*.jefferson.edu

- Thomas Jefferson University -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number a4:b2:1a:5f:c7:99:2f:bf:00:00:00:00:50:ee:94:8b was issued on by Entrust, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Thomas Jefferson University

Organization: Thomas Jefferson University
State / Province: Pennsylvania
Locality: Philadelphia
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): a4:b2:1a:5f:c7:99:2f:bf:00:00:00:00:50:ee:94:8b
Serial Number (int): 218918155080643244352047400140955096203
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 99:8e:37:42:5b:62:2f:b4:3e:43:26:0f:23:fb:43:5e:68:75:5e:f3
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): 09:ef:30:db:38:c6:6d:a9:c3:c4:84:71:e1:85:8b:c1:a7:fc:7a:d5
Fingerprint (sha256): 04:93:30:e0:41:21:b2:d9:93:c3:e8:c8:9e:a8:6a:b4:58:e0:e9:0f:52:bb:bf:1a:11:7b:21:25:f6:c3:f7:f3

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate *.jefferson.edu

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.jefferson.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.jefferson.edu
jefferson.edu

Other certificates including the domain name jefferson.edu

(limited to 100 certificates)
xvm13.jefferson.edu
jeffcal.jefferson.edu
www.spanish4all.tk
*.jefferson.edu
live.collegeserve.org
pollina.jefferson.edu
author-stage.jefferson.edu
n002.offcampuspartners.com
n002.offcampuspartners.com
offcampushousing.fau.edu
*.jefferson.edu
nexus.jefferson.edu
n002.offcampuspartners.com
author-stage.jefferson.edu
offcampushousing.fau.edu
brindmarcustore.jefferson.edu
offcampushousing.fau.edu
attend.jefferson.edu
ewebapp02pa.jefferson.edu
brindmarcustore.jefferson.edu
sfunder10cert.net
sfunder10cert.net
jdc.jefferson.edu
*.jefferson.edu
n002.offcampuspartners.com
n002.offcampuspartners.com
cme.jefferson.edu
giftmap.jefferson.edu
jdc.jefferson.edu
cloud.hocusfocus.no
n002.offcampuspartners.com
www.eastfalls.jefferson.edu
*.jefferson.edu
offcampushousing.fau.edu
cme.jefferson.edu
jefferson-payments.jefferson.edu
brindmarcusstore.jefferson.edu
pvs01-a.jefferson.edu
offcampushousing.fau.edu
one.jefferson.edu
offcampushousing.fau.edu
brindmarcusstore.jefferson.edu
jefferson-payments.jefferson.edu
heathrobotics.com
leeds.jefferson.edu
offcampushousing.fau.edu
brindmarcusstore.jefferson.edu
jdc.jefferson.edu
brindmarcusstore.jefferson.edu
jefferson-payments.jefferson.edu
offcampushousing.fau.edu
qlicktest02.tju-res.jefferson.edu
jefferson-payments.jefferson.edu
*.jefferson.edu
*.jefferson.edu
creative.jefferson.edu
offcampushousing.fau.edu
leadership.jefferson.edu
brindmarcustore.jefferson.edu
n002.offcampuspartners.com
bootspruefung.de
jefferson-payments.jefferson.edu
brindmarcustore.jefferson.edu
online.jefferson.edu
connectvpn.jefferson.edu
n002.offcampuspartners.com
degreeworks.jefferson.edu
eastfalls.jefferson.edu
offcampushousing.fau.edu
n002.offcampuspartners.com
brindmarcustore.jefferson.edu
n002.offcampuspartners.com
jdc.jefferson.edu
online.jefferson.edu
n002.offcampuspartners.com
my.jefferson.edu
*.jefferson.edu
*.jefferson.edu
n002.offcampuspartners.com
banadmin02pb.jefferson.edu
jdc.jefferson.edu
sfunder10cert.net
cme.jefferson.edu
banxeadmc07.jefferson.edu
n002.offcampuspartners.com
offcampushousing.fau.edu
apps.jeffersonhospital.org
brindmarcusstore.jefferson.edu
cm.jefferson.edu
leadership.jefferson.edu
www.enchird.com
offcampushousing.fau.edu
Directpnrprod.jefferson.edu
fairwarning.jefferson.edu
www.eastfalls.jefferson.edu
offcampushousing.fau.edu
brindmarcusstore.jefferson.edu
canvas.jefferson.edu
giftmap.jefferson.edu
offcampushousing.fau.edu

Certificate

The complete raw certificate details for *.jefferson.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIRAKSyGl/HmS+/AAAAAFDulIswDQYJKoZIhvcNAQELBQAw
gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL
Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg
MjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs
BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcN
MTkwMzA3MTUyNTUwWhcNMjEwMjI1MTU1NTQ5WjB7MQswCQYDVQQGEwJVUzEVMBMG
A1UECBMMUGVubnN5bHZhbmlhMRUwEwYDVQQHEwxQaGlsYWRlbHBoaWExJDAiBgNV
BAoTG1Rob21hcyBKZWZmZXJzb24gVW5pdmVyc2l0eTEYMBYGA1UEAwwPKi5qZWZm
ZXJzb24uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqRuPx00
AgpmCAHENJk+bw+M1ZVuFimaZy+S8V8BeOI3pOmOVmQry1kZYem9sR/DW0cIOMMw
b6VXazdR9jXm/AkC9U3sSec+W7KhNyClmS0AXU2ZnS8d/8+mSgGSDfnamU9FGbgG
nmo2FOpkP3Fp1XYNOtBD//GyA04CSLD2+3wyo9zHvTb7hCPwSXUympjdC0WFK6L8
s20T0KgPk14E/+j2ZwEiCdoP6lnsO026QuAbuU6XCjrpeBQts8A+atB9lBP4r6k3
P/21QcEtkU+3c/XzmEL3+fV4fuvG9slmbb+Z1G8xrWfKKRqUC7Pal1yD9ryHT/o/
5Hxm2eL/jXfqlQIDAQABo4IBqjCCAaYwEwYKKwYBBAHWeQIEAwEB/wQCBQAwKQYD
VR0RBCIwIIIPKi5qZWZmZXJzb24uZWR1gg1qZWZmZXJzb24uZWR1MA4GA1UdDwEB
/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwMwYDVR0fBCww
KjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNybDBLBgNV
HSAERDBCMDYGCmCGSAGG+mwKAQUwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5l
bnRydXN0Lm5ldC9ycGEwCAYGZ4EMAQICMGgGCCsGAQUFBwEBBFwwWjAjBggrBgEF
BQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYIKwYBBQUHMAKGJ2h0dHA6
Ly9haWEuZW50cnVzdC5uZXQvbDFrLWNoYWluMjU2LmNlcjAfBgNVHSMEGDAWgBSC
onB03bxTP8971PfNf6dgxgpMvzAdBgNVHQ4EFgQUmY43QltiL7Q+QyYPI/tDXmh1
XvMwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAttnINq9TPYZKq7RH3kaW
SAzUb3hSgPgimm4CIQi00//TdpqhWD15Bc1SKd8UIMTwKZXmkhQ2HDJ3I53DcDNX
5pENzimU4v9EpX9+VqMUuHunB49IhfrMVzak865S3EfdpBPFUrRcswMcig7X1lnk
pv7Gy7krc4i/1ineuWUhuN6SNA7mKt4Rkk84Dgk1WPP0IyruoDl4eMo97IcqaPs6
4MzDk3b32BAF0edkfBuCPQSjVYPoFGcC3wKaoayMEAUfO8li8IC8LupV/xSk8Fdi
h+bgOVgpuG+u7l+p52XmXezzb73bYV4tK/34ssc0/T4+QuQSKQDZU4ZRMqnMWOrm
Hg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqRuPx00AgpmCAHENJk+
bw+M1ZVuFimaZy+S8V8BeOI3pOmOVmQry1kZYem9sR/DW0cIOMMwb6VXazdR9jXm
/AkC9U3sSec+W7KhNyClmS0AXU2ZnS8d/8+mSgGSDfnamU9FGbgGnmo2FOpkP3Fp
1XYNOtBD//GyA04CSLD2+3wyo9zHvTb7hCPwSXUympjdC0WFK6L8s20T0KgPk14E
/+j2ZwEiCdoP6lnsO026QuAbuU6XCjrpeBQts8A+atB9lBP4r6k3P/21QcEtkU+3
c/XzmEL3+fV4fuvG9slmbb+Z1G8xrWfKKRqUC7Pal1yD9ryHT/o/5Hxm2eL/jXfq
lQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 218918155080643244352047400140955096203
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-07 15:25:50 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-02-25 15:55:49 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pennsylvania'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Philadelphia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thomas Jefferson University'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.jefferson.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22551502059775566248081122855347323133059433571027803204892809019215269913266629612144757920051283042843392176432290660372700466986944674059115056891339014137503448045077324717268569864338923832576917198290774001696920860956969852309776699068443270187613980276133502602280363904106683710741350761363065409112014431997702627013537359222372634956093378850946979976243728872363912273354032656252378781055973685858591124052956703217732514252553919266313561330249089378262798726434790418384492249480905965474404442840195933946105493799234989183270710476518180314552310382011496907718272036706028934182098603025494084938389
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jefferson.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jefferson.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							998e37425b622fb43e43260f23fb435e68755ef3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b6d9c836af533d864aabb447de4696480cd46f785280f8229a6e022108b4d3ffd3769aa1583d7905cd5229df1420c4f02995e69214361c3277239dc3703357e6910dce2994e2ff44a57f7e56a314b87ba7078f4885facc5736a4f3ae52dc47dda413c552b45cb3031c8a0ed7d659e4a6fec6cbb92b7388bfd629deb96521b8de92340ee62ade11924f380e093558f3f4232aeea0397878ca3dec872a68fb3ae0ccc39376f7d81005d1e7647c1b823d04a35583e8146702df029aa1ac8c10051f3bc962f080bc2eea55ff14a4f0576287e6e0395829b86faeee5fa9e765e65decf36fbddb615e2d2bfdf8b2c734fd3e3e42e4122900d953865132a9cc58eae61e