apikm-externaluat.fmr.com
- Fidelity Investments -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number 91:4d:9c:ea:0b:6d:22:30:00:00:00:00:50:f7:d4:f9 was issued on by Entrust, Inc..
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Fidelity Investments
Organization:
Fidelity Investments
State / Province:
Massachusetts
Locality: Boston
Country: US
Locality: Boston
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 91:4d:9c:ea:0b:6d:22:30:00:00:00:00:50:f7:d4:f9Serial Number (int): 193141048845744450765166928061854635257
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 63:1d:01:9e:99:a8:1e:9a:b4:78:cf:7f:b7:09:2c:2c:2b:0d:7c:9b
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): b6:1a:bf:c9:f9:e5:f0:89:7e:41:94:e6:36:d8:17:77:07:1e:1a:45
Fingerprint (sha256): 03:d0:86:c0:73:6c:ba:54:9c:9d:9f:e8:dc:d8:55:76:84:b4:19:6f:eb:8b:ae:7e:95:b9:69:56:7a:80:9b:0d
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate apikm-externaluat.fmr.com
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for apikm-externaluat.fmr.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
apikm-externaluat.fmr.com
apikm-externaldit.fmr.com
apikm-externalpac.fmr.com
apikm-externalsit.fmr.com
apikm-externaldit.fmr.com
apikm-externalpac.fmr.com
apikm-externalsit.fmr.com
Other certificates including the domain name fmr.com
(limited to 100 certificates)
finpcs.fmr.com
ihubwspin.fmr.com
trnhps.fmr.com
guidancetoolsre2.fmr.com
bigidco2006.fmr.com
voiceloginpac.fmr.com
ei1559vwin.fmr.com
incomeplannerqa1.fmr.com
qrpin.fmr.com
dojo3s30014.rtp1.hadoop.fmr.com
fpsqaprod.fmr.com
uaocat.streetscape.com
gsyswfmxrtpd003.fmr.com
dojo3s10038.fmr.com
aps.fidelity.com
cajaqaprod.fmr.com
autocompleteqa1.fmr.com
iwsqawebapps.aws-nonprod.fmr.com
pacvts.fmr.com
secureecg.fmr.com
dojo7s10004.rtp1.hadoop.fmr.com
vc2coma2418193np.fmr.com
fac2-ws-portalchannel.fmr.com
autocompletepin.fmr.com
wi-proxy-nws-pac-mmk.fmr.com
fac2-ws-advisorchannel.fmr.com
browncat.fmr.com
eimd-chainlite-dev.fmr.com
travelrule-test-global.aw079.c.fidelity.com
accountopeninglc5.fmr.com
ilv.fidelity.com
wchierarchyuat.fmr.com
wexhcemnp.fmr.com
customerportfolioperf.fmr.com
vlsitkms02rtp2.fmr.com
artifactory-onprem-edge.fmr.com
guidancepac.fmr.com
pacemuadminfi.fmr.com
watchtoolsre2.fmr.com
vc2coma2419213np.fmr.com
efras.fmr.com
logininternalibglc5.fmr.com
dojo7s10016.fmr.com
accountmaintqa1.fmr.com
digitalre1.fmr.com
fastlinkqa4olb.fmr.com
nb-ceres.fmr.com
ewpacpt.fmr.com
bigidco2005.fmr.com
accountsqa4.fmr.com
cssacpt.fmr.com
moneymovementlc6.fmr.com
apikm-externaluat.fmr.com
nfiwswscat.fmr.com
dojo7e30001.fmr.com
dojo3s10021.fmr.com
hive-prod.fmr.com
dojo3s10017.fmr.com
portfolioreviewre2.fmr.com
fhb-outbounds-flattener-api-dit.fmr.com
ditmbl4.fmr.com
metricspac.fmr.com
termquoteqa1.fmr.com
lyncdiscover.fidelity.com
trnilv.fmr.com
fasmisqa1.fmr.com
demotest.fmr.com
fsemulatorpac.fmr.com
nwsint.fmr.com
vllabmn02oma2.fmr.com
catanws.fmr.com
dojo3s10022.fmr.com
wwwqa1.fmr.com
emailre2.fmr.com
portfolioreviewpac.fmr.com
hue-lab.fmr.com
eresearchqaprod.fmr.com
kfk3b1001.rtp1.hadoop.fmr.com
pasosspin.fmr.com
guidancetoolspac.fmr.com
ei-fmd-prd-behindF5.fmr.com
myguidanceqa1.fmr.com
esign.fmr.com
moneyfirstsqa4.fmr.com
fullviewre.fmr.com
fircd-nonprod-sso.fmr.com
qpn6chin.fmr.com
hs2-uat.fmr.com
pincws.fmr.com
prd2-md-userconnect.fmr.com
dojo3m30002.fmr.com
ecc-splunk-npd-master.ecc-sscs.aws-nonprod.fmrcloud.com
bigiddb2001.fmr.com
oltxstage.fmr.com
catambl.fmr.com
VC2CRTP1307605.fmr.com
ebsp1app.fmr.com
bigidco2002.fmr.com
nr5.fmr.com
vc2coma1356815n.fmr.com
ihubwspin.fmr.com
trnhps.fmr.com
guidancetoolsre2.fmr.com
bigidco2006.fmr.com
voiceloginpac.fmr.com
ei1559vwin.fmr.com
incomeplannerqa1.fmr.com
qrpin.fmr.com
dojo3s30014.rtp1.hadoop.fmr.com
fpsqaprod.fmr.com
uaocat.streetscape.com
gsyswfmxrtpd003.fmr.com
dojo3s10038.fmr.com
aps.fidelity.com
cajaqaprod.fmr.com
autocompleteqa1.fmr.com
iwsqawebapps.aws-nonprod.fmr.com
pacvts.fmr.com
secureecg.fmr.com
dojo7s10004.rtp1.hadoop.fmr.com
vc2coma2418193np.fmr.com
fac2-ws-portalchannel.fmr.com
autocompletepin.fmr.com
wi-proxy-nws-pac-mmk.fmr.com
fac2-ws-advisorchannel.fmr.com
browncat.fmr.com
eimd-chainlite-dev.fmr.com
travelrule-test-global.aw079.c.fidelity.com
accountopeninglc5.fmr.com
ilv.fidelity.com
wchierarchyuat.fmr.com
wexhcemnp.fmr.com
customerportfolioperf.fmr.com
vlsitkms02rtp2.fmr.com
artifactory-onprem-edge.fmr.com
guidancepac.fmr.com
pacemuadminfi.fmr.com
watchtoolsre2.fmr.com
vc2coma2419213np.fmr.com
efras.fmr.com
logininternalibglc5.fmr.com
dojo7s10016.fmr.com
accountmaintqa1.fmr.com
digitalre1.fmr.com
fastlinkqa4olb.fmr.com
nb-ceres.fmr.com
ewpacpt.fmr.com
bigidco2005.fmr.com
accountsqa4.fmr.com
cssacpt.fmr.com
moneymovementlc6.fmr.com
apikm-externaluat.fmr.com
nfiwswscat.fmr.com
dojo7e30001.fmr.com
dojo3s10021.fmr.com
hive-prod.fmr.com
dojo3s10017.fmr.com
portfolioreviewre2.fmr.com
fhb-outbounds-flattener-api-dit.fmr.com
ditmbl4.fmr.com
metricspac.fmr.com
termquoteqa1.fmr.com
lyncdiscover.fidelity.com
trnilv.fmr.com
fasmisqa1.fmr.com
demotest.fmr.com
fsemulatorpac.fmr.com
nwsint.fmr.com
vllabmn02oma2.fmr.com
catanws.fmr.com
dojo3s10022.fmr.com
wwwqa1.fmr.com
emailre2.fmr.com
portfolioreviewpac.fmr.com
hue-lab.fmr.com
eresearchqaprod.fmr.com
kfk3b1001.rtp1.hadoop.fmr.com
pasosspin.fmr.com
guidancetoolspac.fmr.com
ei-fmd-prd-behindF5.fmr.com
myguidanceqa1.fmr.com
esign.fmr.com
moneyfirstsqa4.fmr.com
fullviewre.fmr.com
fircd-nonprod-sso.fmr.com
qpn6chin.fmr.com
hs2-uat.fmr.com
pincws.fmr.com
prd2-md-userconnect.fmr.com
dojo3m30002.fmr.com
ecc-splunk-npd-master.ecc-sscs.aws-nonprod.fmrcloud.com
bigiddb2001.fmr.com
oltxstage.fmr.com
catambl.fmr.com
VC2CRTP1307605.fmr.com
ebsp1app.fmr.com
bigidco2002.fmr.com
nr5.fmr.com
vc2coma1356815n.fmr.com
Certificate
The complete raw certificate details for apikm-externaluat.fmr.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFtzCCBJ+gAwIBAgIRAJFNnOoLbSIwAAAAAFD31PkwDQYJKoZIhvcNAQELBQAw gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg MjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcN MTkwOTI3MDMzMDM3WhcNMjEwOTI3MDQwMDM2WjB5MQswCQYDVQQGEwJVUzEWMBQG A1UECBMNTWFzc2FjaHVzZXR0czEPMA0GA1UEBxMGQm9zdG9uMR0wGwYDVQQKExRG aWRlbGl0eSBJbnZlc3RtZW50czEiMCAGA1UEAxMZYXBpa20tZXh0ZXJuYWx1YXQu Zm1yLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKoqKzo/Tydo IkTZyhMWsCQq3dGZsgt9vwShRDZYHrEs4mHhqVcR0HRIYyfJHP4hWBKzpn1JTFvg dbyFDkL5czssBaFe6xUn2mUsRbVrN7aMxcLxJj9QKqn3iwxa4Ha+Miqisjzr/tKx 66seJwUR5dGLEdMbBPllupL6Q+9LYtInC22SZv6IG/LaoQoqLBralNAGtkDTc7R4 j8cJQ1GiIrXRKtuOJ0lZ5jQvzoVVjfkIkDWaJeppFEbeuQRryGjrPCVBS996Y1IO hfIIhgbe8wZkIHJDeGynUYCSeSOdL1mDPyLP2xN5HRrLakFd3kpmMYS4cJjBFVJQ i5s4sjnWpe0CAwEAAaOCAfYwggHyMBMGCisGAQQB1nkCBAMBAf8EAgUAMHUGA1Ud EQRuMGyCGWFwaWttLWV4dGVybmFsdWF0LmZtci5jb22CGWFwaWttLWV4dGVybmFs ZGl0LmZtci5jb22CGWFwaWttLWV4dGVybmFscGFjLmZtci5jb22CGWFwaWttLWV4 dGVybmFsc2l0LmZtci5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVu dHJ1c3QubmV0L2xldmVsMWsuY3JsMEsGA1UdIAREMEIwNgYKYIZIAYb6bAoBBTAo MCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0L3JwYTAIBgZngQwB AgIwaAYIKwYBBQUHAQEEXDBaMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRy dXN0Lm5ldDAzBggrBgEFBQcwAoYnaHR0cDovL2FpYS5lbnRydXN0Lm5ldC9sMWst Y2hhaW4yNTYuY2VyMB8GA1UdIwQYMBaAFIKicHTdvFM/z3vU981/p2DGCky/MB0G A1UdDgQWBBRjHQGemagemrR4z3+3CSwsKw18mzAJBgNVHRMEAjAAMA0GCSqGSIb3 DQEBCwUAA4IBAQCEl7/ABFtDwIJ0/Gc2XZklbh3CGGr4zeCe8zWoLd9Ghp9aRPlk w7dq181WDCnsxeeoi62sK1eOwxkj0OIVy/UAA5EATRd5o05oTLcJ8Ey9i5ymyggD c09XewHESA62ZaIRw76hAb2lcC85q9QacWTZjk+E4/90pN6KoNDYOqPF6xWMHVVP KwKo+3nvsK9q63MjndakqR1mskFFJ7zIfWUfB4dMNTFZ237fPGLRTgkvt2e7u88K 5zlrNsEMfgJGMqHoJjtr1y3RmvSrpl0kDyEBzd40joc9P6ayr7Ii9KdqZFLMyr5F GzHtcs/qbevnUCptADs9gZQPknQ+pmMmYfzR -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiorOj9PJ2giRNnKExaw JCrd0ZmyC32/BKFENlgesSziYeGpVxHQdEhjJ8kc/iFYErOmfUlMW+B1vIUOQvlz OywFoV7rFSfaZSxFtWs3tozFwvEmP1AqqfeLDFrgdr4yKqKyPOv+0rHrqx4nBRHl 0YsR0xsE+WW6kvpD70ti0icLbZJm/ogb8tqhCiosGtqU0Aa2QNNztHiPxwlDUaIi tdEq244nSVnmNC/OhVWN+QiQNZol6mkURt65BGvIaOs8JUFL33pjUg6F8giGBt7z BmQgckN4bKdRgJJ5I50vWYM/Is/bE3kdGstqQV3eSmYxhLhwmMEVUlCLmziyOdal 7QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 193141048845744450765166928061854635257 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-27 03:30:37 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-09-27 04:00:36 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Massachusetts' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Boston' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Fidelity Investments' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'apikm-externaluat.fmr.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21481306082891518332820764452787237846110868132478122117123873541435499836418754034902693141459313381863154804635332626951075363700441655004798864110722729890178765837014621225110635430558097504100297785341860172146407520217089021104444786309918121347821760943676687735124648851486493661394721096149044857133014420985363847852234114698752909385078371059131451171059734460579821177708260814994247151479453456567181180942712988599015924648501344654299810442781733230276654231414080373204927263220909623838211372115053857855609773705358339410050391118055149166435170742205091073972520263880277716963992345334259033482733 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apikm-externaluat.fmr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apikm-externaldit.fmr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apikm-externalpac.fmr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apikm-externalsit.fmr.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 631d019e99a81e9ab478cf7fb7092c2c2b0d7c9b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008497bfc0045b43c08274fc67365d99256e1dc2186af8cde09ef335a82ddf46869f5a44f964c3b76ad7cd560c29ecc5e7a88badac2b578ec31923d0e215cbf5000391004d1779a34e684cb709f04cbd8b9ca6ca0803734f577b01c4480eb665a211c3bea101bda5702f39abd41a7164d98e4f84e3ff74a4de8aa0d0d83aa3c5eb158c1d554f2b02a8fb79efb0af6aeb73239dd6a4a91d66b2414527bcc87d651f07874c353159db7edf3c62d14e092fb767bbbbcf0ae7396b36c10c7e024632a1e8263b6bd72dd19af4aba65d240f2101cdde348e873d3fa6b2afb222f4a76a6452cccabe451b31ed72cfea6debe7502a6d003b3d81940f92743ea6632661fcd1