rp2-oidc.id.alpha.canada.ca
Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1
About this certificate
This digital certificate with serial number 0d:fa:62:01:d2:fe:6a:72:3b:28:aa:98:2f:8a:3f:be was issued on by DigiCert, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=rp2-oidc.id.alpha.canada.ca
DigiCert, Inc.
Organization:
DigiCert, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:fa:62:01:d2:fe:6a:72:3b:28:aa:98:2f:8a:3f:beSerial Number (int): 18580025980506355531551433735895924670
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 53:fb:66:6a:a9:4b:6d:be:26:70:ce:2a:47:b9:d5:11:9d:a9:df:7f
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23
Fingerprint (sha1): 07:5b:1f:76:83:3f:06:b1:63:ca:e2:5a:54:de:0f:30:f7:90:db:c0
Fingerprint (sha256): 0a:6b:b4:5f:ad:e1:1c:90:1c:61:be:56:fe:3b:d1:f1:a4:20:65:36:66:3b:95:71:dc:5e:d5:7f:1f:d2:e8:ec
Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
Check the revocation status for certificate rp2-oidc.id.alpha.canada.ca
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for rp2-oidc.id.alpha.canada.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
rp2-oidc.id.alpha.canada.ca
Other certificates including the domain name canada.ca
(limited to 100 certificates)
*.dev.tc.canada.ca
avis-confidentialite.snc.alpha.canada.ca
srv129.services.gc.ca
gac-amc-sso-au-cate.canada.ca
explorer-marche-travail.service.canada.ca
impact.canada.ca
reports.young-canada-works.canada.ca
canadabuys.canada.ca
sni.cloudflaressl.com
cbapps-viya4-dev.service.cloud-nuage.canada.ca
api.aro-nonprd.api-nonprod.service.cloud-nuage.canada.ca
ceres-seres-api-test1.test.cbsa-asfc.cloud-nuage.canada.ca
dev.dam.explore-labour-market.service.canada.ca
*.Canada.ca
energy-information.canada.ca
ide.dev.service.canada.ca
nvmipiis-ihs-qa.g.phac.cloud-nuage.canada.ca
mygcpay-dev.azure.tpsgc-pwgsc.cloud-nuage.canada.ca
canada.ca
feedback-by-page.tbs.alpha.canada.ca
blog.canada.ca
cicp-pcid.dev.cbsa-asfc.cloud-nuage.canada.ca
fs-dev-gcfm.canada.ca
dev-estma-lmtse.canada.ca
numerique.canada.ca
veterans-service-card.canada.ca
health-infobase.canada.ca
veterans-service-card.canada.ca
code.sp.ssc.alpha.canada.ca
uat.ised-isde.canada.ca
x2h-dev.gcfm.canada.ca
*.apps.aro-nonprd.api-nonprod.service.cloud-nuage.canada.ca
ircc-services-dev.canada.ca
esdc-consultations.canada.ca
inspection.gc.ca
*.library-archives.canada.ca
dec.canada.ca
helloweb.ssc-spc.dl-consol.com-dev.m.ent.cloud-nuage.canada.ca
api.notification.alpha.canada.ca
cdts.service.canada.ca
console.dev.openshift.ised-isde.canada.ca
cic.gc.ca
sjc.jeunesse.service.canada.ca
marine-geo.canada.ca
veterans-service-card.canada.ca
XMPPcluster01.video.gc.ca
cat.fsl-bsf.scitech.gc.ca
integration-gcaccounts.canada.ca
srv130.services.gc.ca
design.alpha.canada.ca
www1.canada.ca
covid-19inventory.tbs.alpha.canada.ca
wayfinding.tbs.alpha.canada.ca
jeunesse-canada-travail.canada.ca
beta.canada.ca
sr.canada.ca
ck.ised-isde.canada.ca
SSC-VCSE-15.video.gc.ca
major-projects.canada.ca
do-rb-dev.dev.cbsa-asfc.cloud-nuage.canada.ca
fakecuram.dev.ps-sp.esdc-edsc.canada.ca
code.open.canada.ca
youth.service.cloud-nuage.canada.ca
dev.explore-labour-market.service.canada.ca
canadaservicecorps-corpsdeserviceducanada.canada.ca
sh.api.dev.portfolio1.n.g.phac.cloud-nuage.canada.ca
cfc-swc.gc.ca
nrcan-funding-financement-rncan.canada.ca
numerique.canada.ca
impact.canada.ca
api.explore-labour-market.service.canada.ca
video2.servicecanada.gc.ca
api.osdp-cumulative-effects-stage.canada.ca
preprod-app.neics-nscei.canada.ca
careers-carrieres.cbsa-asfc.cloud-nuage.canada.ca
ised-isde.canada.ca
statistics.alpha.canada.ca
srv130.services.gc.ca
snic77fgl.wpc.edgecastcdn.net
digital.canada.ca
science-libraries.canada.ca
digital.canada.ca
conception.canada.ca
integration-gcaccounts.canada.ca
ceres-seres-api-dev1.dev.cbsa-asfc.cloud-nuage.canada.ca
api.ocp.dev.ised-isde.canada.ca
environmental-maps.canada.ca
jeunesse-canada-travail.canada.ca
devservices.gcfm.canada.ca
dev.ised-isde.canada.ca
ised-isde.canada.ca
sni18924gl.wpc.edgecastcdn.net
*.cbsa-asfc.cloud-nuage.canada.ca
demoapp.mvpdemo.bd-demo.com-dev.m.ent.cloud-nuage.canada.ca
beta.canada.ca
io.canada.ca
pwd.gcfm.canada.ca
pop.ctst.email-courriel.canada.ca
api.explorer-marche-travail.service.canada.ca
rp2-oidc.id.alpha.canada.ca
avis-confidentialite.snc.alpha.canada.ca
srv129.services.gc.ca
gac-amc-sso-au-cate.canada.ca
explorer-marche-travail.service.canada.ca
impact.canada.ca
reports.young-canada-works.canada.ca
canadabuys.canada.ca
sni.cloudflaressl.com
cbapps-viya4-dev.service.cloud-nuage.canada.ca
api.aro-nonprd.api-nonprod.service.cloud-nuage.canada.ca
ceres-seres-api-test1.test.cbsa-asfc.cloud-nuage.canada.ca
dev.dam.explore-labour-market.service.canada.ca
*.Canada.ca
energy-information.canada.ca
ide.dev.service.canada.ca
nvmipiis-ihs-qa.g.phac.cloud-nuage.canada.ca
mygcpay-dev.azure.tpsgc-pwgsc.cloud-nuage.canada.ca
canada.ca
feedback-by-page.tbs.alpha.canada.ca
blog.canada.ca
cicp-pcid.dev.cbsa-asfc.cloud-nuage.canada.ca
fs-dev-gcfm.canada.ca
dev-estma-lmtse.canada.ca
numerique.canada.ca
veterans-service-card.canada.ca
health-infobase.canada.ca
veterans-service-card.canada.ca
code.sp.ssc.alpha.canada.ca
uat.ised-isde.canada.ca
x2h-dev.gcfm.canada.ca
*.apps.aro-nonprd.api-nonprod.service.cloud-nuage.canada.ca
ircc-services-dev.canada.ca
esdc-consultations.canada.ca
inspection.gc.ca
*.library-archives.canada.ca
dec.canada.ca
helloweb.ssc-spc.dl-consol.com-dev.m.ent.cloud-nuage.canada.ca
api.notification.alpha.canada.ca
cdts.service.canada.ca
console.dev.openshift.ised-isde.canada.ca
cic.gc.ca
sjc.jeunesse.service.canada.ca
marine-geo.canada.ca
veterans-service-card.canada.ca
XMPPcluster01.video.gc.ca
cat.fsl-bsf.scitech.gc.ca
integration-gcaccounts.canada.ca
srv130.services.gc.ca
design.alpha.canada.ca
www1.canada.ca
covid-19inventory.tbs.alpha.canada.ca
wayfinding.tbs.alpha.canada.ca
jeunesse-canada-travail.canada.ca
beta.canada.ca
sr.canada.ca
ck.ised-isde.canada.ca
SSC-VCSE-15.video.gc.ca
major-projects.canada.ca
do-rb-dev.dev.cbsa-asfc.cloud-nuage.canada.ca
fakecuram.dev.ps-sp.esdc-edsc.canada.ca
code.open.canada.ca
youth.service.cloud-nuage.canada.ca
dev.explore-labour-market.service.canada.ca
canadaservicecorps-corpsdeserviceducanada.canada.ca
sh.api.dev.portfolio1.n.g.phac.cloud-nuage.canada.ca
cfc-swc.gc.ca
nrcan-funding-financement-rncan.canada.ca
numerique.canada.ca
impact.canada.ca
api.explore-labour-market.service.canada.ca
video2.servicecanada.gc.ca
api.osdp-cumulative-effects-stage.canada.ca
preprod-app.neics-nscei.canada.ca
careers-carrieres.cbsa-asfc.cloud-nuage.canada.ca
ised-isde.canada.ca
statistics.alpha.canada.ca
srv130.services.gc.ca
snic77fgl.wpc.edgecastcdn.net
digital.canada.ca
science-libraries.canada.ca
digital.canada.ca
conception.canada.ca
integration-gcaccounts.canada.ca
ceres-seres-api-dev1.dev.cbsa-asfc.cloud-nuage.canada.ca
api.ocp.dev.ised-isde.canada.ca
environmental-maps.canada.ca
jeunesse-canada-travail.canada.ca
devservices.gcfm.canada.ca
dev.ised-isde.canada.ca
ised-isde.canada.ca
sni18924gl.wpc.edgecastcdn.net
*.cbsa-asfc.cloud-nuage.canada.ca
demoapp.mvpdemo.bd-demo.com-dev.m.ent.cloud-nuage.canada.ca
beta.canada.ca
io.canada.ca
pwd.gcfm.canada.ca
pop.ctst.email-courriel.canada.ca
api.explorer-marche-travail.service.canada.ca
rp2-oidc.id.alpha.canada.ca
Certificate
The complete raw certificate details for rp2-oidc.id.alpha.canada.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHojCCBYqgAwIBAgIQDfpiAdL+anI7KKqYL4o/vjANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN MjMwNzEyMDAwMDAwWhcNMjQwMTEyMjM1OTU5WjAmMSQwIgYDVQQDExtycDItb2lk Yy5pZC5hbHBoYS5jYW5hZGEuY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQCkPbZlKLZ78CG2xD2bOqwmyNmQWTWltKUi/RwFGLXWZDmQk/AJqWg9JpPp cJtIUxR3+j0UcHOh152GgLri3apu2zEpOeSPl4eYdqi0HuGbTJzee03ch+5+Kxw0 ghCNc+xYkv87sstsVoe1+xRTfWtlRwwkYF7wfIe2GbbyfwCd2mWoO7NmIY5QNX9U 2XCz39VDaHo3fF0l0blvAoF66RAWuZYamqcUqQi+VdukMqCRjP+6aaeO76ZTPVZ1 V+85t6i2nDYDK1MoS9S7o63U13NoM5Enk+MNeeHe8W+0qISx2a0e/1IYXLP7h56n lO/oAYW7NNyP90xFNYLq0BM+UoeFAgMBAAGjggOUMIIDkDAfBgNVHSMEGDAWgBSl tNbrNsTna6bfxGQLASogBLhmIzAdBgNVHQ4EFgQUU/tmaqlLbb4mcM4qR7nVEZ2p 338wJgYDVR0RBB8wHYIbcnAyLW9pZGMuaWQuYWxwaGEuY2FuYWRhLmNhMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgZ8GA1Ud HwSBlzCBlDBIoEagRIZCaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0dlb1RydXN0 R2xvYmFsVExTUlNBNDA5NlNIQTI1NjIwMjJDQTEuY3JsMEigRqBEhkJodHRwOi8v Y3JsNC5kaWdpY2VydC5jb20vR2VvVHJ1c3RHbG9iYWxUTFNSU0E0MDk2U0hBMjU2 MjAyMkNBMS5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgEwKTAnBggrBgEFBQcCARYb aHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGHBggrBgEFBQcBAQR7MHkwJAYI KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBRBggrBgEFBQcwAoZF aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0dlb1RydXN0R2xvYmFsVExTUlNB NDA5NlNIQTI1NjIwMjJDQTEuY3J0MAkGA1UdEwQCMAAwggF+BgorBgEEAdZ5AgQC BIIBbgSCAWoBaAB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAAB iUoiWkAAAAQDAEcwRQIgR/5zkK7v05MiKNWVR9AIrX0YHDYrCcPlcSSip1uNlDYC IQDE6lvnSbuZpRpefSRy2uO6JhIr3AXyAdlLo+tntts8yAB2ANq2v2s/tbYin5vC u1xr6HCRcWy7UYSFNL2kPTBI1/urAAABiUoiWmYAAAQDAEcwRQIgCUYtJjiPyNp4 g2zIvH0nvqSwYnNlX2g0M8SZ4lv1E38CIQDWtGEAEb0hIg+kvx88l5VJenHTpEkr HGx6P0VstFymIgB2ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAAB iUoiWoUAAAQDAEcwRQIhAMt4NlZyAb3JZQN0Q62TkKUerAPU9WBxNTtOWHdihya2 AiAIBlm9gsRlHIFGcnL2S+xwVywmxdJsuCho2xu4jbMc9jANBgkqhkiG9w0BAQsF AAOCAgEAF5FuvN0QpDIaAT5rPuaTIg87qTq9ns6eymDy+hxV73DXMjc6SEmOwpdk t2mpgX77kSTafjHXIFcEJWGcSCOSprwQ/yGw3KH1TdpAIqLfjFblWpNRnQk8gEOs 7kfrAYH2DVg12k48NSrX7kASBCyjR3cFMPOAZ1eBiTrF1mOs3fAjWkSGYuyQwj5O wEvmascEpeeNH53bNHig/9cPMvr4uXxxnMykoNXwsYPqtf9vetdKy0HXb743aaNz j0AT9+FWHoL6D0nrnHmxhkYKqlOFokdUV3m/Ef0d3A8dg7oLBgaopdaQEVHOa7l2 5cx6CZw+mfIF1APOhrE3hHgGd4ZJcUcBERnbFMclncXLCAZAI64AlSxbT4DJKIyo Gjf0VGDruCWjeAlGDryT/jo4tnO6NGEHFrXNOOEXe2e3zGpcoAVekHh49GbxPAZN lIfTrWKcgmT8wiVSzZTijpRu41NnqJx+6lq9VThwXXHKRSYzZPkWUEyHkCtzjeZT vqjhvjBHtIb0SDLBUGv4Ix12ktdidRv0XxghVq6nJ1idjieN+hWizRaLMxvn3fx5 7lW7CawQCROefCKWL4yzp3+d0yzD0oEdntXksqBH1P1Rfz8yk2usUUai9gSiEcW4 V6iaNaawASIRQCsKlUIQ8QPAOy/vsThuYFjoDTqLuav8u959Q5w= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApD22ZSi2e/AhtsQ9mzqs JsjZkFk1pbSlIv0cBRi11mQ5kJPwCaloPSaT6XCbSFMUd/o9FHBzodedhoC64t2q btsxKTnkj5eHmHaotB7hm0yc3ntN3IfufiscNIIQjXPsWJL/O7LLbFaHtfsUU31r ZUcMJGBe8HyHthm28n8AndplqDuzZiGOUDV/VNlws9/VQ2h6N3xdJdG5bwKBeukQ FrmWGpqnFKkIvlXbpDKgkYz/ummnju+mUz1WdVfvObeotpw2AytTKEvUu6Ot1Ndz aDORJ5PjDXnh3vFvtKiEsdmtHv9SGFyz+4eep5Tv6AGFuzTcj/dMRTWC6tATPlKH hQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18580025980506355531551433735895924670 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-12 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'rp2-oidc.id.alpha.canada.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20733513573046176286510762175799349680038034423782864611875253579283732751220368400649835531893668680750802240219804761792073249557658223527644822811566879497077297047688187427720300541122965692866914996727315169826713084723212035397922807558124516408253684253204146089167160085240388710895176881642920898323520682092977793929461348192937810847543312435778453918090221785848965654647429625923367406399102837405942065032606132024413151059299320481602557282868614385155176774664414663626942150991354790045001036160026308499212682040475220231424958478776992140440963615183758148197273165184684078021726984295832995661701 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 53fb666aa94b6dbe2670ce2a47b9d5119da9df7f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (31 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rp2-oidc.id.alpha.canada.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001894a225a400000040300473045022047fe7390aeefd3932228d59547d008ad7d181c362b09c3e57124a2a75b8d9436022100c4ea5be749bb99a51a5e7d2472dae3ba26122bdc05f201d94ba3eb67b6db3cc8007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab000001894a225a660000040300473045022009462d26388fc8da78836cc8bc7d27bea4b06273655f683433c499e25bf5137f022100d6b4610011bd21220fa4bf1f3c9795497a71d3a4492b1c6c7a3f456cb45ca6220076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad417000001894a225a850000040300473045022100cb7836567201bdc965037443ad9390a51eac03d4f56071353b4e5877628726b60220080659bd82c4651c81467272f64bec70572c26c5d26cb82868db1bb88db31cf6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0017916ebcdd10a4321a013e6b3ee693220f3ba93abd9ece9eca60f2fa1c55ef70d732373a48498ec29764b769a9817efb9124da7e31d720570425619c482392a6bc10ff21b0dca1f54dda4022a2df8c56e55a93519d093c8043acee47eb0181f60d5835da4e3c352ad7ee4012042ca347770530f380675781893ac5d663acddf0235a448662ec90c23e4ec04be66ac704a5e78d1f9ddb3478a0ffd70f32faf8b97c719ccca4a0d5f0b183eab5ff6f7ad74acb41d76fbe3769a3738f4013f7e1561e82fa0f49eb9c79b186460aaa5385a247545779bf11fd1ddc0f1d83ba0b0606a8a5d6901151ce6bb976e5cc7a099c3e99f205d403ce86b1378478067786497147011119db14c7259dc5cb08064023ae00952c5b4f80c9288ca81a37f45460ebb825a37809460ebc93fe3a38b673ba34610716b5cd38e1177b67b7cc6a5ca0055e907878f466f13c064d9487d3ad629c8264fcc22552cd94e28e946ee35367a89c7eea5abd5538705d71ca45263364f916504c87902b738de653bea8e1be3047b486f44832c1506bf8231d7692d762751bf45f182156aea727589d8e278dfa15a2cd168b331be7ddfc79ee55bb09ac1009139e7c22962f8cb3a77f9dd32cc3d2811d9ed5e4b2a047d4fd517f3f32936bac5146a2f604a211c5b857a89a35a6b0012211402b0a954210f103c03b2fefb1386e6058e80d3a8bb9abfcbbde7d439c