ia.ca
- Industrial Alliance Insurance and Financial Services Inc. -
Issued by Entrust Certification Authority - L1M
About this certificate
This digital certificate with serial number 54:3f:f3:a7 was issued on by Entrust, Inc..
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Industrial Alliance Insurance and Financial Services Inc.
Company registration number:
1145441037
Organization: Industrial Alliance Insurance and Financial Services Inc.
Organization: Industrial Alliance Insurance and Financial Services Inc.
State / Province:
Quebec
Locality: Qu�bec
Country: CA
Locality: Qu�bec
Country: CA
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 54:3f:f3:a7Serial Number (int): 1413477287
Serial Number lenght: 31 bits, 4 octets
SubjectKeyId: 97:17:6c:82:c4:31:d5:b3:1f:51:4b:aa:37:b4:d6:7a:31:06:34:9b
AuthorityKeyId: c3:f7:d0:b5:2a:30:ad:af:0d:91:21:70:39:54:dd:bc:89:70:c7:3a
Fingerprint (sha1): 35:ae:e4:b8:7b:aa:1c:14:06:c5:73:f4:77:5a:4e:6b:c5:73:3f:17
Fingerprint (sha256): 04:db:cd:2b:28:21:17:73:8e:23:b0:cd:2e:da:a2:e9:e0:ca:02:b7:48:73:15:bd:e7:1a:60:7e:50:ce:60:47
Issuing Certificate URL: http://aia.entrust.net/l1m-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1m.crl
Check the revocation status for certificate ia.ca
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ia.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ia.ca
www.ia.ca
cdn.ia.ca
www.ia.ca
cdn.ia.ca
Other certificates including the domain name ia.ca
(limited to 100 certificates)
partners.ia.ca
sts.accp.ia.ca
auto.ia.ca
trk.mail-corpo.ia.ca
www.security.ia.ca
sva0735.ia.iafg.net
connect.ia.ca
admin.uat-flex.ia.ca
covid-conseiller.ia.ca
test222.ia.ca
content.accp.secureweb.ia.ca
auto.ia.ca
sts.accp.ia.ca
voyagedereve.ia.ca
ia.ca
portail-02.wifi.ia.ca
security.ia.ca
GTMSS.ia.ca
test222.ia.ca
trk.mail-corpo.ia.ca
Collectif-bo-integration-2022-accp.ia.ca
linstantia.ia.ca
extension.apps.astor.ai
admin.devtest-flex.ia.ca
www.regimeiaah.ia.ca
app.lab.secure.ia.ca
www.security.ia.ca
portail-accp-01.wifi.ia.ca
testev.ia.ca
promo.ia.ca
app.flex.ia.ca
signing.ia.ca
security.ia.ca
content.devtest-flex.ia.ca
test222.ia.ca
iacampus.ia.ca
test222.ia.ca
test2222.ia.ca
securite.ia.ca
*.portal.api.ia.ca
auto.ia.ca
Collectif-bo-integration-2022-prod.ia.ca
cee.ia.ca
evolife.accp.apis.ia.ca
authentification.asmb.secureweb.ia.ca
test222.ia.ca
fs52.ia.ca
security.ia.ca
test2222.ia.ca
test2222.ia.ca
elleven.minhacentralonline.com.br
ece.ia.ca
auto.ia.ca
securite.ia.ca
auto.ia.ca
mastrategie.ia.ca
webmail.intg.ia.ca
auto.ia.ca
evo.accp.ia.ca
www.regimeiaah.ia.ca
TestWild.ia.ca
app.devtest.ia.ca
adj.accp.ia.ca
login.accp.privatewealth.ia.ca
test222.ia.ca
dialog.ia.ca
innovation.ia.ca
devjira.ia.ca
*.asmb.secureweb.ia.ca
rri.ia.ca
auto.ia.ca
GTMSSACC.ia.ca
remote01.ia.ca
www.security.ia.ca
accp.api.ia.ca
apis.ia.ca
lean.ia.ca
login.service.partners.ia.ca
login.develop.benefits.ia.ca
covid-advisor.ia.ca
evo.dev.ia.ca
auto.ia.ca
dealers.ia.ca
www.securite.ia.ca
qc-remote.ia.ca
auto.ia.ca
*.ia.ca
rest.devtest-flex.ia.ca
expw-e.uc.iafg.net
test2222.ia.ca
auto.ia.ca
intranet.intg.ia.ca
mulesoft.dev.mtls.genericsalesforce.ia.ca
expw-e.uc.iafg.net
fs52.ia.ca
content.accp.ia.ca
proxy.intg.secureweb.ia.ca
accp.apis.ia.ca
iaconnectlab.ia.ca
content.accp.secureweb.ia.ca
sts.accp.ia.ca
auto.ia.ca
trk.mail-corpo.ia.ca
www.security.ia.ca
sva0735.ia.iafg.net
connect.ia.ca
admin.uat-flex.ia.ca
covid-conseiller.ia.ca
test222.ia.ca
content.accp.secureweb.ia.ca
auto.ia.ca
sts.accp.ia.ca
voyagedereve.ia.ca
ia.ca
portail-02.wifi.ia.ca
security.ia.ca
GTMSS.ia.ca
test222.ia.ca
trk.mail-corpo.ia.ca
Collectif-bo-integration-2022-accp.ia.ca
linstantia.ia.ca
extension.apps.astor.ai
admin.devtest-flex.ia.ca
www.regimeiaah.ia.ca
app.lab.secure.ia.ca
www.security.ia.ca
portail-accp-01.wifi.ia.ca
testev.ia.ca
promo.ia.ca
app.flex.ia.ca
signing.ia.ca
security.ia.ca
content.devtest-flex.ia.ca
test222.ia.ca
iacampus.ia.ca
test222.ia.ca
test2222.ia.ca
securite.ia.ca
*.portal.api.ia.ca
auto.ia.ca
Collectif-bo-integration-2022-prod.ia.ca
cee.ia.ca
evolife.accp.apis.ia.ca
authentification.asmb.secureweb.ia.ca
test222.ia.ca
fs52.ia.ca
security.ia.ca
test2222.ia.ca
test2222.ia.ca
elleven.minhacentralonline.com.br
ece.ia.ca
auto.ia.ca
securite.ia.ca
auto.ia.ca
mastrategie.ia.ca
webmail.intg.ia.ca
auto.ia.ca
evo.accp.ia.ca
www.regimeiaah.ia.ca
TestWild.ia.ca
app.devtest.ia.ca
adj.accp.ia.ca
login.accp.privatewealth.ia.ca
test222.ia.ca
dialog.ia.ca
innovation.ia.ca
devjira.ia.ca
*.asmb.secureweb.ia.ca
rri.ia.ca
auto.ia.ca
GTMSSACC.ia.ca
remote01.ia.ca
www.security.ia.ca
accp.api.ia.ca
apis.ia.ca
lean.ia.ca
login.service.partners.ia.ca
login.develop.benefits.ia.ca
covid-advisor.ia.ca
evo.dev.ia.ca
auto.ia.ca
dealers.ia.ca
www.securite.ia.ca
qc-remote.ia.ca
auto.ia.ca
*.ia.ca
rest.devtest-flex.ia.ca
expw-e.uc.iafg.net
test2222.ia.ca
auto.ia.ca
intranet.intg.ia.ca
mulesoft.dev.mtls.genericsalesforce.ia.ca
expw-e.uc.iafg.net
fs52.ia.ca
content.accp.ia.ca
proxy.intg.secureweb.ia.ca
accp.apis.ia.ca
iaconnectlab.ia.ca
content.accp.secureweb.ia.ca
Certificate
The complete raw certificate details for ia.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHozCCBougAwIBAgIEVD/zpzANBgkqhkiG9w0BAQsFADCBujELMAkGA1UEBhMC VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50 cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDE0IEVudHJ1c3Qs IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwGA1UEAxMlRW50cnVz dCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxTTAeFw0xNTAxMjYyMDI2Mzha Fw0xNzAxMjcwMDA5MzFaMIHlMQswCQYDVQQGEwJDQTEPMA0GA1UECBMGUXVlYmVj MQ8wDQYDVQQHFAZRdeliZWMxEzARBgsrBgEEAYI3PAIBAxMCQ0ExFzAVBgsrBgEE AYI3PAIBAhMGUXVlYmVjMUIwQAYDVQQKEzlJbmR1c3RyaWFsIEFsbGlhbmNlIElu c3VyYW5jZSBhbmQgRmluYW5jaWFsIFNlcnZpY2VzIEluYy4xHTAbBgNVBA8TFFBy aXZhdGUgT3JnYW5pemF0aW9uMRMwEQYDVQQFEwoxMTQ1NDQxMDM3MQ4wDAYDVQQD EwVpYS5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMOyNml5vL/9 FcXt5fr0HL7gQ3Fm5zoMLI1G1syElGHDrMqV+Pt7b5n3Ph3z48sz2fM6qufHwotV LFccus3qi4iU0Ez8jNIYansX4f+a+iK+ajtyO0roi+BNGcHPSLBQ7JBmEiiIj3L9 /C/EQrRItaWdcjSj+2BDn07csoDxXKegEa4huGh/s+Cc1cRTUdPa+BjmlE8cdJaX JfOhDd+f6mFtAGaKP4sXM9bD+PwJBQJR7goTRtNbgZipw9ciXtgBON+ey1Q7Y4Np USbhGUEZ/WzBVJ3ilQGrOsLKfBpuk2XwfPz67Jz5vS+jPPuG0dmmH0ulYlOhtWuu IIM8yWD+ZkECAwEAAaOCA4IwggN+MCYGA1UdEQQfMB2CBWlhLmNhggl3d3cuaWEu Y2GCCWNkbi5pYS5jYTCCAfkGCisGAQQB1nkCBAIEggHpBIIB5QHjAHcAaPaY+B9k gr46jO65KB1M/HFRXWeT1ETRCmesu09P+8QAAAFLKAaKBwAABAMASDBGAiEA50rp So2NvKqpEeuLF2nemF0PU6tt5e83uxtPbowDug0CIQCkoeEl384Cg8ivVGuS76Ty pBA6RgPy1mYQZUrPZUUdFAB3AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXW idDdAAABSygGjmIAAAQDAEgwRgIhAP+p2DPdFkBTOOo2cwXG6XldXP6KSvTlBtpT Wa18GoEoAiEAt3v8jb4t/yQmROYcmDzXCuSIPbuSeh09L/O+DJpAFwcAdgCkuQmQ tBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAUsoBpBHAAAEAwBHMEUCIQDg zLbAc9kaNYny0pDBq0OYtWF0ndSIpa1sSOaVVGoQKgIgbEiaiCEwwKbBaablyKQH g+eV/N61pYValxzvfwaVIgoAdwDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJ eqj9ywAAAUsoBqA0AAAEAwBIMEYCIQCgsGlAWJPzQZx0URp+aNKndACCywhQN1YG NVP5ttR+7wIhAIB4Lcl+eLNWvy9e4ozXrWt45ZwQO7NUNkylXL43V+3+MAsGA1Ud DwQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwaAYIKwYBBQUH AQEEXDBaMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAzBggr BgEFBQcwAoYnaHR0cDovL2FpYS5lbnRydXN0Lm5ldC9sMW0tY2hhaW4yNTYuY2Vy MDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwx bS5jcmwwQQYDVR0gBDowODA2BgpghkgBhvpsCgECMCgwJgYIKwYBBQUHAgEWGmh0 dHA6Ly93d3cuZW50cnVzdC5uZXQvcnBhMB8GA1UdIwQYMBaAFMP30LUqMK2vDZEh cDlU3byJcMc6MB0GA1UdDgQWBBSXF2yCxDHVsx9RS6o3tNZ6MQY0mzAJBgNVHRME AjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBe8dIdZ6KXksPs9Kkgh5lMh9Zzp0G7vPO1 1gNBkDYQ5OrC/2fZYKW7TZOKIto+Z97He1C1Krau2W0hDxqdJpJQuTT5ca/QyxDq BjqRUrbuwMITB5rYLu7/5MC/zfhkCIBrUP1BJRE59iipqlwui/bqhEKFfIBAKmQ0 hjBK6B1NO4HQkAIGGpJ6H6iqM/p8EZYLgVDCbxfXwo+ucDt+dBhULbVrFhUgIIeB wlCNQLrvtL403BGAUIUCLjU4HSgu2Tcn5wkCniQmlg2GvXvDrA5aXb39ZkoHUOz6 05/zTwg9D5jGub7G8ro5jiImNfBK1xsdLZd8lgOiESIRCzUWg9qv -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7I2aXm8v/0Vxe3l+vQc vuBDcWbnOgwsjUbWzISUYcOsypX4+3tvmfc+HfPjyzPZ8zqq58fCi1UsVxy6zeqL iJTQTPyM0hhqexfh/5r6Ir5qO3I7SuiL4E0Zwc9IsFDskGYSKIiPcv38L8RCtEi1 pZ1yNKP7YEOfTtyygPFcp6ARriG4aH+z4JzVxFNR09r4GOaUTxx0lpcl86EN35/q YW0AZoo/ixcz1sP4/AkFAlHuChNG01uBmKnD1yJe2AE4357LVDtjg2lRJuEZQRn9 bMFUneKVAas6wsp8Gm6TZfB8/PrsnPm9L6M8+4bR2aYfS6ViU6G1a64ggzzJYP5m QQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1413477287 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2014 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1M' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-01-26 20:26:38 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-01-27 00:09:31 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Quebec' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Qu�bec' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Quebec' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Industrial Alliance Insurance and Financial Services Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1145441037' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ia.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24704349350600166229543662655422729144689422297884128738302939882478194728341415476583304722743096501611616510978769999300467908466930314382033267735254808954112126777005785293603057376006113343903841214247522971713641745704218741068598570459981606818552762288705898218998108501439538699788828940548950006736785900010653109735707673408375309744607669761863330682988056346456543640346014993114173135106269214279791684851389098557613453198730338296222374156208175023469328771464186557568753888275038932522768297575918242540082702212385484285418505873562641209745643924037508872404324422543607930753176385987936683714113 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (31 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ia.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ia.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.ia.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (489 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes) 01e300770068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc40000014b28068a070000040300483046022100e74ae94a8d8dbcaaa911eb8b1769de985d0f53ab6de5ef37bb1b4f6e8c03ba0d022100a4a1e125dfce0283c8af546b92efa4f2a4103a4603f2d66610654acf65451d140077005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd0000014b28068e620000040300483046022100ffa9d833dd16405338ea367305c6e9795d5cfe8a4af4e506da5359ad7c1a8128022100b77bfc8dbe2dff242644e61c983cd70ae4883dbb927a1d3d2ff3be0c9a401707007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000014b280690470000040300473045022100e0ccb6c073d91a3589f2d290c1ab4398b561749dd488a5ad6c48e695546a102a02206c489a882130c0a6c169a6e5c8a40783e795fcdeb5a5855a971cef7f0695220a007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000014b2806a0340000040300483046022100a0b069405893f3419c74511a7e68d2a7740082cb08503756063553f9b6d47eef02210080782dc97e78b356bf2f5ee28cd7ad6b78e59c103bb354364ca55cbe3757edfe . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1m-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1m.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.2 (Entrust EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c3f7d0b52a30adaf0d9121703954ddbc8970c73a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 97176c82c431d5b31f514baa37b4d67a3106349b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005ef1d21d67a29792c3ecf4a92087994c87d673a741bbbcf3b5d60341903610e4eac2ff67d960a5bb4d938a22da3e67dec77b50b52ab6aed96d210f1a9d269250b934f971afd0cb10ea063a9152b6eec0c213079ad82eeeffe4c0bfcdf86408806b50fd41251139f628a9aa5c2e8bf6ea8442857c80402a643486304ae81d4d3b81d09002061a927a1fa8aa33fa7c11960b8150c26f17d7c28fae703b7e7418542db56b161520208781c2508d40baefb4be34dc11805085022e35381d282ed93727e709029e2426960d86bd7bc3ac0e5a5dbdfd664a0750ecfad39ff34f083d0f98c6b9bec6f2ba398e222635f04ad71b1d2d977c9603a21122110b351683daaf