www.locationbox.metro.tokyo.lg.jp

- Tokyo Metropolitan Government -

Issued by SECOM Passport for Web SR 3.0 CA

About this certificate

This digital certificate with serial number 75:4a:dd:ca:74:d4:1b:8c was issued on by SECOM Trust Systems CO.,LTD..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

Tokyo Metropolitan Government

Organization: Tokyo Metropolitan Government
Organization unit: Sangyouroudoukyoku Kankoubu shinkouka
State / Province: Tokyo
Locality: Shinjuku City
Country: JP

SECOM Trust Systems CO.,LTD.

Organization: SECOM Trust Systems CO.,LTD.
Country: JP

This certificate has expire since

Certificate Details

Serial Number (hex): 75:4a:dd:ca:74:d4:1b:8c
Serial Number (int): 8451811512327347084
Serial Number lenght: 63 bits, 8 octets

SubjectKeyId: 54:9b:2d:1b:fc:3c:8e:03:15:b8:6e:cb:65:f1:11:94:57:bf:ba:db
AuthorityKeyId: cb:ef:3d:ef:83:74:a1:a8:42:f0:3b:40:36:fa:6d:82:94:a9:27:36

Fingerprint (sha1): cd:6b:73:2f:e1:0b:f9:01:db:43:5d:35:40:a8:6a:75:72:3c:3b:8d
Fingerprint (sha256): 07:1d:3e:af:0f:25:d8:b9:f7:c4:96:b1:3f:fd:a1:91:a8:0f:6a:e6:1a:62:b9:54:65:f0:83:fb:64:87:63:ec


Revocation information

OCSP Server: http://sr30.ocsp.secomtrust.net
CRL Distribution Point: http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl

Check the revocation status for certificate www.locationbox.metro.tokyo.lg.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.locationbox.metro.tokyo.lg.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.locationbox.metro.tokyo.lg.jp

Other certificates including the domain name tokyo.lg.jp

(limited to 100 certificates)
www.ecosystem.metro.tokyo.lg.jp
en.sports-tokyo-info.metro.tokyo.lg.jp
www.tokyo-danjo.metro.tokyo.lg.jp
csyouboudoui-irai.tfd.metro.tokyo.lg.jp
www.kyoin-saiyo.tems.metro.tokyo.lg.jp
www9.kankyo.metro.tokyo.lg.jp
www.sports-tokyo-info.metro.tokyo.lg.jp
smooth-biz.metro.tokyo.lg.jp
ijime.metro.tokyo.lg.jp
www.locationbox.metro.tokyo.lg.jp
www.meisai.tems.metro.tokyo.lg.jp
www.digitalservice.metro.tokyo.lg.jp
stg.apr.applicant-api.2021.jitan.metro.tokyo.lg.jp
shuyojoho.metro.tokyo.lg.jp
www.hikaku.metro.tokyo.lg.jp
www.kankyo.metro.tokyo.lg.jp
www2.fukushihoken.metro.tokyo.lg.jp
yoyaku.sports.metro.tokyo.lg.jp
stg.kodomo-smile.metro.tokyo.lg.jp
www2.fukushihoken.metro.tokyo.lg.jp
koshikawakaikei.lfv.jp
nenryou-taisaku.metro.tokyo.lg.jp
wwwdojou.kankyo.metro.tokyo.lg.jp
www.kaisyahakken.metro.tokyo.lg.jp
stopcovid19.metro.tokyo.lg.jp
www.kodomo-dokusho.metro.tokyo.lg.jp
gairaisyu.metro.tokyo.lg.jp
futari-story.metro.tokyo.lg.jp
mypage.018support-system.metro.tokyo.lg.jp
www.wakanavi-tokyo.metro.tokyo.lg.jp
map-origin.bousai.metro.tokyo.lg.jp
www.lwb-expo.metro.tokyo.lg.jp
www.conrepo.metro.tokyo.lg.jp
catalog.data.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
stg.kenkou-hataraku.metro.tokyo.lg.jp
www5.kankyo.metro.tokyo.lg.jp
www8.kankyo.metro.tokyo.lg.jp
toritsuko.metro.tokyo.lg.jp
www.e-rule.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
www.hikaku.metro.tokyo.lg.jp
www.medclar.ro
www.hataraku.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
wwwdojou.kankyo.metro.tokyo.lg.jp
www.maedatei.metro.tokyo.lg.jp
search.metro.tokyo.lg.jp
filets01.metro.tokyo.lg.jp
www.tamajimu.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
portal.data.metro.tokyo.lg.jp
www.ecosystem.metro.tokyo.lg.jp
www.investtokyo.metro.tokyo.lg.jp
poc-ground.metro.tokyo.lg.jp
nihongoup.metro.tokyo.lg.jp
staff2.shintosei.metro.tokyo.lg.jp
suidonet.waterworks.metro.tokyo.lg.jp
wannyan.metro.tokyo.lg.jp
www3.kankyo.metro.tokyo.lg.jp
cms.hataraku.metro.tokyo.lg.jp
catalog.library.metro.tokyo.lg.jp
www.kyoin-saiyo.metro.tokyo.lg.jp
api.data.metro.tokyo.lg.jp
gamcheatsheet.com
futari-story.metro.tokyo.lg.jp
catalog.data.metro.tokyo.lg.jp
cms.hataraku.metro.tokyo.lg.jp
sabisapp-stage.websays.com
nihongoup.metro.tokyo.lg.jp
fukushikensa.metro.tokyo.lg.jp
*.support-navi.metro.tokyo.lg.jp
catalog.data.metro.tokyo.lg.jp
tems.kjssj.metro.tokyo.lg.jp
www.taiki.kankyo.metro.tokyo.lg.jp
www.mentor-cafe.metro.tokyo.lg.jp
018support-system.metro.tokyo.lg.jp
tokyovaccine-rsv.metro.tokyo.lg.jp
www.keishicho.metro.tokyo.lg.jp
www.takken.metro.tokyo.lg.jp
www.snsdouga.metro.tokyo.lg.jp
www.conrepo.metro.tokyo.lg.jp
www.tmiph.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
sumasapo.metro.tokyo.lg.jp
webtest.tfd.metro.tokyo.lg.jp
www.zeroemission-life.metro.tokyo.lg.jp
kodomosafetypj.metro.tokyo.lg.jp
www.kouwan.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
www.taiki.kankyo.metro.tokyo.lg.jp
kosodateswitch.metro.tokyo.lg.jp
www.fsis.metro.tokyo.lg.jp
futari-story.metro.tokyo.lg.jp
www.ifarc.metro.tokyo.lg.jp
www.kaisyahakken.metro.tokyo.lg.jp
stg.kenkou-hataraku.metro.tokyo.lg.jp
www.fukuho-kodomotsu.metro.tokyo.lg.jp
manabu.metro.tokyo.lg.jp
www.cals.metro.tokyo.lg.jp

Certificate

The complete raw certificate details for www.locationbox.metro.tokyo.lg.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGpjCCBY6gAwIBAgIIdUrdynTUG4wwDQYJKoZIhvcNAQELBQAwXzELMAkGA1UE
BhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKTAn
BgNVBAMTIFNFQ09NIFBhc3Nwb3J0IGZvciBXZWIgU1IgMy4wIENBMB4XDTE5MDEy
OTA3MzY0MVoXDTIxMDEyOTE0NTk1OVowgbkxCzAJBgNVBAYTAkpQMQ4wDAYDVQQI
EwVUb2t5bzEWMBQGA1UEBxMNU2hpbmp1a3UgQ2l0eTEmMCQGA1UEChMdVG9reW8g
TWV0cm9wb2xpdGFuIEdvdmVybm1lbnQxLjAsBgNVBAsTJVNhbmd5b3Vyb3Vkb3Vr
eW9rdSBLYW5rb3VidSBzaGlua291a2ExKjAoBgNVBAMTIXd3dy5sb2NhdGlvbmJv
eC5tZXRyby50b2t5by5sZy5qcDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKC0G13FcfdKyz1T8yA+7ZllBNLFFkTRbkB1le42mfaB2K5q2HMzmi6avTzl
DPHIwx3O4QN74w07+BPm0uqOvOyF9uvrtRwc3DJ38OOI1HB6+5hgSHL6D0KnLOlv
ZiXHHwYz+GgmE27vzzjGHza9oKeMLy260PQexiXCOcU4ZFC5bTthoPLVXpg481nu
n9/1rGayMZ8bFLz7TT+HgjRECqgHaJL52H/wKhLgo8JXDMPKnneaMMZ5ypb6R+1Z
ZTkZ8o2U3g+QX9aZqwsVknrxGV3pjOYOc4NGZfaC10Zt+SO6fJSH5312RVppJLci
v6k4xeNTPYXdxuwYmMupZ/61MXkCAwEAAaOCAwkwggMFMB8GA1UdIwQYMBaAFMvv
Pe+DdKGoQvA7QDb6bYKUqSc2MDsGCCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYf
aHR0cDovL3NyMzAub2NzcC5zZWNvbXRydXN0Lm5ldDAsBgNVHREEJTAjgiF3d3cu
bG9jYXRpb25ib3gubWV0cm8udG9reW8ubGcuanAwYQYDVR0gBFowWDBMBgoqgwiM
mxtkhW8BMD4wPAYIKwYBBQUHAgEWMGh0dHBzOi8vcmVwbzEuc2Vjb210cnVzdC5u
ZXQvc3BjcHAvcGZ3L3Bmd3NyM2NhLzAIBgZngQwBAgIwEwYDVR0lBAwwCgYIKwYB
BQUHAwEwTAYDVR0fBEUwQzBBoD+gPYY7aHR0cDovL3JlcG8xLnNlY29tdHJ1c3Qu
bmV0L3NwY3BwL3Bmdy9wZndzcjNjYS9mdWxsY3JsMi5jcmwwHQYDVR0OBBYEFFSb
LRv8PI4DFbhuy2XxEZRXv7rbMA4GA1UdDwEB/wQEAwIFoDCCAYAGCisGAQQB1nkC
BAIEggFwBIIBbAFqAHcApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAA
AAFomJMWgQAABAMASDBGAiEA7BOl3cA6h1QVUq58WCACYe/OeKWM30ejrWnFbzXu
N/MCIQCNPM4bjKp50Y1DmZuqYB7I4IRya7S27bZEaVHKJAlzZQB2AO5Lvbd1zmC6
4UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABaJiTHncAAAQDAEcwRQIhAKzD5sZc
0an1OjE/vgzNkT50M6R5IJq3z/y6AdkQ3/qVAiAcIZhnAIOGxLMFw5Zh7XwsYVRR
OZP/gF0VfeGafEBvjQB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kT
AAABaJiTJ/IAAAQDAEgwRgIhAMxpbTxPShGuRmjfu95GeQtPj6Y+wCgmzW4FYHZ9
1ncKAiEA0mEnGG6fs2LTlBfB6Wr17+1nHncgUflMUi8ZzLLi4BMwDQYJKoZIhvcN
AQELBQADggEBAALEW+/a9DOOayoF0BQBtuHY6nwM1CYGVJ70B5zhYWMSe5TJyCSH
9HVMsQUhuqBcY9Bo93mwaDMY3QSMkLu96GyHIAyLbINm8UK1bw+70b6m265H1Bw9
JxM/48/M528FuNvTpN2dOfx3vudibFwXBXqxkDb6chZ6wZJyyFhNE5FSQhs3m+CC
vFiU6/GyUId5S3fLLNzGjPyPadqNe9vRFgOqVE+iHaDDbOcEO/6wWky7za1TiK2W
WU3qJczk/eONCopKlkvy90oTkAkvX5zCgzsMiL2UUc6uiDD4JHhqS7cm/orH9ifI
vxVqNWO/b66mDRh6IL1a0F9ohLWjAeYHDGQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLQbXcVx90rLPVPzID7t
mWUE0sUWRNFuQHWV7jaZ9oHYrmrYczOaLpq9POUM8cjDHc7hA3vjDTv4E+bS6o68
7IX26+u1HBzcMnfw44jUcHr7mGBIcvoPQqcs6W9mJccfBjP4aCYTbu/POMYfNr2g
p4wvLbrQ9B7GJcI5xThkULltO2Gg8tVemDjzWe6f3/WsZrIxnxsUvPtNP4eCNEQK
qAdokvnYf/AqEuCjwlcMw8qed5owxnnKlvpH7VllORnyjZTeD5Bf1pmrCxWSevEZ
XemM5g5zg0Zl9oLXRm35I7p8lIfnfXZFWmkktyK/qTjF41M9hd3G7BiYy6ln/rUx
eQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8451811512327347084
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Trust Systems CO.,LTD.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Passport for Web SR 3.0 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-29 07:36:41 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-29 14:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tokyo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Shinjuku City'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tokyo Metropolitan Government'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sangyouroudoukyoku Kankoubu shinkouka'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.locationbox.metro.tokyo.lg.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20286942816899195506925543002391675577256425314252789086002397192784743244213959823512461388053221899395798476922030091377876102304016627601801859764000841436042194584612214843216063694026516685272152971118041128550402393226896770877837855244589469429878054536854173596464845354219535801140810112128781610804395968858413900084639730498198280377096493330186176229233715500357156226192474075698889599822502750700270667877459235239925873220172105738670507451495506798424877028054382781854462128581376765901447987084754159632128122127350794662491776209926688982744302044509950867121537012632173391211258507658069686956409
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName cbef3def8374a1a842f03b4036fa6d8294a92736
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://sr30.ocsp.secomtrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (37 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.locationbox.metro.tokyo.lg.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.392.200091.100.751.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							549b2d1bfc3c8e0315b86ecb65f1119457bfbadb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000168989316810000040300483046022100ec13a5ddc03a87541552ae7c58200261efce78a58cdf47a3ad69c56f35ee37f30221008d3cce1b8caa79d18d43999baa601ec8e084726bb4b6edb6446951ca24097365007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016898931e770000040300473045022100acc3e6c65cd1a9f53a313fbe0ccd913e7433a479209ab7cffcba01d910dffa9502201c219867008386c4b305c39661ed7c2c6154513993ff805d157de19a7c406f8d0077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000168989327f20000040300483046022100cc696d3c4f4a11ae4668dfbbde46790b4f8fa63ec02826cd6e0560767dd6770a022100d26127186e9fb362d39417c1e96af5efed671e772051f94c522f19ccb2e2e013
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0002c45befdaf4338e6b2a05d01401b6e1d8ea7c0cd42606549ef4079ce16163127b94c9c82487f4754cb10521baa05c63d068f779b0683318dd048c90bbbde86c87200c8b6c8366f142b56f0fbbd1bea6dbae47d41c3d27133fe3cfcce76f05b8dbd3a4dd9d39fc77bee7626c5c17057ab19036fa72167ac19272c8584d139152421b379be082bc5894ebf1b25087794b77cb2cdcc68cfc8f69da8d7bdbd11603aa544fa21da0c36ce7043bfeb05a4cbbcdad5388ad96594dea25cce4fde38d0a8a4a964bf2f74a1390092f5f9cc2833b0c88bd9451ceae8830f824786a4bb726fe8ac7f627c8bf156a3563bf6faea60d187a20bd5ad05f6884b5a301e6070c64