qa3-carehubws.humana.com

- Humana Inc. -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 33:97:b4:f8:49:00:94:18:00:00:00:00:50:ed:27:42 was issued on by Entrust, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Humana Inc.

Organization: Humana Inc.
Organization unit: HUM
State / Province: Kentucky
Locality: Louisville
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 33:97:b4:f8:49:00:94:18:00:00:00:00:50:ed:27:42
Serial Number (int): 68578335115575534398153811218928576322
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 91:82:1e:87:21:45:30:97:5b:3c:26:51:42:8f:63:89:2e:34:78:24
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): 0d:39:15:a5:ff:8e:fb:18:89:c7:2d:c8:a4:de:e9:51:8b:d3:69:b4
Fingerprint (sha256): 06:c9:e7:e0:fe:ac:b1:c8:86:bc:3c:c1:cf:46:36:ec:07:39:a2:d2:37:bd:ab:67:ef:d6:91:29:b5:8f:35:15

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate qa3-carehubws.humana.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for qa3-carehubws.humana.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

qa3-carehubws.humana.com

Other certificates including the domain name humana.com

(limited to 100 certificates)
s4.humana.com
dev-ex1site2.preview.humana.com
vanity7.jiveon.com
QA2-hpsspws.humana.com
s2.humana.com
qa3-myhumana.humana.com
testthis.humana.com
vitalitydestinationrewards.humana.com
shop.humana.com
vanity4.lithium.com
cloud.humana.com
ws.humana.com
5699942098141184-fe2.pantheonsite.io
qa-adsl.humana.com
crmsavaya-client.humana.com
tfauth.humana.com
WS.HUMANA.COM
vanity21.jiveon.com
testthisnow.humana.com
s3.humana.com
valuebasedcare.humana.com
int-apicloudgwyg.humana.com
qa-identitydc.humana.com
vanity6.jiveon.com
previewaz-buy.humana.com
vanity21.jiveon.com
vanity3.jiveon.com
apicloudgegwy-service.humana.com
nis.humana.com
vanity6.jiveon.com
homecaresolutions.humana.com
qa-dc.humana.com
tfauth2.humana.com
s4.humana.com
qa-myaccess.humana.com
qa2-myhmhs.humana.com
*.digital-foundation-prod.ase.east2.azure.humana.com
ezprice.humana.com
webtechconfig.humana.com
wap3.humana.com
vanity21.jiveon.com
acuity-uat.humana.com
oohology.com
tfauth2.humana.com
qa-buy.humana.com
vanity21.jiveon.com
test-developer.humana.com
int-mrsimage.humana.com
tls.automattic.com
EMPLOYERS.HUMANA.COM
vanity21.jiveon.com
vanity6.jiveon.com
qa-m.humana.com
testwwww.VaultPOC.Humana.com
vanity3.jiveon.com
qa-hi.humana.com
qa-clarity.humana.com
qa3-carehubws.humana.com
*.prd-int.cc.humana.com
qa-datavaultws.humana.com
vanity7.jiveon.com
s4.humana.com
dev-ex1site2.humana.com
WS.HUMANA-MILITARY.COM
apicegw.humana.com
qaaz-www.humana.com
carehub.humana.com
s2.humana.com
s4.humana.com
edi.humana.com
qa-pophealthguideapi.humana.com
*.prd-qa.cc.humana.com
dental.humana.com
crms-neoload.humana.com
QA-WWW2.ENROLL.HUMANA.COM
reset.humana.com
myaccess.humana.com
vanity7.jiveon.com
supportqa-resolutions.humana.com
api.humana.com
myhmhs.humana.com
devaz-buy.humana.com
hulpenhoop.be
vanity3.jiveon.com
s1.humana.com
LyncAccess.humana.com
s3.humana.com
carehub.humana.com
www.humanamarketpoint.com
payerplatform-tst.humana.com
hatsc.humana.com
qa-www.humana.com
test1023.test3.VaultPOC.Humana.com
vanity2.lithium.com
login.humana.com
qa-wtlsapi.humana.com
test-webmail.humana.com
qa-myaccess.humana.com
qa-go.humana.com
vanity6.jiveon.com

Certificate

The complete raw certificate details for qa3-carehubws.humana.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIQM5e0+EkAlBgAAAAAUO0nQjANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0x
OTAyMDQyMDMxMDFaFw0yMTAzMTAyMTAxMDBaMHwxCzAJBgNVBAYTAlVTMREwDwYD
VQQIEwhLZW50dWNreTETMBEGA1UEBxMKTG91aXN2aWxsZTEUMBIGA1UEChMLSHVt
YW5hIEluYy4xDDAKBgNVBAsTA0hVTTEhMB8GA1UEAxMYcWEzLWNhcmVodWJ3cy5o
dW1hbmEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj5Exs7e
fUdHAI94B6NRdOZF1ealokOhytAYSCHNIftFz6OyGKl3XVgKoBY5yoTb4o3YgkDL
67sUIq6n5R9ub3hwvPWiFYyzCmW9HDv+K+OSVeD5etkx/REEdo4uy1jXGxx9crQE
PsJblCUfdLOA9y0sLkolBnmXeqQ7GJ9nNrVaPVvY3aVxvCrltryGJ+EPsH5f8MAV
GuW6JfeNtD/Vnx8NjMACs0Ad8cmelZ6vevIqrhvr9GkGpoJYX9qYewSIsdiN454Q
RePM20XzDrxlcaLZ4JleGTZ0Mpz67v9sa/SQpK02vfWzo799Ie7pQ51e/fLgyCsm
k2JweZ13ywBcywIDAQABo4IBpDCCAaAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwIwYD
VR0RBBwwGoIYcWEzLWNhcmVodWJ3cy5odW1hbmEuY29tMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwMwYDVR0fBCwwKjAooCag
JIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNybDBLBgNVHSAERDBC
MDYGCmCGSAGG+mwKAQUwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0
Lm5ldC9ycGEwCAYGZ4EMAQICMGgGCCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYX
aHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEu
ZW50cnVzdC5uZXQvbDFrLWNoYWluMjU2LmNlcjAfBgNVHSMEGDAWgBSConB03bxT
P8971PfNf6dgxgpMvzAdBgNVHQ4EFgQUkYIehyFFMJdbPCZRQo9jiS40eCQwCQYD
VR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAar3zYUWwKd5yfX49oxLJSIVLkpEJ
l7B9hrCSX5EqHmCPFx0EztSzP3gmYZ2tiIqwavjZZOlw8NXOMvlP0KQtmIe3fu4o
OWvrRf4AW64I7XkbohWtwYpOyQ3x0oxZnLHBYokoq5tIj5/uxFCNtCS9AghsvFEr
7hVbnwLDl0TbcSLUrWOWkk67KsLSq1UdxSglGCbHff99a6mBkz2x+5FVdsPGqloG
cFCxPoWqmrHoOz7LRpEcf8QNJHdE5/supMNKJQD6XpQrLIHs8D76h5giObCkMlu0
lYbI45qyQBCM9i0x0oQ5Ajm274X3W7ht+n2iJLKF/fvcFX1Hxew1lCGEVg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj5Exs7efUdHAI94B6NR
dOZF1ealokOhytAYSCHNIftFz6OyGKl3XVgKoBY5yoTb4o3YgkDL67sUIq6n5R9u
b3hwvPWiFYyzCmW9HDv+K+OSVeD5etkx/REEdo4uy1jXGxx9crQEPsJblCUfdLOA
9y0sLkolBnmXeqQ7GJ9nNrVaPVvY3aVxvCrltryGJ+EPsH5f8MAVGuW6JfeNtD/V
nx8NjMACs0Ad8cmelZ6vevIqrhvr9GkGpoJYX9qYewSIsdiN454QRePM20XzDrxl
caLZ4JleGTZ0Mpz67v9sa/SQpK02vfWzo799Ie7pQ51e/fLgyCsmk2JweZ13ywBc
ywIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 68578335115575534398153811218928576322
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-04 20:31:01 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-10 21:01:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Kentucky'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Louisville'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Humana Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HUM'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'qa3-carehubws.humana.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18966451564871535400751597540417523370546873601243944693359361943310240691099826281715176583946449080491353444259976171369023456689551574320427545870544423108329909566667271413193865658063462916866930087539541447904923687337094466726659829667976564921956841777182157733194680918878080354131407450296968323430215871473631467250819662562252564236604824516087462003723890779345190668988048819681965937912438367071764986498529557857703696509455848269871480876784059867821727681534817264480414800955559328441514476113526165281616006029860538928630133711339235547662797922871856273155856777704786284815077252315197233716427
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa3-carehubws.humana.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							91821e87214530975b3c2651428f63892e347824
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006abdf36145b029de727d7e3da312c948854b92910997b07d86b0925f912a1e608f171d04ced4b33f7826619dad888ab06af8d964e970f0d5ce32f94fd0a42d9887b77eee28396beb45fe005bae08ed791ba215adc18a4ec90df1d28c599cb1c1628928ab9b488f9feec4508db424bd02086cbc512bee155b9f02c39744db7122d4ad6396924ebb2ac2d2ab551dc528251826c77dff7d6ba981933db1fb915576c3c6aa5a067050b13e85aa9ab1e83b3ecb46911c7fc40d247744e7fb2ea4c34a2500fa5e942b2c81ecf03efa87982239b0a4325bb49586c8e39ab240108cf62d31d284390239b6ef85f75bb86dfa7da224b285fdfbdc157d47c5ec3594218456