intra.test.chatbot.css.gov.on.ca

- Government of Ontario -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 5c:40:24:c5:b4:86:fa:6c:c5:60:73:19:57:80:f3:e1 was issued on by Entrust, Inc..

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Government of Ontario

Organization: Government of Ontario
State / Province: Ontario
Locality: Toronto
Country: CA

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 5c:40:24:c5:b4:86:fa:6c:c5:60:73:19:57:80:f3:e1
Serial Number (int): 122622028441722716471348013567787987937
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: bb:25:59:4f:70:87:a2:49:b4:3b:84:be:c8:bc:a1:08:b4:d8:91:a0
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): bb:e3:b2:ec:1b:d1:e2:d9:61:37:db:58:de:c1:61:d8:e5:c8:0c:aa
Fingerprint (sha256): 06:08:92:22:5d:6d:8c:18:fb:cb:f6:49:a4:56:43:aa:00:39:df:e4:12:b0:29:4f:1d:ef:69:40:a5:8d:72:c3

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate intra.test.chatbot.css.gov.on.ca

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for intra.test.chatbot.css.gov.on.ca

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

intra.test.chatbot.css.gov.on.ca
www.intra.test.chatbot.css.gov.on.ca
intra.test.chatbot1.css.gov.on.ca
intra.test.chatbot2.css.gov.on.ca

Other certificates including the domain name gov.on.ca

(limited to 100 certificates)
www.yoctpa.mcys.gov.on.ca
intra.aris.mto.gov.on.ca
*.uat.ase.gocloud.gov.on.ca
decisia.lexum.com
www.csrtcva.mcscs.jus.gov.on.ca
www.fsco.gov.on.ca
sip.stage.ees.gov.on.ca
intra.stage.grants.gov.on.ca
ws.dev.opc.rus.mto.gov.on.ca
*.dev.app.rlso.cloud.mto.gov.on.ca
stage.applications.lrc.gov.on.ca
www.tts.ssb.gov.on.ca
ws.api.stage.onsis.edu.gov.on.ca
intra.stage.peis.cyssc.gov.on.ca
intra.test.ehosso.sus.gov.on.ca
ws.build.sd.its.gov.on.ca
intra.ws2.dev.jip.jus.gov.on.ca
intra.avl.health.gov.on.ca
stage.apps.lrc.gov.on.ca
www.elto.gov.on.ca
slasto-tsapno.gov.on.ca
www.raqsb.mto.gov.on.ca
www.orgforms.gov.on.ca
load12.stage.onsis.edu.gov.on.ca
sdwis.moh.gov.on.ca
intra.stage.sus.gov.on.ca
intra.landmark.fin.gov.on.ca
www.yoctpa.children.gov.on.ca
www.pas.gov.on.ca
dev.sp.ltc.gov.on.ca
dev2.login.publicsecure.gov.on.ca
hcc3.hcc.moh.gov.on.ca
www.ohp.mcl.gov.on.ca
www2.fsco.gov.on.ca
www.osc.ca
www.edtpre.health.gov.on.ca
stage.oneksso.sus.gov.on.ca
intra.ws2.test.jip.jus.gov.on.ca
stage.energy.gov.on.ca
intra.sharepoint.ddsb.csc.gov.on.ca
load.dmrv.edcs.csc.gov.on.ca
www.ecis.edu.gov.on.ca
intra.load.stage.oid.cmod.csc.gov.on.ca
ws.dss.mto.gov.on.ca
ontario.ca
HSIMI.COM
stage.ws2.api.agrisuite.omafra.gov.on.ca
www.eydportal.edcs.csc.gov.on.ca
*.mscrm.sdc.gov.on.ca
ws.stage.esdi.mto.gov.on.ca
stage.secure.sp.ltc.gov.on.ca
stage.geohub.lio.gov.on.ca
www.nursingstrategy.health.gov.on.ca
www.osc.gov.on.ca
intra.ws.dev.gtw.apim.mto.gov.on.ca
dev.oms.mto.gov.on.ca
intra.dev.sp.sdc.gov.on.ca
www.eoss.tcu.gov.on.ca
oentrain.edu.gov.on.ca
stage.lrcsde.lrc.gov.on.ca
www.esubmit.health.gov.on.ca
intra.dev.boe.eois.labour.gov.on.ca
www.hoursofwork.labour.gov.on.ca
ws.stage.osapcontrib.iaccess.gov.on.ca
www.csrtcva.mcscs.jus.gov.on.ca
www.apps.lrc.gov.on.ca
ws.apiplatform.mto.gov.on.ca
stage.esclaim.labour.gov.on.ca
intra.myops.gov.on.ca
www.rlso-onlineservices.mto.gov.on.ca
vcse2.jvn.jus.gov.on.ca
www.quarts.mah.gov.on.ca
www.services1.gov.on.ca
RASToken1.gov.on.ca
oscom-tor-ef01.osc.gov.on.ca
www.edt.health.gov.on.ca
www.sts.gov.on.ca
cacgigdcdbdb204.service.cihs.gov.on.ca
vcse1.jvn.jus.gov.on.ca
ws.stage.daudms.css.gov.on.ca
www.premier.gov.on.ca
decisia.lexum.com
www.environet.lrc.gov.on.ca
ws.stage.appco.services.ltc.gov.on.ca
Ws.intra.stage.ims.fin.gov.on.ca
www.samo.css.gov.on.ca
intra.dev03.hyp.ifis.gov.on.ca
intra.stage.conversion.otc.onttax.fin.gov.on.ca
www.firstwatch.gov.on.ca
intra.stage.ltch.training.health.gov.on.ca
hawkular-metrics.pc.prd.ros.gocloud.gov.on.ca
intra.test.chatbot.css.gov.on.ca
stage.cpin.children.gov.on.ca
eforms1.osc.gov.on.ca
grafana-openshift-grafana.pc.prd.ros.gocloud.gov.on.ca
www2.fsco.gov.on.ca
sfis.edu.gov.on.ca
intra.load.opsdocs.gov.on.ca
www.ask.omafra.gov.on.ca
intra.dev.gisetl.lrc.gov.on.ca

Certificate

The complete raw certificate details for intra.test.chatbot.css.gov.on.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgIQXEAkxbSG+mzFYHMZV4Dz4TANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y
NDAxMDUxNTU3MjhaFw0yNTAxMTIxNTU3MjZaMHwxCzAJBgNVBAYTAkNBMRAwDgYD
VQQIEwdPbnRhcmlvMRAwDgYDVQQHEwdUb3JvbnRvMR4wHAYDVQQKExVHb3Zlcm5t
ZW50IG9mIE9udGFyaW8xKTAnBgNVBAMTIGludHJhLnRlc3QuY2hhdGJvdC5jc3Mu
Z292Lm9uLmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BTJ9Rla
0LGkw7zOhNBw5Qh74GXh3C9E3VP2jlwAzxa0gXMLsVnXgSHr3hk0cHVt3ZfIjz6y
1EIQS8+v0D1+rk9tVeayxmEhEdjmSrgK5Sue/90t8eOdBBijH9jwS45DTYzKhmEX
I+Yu9ag8ALJq9/FFrWkK/ySUsNRIH56yVyBOHh1/HZ8FF1bVV42o82znyiv6kQw7
j2cvPuiGngjsyaL/+VNXU+J0AXdvei1LoHG3DVrXDl1BhvYbgnMkvE9qFwp4apRq
5y/BQS1xtmMC5B50PmqHP8+zPFqSqWsCUkv+KintS6RPtmL8o5e5qdWGLgaI3z9f
wbgvegdb7vBMyQIDAQABo4IB5jCCAeIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
uyVZT3CHokm0O4S+yLyhCLTYkaAwHwYDVR0jBBgwFoAUgqJwdN28Uz/Pe9T3zX+n
YMYKTL8waAYIKwYBBQUHAQEEXDBaMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5l
bnRydXN0Lm5ldDAzBggrBgEFBQcwAoYnaHR0cDovL2FpYS5lbnRydXN0Lm5ldC9s
MWstY2hhaW4yNTYuY2VyMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50
cnVzdC5uZXQvbGV2ZWwxay5jcmwwgZkGA1UdEQSBkTCBjoIgaW50cmEudGVzdC5j
aGF0Ym90LmNzcy5nb3Yub24uY2GCJHd3dy5pbnRyYS50ZXN0LmNoYXRib3QuY3Nz
Lmdvdi5vbi5jYYIhaW50cmEudGVzdC5jaGF0Ym90MS5jc3MuZ292Lm9uLmNhgiFp
bnRyYS50ZXN0LmNoYXRib3QyLmNzcy5nb3Yub24uY2EwDgYDVR0PAQH/BAQDAgWg
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjATBgNVHSAEDDAKMAgGBmeB
DAECAjATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHhQT
N1w0bdZns3ZqvDTl91cGmVhVRGKRRM7itnu9CqVK/Wl0vDQPs987K1XTuA/YOTHm
6bfFtn/b6RNWlOMaLRuQe83YoGXJOm6C8yqhl3kUIWEIhbKUgoDrzX25C9kSzlZ7
wFW2qBNGVY6PX48bqFRpmM8cPs5tJMwo7dJ7ixSAMYTyV32MoFwCT/QV99Yc/OJf
VPXGu4ejF94Ht/B2qzBbYRuZIGwv5bgCHdpRMj8d1TpNcnX0ZnwHd+1E2h8khedQ
DDiMToWTZelRTGrRnT382h4D1QT4uP0dZpJC7TPNagj32FF/09sa+yIWdGcEz0k0
be1zzfHWTHMjYwn8iQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BTJ9Rla0LGkw7zOhNBw
5Qh74GXh3C9E3VP2jlwAzxa0gXMLsVnXgSHr3hk0cHVt3ZfIjz6y1EIQS8+v0D1+
rk9tVeayxmEhEdjmSrgK5Sue/90t8eOdBBijH9jwS45DTYzKhmEXI+Yu9ag8ALJq
9/FFrWkK/ySUsNRIH56yVyBOHh1/HZ8FF1bVV42o82znyiv6kQw7j2cvPuiGngjs
yaL/+VNXU+J0AXdvei1LoHG3DVrXDl1BhvYbgnMkvE9qFwp4apRq5y/BQS1xtmMC
5B50PmqHP8+zPFqSqWsCUkv+KintS6RPtmL8o5e5qdWGLgaI3z9fwbgvegdb7vBM
yQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 122622028441722716471348013567787987937
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-05 15:57:28 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-12 15:57:26 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Toronto'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government of Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'intra.test.chatbot.css.gov.on.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26267818819713365705937296999481744179255115605822260618942974633406552983578026109062923089149402931838453267427775972984399571081515016050356920692969544679090735801202994144480435083521592469042023961604527216614227898081031593901748761425957509891020147474035242903834396355517850692734130793424743347400614753585694268094901670532952150478795406787528298152725260949245183066441862152752147668919485445356483268286579570332948945127057946461269199087238582411224710001318407762051393622711913514785292290579689704810762534569534579527477829137414364404879118109629962238093330874853747669163455802398910144597193
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							bb25594f7087a249b43b84bec8bca108b4d891a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (145 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'intra.test.chatbot.css.gov.on.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.intra.test.chatbot.css.gov.on.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'intra.test.chatbot1.css.gov.on.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'intra.test.chatbot2.css.gov.on.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001e1413375c346dd667b3766abc34e5f7570699585544629144cee2b67bbd0aa54afd6974bc340fb3df3b2b55d3b80fd83931e6e9b7c5b67fdbe9135694e31a2d1b907bcdd8a065c93a6e82f32aa197791421610885b2948280ebcd7db90bd912ce567bc055b6a81346558e8f5f8f1ba8546998cf1c3ece6d24cc28edd27b8b14803184f2577d8ca05c024ff415f7d61cfce25f54f5c6bb87a317de07b7f076ab305b611b99206c2fe5b8021dda51323f1dd53a4d7275f4667c0777ed44da1f2485e7500c388c4e859365e9514c6ad19d3dfcda1e03d504f8b8fd1d669242ed33cd6a08f7d8517fd3db1afb2216746704cf49346ded73cdf1d64c73236309fc89