nasnctxapqa01.na.holcim.net
- LafargeHolcim -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number 18:16:ad:29:fa:84:8e:f7:6f:3e:09:ad:9a:db:e2:a3 was issued on by Entrust, Inc..
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
LafargeHolcim
Organization:
LafargeHolcim
State / Province:
Michigan
Locality: Dundee
Country: US
Locality: Dundee
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 18:16:ad:29:fa:84:8e:f7:6f:3e:09:ad:9a:db:e2:a3Serial Number (int): 32019214612473347785267831531879785123
Serial Number lenght: 125 bits, 16 octets
SubjectKeyId: 64:40:4e:4e:bf:14:5f:a2:fe:11:5e:46:1c:34:eb:22:0b:52:60:3d
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 30:c1:47:18:35:d7:ba:7b:3d:8e:41:1d:64:fb:97:be:bd:6f:50:a6
Fingerprint (sha256): 08:a6:ce:f7:04:3f:b1:fb:60:3a:08:86:1c:1b:19:e8:cc:b4:14:c2:15:5b:a1:23:a9:2d:60:e5:6c:7f:b3:ea
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate nasnctxapqa01.na.holcim.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nasnctxapqa01.na.holcim.net
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
nasnctxapqa01.na.holcim.net
Other certificates including the domain name holcim.net
(limited to 100 certificates)
holporsso.holcim.net
webmail02.ea.holcim.net
hanzsapdev.oc.holcim.net
VPNFBNL.EA.holcim.net
holporsso.holcim.net
hnaadc501.extq.na.holcim.net
lassxp2cip02v.la.holcim.net
*.oc.holcim.net
HEAB-ITSC-A007.ap.holcim.net
vpn.au.holcim.net
nasnctxapqa01.na.holcim.net
hnamgw001.na.holcim.net
emea-webmail.ea.holcim.net
holporsso.holcim.net
usa-dund1-ise3.na.holcim.net
HEAB-ITSC-A006.ap.holcim.net
emea-webmail.ea.holcim.net
amanpmpinpd51.na.holcim.net
AP-SGS-SP901.in.holcim.net
hnaadc501.ebusinessq.na.holcim.net
amanpmpinpd01.na.holcim.net
deuha-webmail.ea.holcim.net
holcimconecta.ea.holcim.net
hnaadc502.extqa.na.holcim.net
qlikview.na.holcim.net
*.ea.holcim.net
holporsso-qa.holcim.net
hnaadc501.ext.na.holcim.net
integration-bmw.ea.holcim.net
hnaadc501.ebusiness.na.holcim.net
usa-dund1-ise3.na.holcim.net
hnaadc502.ebusinessq.na.holcim.net
AP-SGS-VH141.in.holcim.net
hgrsuhep.hgrs.holcim.net
holporsso-qa.holcim.net
hnaadc001.ext.na.holcim.net
vnmds03.ap.holcim.net
usa-dund1-ise4.na.holcim.net
NAWFMSP01.na.holcim.net
hgrs-hbk-s0230.hgrs.holcim.net
holporsso-qa.holcim.net
vpn.au.holcim.net
nasnctxappd03.na.holcim.net
webmail02.ea.holcim.net
usa-dund1-ise3.na.holcim.net
holcimconecta.ea.holcim.net
NACTXP076.na.holcim.net
ita-webmail.ea.holcim.net
AP-SGS-SP901.in.holcim.net
hgrsuhep.hgrs.holcim.net
qua-vpn.ap.holcim.net
AP-SGS-S5200.in.holcim.net
amanpmpinpd51.na.holcim.net
hnaadc502.ebusinessq.na.holcim.net
integration-immw.ea.holcim.net
esp-webmail.ea.holcim.net
AP-SGS-SP902.in.holcim.net
webmail.ea.holcim.net
integration-dmw.ea.holcim.net
hnaadc502.extqa.na.holcim.net
integration-bmw.ea.holcim.net
svk-webmail.ea.holcim.net
webmeetingmx.laseritsc.net
hanzappsdev.oc.holcim.net
AP-SGS-VH141.in.holcim.net
hanzapps.oc.holcim.net
webmail05.ea.holcim.net
AP-SGS-SP902.in.holcim.net
apacsepm.ap.holcim.net
holporsso-qa.holcim.net
mail.au.holcim.net
HEAB-ITSC-A006.ap.holcim.net
hnaadc501.extqa.na.holcim.net
hnaadc501.ebusiness.na.holcim.net
nasnwfmwsqa02.na.holcim.net
svk-webstorage.ea.holcim.net
comms.oc.holcim.net
hnaadc501.ebusinessq.na.holcim.net
hnaadc502.ebusinessq.na.holcim.net
htsx-hbk-s1457.hgrs.holcim.net
esp-logis.ea.holcim.net
sysmon.hgrs.holcim.net
comms.oc.holcim.net
ches-webmail.ea.holcim.net
hnaadc501.ebusinessq.na.holcim.net
amaiiseinpd02.na.holcim.net
hnaadc001.ebusiness.na.holcim.net
eportalqa.oc.holcim.net
nasnoraapdv01.na.holcim.net
hnaadc001.ebusiness.na.holcim.net
integration-immw.ea.holcim.net
nascvlep.ebusiness.na.holcim.net
usa-dund1-ise4.na.holcim.net
imperva.com
imperva.com
hnaadc501.ebusinessq.na.holcim.net
integration-dmw.ea.holcim.net
amaiiseinpd01.na.holcim.net
holporsso.holcim.net
integration-bmw.ea.holcim.net
webmail02.ea.holcim.net
hanzsapdev.oc.holcim.net
VPNFBNL.EA.holcim.net
holporsso.holcim.net
hnaadc501.extq.na.holcim.net
lassxp2cip02v.la.holcim.net
*.oc.holcim.net
HEAB-ITSC-A007.ap.holcim.net
vpn.au.holcim.net
nasnctxapqa01.na.holcim.net
hnamgw001.na.holcim.net
emea-webmail.ea.holcim.net
holporsso.holcim.net
usa-dund1-ise3.na.holcim.net
HEAB-ITSC-A006.ap.holcim.net
emea-webmail.ea.holcim.net
amanpmpinpd51.na.holcim.net
AP-SGS-SP901.in.holcim.net
hnaadc501.ebusinessq.na.holcim.net
amanpmpinpd01.na.holcim.net
deuha-webmail.ea.holcim.net
holcimconecta.ea.holcim.net
hnaadc502.extqa.na.holcim.net
qlikview.na.holcim.net
*.ea.holcim.net
holporsso-qa.holcim.net
hnaadc501.ext.na.holcim.net
integration-bmw.ea.holcim.net
hnaadc501.ebusiness.na.holcim.net
usa-dund1-ise3.na.holcim.net
hnaadc502.ebusinessq.na.holcim.net
AP-SGS-VH141.in.holcim.net
hgrsuhep.hgrs.holcim.net
holporsso-qa.holcim.net
hnaadc001.ext.na.holcim.net
vnmds03.ap.holcim.net
usa-dund1-ise4.na.holcim.net
NAWFMSP01.na.holcim.net
hgrs-hbk-s0230.hgrs.holcim.net
holporsso-qa.holcim.net
vpn.au.holcim.net
nasnctxappd03.na.holcim.net
webmail02.ea.holcim.net
usa-dund1-ise3.na.holcim.net
holcimconecta.ea.holcim.net
NACTXP076.na.holcim.net
ita-webmail.ea.holcim.net
AP-SGS-SP901.in.holcim.net
hgrsuhep.hgrs.holcim.net
qua-vpn.ap.holcim.net
AP-SGS-S5200.in.holcim.net
amanpmpinpd51.na.holcim.net
hnaadc502.ebusinessq.na.holcim.net
integration-immw.ea.holcim.net
esp-webmail.ea.holcim.net
AP-SGS-SP902.in.holcim.net
webmail.ea.holcim.net
integration-dmw.ea.holcim.net
hnaadc502.extqa.na.holcim.net
integration-bmw.ea.holcim.net
svk-webmail.ea.holcim.net
webmeetingmx.laseritsc.net
hanzappsdev.oc.holcim.net
AP-SGS-VH141.in.holcim.net
hanzapps.oc.holcim.net
webmail05.ea.holcim.net
AP-SGS-SP902.in.holcim.net
apacsepm.ap.holcim.net
holporsso-qa.holcim.net
mail.au.holcim.net
HEAB-ITSC-A006.ap.holcim.net
hnaadc501.extqa.na.holcim.net
hnaadc501.ebusiness.na.holcim.net
nasnwfmwsqa02.na.holcim.net
svk-webstorage.ea.holcim.net
comms.oc.holcim.net
hnaadc501.ebusinessq.na.holcim.net
hnaadc502.ebusinessq.na.holcim.net
htsx-hbk-s1457.hgrs.holcim.net
esp-logis.ea.holcim.net
sysmon.hgrs.holcim.net
comms.oc.holcim.net
ches-webmail.ea.holcim.net
hnaadc501.ebusinessq.na.holcim.net
amaiiseinpd02.na.holcim.net
hnaadc001.ebusiness.na.holcim.net
eportalqa.oc.holcim.net
nasnoraapdv01.na.holcim.net
hnaadc001.ebusiness.na.holcim.net
integration-immw.ea.holcim.net
nascvlep.ebusiness.na.holcim.net
usa-dund1-ise4.na.holcim.net
imperva.com
imperva.com
hnaadc501.ebusinessq.na.holcim.net
integration-dmw.ea.holcim.net
amaiiseinpd01.na.holcim.net
holporsso.holcim.net
integration-bmw.ea.holcim.net
Certificate
The complete raw certificate details for nasnctxapqa01.na.holcim.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGKDCCBRCgAwIBAgIQGBatKfqEjvdvPgmtmtviozANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y NDAxMTEwODMxMDVaFw0yNTAyMTAwODMxMDNaMG8xCzAJBgNVBAYTAlVTMREwDwYD VQQIEwhNaWNoaWdhbjEPMA0GA1UEBxMGRHVuZGVlMRYwFAYDVQQKEw1MYWZhcmdl SG9sY2ltMSQwIgYDVQQDExtuYXNuY3R4YXBxYTAxLm5hLmhvbGNpbS5uZXQwggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCtIU3UxjvFGQxGZ30n6CY86Y8m koN47VLK1WT/TuKwauLJ+JKE9OUF1rjA7PJzsa/bQFZbfI6H9bxyU1vbGftxB0rg ESwt7il07lJneM0343cAjGKKD63N/t1//G35mdkMbJd7ZI5BK+XKrGEJW7IC9p23 2apb0Zdgzpf6MFoXDJ96Z7+VLevIlR5Lq0ZRm8CsuYBBmp/d0Lvttz8rf5JLmg08 B39BdG08HuY2p+1U+DjtjR2816y/uK1LLIIOI1xGAxcMZo7bG2eNWSu4lRIPlpaC EhLDv84JAl4pt1pV3QSIeDl+GsMwY4VKwvao4dUwj3jkLlaeZWwSXEylf3YCVaAB s22h+TX5k/QnFsVWm+4xWS0ZVYTWM+61n0LAJbpt1yL2NMaldq13jSU05ejXrv0D V5K6/vhQx/UuGblNX38bSEH8Rt5yrBuJMRMmfRshx7/V4RIyEoQYVsThNXqYKoAg VN/ThRa8QADyWkvX5/aP3VQYPs8+7QF8068DLR+CbhuBkglI1F4ZmaSBpBPaofMp 2Ze+dAnIgCtKtjCID3nPeD8NAzFat7eKABu//bDTXyQmHiZmNjbB2MBjj8egekuo 2tELMJ8/NLsBey/j/iD6/KrHUNxfyVe3gAWpOhTC2mD3xw/D9IOiGV3B/9Z8tmv6 bTEAUH+qXexSSeqtfQIDAQABo4IBcjCCAW4wDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQUZEBOTr8UX6L+EV5GHDTrIgtSYD0wHwYDVR0jBBgwFoAUgqJwdN28Uz/Pe9T3 zX+nYMYKTL8waAYIKwYBBQUHAQEEXDBaMCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz cC5lbnRydXN0Lm5ldDAzBggrBgEFBQcwAoYnaHR0cDovL2FpYS5lbnRydXN0Lm5l dC9sMWstY2hhaW4yNTYuY2VyMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwu ZW50cnVzdC5uZXQvbGV2ZWwxay5jcmwwJgYDVR0RBB8wHYIbbmFzbmN0eGFwcWEw MS5uYS5ob2xjaW0ubmV0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwEwYDVR0gBAwwCjAIBgZngQwBAgIwEwYKKwYBBAHWeQIE AwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAMtLg8cI6xe6MK6lHCvawbrCCJ2T Y5+G9c94f6J8icwANczDO3Vi1ZskQoLQTmn874O3bzMVfNlb0D7WGQkZk7rpWZql CWP01MtzHghWS4+BDlzen0+3jJpJWuBVdSG+ANSLfy4dD08z+8hk6wqhJSa/bmGd Ve2CvWOG/ijOUpb7gNw/tPFO3Yp+FFJa0PrBSonbxjy2OlUvYRmxTP4LBZlvKopI y3UwEnkLeM5vGh4KaeAB4QMcC4IIryYZgGnJti3ng5U95NcIZJyuuzbU6kWzdVD+ C8BpLYdOq6XQJ5lzPwnn02X+0xVNikPZ54BSxTWyliuftwtvSNK5laMITM8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArSFN1MY7xRkMRmd9J+gm POmPJpKDeO1SytVk/07isGriyfiShPTlBda4wOzyc7Gv20BWW3yOh/W8clNb2xn7 cQdK4BEsLe4pdO5SZ3jNN+N3AIxiig+tzf7df/xt+ZnZDGyXe2SOQSvlyqxhCVuy Avadt9mqW9GXYM6X+jBaFwyfeme/lS3ryJUeS6tGUZvArLmAQZqf3dC77bc/K3+S S5oNPAd/QXRtPB7mNqftVPg47Y0dvNesv7itSyyCDiNcRgMXDGaO2xtnjVkruJUS D5aWghISw7/OCQJeKbdaVd0EiHg5fhrDMGOFSsL2qOHVMI945C5WnmVsElxMpX92 AlWgAbNtofk1+ZP0JxbFVpvuMVktGVWE1jPutZ9CwCW6bdci9jTGpXatd40lNOXo 1679A1eSuv74UMf1Lhm5TV9/G0hB/EbecqwbiTETJn0bIce/1eESMhKEGFbE4TV6 mCqAIFTf04UWvEAA8lpL1+f2j91UGD7PPu0BfNOvAy0fgm4bgZIJSNReGZmkgaQT 2qHzKdmXvnQJyIArSrYwiA95z3g/DQMxWre3igAbv/2w018kJh4mZjY2wdjAY4/H oHpLqNrRCzCfPzS7AXsv4/4g+vyqx1DcX8lXt4AFqToUwtpg98cPw/SDohldwf/W fLZr+m0xAFB/ql3sUknqrX0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 32019214612473347785267831531879785123 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-11 08:31:05 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-10 08:31:03 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Michigan' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Dundee' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'LafargeHolcim' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nasnctxapqa01.na.holcim.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 706309160408034247180575217295145666054797546609416889182293167049606420445642977170047589500637110278647459792636503913804126997202242255572370457753301734303367164228473440025392224837505294672135323851756084804508414788368801885438996487237570970799674711738851912938662682508254431420218320538460803414711671404894078650626902690679272339759745778596269444131745852504984071364997531481380597868320739602743280020747289921937126094516864298138261968766130621974894952327165660414246305442924314590569412382437909096182469503788282612186021487005450956857191683469897470075669411204286031183708734229372176721703321703604435674719983699304874603845583318494264053106185134550520503715473340115578120723782280871237895286252770695554364119246894936915709079674944213012711502508799378521812219315875810454953330369394616451677730704732599605875047190185689850360491783630227697329818486121175878884233236890043385904217143480398944511365920143163908401369039123723500495462039483930578519256567339973656974566641278870777122279085417812585064572602642844098284821146555289849260756656829070852297812970037966605353225691401509644342551509250310264791111867739060922470690484102459324666491476935759411249231633104263223350525603197 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 64404e4ebf145fa2fe115e461c34eb220b52603d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (31 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nasnctxapqa01.na.holcim.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00cb4b83c708eb17ba30aea51c2bdac1bac2089d93639f86f5cf787fa27c89cc0035ccc33b7562d59b244282d04e69fcef83b76f33157cd95bd03ed619091993bae9599aa50963f4d4cb731e08564b8f810e5cde9f4fb78c9a495ae0557521be00d48b7f2e1d0f4f33fbc864eb0aa12526bf6e619d55ed82bd6386fe28ce5296fb80dc3fb4f14edd8a7e14525ad0fac14a89dbc63cb63a552f6119b14cfe0b05996f2a8a48cb753012790b78ce6f1a1e0a69e001e1031c0b8208af26198069c9b62de783953de4d708649caebb36d4ea45b37550fe0bc0692d874eaba5d02799733f09e7d365fed3154d8a43d9e78052c535b2962b9fb70b6f48d2b995a3084ccf