cic.gc.ca
- Shared Services Canada -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number 51:cc:bb:37:83:00:cb:38:06:3d:3f:8d:4c:58:d8:63 was issued on by Entrust, Inc..
With 48 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Shared Services Canada
Organization:
Shared Services Canada
State / Province:
Quebec
Locality: Gatineau
Country: CA
Locality: Gatineau
Country: CA
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 51:cc:bb:37:83:00:cb:38:06:3d:3f:8d:4c:58:d8:63Serial Number (int): 108730493426407607648795918997346900067
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: ad:dc:fc:d5:5f:b3:bf:86:3e:92:2d:d7:ae:46:d1:18:86:c7:80:0a
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 8d:ab:57:fd:84:d8:b6:c9:ef:df:0a:89:61:55:89:df:f0:12:57:ee
Fingerprint (sha256): 0d:10:73:c3:55:c7:7d:62:d1:7a:8f:73:12:3e:f7:9f:08:8e:28:bb:3b:cb:29:73:80:75:ad:8a:6d:d7:c1:be
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate cic.gc.ca
48
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cic.gc.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cic.gc.ca
www.cic.gc.ca
immigration.gc.ca
citizenship.gc.ca
citoyennete.gc.ca
servicesfornewcomers.cic.gc.ca
servicespourlesnouveauxarrivants.cic.gc.ca
ci.gc.ca
serendreaucanada.gc.ca
goingtocanada.gc.ca
cic.gslb.global.gc.ca
www.immigration.gc.ca
www.citizenship.gc.ca
www.citoyennete.gc.ca
www.servicesfornewcomers.cic.gc.ca
www.servicespourlesnouveauxarrivants.cic.gc.ca
www.ci.gc.ca
www.serendreaucanada.gc.ca
www.goingtocanada.gc.ca
www.cic.gslb.global.gc.ca
immigration.canada.ca
www.immigration.canada.ca
citizenship.canada.ca
www.citizenship.canada.ca
citoyennete.canada.ca
www.citoyennete.canada.ca
servicesfornewcomers.canada.ca
servicespourlesnouveauxarrivants.canada.ca
www.servicespourlesnouveauxarrivants.canada.ca
ircc.canada.ca
www.ircc.canada.ca
www.goingtocanada.canada.ca
serendreaucanada.canada.ca
www.serendreaucanada.canada.ca
refugees.canada.ca
www.refugees.canada.ca
refugies.canada.ca
www.refugies.canada.ca
settlement.canada.ca
www.settlement.canada.ca
etablissement.canada.ca
www.etablissement.canada.ca
passport.canada.ca
www.passport.canada.ca
passeport.canada.ca
www.passeport.canada.ca
www.servicesfornewcomers.canada.ca
goingtocanada.canada.ca
www.cic.gc.ca
immigration.gc.ca
citizenship.gc.ca
citoyennete.gc.ca
servicesfornewcomers.cic.gc.ca
servicespourlesnouveauxarrivants.cic.gc.ca
ci.gc.ca
serendreaucanada.gc.ca
goingtocanada.gc.ca
cic.gslb.global.gc.ca
www.immigration.gc.ca
www.citizenship.gc.ca
www.citoyennete.gc.ca
www.servicesfornewcomers.cic.gc.ca
www.servicespourlesnouveauxarrivants.cic.gc.ca
www.ci.gc.ca
www.serendreaucanada.gc.ca
www.goingtocanada.gc.ca
www.cic.gslb.global.gc.ca
immigration.canada.ca
www.immigration.canada.ca
citizenship.canada.ca
www.citizenship.canada.ca
citoyennete.canada.ca
www.citoyennete.canada.ca
servicesfornewcomers.canada.ca
servicespourlesnouveauxarrivants.canada.ca
www.servicespourlesnouveauxarrivants.canada.ca
ircc.canada.ca
www.ircc.canada.ca
www.goingtocanada.canada.ca
serendreaucanada.canada.ca
www.serendreaucanada.canada.ca
refugees.canada.ca
www.refugees.canada.ca
refugies.canada.ca
www.refugies.canada.ca
settlement.canada.ca
www.settlement.canada.ca
etablissement.canada.ca
www.etablissement.canada.ca
passport.canada.ca
www.passport.canada.ca
passeport.canada.ca
www.passeport.canada.ca
www.servicesfornewcomers.canada.ca
goingtocanada.canada.ca
Other certificates including the domain name cic.gc.ca
(limited to 100 certificates)
Secure.cic.gc.ca
remote.cic.gc.ca
refugee-refugie-development.apps.cic.gc.ca
refugee-refugie-staging.apps.cic.gc.ca
newgcs-nouveaussc.cic.gc.ca
cic.gc.ca
icare-iedec.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
portal-portail.apps.cic.gc.ca
prson-srpel-emergency-fix.apps.cic.gc.ca
refugee-refugie-system-test.apps.cic.gc.ca
gcmsjobbank-SYSTESTMEL.cic.gc.ca
eservices.cic.gc.ca
extern.cic.gc.ca
cic.gc.ca
*.cic.gc.ca
mobile.cic.gc.ca
services3.cic.gc.ca
pgp-sandbox.apps.cic.gc.ca
fpt.crp-cpr.apps.cic.gc.ca
ct-tc-pef.apps.cic.gc.ca
gcmsjobbank-PRD.cic.gc.ca
frs-stg.cic.gc.ca
gccic-psoft-gchrms-ig.cic.gc.ca
cicgatewaysigning-aus.cic.gc.ca
extern.cic.gc.ca
refugee-refugie-sandbox.apps.cic.gc.ca
frs-prd.cic.gc.ca
passport-passeport-dev.apps.cic.gc.ca
gccic-psoft-ig-gc89cert.cic.gc.ca
prt-srp.apps.cic.gc.ca
gcs-ssc.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
extern.cic.gc.ca
gcmsjobbank-STG.cic.gc.ca
citapply-citdemande.apps.cic.gc.ca
mobile.cic.gc.ca
pgp-development.apps.cic.gc.ca
ccps-stcc-trn.cic.gc.ca
sra-ads.cic.gc.ca
pgp-sandbox.apps.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
gcmssir-prd.cic.gc.ca
eservices.cic.gc.ca
extern.cic.gc.ca
refugee-refugie.apps.cic.gc.ca
portal-portail.apps.cic.gc.ca
gcmscasestatus-PRD.cic.gc.ca
*.ra.apps.cic.gc.ca
extern.cic.gc.ca
api.a2sc-csa2-dev.apps.cic.gc.ca
mobile.cic.gc.ca
*.infra.apps.cic.gc.ca
tempo-pef.cic.gc.ca
gcmsjobbank-STG.cic.gc.ca
citapply-citdemande-dev.apps.cic.gc.ca
cicgatewaysigning-aus.cic.gc.ca
esubmission-soumissionenligne.cic.gc.ca
icare-iedec-train.canada.ca
gcs-ssc-stg.cic.gc.ca
extern.cic.gc.ca
gcs-ssc.cic.gc.ca
refugee-refugie-emergency-fix.apps.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
CICPRCard.cic.gc.ca
extern.cic.gc.ca
pgp.cic.gc.ca
citapply-citdemande.apps.cic.gc.ca
services3.cic.gc.ca
gcs-ssc-sys.cic.gc.ca
frs-ste.cic.gc.ca
api.pgp-vt-ov-sandbox.apps.cic.gc.ca
tempo-trn.cic.gc.ca
MAIL.cic.gc.ca
icare-iedec-train.canada.ca
gcmsjobbank-PRD.cic.gc.ca
tempo-pte.cic.gc.ca
b.sra-ads.cic.gc.ca
specialmeasures-mesuresspeciales-emergency-fix.apps.cic.gc.ca
extern.cic.gc.ca
gcmsjobbank-PRD.cic.gc.ca
icare-iedec.cic.gc.ca
tempo-ste.cic.gc.ca
ra.apps.cic.gc.ca
a.sra-ads.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
thingate.cic.gc.ca
*.cic.gc.ca
gcs-ssc.cic.gc.ca
cicgateway-dev.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
icare-iedec.cic.gc.ca
NJES1S1106.CI.GC.CA
gcmsPIL005-SYSTESTMEL.cic.gc.ca
frs-ste.cic.gc.ca
cic.gc.ca
gcs-ssc.cic.gc.ca
icare-iedec.cic.gc.ca
dmp-portal.cic.gc.ca
gcs-ssc.cic.gc.ca
remote.cic.gc.ca
refugee-refugie-development.apps.cic.gc.ca
refugee-refugie-staging.apps.cic.gc.ca
newgcs-nouveaussc.cic.gc.ca
cic.gc.ca
icare-iedec.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
portal-portail.apps.cic.gc.ca
prson-srpel-emergency-fix.apps.cic.gc.ca
refugee-refugie-system-test.apps.cic.gc.ca
gcmsjobbank-SYSTESTMEL.cic.gc.ca
eservices.cic.gc.ca
extern.cic.gc.ca
cic.gc.ca
*.cic.gc.ca
mobile.cic.gc.ca
services3.cic.gc.ca
pgp-sandbox.apps.cic.gc.ca
fpt.crp-cpr.apps.cic.gc.ca
ct-tc-pef.apps.cic.gc.ca
gcmsjobbank-PRD.cic.gc.ca
frs-stg.cic.gc.ca
gccic-psoft-gchrms-ig.cic.gc.ca
cicgatewaysigning-aus.cic.gc.ca
extern.cic.gc.ca
refugee-refugie-sandbox.apps.cic.gc.ca
frs-prd.cic.gc.ca
passport-passeport-dev.apps.cic.gc.ca
gccic-psoft-ig-gc89cert.cic.gc.ca
prt-srp.apps.cic.gc.ca
gcs-ssc.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
extern.cic.gc.ca
gcmsjobbank-STG.cic.gc.ca
citapply-citdemande.apps.cic.gc.ca
mobile.cic.gc.ca
pgp-development.apps.cic.gc.ca
ccps-stcc-trn.cic.gc.ca
sra-ads.cic.gc.ca
pgp-sandbox.apps.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
gcmssir-prd.cic.gc.ca
eservices.cic.gc.ca
extern.cic.gc.ca
refugee-refugie.apps.cic.gc.ca
portal-portail.apps.cic.gc.ca
gcmscasestatus-PRD.cic.gc.ca
*.ra.apps.cic.gc.ca
extern.cic.gc.ca
api.a2sc-csa2-dev.apps.cic.gc.ca
mobile.cic.gc.ca
*.infra.apps.cic.gc.ca
tempo-pef.cic.gc.ca
gcmsjobbank-STG.cic.gc.ca
citapply-citdemande-dev.apps.cic.gc.ca
cicgatewaysigning-aus.cic.gc.ca
esubmission-soumissionenligne.cic.gc.ca
icare-iedec-train.canada.ca
gcs-ssc-stg.cic.gc.ca
extern.cic.gc.ca
gcs-ssc.cic.gc.ca
refugee-refugie-emergency-fix.apps.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
CICPRCard.cic.gc.ca
extern.cic.gc.ca
pgp.cic.gc.ca
citapply-citdemande.apps.cic.gc.ca
services3.cic.gc.ca
gcs-ssc-sys.cic.gc.ca
frs-ste.cic.gc.ca
api.pgp-vt-ov-sandbox.apps.cic.gc.ca
tempo-trn.cic.gc.ca
MAIL.cic.gc.ca
icare-iedec-train.canada.ca
gcmsjobbank-PRD.cic.gc.ca
tempo-pte.cic.gc.ca
b.sra-ads.cic.gc.ca
specialmeasures-mesuresspeciales-emergency-fix.apps.cic.gc.ca
extern.cic.gc.ca
gcmsjobbank-PRD.cic.gc.ca
icare-iedec.cic.gc.ca
tempo-ste.cic.gc.ca
ra.apps.cic.gc.ca
a.sra-ads.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
thingate.cic.gc.ca
*.cic.gc.ca
gcs-ssc.cic.gc.ca
cicgateway-dev.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
icare-iedec.cic.gc.ca
NJES1S1106.CI.GC.CA
gcmsPIL005-SYSTESTMEL.cic.gc.ca
frs-ste.cic.gc.ca
cic.gc.ca
gcs-ssc.cic.gc.ca
icare-iedec.cic.gc.ca
dmp-portal.cic.gc.ca
gcs-ssc.cic.gc.ca
Certificate
The complete raw certificate details for cic.gc.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJ0DCCCLigAwIBAgIQUcy7N4MAyzgGPT+NTFjYYzANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y NDA1MDExNDU1MjBaFw0yNTA1MzAxNDU1MTlaMGYxCzAJBgNVBAYTAkNBMQ8wDQYD VQQIEwZRdWViZWMxETAPBgNVBAcTCEdhdGluZWF1MR8wHQYDVQQKExZTaGFyZWQg U2VydmljZXMgQ2FuYWRhMRIwEAYDVQQDEwljaWMuZ2MuY2EwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDAzgaZ4ojM6VOcACu3FeODsF9uoiC/tmFq58vM t8daE/snKtezL1L2S3d94BcliCkhH5JaBBQOhrNrfeVMSiWh67oSRxRE1/lkYpEH SV8MuRUzV/vJ/Y06FUTqgI42v7XHW/9/RIBDyBP0gP4VdnWWsXt45X+4ru16VRt4 PlX73qT5bJcx2rrV35F+sZVKUQKEat6da2d6N/kMySEIQRaWkfNzt2EeL4QDiGLi 97zJ4FEvw83hfxm8Tu5IWS0jTNXy+tv9dHdk4I+lFvp5wXNUfkEyKdEP4YxK6kyH crC+GVtLc3l/Vi0vt+I4EWUXgeKXfIL3sLNVJTvOFOWuzBTpAgMBAAGjggYjMIIG HzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSt3PzVX7O/hj6SLdeuRtEYhseACjAf BgNVHSMEGDAWgBSConB03bxTP8971PfNf6dgxgpMvzBoBggrBgEFBQcBAQRcMFow IwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDMGCCsGAQUFBzAC hidodHRwOi8vYWlhLmVudHJ1c3QubmV0L2wxay1jaGFpbjI1Ni5jZXIwMwYDVR0f BCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNybDCC BNUGA1UdEQSCBMwwggTIggljaWMuZ2MuY2GCDXd3dy5jaWMuZ2MuY2GCEWltbWln cmF0aW9uLmdjLmNhghFjaXRpemVuc2hpcC5nYy5jYYIRY2l0b3llbm5ldGUuZ2Mu Y2GCHnNlcnZpY2VzZm9ybmV3Y29tZXJzLmNpYy5nYy5jYYIqc2VydmljZXNwb3Vy bGVzbm91dmVhdXhhcnJpdmFudHMuY2ljLmdjLmNhgghjaS5nYy5jYYIWc2VyZW5k cmVhdWNhbmFkYS5nYy5jYYITZ29pbmd0b2NhbmFkYS5nYy5jYYIVY2ljLmdzbGIu Z2xvYmFsLmdjLmNhghV3d3cuaW1taWdyYXRpb24uZ2MuY2GCFXd3dy5jaXRpemVu c2hpcC5nYy5jYYIVd3d3LmNpdG95ZW5uZXRlLmdjLmNhgiJ3d3cuc2VydmljZXNm b3JuZXdjb21lcnMuY2ljLmdjLmNhgi53d3cuc2VydmljZXNwb3VybGVzbm91dmVh dXhhcnJpdmFudHMuY2ljLmdjLmNhggx3d3cuY2kuZ2MuY2GCGnd3dy5zZXJlbmRy ZWF1Y2FuYWRhLmdjLmNhghd3d3cuZ29pbmd0b2NhbmFkYS5nYy5jYYIZd3d3LmNp Yy5nc2xiLmdsb2JhbC5nYy5jYYIVaW1taWdyYXRpb24uY2FuYWRhLmNhghl3d3cu aW1taWdyYXRpb24uY2FuYWRhLmNhghVjaXRpemVuc2hpcC5jYW5hZGEuY2GCGXd3 dy5jaXRpemVuc2hpcC5jYW5hZGEuY2GCFWNpdG95ZW5uZXRlLmNhbmFkYS5jYYIZ d3d3LmNpdG95ZW5uZXRlLmNhbmFkYS5jYYIec2VydmljZXNmb3JuZXdjb21lcnMu Y2FuYWRhLmNhgipzZXJ2aWNlc3BvdXJsZXNub3V2ZWF1eGFycml2YW50cy5jYW5h ZGEuY2GCLnd3dy5zZXJ2aWNlc3BvdXJsZXNub3V2ZWF1eGFycml2YW50cy5jYW5h ZGEuY2GCDmlyY2MuY2FuYWRhLmNhghJ3d3cuaXJjYy5jYW5hZGEuY2GCG3d3dy5n b2luZ3RvY2FuYWRhLmNhbmFkYS5jYYIac2VyZW5kcmVhdWNhbmFkYS5jYW5hZGEu Y2GCHnd3dy5zZXJlbmRyZWF1Y2FuYWRhLmNhbmFkYS5jYYIScmVmdWdlZXMuY2Fu YWRhLmNhghZ3d3cucmVmdWdlZXMuY2FuYWRhLmNhghJyZWZ1Z2llcy5jYW5hZGEu Y2GCFnd3dy5yZWZ1Z2llcy5jYW5hZGEuY2GCFHNldHRsZW1lbnQuY2FuYWRhLmNh ghh3d3cuc2V0dGxlbWVudC5jYW5hZGEuY2GCF2V0YWJsaXNzZW1lbnQuY2FuYWRh LmNhght3d3cuZXRhYmxpc3NlbWVudC5jYW5hZGEuY2GCEnBhc3Nwb3J0LmNhbmFk YS5jYYIWd3d3LnBhc3Nwb3J0LmNhbmFkYS5jYYITcGFzc2Vwb3J0LmNhbmFkYS5j YYIXd3d3LnBhc3NlcG9ydC5jYW5hZGEuY2GCInd3dy5zZXJ2aWNlc2Zvcm5ld2Nv bWVycy5jYW5hZGEuY2GCF2dvaW5ndG9jYW5hZGEuY2FuYWRhLmNhMA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEwYDVR0gBAww CjAIBgZngQwBAgIwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQAD ggEBAHEKG+OKOPr7vZ8EkKnznmYC47cYxODbv0c30cRWoDgehHmhymuGqcXZrfWg wR+//C/EmTMvXGM1duJk+imDDS/Y/ha5+DxtI83xWQqXLL9IbFupRla9/WxU1x2a 7TKhVjlIwajpH1CHkIjGGHJAdmIEpeRyE0lfSyGUKOxVeG49mzLTdLEGW5gUhmq3 x02iTUwlEFQifLC8A6TlFIVw3Oi3fRgVRfO6kqWJ7L4TB7mfqL8Ef9AACkR6rcLf 5lxbcjOaBZkmus53RJ18+SowZjJvYWCL6tcx0IaMgzgtXn7KdMXcdr3nlQQne+xI uaG9Y0sl09kGF4OgczbJOzyKBOo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM4GmeKIzOlTnAArtxXj g7BfbqIgv7ZhaufLzLfHWhP7JyrXsy9S9kt3feAXJYgpIR+SWgQUDoaza33lTEol oeu6EkcURNf5ZGKRB0lfDLkVM1f7yf2NOhVE6oCONr+1x1v/f0SAQ8gT9ID+FXZ1 lrF7eOV/uK7telUbeD5V+96k+WyXMdq61d+RfrGVSlEChGrenWtnejf5DMkhCEEW lpHzc7dhHi+EA4hi4ve8yeBRL8PN4X8ZvE7uSFktI0zV8vrb/XR3ZOCPpRb6ecFz VH5BMinRD+GMSupMh3KwvhlbS3N5f1YtL7fiOBFlF4Hil3yC97CzVSU7zhTlrswU 6QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 108730493426407607648795918997346900067 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-01 14:55:20 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-30 14:55:19 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Quebec' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gatineau' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Shared Services Canada' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cic.gc.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24339349654862531365468508474755560075822873555541193637343995842427162508374210684386845915036383152157536716623227679282053792402506696310271061314837339819411590691488154753452133164200336827306016948740768570238354835246045052826035701979927580350327506216699336203291085840133268300989235342446915465293743247319294218447206413456508616655326343167487692460568513695195301988973983723524819374410524925328425591901228326749651024917817835147574594452798155113508329665897594367681205816125944907292504533510199572730712277919580166253062341250071650193755728084201380866551677312223726657457876040329298782721257 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) addcfcd55fb3bf863e922dd7ae46d11886c7800a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1228 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cic.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cic.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'immigration.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citizenship.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citoyennete.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'servicesfornewcomers.cic.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'servicespourlesnouveauxarrivants.cic.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'serendreaucanada.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'goingtocanada.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cic.gslb.global.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.immigration.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citizenship.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citoyennete.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.servicesfornewcomers.cic.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.servicespourlesnouveauxarrivants.cic.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ci.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.serendreaucanada.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.goingtocanada.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cic.gslb.global.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'immigration.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.immigration.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citizenship.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citizenship.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citoyennete.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citoyennete.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'servicesfornewcomers.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'servicespourlesnouveauxarrivants.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.servicespourlesnouveauxarrivants.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ircc.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ircc.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.goingtocanada.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'serendreaucanada.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.serendreaucanada.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'refugees.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.refugees.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'refugies.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.refugies.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'settlement.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.settlement.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'etablissement.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.etablissement.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'passport.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.passport.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'passeport.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.passeport.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.servicesfornewcomers.canada.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'goingtocanada.canada.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00710a1be38a38fafbbd9f0490a9f39e6602e3b718c4e0dbbf4737d1c456a0381e8479a1ca6b86a9c5d9adf5a0c11fbffc2fc499332f5c633576e264fa29830d2fd8fe16b9f83c6d23cdf1590a972cbf486c5ba94656bdfd6c54d71d9aed32a1563948c1a8e91f50879088c6187240766204a5e47213495f4b219428ec55786e3d9b32d374b1065b9814866ab7c74da24d4c251054227cb0bc03a4e5148570dce8b77d181545f3ba92a589ecbe1307b99fa8bf047fd0000a447aadc2dfe65c5b72339a059926bace77449d7cf92a3066326f61608bead731d0868c83382d5e7eca74c5dc76bde79504277bec48b9a1bd634b25d3d9061783a07336c93b3c8a04ea