api.lxt.nbcuni.com
- NBCUniversal Media, LLC -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number 7e:76:0e:3e:ee:4b:ab:47:36:ff:7f:d7:78:0c:88:86 was issued on by Entrust, Inc..
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
NBCUniversal Media, LLC
Organization:
NBCUniversal Media, LLC
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 7e:76:0e:3e:ee:4b:ab:47:36:ff:7f:d7:78:0c:88:86Serial Number (int): 168095707437835947266122804471242983558
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: b2:19:c4:d3:89:8c:2c:0d:ae:82:3e:27:08:88:3f:f4:e3:c4:e0:1d
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 70:1b:b7:e6:4a:c7:76:9e:9d:68:19:8f:db:42:f9:25:49:47:bd:69
Fingerprint (sha256): 07:d0:39:f1:85:6d:c1:85:58:c8:4c:d3:29:f9:4a:54:a5:86:f9:48:9c:c7:c9:c5:1a:79:b2:5a:0b:6b:70:53
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate api.lxt.nbcuni.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for api.lxt.nbcuni.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
api.lxt.nbcuni.com
Other certificates including the domain name nbcuni.com
(limited to 100 certificates)
nexusdev.nbcuni.com
www.universalorlando.com
stratastaging2.nbcuni.com
solar.nbcuni.com
atsc-ba-prod.nextgentv.nbcuni.com
vod-media-validator.summer-dev.nbcuni.com
solarstg.nbcuni.com
*.nbcuni.com
fcc-vera.nbcuni.com
cp.stg.inbcu.com
dev.showsystem.nbcuni.com
stage.idxapiexplorer.nbcuni.com
nimbus.nbcuni.com
sharedpartnerushdr.nbcuni.com
icreative-stg.nbcuni.com
earth-prod.nbcuni.com
schedulesstg.nbcuni.com
adminprod-nbcuaffiliate.nbcuni.com
score.nbcuni.com
www.seeso.com
www.stillonyourside.com
www.stillonyourside.com
dev.showsystem.nbcuni.com
vod-media-validator.earth-dev.nbcuni.com
prod.tvecms.nbcuni.com
dashboard.lightbox.nbcuni.com
stage.idxapi.nbcuni.com
int-grafana-us-east-2.nowtv-dev.nbcuni.com
usz.nbcuni.com
*.apps.nbcuni.com
api.vms.nbcuni.com
ad-tech.nbcuni.com
phoenix-ingest.next1-dev.nbcuni.com
ushwebstorestg.nbcuni.com
ermpoc.nbcuni.com
FilmEntMstr11DR.nbcuni.com
ssoapp.stg.inbcu.com
www.universalorlando.com
config-mgmt-tool-api.mssai-dev.nbcuni.com
showsystem.nbcuni.com
sst-moe-reports.summer-prod.nbcuni.com
stagingbenefits.nbcuni.com
ssl867936.cloudflaressl.com
tellystg.nbcuni.com
nbcuni.com
sportsevents.nbcuni.com
atsc-ba-qa.nextgentv.nbcuni.com
prod.tvecms.nbcuni.com
*.k8s.apps.nbcuni.com
msppm-ssrsPROD.nbcuni.com
www.stillonyourside.com
www.universalorlando.com
snasadmin.nbcuni.com
nonprod-test.origin-nonprod-commerce.nbcuni.com
mail.inbcu.com
*.apps.nbcuni.com
cp.nbcuni.com
phoenix-data-gold.vod-dev.nbcuni.com
www.colonytv.com
nbcuni.com
transworks.nbcuni.com
gateworks.nbcuni.com
qa-coding.nbcuni.com
prod.12.slot.cdn.salesforce-communities.com
nbcuni.com
www.stillonyourside.com
4help.nbcuni.com
stratastaging2.nbcuni.com
anywherelon.nbcuni.com
prod.12.slot.cdn.salesforce-communities.com
api.lxt.nbcuni.com
www.universalorlando.com
www.colonytv.com
perforceswarm.nbcuni.com
apps.devsysusz.nbcuni.com
prod.12.slot.cdn.salesforce-communities.com
licensing.nbcuni.com
qa-coding.nbcuni.com
stratastaging2.nbcuni.com
4help.nbcuni.com
cosmos.nbcuni.com
www.colonytv.com
phoenix-delivery.next1-prod.nbcuni.com
adc-vera.nbcuni.com
slate.nbcuni.com
qaapi.newsconnect.nbcuni.com
usgresearch.nbcuni.com
stage-mps.nbcuni.com
jp.travel.nbcuni.com
prod-longform.moe.nbcuni.com
myhrqa2.nbcuni.com
www.colonytv.com
slemanager-lem-synchronizer.vod-dev.nbcuni.com
www.stillonyourside.com
ushwebstore.nbcuni.com
fss.external.nbcuni.com
devfmaatmapi.nbcuni.com
dropbox.nbcuni.com
flexpay.nbcuni.com
www.colonytv.com
www.universalorlando.com
stratastaging2.nbcuni.com
solar.nbcuni.com
atsc-ba-prod.nextgentv.nbcuni.com
vod-media-validator.summer-dev.nbcuni.com
solarstg.nbcuni.com
*.nbcuni.com
fcc-vera.nbcuni.com
cp.stg.inbcu.com
dev.showsystem.nbcuni.com
stage.idxapiexplorer.nbcuni.com
nimbus.nbcuni.com
sharedpartnerushdr.nbcuni.com
icreative-stg.nbcuni.com
earth-prod.nbcuni.com
schedulesstg.nbcuni.com
adminprod-nbcuaffiliate.nbcuni.com
score.nbcuni.com
www.seeso.com
www.stillonyourside.com
www.stillonyourside.com
dev.showsystem.nbcuni.com
vod-media-validator.earth-dev.nbcuni.com
prod.tvecms.nbcuni.com
dashboard.lightbox.nbcuni.com
stage.idxapi.nbcuni.com
int-grafana-us-east-2.nowtv-dev.nbcuni.com
usz.nbcuni.com
*.apps.nbcuni.com
api.vms.nbcuni.com
ad-tech.nbcuni.com
phoenix-ingest.next1-dev.nbcuni.com
ushwebstorestg.nbcuni.com
ermpoc.nbcuni.com
FilmEntMstr11DR.nbcuni.com
ssoapp.stg.inbcu.com
www.universalorlando.com
config-mgmt-tool-api.mssai-dev.nbcuni.com
showsystem.nbcuni.com
sst-moe-reports.summer-prod.nbcuni.com
stagingbenefits.nbcuni.com
ssl867936.cloudflaressl.com
tellystg.nbcuni.com
nbcuni.com
sportsevents.nbcuni.com
atsc-ba-qa.nextgentv.nbcuni.com
prod.tvecms.nbcuni.com
*.k8s.apps.nbcuni.com
msppm-ssrsPROD.nbcuni.com
www.stillonyourside.com
www.universalorlando.com
snasadmin.nbcuni.com
nonprod-test.origin-nonprod-commerce.nbcuni.com
mail.inbcu.com
*.apps.nbcuni.com
cp.nbcuni.com
phoenix-data-gold.vod-dev.nbcuni.com
www.colonytv.com
nbcuni.com
transworks.nbcuni.com
gateworks.nbcuni.com
qa-coding.nbcuni.com
prod.12.slot.cdn.salesforce-communities.com
nbcuni.com
www.stillonyourside.com
4help.nbcuni.com
stratastaging2.nbcuni.com
anywherelon.nbcuni.com
prod.12.slot.cdn.salesforce-communities.com
api.lxt.nbcuni.com
www.universalorlando.com
www.colonytv.com
perforceswarm.nbcuni.com
apps.devsysusz.nbcuni.com
prod.12.slot.cdn.salesforce-communities.com
licensing.nbcuni.com
qa-coding.nbcuni.com
stratastaging2.nbcuni.com
4help.nbcuni.com
cosmos.nbcuni.com
www.colonytv.com
phoenix-delivery.next1-prod.nbcuni.com
adc-vera.nbcuni.com
slate.nbcuni.com
qaapi.newsconnect.nbcuni.com
usgresearch.nbcuni.com
stage-mps.nbcuni.com
jp.travel.nbcuni.com
prod-longform.moe.nbcuni.com
myhrqa2.nbcuni.com
www.colonytv.com
slemanager-lem-synchronizer.vod-dev.nbcuni.com
www.stillonyourside.com
ushwebstore.nbcuni.com
fss.external.nbcuni.com
devfmaatmapi.nbcuni.com
dropbox.nbcuni.com
flexpay.nbcuni.com
www.colonytv.com
Certificate
The complete raw certificate details for api.lxt.nbcuni.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFIjCCBAqgAwIBAgIQfnYOPu5Lq0c2/3/XeAyIhjANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y NDA0MjgxNzA4NDZaFw0yNTA0MjgxNzA4NDVaMHIxCzAJBgNVBAYTAlVTMREwDwYD VQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxIDAeBgNVBAoTF05CQ1Vu aXZlcnNhbCBNZWRpYSwgTExDMRswGQYDVQQDExJhcGkubHh0Lm5iY3VuaS5jb20w ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD7QzxDnYhjGmrR/yG9Msb H/+ne3qDBdpB17xG/s1DfvqJlUJiraXVCFLp/T4AupyqYT04kWASzL+7RobWsK7U S7MgAQn3dUo8zD0rkeE1L5vDZqV4D4kMModOsPQ3FPhWBhFBHTBDznnyYeX7Z0v0 LjTJENW3vdHC9erPUdrhGPdCPImNfHO2TxT02M5KxYMC3SJFZBa7RK8TRtZKq6En 3gKwGQ89BdxmfejsUxuPlDatjZmD3XWw9zX3rZfZf+tIel+zCkGRKW5kC/jeNt/b ZuisjZfM/lyi3aYGiynLKLFDL7HVT+KBV/Psx6Ml7IYye9W/FWcxM7aP1m5lcgj9 AgMBAAGjggFpMIIBZTAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSyGcTTiYwsDa6C PicIiD/048TgHTAfBgNVHSMEGDAWgBSConB03bxTP8971PfNf6dgxgpMvzBoBggr BgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0 MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0L2wxay1jaGFpbjI1 Ni5jZXIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9s ZXZlbDFrLmNybDAdBgNVHREEFjAUghJhcGkubHh0Lm5iY3VuaS5jb20wDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjATBgNVHSAE DDAKMAgGBmeBDAECAjATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsF AAOCAQEAuAjUjr/wwAduT7oMOYwJcnkY0osMjDA8tQ2Gv8T06DC1t2tGiUNq5yGy BRcaMvhdsB5TqUevS0WOD19hJ8p1qVTXExtYrnhiY3ouHzfaAQJBMlc9e7iggM6u 3XywX22SCNOhHZerx+32euqUL8iQ3SS0QGQ1sWK/C+P2x/LywhOWgj9V+Rt964mO Ha+Q2ASaVmOuOpvP7O6mguyO9/+GeyvDCEwqUgXEdpBhIbzA8BzeXfiPjCs9PBKo E9XLtlP/bRA98R90ObRu7IkbEHuvOgoqyYEqFrtjWsFK7X4K3YrVJP/NDaZNd36+ qhquZR56xFAZjeCX98csnjrYwdDujg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+0M8Q52IYxpq0f8hvTL Gx//p3t6gwXaQde8Rv7NQ376iZVCYq2l1QhS6f0+ALqcqmE9OJFgEsy/u0aG1rCu 1EuzIAEJ93VKPMw9K5HhNS+bw2aleA+JDDKHTrD0NxT4VgYRQR0wQ8558mHl+2dL 9C40yRDVt73RwvXqz1Ha4Rj3QjyJjXxztk8U9NjOSsWDAt0iRWQWu0SvE0bWSquh J94CsBkPPQXcZn3o7FMbj5Q2rY2Zg911sPc1962X2X/rSHpfswpBkSluZAv43jbf 22borI2XzP5cot2mBospyyixQy+x1U/igVfz7MejJeyGMnvVvxVnMTO2j9ZuZXII /QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 168095707437835947266122804471242983558 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-28 17:08:46 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-28 17:08:45 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NBCUniversal Media, LLC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'api.lxt.nbcuni.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24733363452877675562752721247595030677001402049960653337437472860310753129112745039299561417662560381202144256034151608713637928840533378228020748746096092099463260155104404795546652190434413603457787901536485750556081682365243369585628112458374933693976691038336420167194884541692641428450717423420112491071405472957928675461949200037943505343325559910046063254190930558525536654170614416745620078936503558518601062118319352949184522957093506980698316325317409545076194569115337656441559952242933235943584316039625543655006081954925416777463273938595422737262310317290764664281585951336692250572982049876942032865533 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b219c4d3898c2c0dae823e2708883ff4e3c4e01d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.lxt.nbcuni.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b808d48ebff0c0076e4fba0c398c09727918d28b0c8c303cb50d86bfc4f4e830b5b76b4689436ae721b205171a32f85db01e53a947af4b458e0f5f6127ca75a954d7131b58ae7862637a2e1f37da01024132573d7bb8a080ceaedd7cb05f6d9208d3a11d97abc7edf67aea942fc890dd24b4406435b162bf0be3f6c7f2f2c21396823f55f91b7deb898e1daf90d8049a5663ae3a9bcfeceea682ec8ef7ff867b2bc3084c2a5205c476906121bcc0f01cde5df88f8c2b3d3c12a813d5cbb653ff6d103df11f7439b46eec891b107baf3a0a2ac9812a16bb635ac14aed7e0add8ad524ffcd0da64d777ebeaa1aae651e7ac450198de097f7c72c9e3ad8c1d0ee8e