marshactive.marsh-afrs.com
- Marsh & McLennan Companies, Inc. -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number fb:42:e7:41:bb:dd:56:10:00:00:00:00:50:ea:49:f5 was issued on by Entrust, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Marsh & McLennan Companies, Inc.
Organization:
Marsh & McLennan Companies, Inc.
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): fb:42:e7:41:bb:dd:56:10:00:00:00:00:50:ea:49:f5Serial Number (int): 333983608979267465546780253152841714165
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 89:37:d0:35:b9:fe:d9:70:63:3a:d4:24:fe:e1:be:b9:f2:08:4c:5f
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 65:5f:a6:a4:bb:f7:e0:c5:3b:fd:cc:3b:83:c0:6a:0a:3b:1d:e2:80
Fingerprint (sha256): 07:92:60:55:20:67:7c:7e:e0:9b:b6:fc:37:c5:fc:50:3a:7e:c2:ef:24:5e:20:93:0f:30:ce:46:53:2a:1b:1e
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate marshactive.marsh-afrs.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for marshactive.marsh-afrs.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
marshactive.marsh-afrs.com
Other certificates including the domain name marsh-afrs.com
(limited to 100 certificates)
citrixdr.marsh-afrs.com
marshactive.marsh-afrs.com
staging.marshactive.marsh-afrs.com
extranet.marsh-afrs.com
client.marsh-afrs.com
extranet.marsh-afrs.com
client.marsh-afrs.com
staging.marshactive.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
citrix.marsh-afrs.com
staging.marshactive.marsh-afrs.com
extranet.marsh-afrs.com
extranet.marsh-afrs.com
extranet.marsh-afrs.com
marshactive.marsh-afrs.com
stg.client.marsh-afrs.com
extranet.marsh-afrs.com
staging.marshactive.marsh-afrs.com
citrixdr.marsh-afrs.com
qa.client.marsh-afrs.com
client.marsh-afrs.com
marshactive.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
client.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
client.marsh-afrs.com
staging.marshactive.marsh-afrs.com
marshactive.marsh-afrs.com
staging.marshactive.marsh-afrs.com
extranet.marsh-afrs.com
client.marsh-afrs.com
extranet.marsh-afrs.com
client.marsh-afrs.com
staging.marshactive.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
citrix.marsh-afrs.com
staging.marshactive.marsh-afrs.com
extranet.marsh-afrs.com
extranet.marsh-afrs.com
extranet.marsh-afrs.com
marshactive.marsh-afrs.com
stg.client.marsh-afrs.com
extranet.marsh-afrs.com
staging.marshactive.marsh-afrs.com
citrixdr.marsh-afrs.com
qa.client.marsh-afrs.com
client.marsh-afrs.com
marshactive.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
client.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
client.marsh-afrs.com
staging.marshactive.marsh-afrs.com
Certificate
The complete raw certificate details for marshactive.marsh-afrs.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHVzCCBj+gAwIBAgIRAPtC50G73VYQAAAAAFDqSfUwDQYJKoZIhvcNAQELBQAw gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg MjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcN MTgxMTE5MTIwNDQ2WhcNMjAxMTE5MTIzNDQ1WjCBgzELMAkGA1UEBhMCVVMxETAP BgNVBAgTCE5ldyBZb3JrMREwDwYDVQQHEwhOZXcgWW9yazEpMCcGA1UECgwgTWFy c2ggJiBNY0xlbm5hbiBDb21wYW5pZXMsIEluYy4xIzAhBgNVBAMTGm1hcnNoYWN0 aXZlLm1hcnNoLWFmcnMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3U7SHG4oN0esUVVGtnwW0bPRj9vQsU5XBz6G51dD88HnZLbcRd+SiLjm9KqJ 4CoJb8n7FzOLC1SASdlESd58iuYNShihODpQNPPT18TDbU8aCzkgdjHMfu8mjxOG XoSr1cZHDap4ooNCbpZ03FxXbq9Ut9eKkQUf3q4pf/10OPh/EEOq8M5mfdyb2B2Q i1160TMi5jY/u7U1tQQV3yezuxyVZGST8tXJuKsaP+1DcUS0ugNPDUec+zAzERw6 QN5LJrvPPkGhGpfZk8Skmx9OyBungOxM0eO+eiI8/WrOppZNITrHsymczqIoKAFp QtNmxqjQB9cKaqmG76sLwW2zeQIDAQABo4IDizCCA4cwJQYDVR0RBB4wHIIabWFy c2hhY3RpdmUubWFyc2gtYWZycy5jb20wggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB 4AB1AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZyv3TywAAAQD AEYwRAIgTqe7nShOHwjGTg0ObLiSxaVbvV8bPX3bTMj5c92glHkCIDKjoi5beBZD eM8tvc4mkRShLkyNfAQsJ3jmO3dfwH7+AHYAh3W/51l8+IxDmV+9827/Vo1HVjb/ SrVgwbTq/16ggw8AAAFnK/dPOgAABAMARzBFAiBKrOHTCDFhelhYYk66c1AZh0nQ bfkJHvOCe8qWV9YjtQIhAOmYmbwYUbtKIkiaA0EdunumbOYvsCExBpTmsqWHU1XO AHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFnK/dPCwAABAMA RzBFAiBvOLh0uSD1baXOv7NSq27k1bRmTDz+9TE6iNDqfxb+ywIhAI70qsVVTn9c JhjMaTEvgYRXGG4yeEtOw8cqa6HDpGnRAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZ EVzA75SYVdaJ0N0AAAFnK/dPbwAABAMASDBGAiEA1o4ZID1nlP4v6TSiDXDg088i BNfyd5K7l/WIZe4VMdcCIQDyfR0BC39z+6jMc8OhZ+2lP4YBrHm3AY6AbVu3me5x wjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC MDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwx ay5jcmwwSwYDVR0gBEQwQjA2BgpghkgBhvpsCgEFMCgwJgYIKwYBBQUHAgEWGmh0 dHA6Ly93d3cuZW50cnVzdC5uZXQvcnBhMAgGBmeBDAECAjBoBggrBgEFBQcBAQRc MFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDMGCCsGAQUF BzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0L2wxay1jaGFpbjI1Ni5jZXIwHwYD VR0jBBgwFoAUgqJwdN28Uz/Pe9T3zX+nYMYKTL8wHQYDVR0OBBYEFIk30DW5/tlw YzrUJP7hvrnyCExfMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAIK/Gxu5 5Qb728VfI9fKlWKsnFjxdScmfaZy7Kxree9qO/iOuk/SarQiv+PIz7Sk8LemOPrv 176/5KDI6HVeoap3wCnzz6OfACtnGqUR4ADA2lBI0TJrTaSHkP5qJVurOH9Cpc0t rd/TM9VqVUe/Ae+ggh2h3K1xDoveaawU2+t/cGNXPH3CrnvhpjxgY8kSQB5hCSL/ UK7cdYL9p221VBPYmF6X73kBn+yA+K1W3Np/E632AqPF1lwDcGj57yyKUmS+AWTH 5enzJ8n5KZojShDvcP5rOrfICIyPCetDsQxUTEvbwZ48zOHmsWMxc/hnkrWtKekO Dmnyp8G3B/w6+Lo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3U7SHG4oN0esUVVGtnwW 0bPRj9vQsU5XBz6G51dD88HnZLbcRd+SiLjm9KqJ4CoJb8n7FzOLC1SASdlESd58 iuYNShihODpQNPPT18TDbU8aCzkgdjHMfu8mjxOGXoSr1cZHDap4ooNCbpZ03FxX bq9Ut9eKkQUf3q4pf/10OPh/EEOq8M5mfdyb2B2Qi1160TMi5jY/u7U1tQQV3yez uxyVZGST8tXJuKsaP+1DcUS0ugNPDUec+zAzERw6QN5LJrvPPkGhGpfZk8Skmx9O yBungOxM0eO+eiI8/WrOppZNITrHsymczqIoKAFpQtNmxqjQB9cKaqmG76sLwW2z eQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 333983608979267465546780253152841714165 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-19 12:04:46 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-11-19 12:34:45 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Marsh & McLennan Companies, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'marshactive.marsh-afrs.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27937533356134043721578369133557492172948781622046894564474032021014555380548069906479346964639510724628365778507701267936385437002695769359211440868892147972985699820601840142306923465616278105696146773997616554097313428909105593070249647206151637210501466531822485499837600225497964902909324160229600269877732808850997242209560365799204405109710491622434300593974906911154751099219708780949687658343466936669621115421939194566910683859569548697915109414493186239248496487605617652865771698253224774741952620286376069717492799086019556711590445079730536856276114199835069381050018681710456283649881222043699942110073 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marshactive.marsh-afrs.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (486 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (482 bytes) 01e00075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001672bf74f2c000004030046304402204ea7bb9d284e1f08c64e0d0e6cb892c5a55bbd5f1b3d7ddb4cc8f973dda09479022032a3a22e5b78164378cf2dbdce269114a12e4c8d7c042c2778e63b775fc07efe0076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f000001672bf74f3a000004030047304502204aace1d30831617a5858624eba7350198749d06df9091ef3827bca9657d623b5022100e99899bc1851bb4a22489a03411dba7ba66ce62fb021310694e6b2a5875355ce007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed185000001672bf74f0b000004030047304502206f38b874b920f56da5cebfb352ab6ee4d5b4664c3cfef5313a88d0ea7f16fecb0221008ef4aac5554e7f5c2618cc69312f818457186e32784b4ec3c72a6ba1c3a469d10077005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd000001672bf74f6f0000040300483046022100d68e19203d6794fe2fe934a20d70e0d3cf2204d7f27792bb97f58865ee1531d7022100f27d1d010b7f73fba8cc73c3a167eda53f8601ac79b7018e806d5bb799ee71c2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8937d035b9fed970633ad424fee1beb9f2084c5f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0082bf1b1bb9e506fbdbc55f23d7ca9562ac9c58f17527267da672ecac6b79ef6a3bf88eba4fd26ab422bfe3c8cfb4a4f0b7a638faefd7bebfe4a0c8e8755ea1aa77c029f3cfa39f002b671aa511e000c0da5048d1326b4da48790fe6a255bab387f42a5cd2daddfd333d56a5547bf01efa0821da1dcad710e8bde69ac14dbeb7f7063573c7dc2ae7be1a63c6063c912401e610922ff50aedc7582fda76db55413d8985e97ef79019fec80f8ad56dcda7f13adf602a3c5d65c037068f9ef2c8a5264be0164c7e5e9f327c9f9299a234a10ef70fe6b3ab7c8088c8f09eb43b10c544c4bdbc19e3ccce1e6b1633173f86792b5ad29e90e0e69f2a7c1b707fc3af8ba