secure.unittrusts.oldmutual.co.za

- Old Mutual Life Assurance Company (South Africa) Ltd -

Issued by Entrust Certification Authority - L1M

About this certificate

This digital certificate with serial number f3:5f:2e:d5:66:17:c8:30:00:00:00:00:54:d0:2a:c5 was issued on by Entrust, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Old Mutual Life Assurance Company (South Africa) Ltd

Company registration number: 1999/004643/06
Organization: Old Mutual Life Assurance Company (South Africa) Ltd
State / Province: Western Cape
Locality: Cape Town
Country: ZA

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): f3:5f:2e:d5:66:17:c8:30:00:00:00:00:54:d0:2a:c5
Serial Number (int): 323496621075331970909847544747290274501
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: fa:ca:71:6a:86:2f:25:26:3f:75:22:67:d4:21:4a:b9:88:c6:7f:7c
AuthorityKeyId: c3:f7:d0:b5:2a:30:ad:af:0d:91:21:70:39:54:dd:bc:89:70:c7:3a

Fingerprint (sha1): 95:ef:2d:f7:42:94:b9:e2:39:37:b3:42:a9:0b:a4:cf:37:79:ff:e7
Fingerprint (sha256): 0f:8d:24:3f:54:c2:be:49:21:ef:5a:c7:a6:a6:1f:1a:95:38:e0:09:5f:20:24:d5:66:3b:05:b9:4f:20:e1:b9

Issuing Certificate URL: http://aia.entrust.net/l1m-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1m.crl

Check the revocation status for certificate secure.unittrusts.oldmutual.co.za

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for secure.unittrusts.oldmutual.co.za

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

secure.unittrusts.oldmutual.co.za

Other certificates including the domain name oldmutual.co.za

(limited to 100 certificates)
unai-test.nonprod.my.oldmutual.co.za
secure.finrisc.oldmutual.co.za
static-dev.nonprod.my.oldmutual.co.za
*.extranet.oldmutual.co.za
secure.mycorporatebusiness.oldmutual.co.za
static-dev.nonprod.my.oldmutual.co.za
momapi.dev.digital.oldmutual.co.za
secure.rfa.oldmutual.co.za
secure.fsa.oldmutual.co.za
secure.gsservice.oldmutual.co.za
*.demo.nonprod.my.oldmutual.co.za
www.sander-catering.cateringportal.io
nomtxt.com
npw-auto-test-qa.nonprod.digitalplatform.oldmutual.co.za
secure.cis.oldmutual.co.za
*.extranet.oldmutual.co.za
*.nonprod.my.oldmutual.co.za
pdrest.oldmutual.co.za
unai-test-east.nonprod.my.oldmutual.co.za
unai-test.nonprod.my.oldmutual.co.za
am.pp.oldmutual.co.za
secure.eb.oldmutual.co.za
secure.dcc.oldmutual.co.za
secure.fc.oldmutual.co.za
secure.channelbiuportal.oldmutual.co.za
dev.contrastpharma.com
secure.omkonecttraining.oldmutual.co.za
unai-test.nonprod.my.oldmutual.co.za
secure.eb.oldmutual.co.za
secure.myclient.oldmutual.co.za
pizza.notprometey.pro
*.extranet.oldmutual.co.za
vacancies.oldmutual.co.za
sts.oldmutual.co.za
my.qa.oldmutual.co.za
secure.dcc.oldmutual.co.za
sso.dev.oldmutual.co.za
secure.adviserweb.training.oldmutual.co.za
secure.productsolutions.oldmutual.co.za
secure.adviserweb.pp.oldmutual.co.za
secure.rewards.oldmutual.co.za
secure.myportfolio.oldmutual.co.za
secure.fc.oldmutual.co.za
sftpweb.oldmutual.co.za
secure.myportfolio.oldmutual.co.za
secure.dcc.oldmutual.co.za
www.nanoelectricim.com
secure.rumba.oldmutual.co.za
iopservices.oldmutual.co.za
secure.omkonect.training.oldmutual.co.za
secure.omkonect.oldmutual.co.za
secure.omem.oldmutual.co.za
rms.oldmutual.co.za
static.my.oldmutual.co.za
api.p1l.oldmutual.co.za
secure.omkonect.oldmutual.co.za
secure.pfmisportal.pp.oldmutual.co.za
secure.finrisc.oldmutual.co.za
iwyze.oldmutual.co.za
unai-test-dev.nonprod.my.oldmutual.co.za
secure.rocs.oldmutual.co.za
frontoffice.oldmutual.co.za
roombooking.oldmutual.co.za
momapi.digital.oldmutual.co.za
Secure.mycorporatebusiness.qa.oldmutual.co.za
secure.fsa.oldmutual.co.za
secure.unittrusts.oldmutual.co.za
secure.gateway.oldmutual.co.za
secsftp.oldmutual.co.za
secure.unittrusts.oldmutual.co.za
secure.omem.oldmutual.co.za
secure.rafpfops.oldmutual.co.za
secure.isc.oldmutual.co.za
secure.omkonecttraining.oldmutual.co.za
secure.rocs.oldmutual.co.za
*.crm.oldmutual.co.za
secure.hrms.oldmutual.co.za
api.magnify.qa.oldmutual.co.za
sftp.oldmutual.co.za
secure.finrisc.oldmutual.co.za
calculators.nonprod.my.oldmutual.co.za
secure.productsolutions.oldmutual.co.za
secure.isc.oldmutual.co.za
secure.fc.oldmutual.co.za
secure.mfc.oldmutual.co.za
new-public-web-qa.nonprod.digitalplatform.oldmutual.co.za
portal.oldmutual.co.za
new-public-web-anch.digitalplatform.oldmutual.co.za
secure.mfc.oldmutual.co.za
secure.omut.oldmutual.co.za
secure.mfc.oldmutual.co.za
test.oldmutual.co.za
opensearch.digital.oldmutual.co.za
secure.adviserweb.oldmutual.co.za
iopservices.oldmutual.co.za
Secure.omwealth.oldmutual.co.za
secure.myservice.oldmutual.co.za
assets-qa.nonprod.my.oldmutual.co.za
*.nonprod.my.oldmutual.co.za
api.mfcwizzit.qa.oldmutual.co.za

Certificate

The complete raw certificate details for secure.unittrusts.oldmutual.co.za in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHUzCCBjugAwIBAgIRAPNfLtVmF8gwAAAAAFTQKsUwDQYJKoZIhvcNAQELBQAw
gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL
Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg
MjAxNCBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs
BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMU0wHhcN
MTkwODIwMTAwMDMwWhcNMjAwODMxMTAzMDI5WjCB8DELMAkGA1UEBhMCWkExFTAT
BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRMwEQYLKwYB
BAGCNzwCAQMTAlpBMT0wOwYDVQQKEzRPbGQgTXV0dWFsIExpZmUgQXNzdXJhbmNl
IENvbXBhbnkgKFNvdXRoIEFmcmljYSkgTHRkMR0wGwYDVQQPExRQcml2YXRlIE9y
Z2FuaXphdGlvbjEXMBUGA1UEBRMOMTk5OS8wMDQ2NDMvMDYxKjAoBgNVBAMTIXNl
Y3VyZS51bml0dHJ1c3RzLm9sZG11dHVhbC5jby56YTCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAMvCdqV+ABdHFgmnkpHZXCzYVtaeXMZnQfniPF4O3f3F
MWGCR0YwwSWRiSZbIAESuIxhCXo/UHoHHv4y4zY0KjHrrcYpkb2KMM0oGIxJxP1k
2/6faWXGcs0mONCdCJH1YiN+0tz3FsyxU/NwwBreM9PoAiXNJMttgSEzoikzhVIC
VGdSE74LAViBb7NFV78TXpwHOoNHttiMBKZB/8WDoNJZ2U7TQKz2yNAGLjCWr83B
Lwe9e7RzmiBmc0x9T9G8s6b6dA2FOIkiRT0kRoyZ1d5PfdrXon+sgI82XkSCBr8i
E9HhlQngdYsAfDMv9373xaNtFPsfi37KISYct965vZsCAwEAAaOCAxowggMWMCwG
A1UdEQQlMCOCIXNlY3VyZS51bml0dHJ1c3RzLm9sZG11dHVhbC5jby56YTCCAX8G
CisGAQQB1nkCBAIEggFvBIIBawFpAHYAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgX
L6OqHQcT0wwAAAFsrpQEowAABAMARzBFAiEAo5fpDQ148UDaoejzdk+vDgyhWeDE
Hg1Sq/rYafnIluICIAY6ExWhIIaaA7zTFMfz5MDRYZIytNhfQ/+8NTUHHIptAHYA
Xqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFsrpQEiQAABAMARzBF
AiBE2E0kLuWoJ6dAwSAoxENbMQNly4F2kMijVFJQ4DT7cQIhAJ/pASE+l6nJu6CS
CEth7oxIebpGE9vtG8yw8LXSB055AHcAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUuga
kJZkNo4e0YUAAAFsrpQEyAAABAMASDBGAiEA+2DczfyEi3wAGGN6liSc6c9Pyyht
+u+wqy0MgaZ3RRQCIQCb0CXEUoNF2H/3iYW8m+5DaI7e0reY6l8zOI6+78dlEzAO
BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGgG
CCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5u
ZXQwMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFtLWNoYWlu
MjU2LmNlcjAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0
L2xldmVsMW0uY3JsMEoGA1UdIARDMEEwNgYKYIZIAYb6bAoBAjAoMCYGCCsGAQUF
BwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0L3JwYTAHBgVngQwBATAfBgNVHSME
GDAWgBTD99C1KjCtrw2RIXA5VN28iXDHOjAdBgNVHQ4EFgQU+spxaoYvJSY/dSJn
1CFKuYjGf3wwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAZO8tn3CMdXuJ
4sCfkyusaRCM/G1miRq9IViaZF4a4XYf2aFwnVfFR/G3IeTj5Oqpk/yINZcfp43N
lJWph6TixkwxEVyMff4CpvgFBHQilwLDnZDl7TugjxvkoqV9ws/YJOKU/JSzj9PG
9pHBy0h+69lajRdo5dgOyZBgsnE7oQ/mVmqJSTosTCAkqb+wscbvKjFYsOE9wtBN
MsDC7hv8LtaF4g+j+3PWnDYwmle9y1Mfx/gr05Hov5aJJXtY9XsKeDrmLTmMEk2S
Fn/GaGttWizo9AWZfgg2u/oJR3N29i0G1UKQufaDx7ial0/qu0AAUxwxuuKlntzR
UBhZxzCUCQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8J2pX4AF0cWCaeSkdlc
LNhW1p5cxmdB+eI8Xg7d/cUxYYJHRjDBJZGJJlsgARK4jGEJej9Qegce/jLjNjQq
MeutximRvYowzSgYjEnE/WTb/p9pZcZyzSY40J0IkfViI37S3PcWzLFT83DAGt4z
0+gCJc0ky22BITOiKTOFUgJUZ1ITvgsBWIFvs0VXvxNenAc6g0e22IwEpkH/xYOg
0lnZTtNArPbI0AYuMJavzcEvB717tHOaIGZzTH1P0byzpvp0DYU4iSJFPSRGjJnV
3k992teif6yAjzZeRIIGvyIT0eGVCeB1iwB8My/3fvfFo20U+x+LfsohJhy33rm9
mwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 323496621075331970909847544747290274501
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2014 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1M'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-20 10:00:30 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-31 10:30:29 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ZA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Western Cape'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cape Town'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ZA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Old Mutual Life Assurance Company (South Africa) Ltd'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1999/004643/06'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'secure.unittrusts.oldmutual.co.za'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25722269415572366968168905764915530877083900596017773284798558503751390189534345924223077714693585763274046754107557747269288291871207315539380215299564026792053878037854913649766408400983988028263428361759251790517710233848590057697556746624575701060584861572961349204539226707078844572816700965392547549361992618119121882169644425036267872807800474435641930762129916295766206120461343593333838235950461963386289146924024751519543253292760186592567967148188195888727687850667669550870735022394219462236848719179403383333126698538967693094587698824543982622998322724960170777628367910892773343137406629231718448086427
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (37 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.unittrusts.oldmutual.co.za'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							01690076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016cae9404a30000040300473045022100a397e90d0d78f140daa1e8f3764faf0e0ca159e0c41e0d52abfad869f9c896e20220063a1315a120869a03bcd314c7f3e4c0d1619232b4d85f43ffbc3535071c8a6d0076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016cae9404890000040300473045022044d84d242ee5a827a740c12028c4435b310365cb817690c8a3545250e034fb710221009fe901213e97a9c9bba092084b61ee8c4879ba4613dbed1bccb0f0b5d2074e79007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016cae9404c80000040300483046022100fb60dccdfc848b7c0018637a96249ce9cf4fcb286dfaefb0ab2d0c81a67745140221009bd025c4528345d87ff78985bc9bee43688eded2b798ea5f33388ebeefc76513
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1m-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1m.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.2 (Entrust EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c3f7d0b52a30adaf0d9121703954ddbc8970c73a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							faca716a862f25263f752267d4214ab988c67f7c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0064ef2d9f708c757b89e2c09f932bac69108cfc6d66891abd21589a645e1ae1761fd9a1709d57c547f1b721e4e3e4eaa993fc8835971fa78dcd9495a987a4e2c64c31115c8c7dfe02a6f8050474229702c39d90e5ed3ba08f1be4a2a57dc2cfd824e294fc94b38fd3c6f691c1cb487eebd95a8d1768e5d80ec99060b2713ba10fe6566a89493a2c4c2024a9bfb0b1c6ef2a3158b0e13dc2d04d32c0c2ee1bfc2ed685e20fa3fb73d69c36309a57bdcb531fc7f82bd391e8bf9689257b58f57b0a783ae62d398c124d92167fc6686b6d5a2ce8f405997e0836bbfa09477376f62d06d54290b9f683c7b89a974feabb4000531c31bae2a59edcd1501859c7309409