voroa1.op-palvelut.fi

- OP Osuuskunta -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 27:ea:04:bb:2c:bb:29:bd:00:00:00:00:50:ee:e5:b2 was issued on by Entrust, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

OP Osuuskunta

Organization: OP Osuuskunta
Locality: Helsinki
Country: FI

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 27:ea:04:bb:2c:bb:29:bd:00:00:00:00:50:ee:e5:b2
Serial Number (int): 53054985259657280146304983541172069810
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: d4:64:8c:02:57:81:dd:bc:15:f7:64:74:66:5b:22:ae:73:ae:75:58
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): 1c:4a:d1:a2:bf:29:9a:33:45:e0:31:fa:36:ca:71:04:09:d4:8a:b3
Fingerprint (sha256): 0e:f0:c7:fd:37:c5:95:d6:b7:1b:41:20:c1:4f:ac:63:c3:47:1c:2a:dd:c7:22:ed:11:2e:f7:54:43:52:c6:99

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate voroa1.op-palvelut.fi

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for voroa1.op-palvelut.fi

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

voroa1.op-palvelut.fi
www.voroa1.op-palvelut.fi

Other certificates including the domain name op-palvelut.fi

(limited to 100 certificates)
opbstpsdlv.op-palvelut.fi
palhavr.aws.op-palvelut.fi
remote.op-palvelut.fi
opla.tuot.op-palvelut.fi
scl.internal.aws.op-palvelut.fi
*.bravo.internal.aws.op-palvelut.fi
aviatrixctrl.internal.aws.op-palvelut.fi
opabacsr4.op-palvelut.fi
palhavr.internal.aws.op-palvelut.fi
*.vhahpral.internal.aws.op-palvelut.fi
verkkomaksu.op.fi
*.devops-coe.aws.op-palvelut.fi
opftp906.op-palvelut.fi
voroa1.op-palvelut.fi
*.aws.tuot.op-palvelut.fi
extlyncfarm.lync.op-palvelut.fi
aviatrixctrl.internal.aws.op-palvelut.fi
splunk.tuot.op-palvelut.fi
ldap-isam.op-palvelut.fi
aviatrixctrl.internal.aws.op-palvelut.fi
*.markets-analytics.internal.aws.op-palvelut.fi
subscriptionmanagement.op-palvelut.fi
opvaasrtcmsr2.op-palvelut.fi
portlet.viu.internal.aws.op-palvelut.fi
intraidp.op-palvelut.fi
*.vhahmyty.internal.aws.op-palvelut.fi
*.prod-qa.ccc.internal.aws.op-palvelut.fi
*.devops-coe.aws.op-palvelut.fi
*.markets-quants.aws.op-palvelut.fi
*.markets-quants.aws.op-palvelut.fi
m-request.op-palvelut.fi
vhplvsmjci.hec.tuot.op-palvelut.fi
verkkomaksu.op.fi
aviatrixctrl.internal.aws.op-palvelut.fi
resys.nl-pint.aws.op-palvelut.fi
aviatrixctrl.internal.aws.op-palvelut.fi
nolio-test.op-palvelut.fi
*.nl-aa-claims.internal.aws.op-palvelut.fi
*.cdc.internal.aws.op-palvelut.fi
*.acs-preprod.internal.aws.op-palvelut.fi
opmh.op-palvelut.fi
m-request.op-palvelut.fi
ext-ydin.op-palvelut.fi
*.datahub.internal.aws.op-palvelut.fi
*.global.kubelb.op-palvelut.fi
opla.tuot.op-palvelut.fi
nolio.op-palvelut.fi
*.ccc.internal.aws.op-palvelut.fi
view21rds.tuot.op-palvelut.fi
psd2-sandbox.aws.op-palvelut.fi
tcsopcloud.tuot.op-palvelut.fi
voroa1.op-palvelut.fi
aviatrixctrl.internal.aws.op-palvelut.fi
nolio-test.op-palvelut.fi
*.datahub.internal.aws.op-palvelut.fi
aviatrixctrl.internal.aws.op-palvelut.fi
aviatrixctrl.internal.aws.op-palvelut.fi
aviatrixctrl.internal.aws.op-palvelut.fi
opsccmcmg.op-palvelut.fi
op8021xnac2.op-palvelut.fi
vhplvws5wd01.hec.tuot.op-palvelut.fi
subscriptionmanagement.op-palvelut.fi
*.sya.internal.aws.op-palvelut.fi
*.markets-quants.internal.aws.op-palvelut.fi
vhplvow2wd01.hec.tuot.op-palvelut.fi
arekps.op-palvelut.fi
geotrust-admin.dk-common.aws.op-palvelut.fi
*.prod.creditengine.internal.aws.op-palvelut.fi
hallinta.op-kulku.fi
*.finanssialy-services.internal.aws.op-palvelut.fi
baw-common.op-palvelut.fi
aviatrixctrl.internal.aws.op-palvelut.fi
www.kontaktiarchive.internal.aws.op-palvelut.fi
ldap-isam.op-palvelut.fi
mapi.internal.aws.op-palvelut.fi
opvirtdesk.op-palvelut.fi
cmg.prod.op-palvelut.fi
*.nl-aa-claims-pre.internal.aws.op-palvelut.fi
*.datahub.internal.aws.op-palvelut.fi
opmb.aws.op-palvelut.fi
*.nl-web-cc-person.internal.aws.op-palvelut.fi
*.prod.nl-web-event-stream.internal.aws.op-palvelut.fi
*.vhahpral.internal.aws.op-palvelut.fi
api-nc.op-kassa.fi
7OGBLPIAMAP.op-palvelut.fi
api.kortteli.aws.op-palvelut.fi
pa-commpool.op-palvelut.fi
*.datahub.internal.aws.op-palvelut.fi
*.sanelmapreprod.internal.aws.op-palvelut.fi
*.sya.internal.aws.op-palvelut.fi
sapfin.hec.tuot.op-palvelut.fi
*.aviatrixctrl.internal.aws.op-palvelut.fi
*.digiaspa.tuot.op-palvelut.fi
*.viu.aws.op-palvelut.fi
*.nl-aa-claims.internal.aws.op-palvelut.fi
ucc.lync.op-palvelut.fi
opsctinsthgsr1.op-palvelut.fi
mobilepilot.op-palvelut.fi
vhplvws2wd01.hec.tuot.op-palvelut.fi
korttelisovellus.op-palvelut.fi

Certificate

The complete raw certificate details for voroa1.op-palvelut.fi in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIQJ+oEuyy7Kb0AAAAAUO7lsjANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0x
OTAzMTQwNzQxMzRaFw0yMTAzMTQwODExMzNaMFgxCzAJBgNVBAYTAkZJMREwDwYD
VQQHEwhIZWxzaW5raTEWMBQGA1UEChMNT1AgT3N1dXNrdW50YTEeMBwGA1UEAxMV
dm9yb2ExLm9wLXBhbHZlbHV0LmZpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArbuDiR0gt7e7LDBl4zktd2rST3dl2b2X2l+b5CA2KJcn8O/1Rm0Ux1/D
0oLizZmMu3ca7FP/mxzS5JJ2QBmVNxwbttOVsUIoxBVixXVFc2QRruN2iM7SbPki
hZE7AEmOWioNVsOqioS4uZb9Cz7El0G0XANYHzxvLZJTGZRDN/lGlm1Ih7z/r5qg
poSjD5LkosEzsK5n7GamMxOnEsvq1xacpmAY9TUZ8Csse3IeA4yCqdhKp5YYGZVn
uDevCIR9Mw+phxPtP2pUNlO4PMyWxFsUR+cz9Cgvj0ggxR447aLvKduun5+vblUu
jQj6PapdKwC4TI1RBpUMZCbvsPEi9QIDAQABo4IBvDCCAbgwEwYKKwYBBAHWeQIE
AwEB/wQCBQAwOwYDVR0RBDQwMoIVdm9yb2ExLm9wLXBhbHZlbHV0LmZpghl3d3cu
dm9yb2ExLm9wLXBhbHZlbHV0LmZpMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2Ny
bC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNybDBLBgNVHSAERDBCMDYGCmCGSAGG+mwK
AQUwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwCAYG
Z4EMAQICMGgGCCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Au
ZW50cnVzdC5uZXQwMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQv
bDFrLWNoYWluMjU2LmNlcjAfBgNVHSMEGDAWgBSConB03bxTP8971PfNf6dgxgpM
vzAdBgNVHQ4EFgQU1GSMAleB3bwV92R0ZlsirnOudVgwCQYDVR0TBAIwADANBgkq
hkiG9w0BAQsFAAOCAQEAMUcN42WCWZ2yPdGGcZSV8B5lwEs7Uu3fh7J2pUKEULj/
6xKLeCiFerOtOuIBeEyUkGGhosHfGSHISfNwLNiqX9pU+RW/q05tKYqXmHda5tX9
kZnmD7jp/fBRPDB2QTVizgqBEyuTZ84bAYvKs4Z1vQChBgaSxJ17F68BkedgSKTR
y2jppuvIbS+BkGInfxHM8cf08PU/j6A+ZMgzC/Loz0lXs6tLKCa+nC7Ne2twrDCv
NmnWjTXD+C5zvuGJatQPCK6WOg0VSpX/qBtJKkJfsCUQ9T2Ch0XkM0wDYrvBCoSF
rQgFI/tyCQHnhCaBQcHdhD6PtEuxm/wygBk5dEpAMA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbuDiR0gt7e7LDBl4zkt
d2rST3dl2b2X2l+b5CA2KJcn8O/1Rm0Ux1/D0oLizZmMu3ca7FP/mxzS5JJ2QBmV
NxwbttOVsUIoxBVixXVFc2QRruN2iM7SbPkihZE7AEmOWioNVsOqioS4uZb9Cz7E
l0G0XANYHzxvLZJTGZRDN/lGlm1Ih7z/r5qgpoSjD5LkosEzsK5n7GamMxOnEsvq
1xacpmAY9TUZ8Csse3IeA4yCqdhKp5YYGZVnuDevCIR9Mw+phxPtP2pUNlO4PMyW
xFsUR+cz9Cgvj0ggxR447aLvKduun5+vblUujQj6PapdKwC4TI1RBpUMZCbvsPEi
9QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 53054985259657280146304983541172069810
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-14 07:41:34 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-14 08:11:33 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Helsinki'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'OP Osuuskunta'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'voroa1.op-palvelut.fi'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21931693265576671478765542334530780220729079155339557853803263913107188607230639336792996659713193066496207445483853381753401314030108760846759117977596332482618662407408061611696736048865894763352773487899482223550102028273729037598861827123518219698642461177817618316278916154273792869254697187701674529611683873508509602260076918099937947004680476903045291225380969699216928384086604204315932190522712414036050913139977310472609234597931220235954061342520083737078292254268361819599648769777390821390086636765644822678221866717825079399555960600634555622825696482047789898409998415685635756854369143960365578658549
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'voroa1.op-palvelut.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.voroa1.op-palvelut.fi'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d4648c025781ddbc15f76474665b22ae73ae7558
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0031470de36582599db23dd186719495f01e65c04b3b52eddf87b276a5428450b8ffeb128b7828857ab3ad3ae201784c949061a1a2c1df1921c849f3702cd8aa5fda54f915bfab4e6d298a9798775ae6d5fd9199e60fb8e9fdf0513c3076413562ce0a81132b9367ce1b018bcab38675bd00a1060692c49d7b17af0191e76048a4d1cb68e9a6ebc86d2f819062277f11ccf1c7f4f0f53f8fa03e64c8330bf2e8cf4957b3ab4b2826be9c2ecd7b6b70ac30af3669d68d35c3f82e73bee1896ad40f08ae963a0d154a95ffa81b492a425fb02510f53d828745e4334c0362bbc10a8485ad080523fb720901e784268141c1dd843e8fb44bb19bfc32801939744a4030