174114306620095135823879668011041628734667631062849886485195480864918218186848682103329034499165862097805957902627624594726146868239488743187390893094720251265579676592113206369512632693901529449030019543749 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmm.firstniagara.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cmm.firstniagara.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes) 01e100770068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc400000152c241dbaa0000040300483046022100985e02bd34cbb08c766ab804a5b84cdea35c16069846736d8ad233188156e906022100baf0b51c39e6bc51ee07dd6d19bbd8f1e6349300b261be7c2d9872698ff067490075005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd00000152c241dec80000040300463044022036f601391d62c7b1e16cd965e482d7b86805b56370adc850361c64886b35d77c02200dfe3059bd1eff9617a75cb75cb2bd25c06b160d5e66be97a215befe9ea0f7a40077007461b4a09cfb3d41d75159575b2e7649a445a8d27709b0cc564a6482b7eb41a300000152c241e14e00000403004830460221009661da7c6def6d3d769b4ac2f80ac1e093cd88576339a7bf86814041c6c0026c02210081650157febab08f3e4680142df7174be4d71d4f7cd3ec32777d590dc5077214007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000152c241e27c0000040300473045022100a4d804efafedcdd37d39e6c185c4e6005041b36f98438150aa5adb4d207951a40220106e8eeaaeae39c345cd7b313302bb30ac644a8a20972b0d1fe52f763538bf65 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1m-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1m.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.2 (Entrust EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c3f7d0b52a30adaf0d9121703954ddbc8970c73a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9d8388da313642863e0767606178bb1a01db00d6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00679cd7cb576ac584984e95173c31f619223ce851678762ce407a4d8c271c8fdb07681ff0f3df44b4501f09e5c8835946acedbd0f2c4977bed3bba60dcb60b9bc7e8be60a596df67a900f2aa05d6664702eb5929b25c67c0b059064e90ae37e3f9046f5b6bd092098a47440bed10a75965f4194a04a494b9e660d89dfbee17dece48a869d311d1384f334ece739d4071c06415c635dd4497460886306006148a0298aa42c63e6b434534440317edda48bf663f7847ff360b06d17f5a38ac62e975c85a7befaad1c082cf90b6cb674ebd8aed97da8f685230b7d5c37c8265a7ba3e5cebe8f7b551ca8720611c716cefe33f2b2a23a2584824498829f35118ab29f