www.sports-tokyo-info.metro.tokyo.lg.jp

- Tokyo Metropolitan Government -

Issued by SECOM Passport for Web SR 3.0 CA

About this certificate

This digital certificate with serial number 4f:01:25:75:c6:22:28:0e:3f:c3:1e:21:42:18:49:a6 was issued on by SECOM Trust Systems CO.,LTD..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

Tokyo Metropolitan Government

Organization: Tokyo Metropolitan Government
Organization unit: Orimpikku pararimpikku jumbikyoku supotsusuishimbu choseika
State / Province: Tokyo
Locality: Shinjuku-ku
Country: JP

SECOM Trust Systems CO.,LTD.

Organization: SECOM Trust Systems CO.,LTD.
Country: JP

This certificate has expire since

Certificate Details

Serial Number (hex): 4f:01:25:75:c6:22:28:0e:3f:c3:1e:21:42:18:49:a6
Serial Number (int): 105014963744036562647763974741644822950
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 79:87:fc:6c:3b:e4:72:3f:8b:de:22:8b:97:17:bf:52:be:c5:bc:fe
AuthorityKeyId: cb:ef:3d:ef:83:74:a1:a8:42:f0:3b:40:36:fa:6d:82:94:a9:27:36

Fingerprint (sha1): 60:51:d6:94:68:5e:7e:0b:32:a3:f0:2c:20:46:0a:26:8c:d4:a4:fa
Fingerprint (sha256): 03:eb:8c:ec:bf:ec:77:1d:53:7e:5d:33:ab:97:b9:7f:06:5b:3d:9d:37:15:2f:c3:84:a4:bd:54:84:ab:27:88


Revocation information

OCSP Server: http://sr30.ocsp.secomtrust.net
CRL Distribution Point: http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl

Check the revocation status for certificate www.sports-tokyo-info.metro.tokyo.lg.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.sports-tokyo-info.metro.tokyo.lg.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.sports-tokyo-info.metro.tokyo.lg.jp

Other certificates including the domain name tokyo.lg.jp

(limited to 100 certificates)
www.ecosystem.metro.tokyo.lg.jp
en.sports-tokyo-info.metro.tokyo.lg.jp
www.tokyo-danjo.metro.tokyo.lg.jp
csyouboudoui-irai.tfd.metro.tokyo.lg.jp
www.kyoin-saiyo.tems.metro.tokyo.lg.jp
www9.kankyo.metro.tokyo.lg.jp
www.sports-tokyo-info.metro.tokyo.lg.jp
smooth-biz.metro.tokyo.lg.jp
ijime.metro.tokyo.lg.jp
www.locationbox.metro.tokyo.lg.jp
www.meisai.tems.metro.tokyo.lg.jp
www.digitalservice.metro.tokyo.lg.jp
stg.apr.applicant-api.2021.jitan.metro.tokyo.lg.jp
shuyojoho.metro.tokyo.lg.jp
www.hikaku.metro.tokyo.lg.jp
www.kankyo.metro.tokyo.lg.jp
www2.fukushihoken.metro.tokyo.lg.jp
yoyaku.sports.metro.tokyo.lg.jp
stg.kodomo-smile.metro.tokyo.lg.jp
www2.fukushihoken.metro.tokyo.lg.jp
koshikawakaikei.lfv.jp
nenryou-taisaku.metro.tokyo.lg.jp
wwwdojou.kankyo.metro.tokyo.lg.jp
www.kaisyahakken.metro.tokyo.lg.jp
stopcovid19.metro.tokyo.lg.jp
www.kodomo-dokusho.metro.tokyo.lg.jp
gairaisyu.metro.tokyo.lg.jp
futari-story.metro.tokyo.lg.jp
mypage.018support-system.metro.tokyo.lg.jp
www.wakanavi-tokyo.metro.tokyo.lg.jp
map-origin.bousai.metro.tokyo.lg.jp
www.lwb-expo.metro.tokyo.lg.jp
www.conrepo.metro.tokyo.lg.jp
catalog.data.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
stg.kenkou-hataraku.metro.tokyo.lg.jp
www5.kankyo.metro.tokyo.lg.jp
www8.kankyo.metro.tokyo.lg.jp
toritsuko.metro.tokyo.lg.jp
www.e-rule.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
www.hikaku.metro.tokyo.lg.jp
www.medclar.ro
www.hataraku.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
wwwdojou.kankyo.metro.tokyo.lg.jp
www.maedatei.metro.tokyo.lg.jp
search.metro.tokyo.lg.jp
filets01.metro.tokyo.lg.jp
www.tamajimu.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
portal.data.metro.tokyo.lg.jp
www.ecosystem.metro.tokyo.lg.jp
www.investtokyo.metro.tokyo.lg.jp
poc-ground.metro.tokyo.lg.jp
nihongoup.metro.tokyo.lg.jp
staff2.shintosei.metro.tokyo.lg.jp
suidonet.waterworks.metro.tokyo.lg.jp
wannyan.metro.tokyo.lg.jp
www3.kankyo.metro.tokyo.lg.jp
cms.hataraku.metro.tokyo.lg.jp
catalog.library.metro.tokyo.lg.jp
www.kyoin-saiyo.metro.tokyo.lg.jp
api.data.metro.tokyo.lg.jp
gamcheatsheet.com
futari-story.metro.tokyo.lg.jp
catalog.data.metro.tokyo.lg.jp
cms.hataraku.metro.tokyo.lg.jp
sabisapp-stage.websays.com
nihongoup.metro.tokyo.lg.jp
fukushikensa.metro.tokyo.lg.jp
*.support-navi.metro.tokyo.lg.jp
catalog.data.metro.tokyo.lg.jp
tems.kjssj.metro.tokyo.lg.jp
www.taiki.kankyo.metro.tokyo.lg.jp
www.anzenedu.metro.tokyo.lg.jp
www.mentor-cafe.metro.tokyo.lg.jp
018support-system.metro.tokyo.lg.jp
tokyovaccine-rsv.metro.tokyo.lg.jp
www.keishicho.metro.tokyo.lg.jp
www.takken.metro.tokyo.lg.jp
www.snsdouga.metro.tokyo.lg.jp
www.conrepo.metro.tokyo.lg.jp
www.tmiph.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
sumasapo.metro.tokyo.lg.jp
webtest.tfd.metro.tokyo.lg.jp
www.zeroemission-life.metro.tokyo.lg.jp
kodomosafetypj.metro.tokyo.lg.jp
www.kouwan.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
www.taiki.kankyo.metro.tokyo.lg.jp
kosodateswitch.metro.tokyo.lg.jp
www.fsis.metro.tokyo.lg.jp
futari-story.metro.tokyo.lg.jp
www.ifarc.metro.tokyo.lg.jp
www.kaisyahakken.metro.tokyo.lg.jp
stg.kenkou-hataraku.metro.tokyo.lg.jp
www.fukuho-kodomotsu.metro.tokyo.lg.jp
manabu.metro.tokyo.lg.jp

Certificate

The complete raw certificate details for www.sports-tokyo-info.metro.tokyo.lg.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGzTCCBbWgAwIBAgIQTwEldcYiKA4/wx4hQhhJpjANBgkqhkiG9w0BAQsFADBf
MQswCQYDVQQGEwJKUDElMCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4s
TFRELjEpMCcGA1UEAxMgU0VDT00gUGFzc3BvcnQgZm9yIFdlYiBTUiAzLjAgQ0Ew
HhcNMTkwOTE5MTA1OTI4WhcNMjEwOTE5MTQ1OTU5WjCB0zELMAkGA1UEBhMCSlAx
DjAMBgNVBAgTBVRva3lvMRQwEgYDVQQHEwtTaGluanVrdS1rdTEmMCQGA1UEChMd
VG9reW8gTWV0cm9wb2xpdGFuIEdvdmVybm1lbnQxRDBCBgNVBAsTO09yaW1waWtr
dSBwYXJhcmltcGlra3UganVtYmlreW9rdSBzdXBvdHN1c3Vpc2hpbWJ1IGNob3Nl
aWthMTAwLgYDVQQDEyd3d3cuc3BvcnRzLXRva3lvLWluZm8ubWV0cm8udG9reW8u
bGcuanAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb8qy3qIPVUbuO
F9itl0BF/IUpedZ9JMkPuYAwZ3Yfo3Laj24WeSr/wKbE8644FsCxaUsE5sWcOL6k
RCCyMzebmPDfzsHicKhPeGEcCNHlnkslMaFHRvdAC2enPnjhKUitVQPj2OafgshS
qqIWO2CI8BgjgNPLpeSkP6p6oggX786w+qWwmck6oNGz/SyZcb4wOiU23hrqqY+7
1flCTBofcn0dtaDeOdaStRApsjmjzl0PjRQ3rLi2PhFcqf/xmONCBVYZgk5LvgHF
3Zm1dp/BH8Vf7ciDD7Qz+wQdr/YGzuBGLX8k7mWtDtw81EuJPUszVYMrulKVIoD4
eOefOgj5AgMBAAGjggMOMIIDCjAfBgNVHSMEGDAWgBTL7z3vg3ShqELwO0A2+m2C
lKknNjA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9zcjMwLm9j
c3Auc2Vjb210cnVzdC5uZXQwMgYDVR0RBCswKYInd3d3LnNwb3J0cy10b2t5by1p
bmZvLm1ldHJvLnRva3lvLmxnLmpwMGEGA1UdIARaMFgwTAYKKoMIjJsbZIVvATA+
MDwGCCsGAQUFBwIBFjBodHRwczovL3JlcG8xLnNlY29tdHJ1c3QubmV0L3NwY3Bw
L3Bmdy9wZndzcjNjYS8wCAYGZ4EMAQICMBMGA1UdJQQMMAoGCCsGAQUFBwMBMEwG
A1UdHwRFMEMwQaA/oD2GO2h0dHA6Ly9yZXBvMS5zZWNvbXRydXN0Lm5ldC9zcGNw
cC9wZncvcGZ3c3IzY2EvZnVsbGNybDIuY3JsMB0GA1UdDgQWBBR5h/xsO+RyP4ve
IouXF79SvsW8/jAOBgNVHQ8BAf8EBAMCBaAwggF/BgorBgEEAdZ5AgQCBIIBbwSC
AWsBaQB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABbUk2doQA
AAQDAEcwRQIhAJK5HY2gUz/LqY7lPLPjeucUi2Ut5XmhGIza3K+Xsf6SAiAinYjQ
s7grEryLSkkt44vKvKPWOR0gvgsbq26k48PqKwB2AO5Lvbd1zmC64UJpH6vhnmaj
D35fsHLYgwDEe4l6qP3LAAABbUk2ffUAAAQDAEcwRQIhAOyFTwuFAAmtZhhecDnV
URs9sB15c92CsJiSQ2aUmfZJAiBHbMXJhtpPVHFExco25n5CsXexPBOfObl2+xhH
b3ka/gB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABbUk2hZ8A
AAQDAEgwRgIhAPBJTE0P0b8KxdDhQvwUpnRoH6E6lPFeWG/lw7IgEy19AiEAqpij
CcJfjVsahaXVZ5UvaDekG7V4iGosSCiNf/X+RiowDQYJKoZIhvcNAQELBQADggEB
AC3pXXTNpV0cnTOAKMZak2/Tr97XwATMK61iryI1SR9Ju2smEjXJNE91cdwqa93/
PPFLkUN87H0hzyFp2bxKtYFfRgEkU8+DzVEXWmZemAzuhSCFpRx0VLEl9pMhkaPA
2LFEOvjM4STFhJ4llA9cKMU6ftAlCyHlSsvh6xQZ7CVo1tQIzKDww61qIRO1FlMr
u8jeg6t2IDEYXPUQbzmdY+93/WBJ0Xs9z8MZnfQarDFO2Fx2JrZTjKYenG/qX7WP
M9BPa3yd8tq/n3xc5emciu17ZPD29jsKt43wmAhDGv5e6D6Vf+nxm2f5INcJHYza
UEqlAzEikv6RRvoGHaPMp9s=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/Kst6iD1VG7jhfYrZdA
RfyFKXnWfSTJD7mAMGd2H6Ny2o9uFnkq/8CmxPOuOBbAsWlLBObFnDi+pEQgsjM3
m5jw387B4nCoT3hhHAjR5Z5LJTGhR0b3QAtnpz544SlIrVUD49jmn4LIUqqiFjtg
iPAYI4DTy6XkpD+qeqIIF+/OsPqlsJnJOqDRs/0smXG+MDolNt4a6qmPu9X5Qkwa
H3J9HbWg3jnWkrUQKbI5o85dD40UN6y4tj4RXKn/8ZjjQgVWGYJOS74Bxd2ZtXaf
wR/FX+3Igw+0M/sEHa/2Bs7gRi1/JO5lrQ7cPNRLiT1LM1WDK7pSlSKA+HjnnzoI
+QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 105014963744036562647763974741644822950
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Trust Systems CO.,LTD.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Passport for Web SR 3.0 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-19 10:59:28 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-09-19 14:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tokyo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Shinjuku-ku'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tokyo Metropolitan Government'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Orimpikku pararimpikku jumbikyoku supotsusuishimbu choseika'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.sports-tokyo-info.metro.tokyo.lg.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27765856131057067195447006152198428541081731397305383483356565740112054443193406109786311262788805007742460706975293102495653469730608271163625332987481297873205043932157002384508164805690377152507488033588683414656968611127126921774602843344295631738429113413433460509220683676165429964169533988617781548502359056699380674337113192472160159881608861720324878325565981798241334458471631615287734536706072577653747673195314148149032463899239729111774579514064217972753761775549673172227566750668894733887163342357732012902889570270666894253004193906565124267577583446470606977349274990265783164089992376099667241994489
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName cbef3def8374a1a842f03b4036fa6d8294a92736
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://sr30.ocsp.secomtrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (43 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sports-tokyo-info.metro.tokyo.lg.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.392.200091.100.751.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7987fc6c3be4723f8bde228b9717bf52bec5bcfe
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016d49367684000004030047304502210092b91d8da0533fcba98ee53cb3e37ae7148b652de579a1188cdadcaf97b1fe920220229d88d0b3b82b12bc8b4a492de38bcabca3d6391d20be0b1bab6ea4e3c3ea2b007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016d49367df50000040300473045022100ec854f0b850009ad66185e7039d5511b3db01d7973dd82b0989243669499f6490220476cc5c986da4f547144c5ca36e67e42b177b13c139f39b976fb18476f791afe0077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016d4936859f0000040300483046022100f0494c4d0fd1bf0ac5d0e142fc14a674681fa13a94f15e586fe5c3b220132d7d022100aa98a309c25f8d5b1a85a5d567952f6837a41bb578886a2c48288d7ff5fe462a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002de95d74cda55d1c9d338028c65a936fd3afded7c004cc2bad62af2235491f49bb6b261235c9344f7571dc2a6bddff3cf14b91437cec7d21cf2169d9bc4ab5815f46012453cf83cd51175a665e980cee852085a51c7454b125f6932191a3c0d8b1443af8cce124c5849e25940f5c28c53a7ed0250b21e54acbe1eb1419ec2568d6d408cca0f0c3ad6a2113b516532bbbc8de83ab762031185cf5106f399d63ef77fd6049d17b3dcfc3199df41aac314ed85c7626b6538ca61e9c6fea5fb58f33d04f6b7c9df2dabf9f7c5ce5e99c8aed7b64f0f6f63b0ab78df09808431afe5ee83e957fe9f19b67f920d7091d8cda504aa503312292fe9146fa061da3cca7db