sdc20_dev.pfizer.com
- Pfizer Incorporated -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number bd:7d:a0:e5:1e:1c:50:3a:00:00:00:00:50:e1:72:ed was issued on by Entrust, Inc..
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- The DNS name 'sdc20_dev.pfizer.com' contains an underscore (_) character Before explicitly stating as such in CABF 1.6.2, the stance of RFC5280 is adopted that DNSNames MUST NOT contain an underscore character. (BR 7.1.4.2.1)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- DNSName MUST NOT contain underscore characters (BRs: 7.1.4.2.1)
- DNSName MUST NOT contain underscore characters (RFC5280: 4.1.2.6)
Pfizer Incorporated
Organization:
Pfizer Incorporated
State / Province:
Connecticut
Locality: Groton
Country: US
Locality: Groton
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): bd:7d:a0:e5:1e:1c:50:3a:00:00:00:00:50:e1:72:edSerial Number (int): 251876391648770532543006334442671272685
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: a6:68:e9:fc:79:91:fb:bf:8a:18:90:ec:d3:56:92:89:73:60:61:33
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 8e:77:4d:b9:a2:0c:71:f7:f2:59:17:9d:97:c9:d6:32:9a:55:dc:92
Fingerprint (sha256): 04:2e:43:be:09:65:5c:3e:a1:2c:50:6e:b3:8c:0b:4c:a0:b6:a1:de:69:78:e7:e6:10:b2:4b:0c:05:d6:80:94
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate sdc20_dev.pfizer.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sdc20_dev.pfizer.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sdc20_dev.pfizer.com
amraelp00005239.pfizer.com
sdc-dev.pfizer.com
amraelp00005239.pfizer.com
sdc-dev.pfizer.com
Other certificates including the domain name pfizer.com
(limited to 100 certificates)
artifactory.pfizer.com
som-bc-drp-04.pfizer.com
*.us.digitalpfizer.com
www.pfizer.com
sni.cloudflaressl.com
cdeportalapi.pfizer.com
imsws.pfizer.com
*.us3.digitalpfizer.com
rdctest.pfizer.com
pfizer.com
datacloudm.pfizer.com
domains.pfizer.com
pharmatictur.pfizer.com
logonv2dmz.pfizer.com
*.eu2.digitalpfizer.com
maintenance.pfizer.com
*.sf4.digitalpfizer.com
*.eu.digitalpfizer.com
canvas-webbuilder-qa04.pfizer.com
mmstatus.pfizer.com
stgfederate.pfizer.com
boxinterface.pfizer.com
partnerportal.pfizer.com
sni.cloudflaressl.com
*.apac3.digitalpfizer.com
amrvwp000005418.amer.pfizer.com
epp-stg.pfizer.com
devfederate.pfizer.com
sni.cloudflaressl.com
sni.cloudflaressl.com
gbi-bti-sdc-es-prod.pfizer.com
sni.cloudflaressl.com
CLM-API-2.Pfizer.com
groxs40a.pfizer.com
sni.cloudflaressl.com
sni.cloudflaressl.com
*.eu2.digitalpfizer.com
azpksim.pfizer.com
*.sf3.digitalpfizer.com
sni.cloudflaressl.com
aribaprime-dr-new.pfizer.com
ariba-stg.pfizer.com
sni.cloudflaressl.com
lshdev2-cal.pfizer.com
gbi-insightsnow-api.pfizer.com
epartner.pfizer.com
uc17.janrainengage.com
sni.cloudflaressl.com
sni.cloudflaressl.com
ebusiness-bi.pfizer.com
*.us2.digitalpfizer.com
*.us8.digitalpfizer.com
e1.pfizer.com
www.primehemophilia.pfizer.com
promosprime.pfizer.com
ariba.pfizer.com
promos-ppd.pfizer.com
sni.cloudflaressl.com
xeljanz.pca.pfizer.com
sni.cloudflaressl.com
sdctst.pfizer.com
*.sf3.digitalpfizer.com
cdn.digitalpfizer.com
sdc20_dev.pfizer.com
sni.cloudflaressl.com
*.opx.janrain.ws
*.sf3.digitalpfizer.com
sni.cloudflaressl.com
amrsomw1527.amer.pfizer.com
*.eu.digitalpfizer.com
spotfirebi7sbx.pfizer.com
tie.pfizer.com
sni.cloudflaressl.com
pfizergardens.com
sni.cloudflaressl.com
sni.cloudflaressl.com
secxs40a
*.pfizergardens.com
apsis.pfizer.com
uc18.janrainengage.com
*.eu6.digitalpfizer.com
sni.cloudflaressl.com
datacloudmdr.pfizer.com
pxedpass.pfizer.com
rdcext.pfizer.com
myservicepartner.pfizer.com
san-11-s51.tlsprovisioning.exacttarget.com
pwondemand.pfizer.com
impalastg.pfizer.com
*.apac3.digitalpfizer.com
artifactory.pfizer.com
sni.cloudflaressl.com
devfederate.pfizer.com
sni.cloudflaressl.com
onetimesetupsom.pfizer.com
sni.cloudflaressl.com
*.us7.digitalpfizer.com
sma-dev.pfizer.com
cmtnl.pfizer.com
pfizergardens.com
som-bc-drp-04.pfizer.com
*.us.digitalpfizer.com
www.pfizer.com
sni.cloudflaressl.com
cdeportalapi.pfizer.com
imsws.pfizer.com
*.us3.digitalpfizer.com
rdctest.pfizer.com
pfizer.com
datacloudm.pfizer.com
domains.pfizer.com
pharmatictur.pfizer.com
logonv2dmz.pfizer.com
*.eu2.digitalpfizer.com
maintenance.pfizer.com
*.sf4.digitalpfizer.com
*.eu.digitalpfizer.com
canvas-webbuilder-qa04.pfizer.com
mmstatus.pfizer.com
stgfederate.pfizer.com
boxinterface.pfizer.com
partnerportal.pfizer.com
sni.cloudflaressl.com
*.apac3.digitalpfizer.com
amrvwp000005418.amer.pfizer.com
epp-stg.pfizer.com
devfederate.pfizer.com
sni.cloudflaressl.com
sni.cloudflaressl.com
gbi-bti-sdc-es-prod.pfizer.com
sni.cloudflaressl.com
CLM-API-2.Pfizer.com
groxs40a.pfizer.com
sni.cloudflaressl.com
sni.cloudflaressl.com
*.eu2.digitalpfizer.com
azpksim.pfizer.com
*.sf3.digitalpfizer.com
sni.cloudflaressl.com
aribaprime-dr-new.pfizer.com
ariba-stg.pfizer.com
sni.cloudflaressl.com
lshdev2-cal.pfizer.com
gbi-insightsnow-api.pfizer.com
epartner.pfizer.com
uc17.janrainengage.com
sni.cloudflaressl.com
sni.cloudflaressl.com
ebusiness-bi.pfizer.com
*.us2.digitalpfizer.com
*.us8.digitalpfizer.com
e1.pfizer.com
www.primehemophilia.pfizer.com
promosprime.pfizer.com
ariba.pfizer.com
promos-ppd.pfizer.com
sni.cloudflaressl.com
xeljanz.pca.pfizer.com
sni.cloudflaressl.com
sdctst.pfizer.com
*.sf3.digitalpfizer.com
cdn.digitalpfizer.com
sdc20_dev.pfizer.com
sni.cloudflaressl.com
*.opx.janrain.ws
*.sf3.digitalpfizer.com
sni.cloudflaressl.com
amrsomw1527.amer.pfizer.com
*.eu.digitalpfizer.com
spotfirebi7sbx.pfizer.com
tie.pfizer.com
sni.cloudflaressl.com
pfizergardens.com
sni.cloudflaressl.com
sni.cloudflaressl.com
secxs40a
*.pfizergardens.com
apsis.pfizer.com
uc18.janrainengage.com
*.eu6.digitalpfizer.com
sni.cloudflaressl.com
datacloudmdr.pfizer.com
pxedpass.pfizer.com
rdcext.pfizer.com
myservicepartner.pfizer.com
san-11-s51.tlsprovisioning.exacttarget.com
pwondemand.pfizer.com
impalastg.pfizer.com
*.apac3.digitalpfizer.com
artifactory.pfizer.com
sni.cloudflaressl.com
devfederate.pfizer.com
sni.cloudflaressl.com
onetimesetupsom.pfizer.com
sni.cloudflaressl.com
*.us7.digitalpfizer.com
sma-dev.pfizer.com
cmtnl.pfizer.com
pfizergardens.com
Certificate
The complete raw certificate details for sdc20_dev.pfizer.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgIRAL19oOUeHFA6AAAAAFDhcu0wDQYJKoZIhvcNAQELBQAw gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg MjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcN MTgwNDA0MTg0OTA3WhcNMTkwNDA0MTkxOTA3WjBxMQswCQYDVQQGEwJVUzEUMBIG A1UECBMLQ29ubmVjdGljdXQxDzANBgNVBAcTBkdyb3RvbjEcMBoGA1UEChMTUGZp emVyIEluY29ycG9yYXRlZDEdMBsGA1UEAwwUc2RjMjBfZGV2LnBmaXplci5jb20w ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAzoRA6yvqD2U8e4LAXY3C YSEaJd9o5H0jaWVgwnQgdTachtGNgCbfK6fD8L4CUd+zMPdHkvjF2BZqMBB+U6fV nLAlD311362H7qS6v0x3eMTOz6wbrMiVd622xzRSRhGPioRqTPjyMa0jHudDltVV 5qgI0d/S2HqKQFMTWArRQSCYhLuVcjaR2YS5ZW4e3FCN2whZ6IKXv18AHmMRAXfm iCX+kJRTGtboR7uC/hJOi+4eaHGMB30NnMz5Nyz2LySRuHPhqnvXjjg0coFI2Lg3 hWBAEDcye2lPXranWIXPdfolPQdOR/jKmkXMD+i212T/B/9PkGcFgXfZ5aMVyAu1 AgMBAAGjggHQMIIBzDATBgorBgEEAdZ5AgQDAQH/BAIFADBPBgNVHREESDBGghRz ZGMyMF9kZXYucGZpemVyLmNvbYIaYW1yYWVscDAwMDA1MjM5LnBmaXplci5jb22C EnNkYy1kZXYucGZpemVyLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwu ZW50cnVzdC5uZXQvbGV2ZWwxay5jcmwwSwYDVR0gBEQwQjA2BgpghkgBhvpsCgEF MCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuZW50cnVzdC5uZXQvcnBhMAgGBmeB DAECAjBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVu dHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0L2wx ay1jaGFpbjI1Ni5jZXIwHwYDVR0jBBgwFoAUgqJwdN28Uz/Pe9T3zX+nYMYKTL8w HQYDVR0OBBYEFKZo6fx5kfu/ihiQ7NNWkolzYGEzMAkGA1UdEwQCMAAwDQYJKoZI hvcNAQELBQADggEBACovQ+rRGMD1fpVJ0KPZPdP4ZxOlUCMnl5AlG5Z1AIPL//SD vdcDsBygvCnDPmxh5ePPzKlwoU/reMNR7CtAdottJOZPl/QzRRWUyUHHLy+mFObI jwG0ZIy5+cCSin72tlfzV4amjw418pCRrr5ant9K0oEgR/+P50hJpAJKa4YyXywx 2Be5KJhIKEs81GWUJTngs1Xp77c8ySakIW4vmcqpErxQYcxc62t+lpxDHqCBMZWJ TKHKrDojrDI75kaou/BXpl5Xnyn0HC7QIbFdudSwzUlvd0M4OCFzZw0IDmJN3lra EowItmc0LxRa1IarJvnxRFTy9R2gUMKOCxgFc8w= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM6EQOsr6g9lPHuCwF2N wmEhGiXfaOR9I2llYMJ0IHU2nIbRjYAm3yunw/C+AlHfszD3R5L4xdgWajAQflOn 1ZywJQ99dd+th+6kur9Md3jEzs+sG6zIlXettsc0UkYRj4qEakz48jGtIx7nQ5bV VeaoCNHf0th6ikBTE1gK0UEgmIS7lXI2kdmEuWVuHtxQjdsIWeiCl79fAB5jEQF3 5ogl/pCUUxrW6Ee7gv4STovuHmhxjAd9DZzM+Tcs9i8kkbhz4ap71444NHKBSNi4 N4VgQBA3MntpT162p1iFz3X6JT0HTkf4yppFzA/ottdk/wf/T5BnBYF32eWjFcgL tQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 251876391648770532543006334442671272685 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-04 18:49:07 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-04 19:19:07 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Connecticut' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Groton' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pfizer Incorporated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'sdc20_dev.pfizer.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24339591692147798914139419329007950717797174409971831052498863101263241850638128989631898201131698061904415467771260227249062531349947900763411762780759714553917665728190631469666451696669021228445864834419567675476646302000760004668438686304084083562845793614164132678404618711837135670272198326069055067414896148548308551711392064131172261958908801234168790760532211309660196667292002079796737995936878674771484112705423370996809603004115840067631404083036772369851776095868223037065436124955956674543549382799821683353313203740237526863454377069502231327774889192006999579017608997079564619041748679666987491134389 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sdc20_dev.pfizer.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'amraelp00005239.pfizer.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sdc-dev.pfizer.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a668e9fc7991fbbf8a1890ecd356928973606133 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002a2f43ead118c0f57e9549d0a3d93dd3f86713a55023279790251b96750083cbfff483bdd703b01ca0bc29c33e6c61e5e3cfcca970a14feb78c351ec2b40768b6d24e64f97f433451594c941c72f2fa614e6c88f01b4648cb9f9c0928a7ef6b657f35786a68f0e35f29091aebe5a9edf4ad2812047ff8fe74849a4024a6b86325f2c31d817b9289848284b3cd465942539e0b355e9efb73cc926a4216e2f99caa912bc5061cc5ceb6b7e969c431ea0813195894ca1caac3a23ac323be646a8bbf057a65e579f29f41c2ed021b15db9d4b0cd496f774338382173670d080e624dde5ada128c08b667342f145ad486ab26f9f14454f2f51da050c28e0b180573cc