www.niche.tohoku.ac.jp

- Tohoku University -

Issued by NII Open Domain CA - G5

About this certificate

This digital certificate with serial number 5c:ff:24:24:9a:0f:da:2f:aa:4a:39:ac:d5:fe:49:02 was issued on by National Institute of Informatics.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

Tohoku University

Organization: Tohoku University
Organization unit: NICHe
State / Province: Miyagi
Locality: Sendai-shi
Country: JP

National Institute of Informatics

Organization: National Institute of Informatics
Country: JP

This certificate has expire since

Certificate Details

Serial Number (hex): 5c:ff:24:24:9a:0f:da:2f:aa:4a:39:ac:d5:fe:49:02
Serial Number (int): 123613744377778079081019222195825428738
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 2e:6f:a3:8f:6c:92:80:da:23:20:5c:a2:35:ad:a9:0c:85:af:5d:d9
AuthorityKeyId: 67:3a:3a:c1:6b:b7:1c:a6:41:46:39:30:84:c8:69:00:59:11:58:c1

Fingerprint (sha1): 05:4c:5c:c0:2f:c7:6b:c7:e4:12:3d:15:7c:ad:58:bc:00:b3:1f:d1
Fingerprint (sha256): 05:2f:55:a1:03:90:09:a8:fe:4a:28:b6:7e:bd:90:a9:14:eb:d5:31:05:8e:3b:c7:62:43:25:1c:04:e3:cc:b7


Revocation information

OCSP Server: http://niig5.ocsp.secomtrust.net
CRL Distribution Point: http://repo1.secomtrust.net/sppca/nii/odca3/fullcrlg5.crl

Check the revocation status for certificate www.niche.tohoku.ac.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.niche.tohoku.ac.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.niche.tohoku.ac.jp

Other certificates including the domain name tohoku.ac.jp

(limited to 100 certificates)
exam.med.tohoku.ac.jp
www.idac.tohoku.ac.jp
*.sc.imr.tohoku.ac.jp
www.nme.mech.tohoku.ac.jp
www.diverta.co.jp
iport.material.tohoku.ac.jp
shimoji.sb.ecei.tohoku.ac.jp
rp.db.tains.tohoku.ac.jp
mail.fris.tohoku.ac.jp
pmail.riec.tohoku.ac.jp
takuhon.lab.irides.tohoku.ac.jp
aem-www.imr.tohoku.ac.jp
caslc.sb.ecei.tohoku.ac.jp
aomobi.niche.tohoku.ac.jp
www.astr.tohoku.ac.jp
emc.tohoku.ac.jp
thistle.cite.tohoku.ac.jp
www.diverta.co.jp
www.diverta.co.jp
defiant.ei.tohoku.ac.jp
applicant.insc.tohoku.ac.jp
smartcampus.ecei.tohoku.ac.jp
www.sc.isc.tohoku.ac.jp
esns.econ.tohoku.ac.jp
www3.tains.tohoku.ac.jp
dragon.ei.tohoku.ac.jp
www.econ.tohoku.ac.jp
applicant.eng.tohoku.ac.jp
takuhon.lab.irides.tohoku.ac.jp
c.bureau.tohoku.ac.jp
seaotter.cite.tohoku.ac.jp
www.hpc.cc.tohoku.ac.jp
rcc.niche.tohoku.ac.jp
work.bureau.tohoku.ac.jp
www.diverta.co.jp
web.med.tohoku.ac.jp
banana.cite.tohoku.ac.jp
edge-next.eng.tohoku.ac.jp
www.math.tohoku.ac.jp
www.niche.tohoku.ac.jp
research.wpi-aimr.tohoku.ac.jp
dav.mobility.niche.tohoku.ac.jp
*.springer.com
www.cite.tohoku.ac.jp
netacademy-md.cite.tohoku.ac.jp
radius1.tains.tohoku.ac.jp
projectweb.niche.tohoku.ac.jp
mail1.niche.tohoku.ac.jp
www.ige.tohoku.ac.jp
www.library.tohoku.ac.jp
geoserv.kankyo.tohoku.ac.jp
argon.material.tohoku.ac.jp
water-infra.niche.tohoku.ac.jp
www.diverta.co.jp
emc.tohoku.ac.jp
biobank-search.megabank.tohoku.ac.jp
xev.arch.is.tohoku.ac.jp
emc.tohoku.ac.jp
apps.niche.tohoku.ac.jp
hq.eng.tohoku.ac.jp
comp.chem.tohoku.ac.jp
seaotter.cite.tohoku.ac.jp
www.hpc.cc.tohoku.ac.jp
www2.cal.is.tohoku.ac.jp
nwsvc-am1.svm.megabank.tohoku.ac.jp
secure.niche.tohoku.ac.jp
seaotter.cite.tohoku.ac.jp
www11.bureau.tohoku.ac.jp
pj-web.niche.tohoku.ac.jp
crr.is.tohoku.ac.jp
mail.apph.tohoku.ac.jp
www.phys.tohoku.ac.jp
tupms.rpip.tohoku.ac.jp
imr-kyodo.imr.tohoku.ac.jp
www.cal.is.tohoku.ac.jp
login.sic.med.tohoku.ac.jp
hayate.law.tohoku.ac.jp
www.cyric.tohoku.ac.jp
pgate.niche.tohoku.ac.jp
openvpn.tohoku.ac.jp
sub.web.tohoku.ac.jp
rs.eng.tohoku.ac.jp
auth.tohoku.ac.jp
zabbix.niche.tohoku.ac.jp
www.tfc.tohoku.ac.jp
emc.tohoku.ac.jp
smtp.med.tohoku.ac.jp
www2.ei.tohoku.ac.jp
webwork.math.is.tohoku.ac.jp
aem.imr.tohoku.ac.jp
tarte.sc.cc.tohoku.ac.jp
www.sed.tohoku.ac.jp
m.ec.ecei.tohoku.ac.jp
reserve.material.tohoku.ac.jp
www.cl.ecei.tohoku.ac.jp
kjwebserver.bureau.tohoku.ac.jp
eifs.ec.ecei.tohoku.ac.jp
www.civil.tohoku.ac.jp
www2.ei.tohoku.ac.jp
vpn3.tohoku.ac.jp

Certificate

The complete raw certificate details for www.niche.tohoku.ac.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGbzCCBVegAwIBAgIQXP8kJJoP2i+qSjms1f5JAjANBgkqhkiG9w0BAQsFADBb
MQswCQYDVQQGEwJKUDEqMCgGA1UEChMhTmF0aW9uYWwgSW5zdGl0dXRlIG9mIElu
Zm9ybWF0aWNzMSAwHgYDVQQDExdOSUkgT3BlbiBEb21haW4gQ0EgLSBHNTAeFw0x
OTA2MjcwNzUyMDhaFw0yMTA3MjgwNzUyMDhaMIGAMQswCQYDVQQGEwJKUDEPMA0G
A1UECBMGTWl5YWdpMRMwEQYDVQQHEwpTZW5kYWktc2hpMRowGAYDVQQKExFUb2hv
a3UgVW5pdmVyc2l0eTEOMAwGA1UECxMFTklDSGUxHzAdBgNVBAMTFnd3dy5uaWNo
ZS50b2hva3UuYWMuanAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
2DfC4Yb5H7h3bAFm0rBYq1beX2TCz8sS9fmT/nfQ1OTOfjmYPSaVVPUL5yx9dHTM
v396YfjrJR8WrGtPkPVsz/yhi1iUWZhbLgTcsBdmcFnZqdqUHIIVF5QOMBGIAndz
ygNdV3XTErAgScc/vjTvQan/MWAt8gPSinOrz0/0zrf9P2EpjAvA5bvOXznJ9gDA
Ohs+9hqB5u1acJrTiw6erMA2y+KvA3DyMk9rQbJWCZfxaUCOHOzliMRbUhMF3jBV
WNr8O3A2UOpjxF5Aq0138U4rJ9DXbAtVlbq/0FS/uqgos6bc/LP+/2U3H53VZ+E6
pgsNG13MbuL6sFXvDs+ZAgMBAAGjggMHMIIDAzAfBgNVHSMEGDAWgBRnOjrBa7cc
pkFGOTCEyGkAWRFYwTA8BggrBgEFBQcBAQQwMC4wLAYIKwYBBQUHMAGGIGh0dHA6
Ly9uaWlnNS5vY3NwLnNlY29tdHJ1c3QubmV0MCEGA1UdEQQaMBiCFnd3dy5uaWNo
ZS50b2hva3UuYWMuanAwYAYDVR0gBFkwVzBLBgwrBgEEAYH8CAMCAQEwOzA5Bggr
BgEFBQcCARYtaHR0cHM6Ly9yZXBvMS5zZWNvbXRydXN0Lm5ldC9zcHBjYS9uaWkv
b2RjYTMvMAgGBmeBDAECAjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
SgYDVR0fBEMwQTA/oD2gO4Y5aHR0cDovL3JlcG8xLnNlY29tdHJ1c3QubmV0L3Nw
cGNhL25paS9vZGNhMy9mdWxsY3JsZzUuY3JsMB0GA1UdDgQWBBQub6OPbJKA2iMg
XKI1rakMha9d2TAOBgNVHQ8BAf8EBAMCBaAwggGBBgorBgEEAdZ5AgQCBIIBcQSC
AW0BawB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABa5f0xnUA
AAQDAEgwRgIhAOYYqd/AHDFN8FXIPsVWwy+hr8XbSNIWVwKl5E59wTe8AiEAp29f
byPIjWl9tCyeBp16v4VkbX/l75eTxK89BWyQHBMAdwDuS723dc5guuFCaR+r4Z5m
ow9+X7By2IMAxHuJeqj9ywAAAWuX9Mw9AAAEAwBIMEYCIQCbWHYYde7Um/XrvjHQ
VbVdJstAty0lQaMh2GcVv4vhAgIhAMm73FqW2XMfNu/r3S0ehEhk5cMrr+VFRLGs
4KcEw9zCAHcAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFrl/TV
cwAABAMASDBGAiEA/9mLn0BDs82YT0usrG8dXnUZ7pAaccQpLusou7msXWECIQDN
iLl4a9QylSBN3hbVZxhUbmPi/8sq/AU3UG5XxemSBDANBgkqhkiG9w0BAQsFAAOC
AQEAIl6apkex75Y/26p1wuWV2oJGarV9ivbaqXhUTtYGyOi59whUFsnncDLthroe
6YkCyfjaft3cZ/la2odYC+blURb2rUNYGAhQkFWDmDiSdjo2GIxOyoEWwyILXWVr
ZLuGOQkSxjlztRSfuwZguVZT8a1B8EniCGj/7qz6MpOMYqMnPXPo+Va6qbNAA28q
KM+ixj5KOvwpNd0EPmr3YilyPWHD+xuDs5uv+F7ysR6JxnIPla86ph4DW6YMVD4H
o7fqwKpM+g7JslHrjm48eA+Fxczxqd2RIG9Us+ltc7vguyAYQ3CnctgXXDoK4hMu
TFnbySzN3/Us+khpGCEB3NMbow==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNg3wuGG+R+4d2wBZtKw
WKtW3l9kws/LEvX5k/530NTkzn45mD0mlVT1C+csfXR0zL9/emH46yUfFqxrT5D1
bM/8oYtYlFmYWy4E3LAXZnBZ2analByCFReUDjARiAJ3c8oDXVd10xKwIEnHP740
70Gp/zFgLfID0opzq89P9M63/T9hKYwLwOW7zl85yfYAwDobPvYagebtWnCa04sO
nqzANsvirwNw8jJPa0GyVgmX8WlAjhzs5YjEW1ITBd4wVVja/DtwNlDqY8ReQKtN
d/FOKyfQ12wLVZW6v9BUv7qoKLOm3Pyz/v9lNx+d1WfhOqYLDRtdzG7i+rBV7w7P
mQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 123613744377778079081019222195825428738
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'National Institute of Informatics'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NII Open Domain CA - G5'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-27 07:52:08 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-07-28 07:52:08 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Miyagi'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sendai-shi'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tohoku University'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NICHe'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.niche.tohoku.ac.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23839422313196081051804460154825058541593997064475374164703190990837042341065861591595644102257454253682512613432364963504141507332740745645253491184119344480681239011227555681334343797419546006129927860227553132117280691809682420611883237110838476174100223626700617598078505833092968741569506387283074426031264301185952642248541160582920899789096889569928558146700661376009073439274961072726666877729644579525786616310128323393360063083998706226954156943940902726681758499008197536251210307948358541424945565173071854035533404493303410980841568570764238784760068954220120241622723183852397860147452606042923277930393
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 673a3ac16bb71ca64146393084c86900591158c1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://niig5.ocsp.secomtrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.niche.tohoku.ac.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.32264.3.2.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repo1.secomtrust.net/sppca/nii/odca3/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repo1.secomtrust.net/sppca/nii/odca3/fullcrlg5.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							2e6fa38f6c9280da23205ca235ada90c85af5dd9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (369 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
							016b007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016b97f4c6750000040300483046022100e618a9dfc01c314df055c83ec556c32fa1afc5db48d2165702a5e44e7dc137bc022100a76f5f6f23c88d697db42c9e069d7abf85646d7fe5ef9793c4af3d056c901c13007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016b97f4cc3d00000403004830460221009b58761875eed49bf5ebbe31d055b55d26cb40b72d2541a321d86715bf8be102022100c9bbdc5a96d9731f36efebdd2d1e844864e5c32bafe54544b1ace0a704c3dcc20077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016b97f4d5730000040300483046022100ffd98b9f4043b3cd984f4bacac6f1d5e7519ee901a71c4292eeb28bbb9ac5d61022100cd88b9786bd43295204dde16d56718546e63e2ffcb2afc0537506e57c5e99204
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00225e9aa647b1ef963fdbaa75c2e595da82466ab57d8af6daa978544ed606c8e8b9f7085416c9e77032ed86ba1ee98902c9f8da7edddc67f95ada87580be6e55116f6ad4358180850905583983892763a36188c4eca8116c3220b5d656b64bb86390912c63973b5149fbb0660b95653f1ad41f049e20868ffeeacfa32938c62a3273d73e8f956baa9b340036f2a28cfa2c63e4a3afc2935dd043e6af76229723d61c3fb1b83b39baff85ef2b11e89c6720f95af3aa61e035ba60c543e07a3b7eac0aa4cfa0ec9b251eb8e6e3c780f85c5ccf1a9dd91206f54b3e96d73bbe0bb20184370a772d8175c3a0ae2132e4c59dbc92ccddff52cfa4869182101dcd31ba3