hmg-idp-edu-v3.rnp.br

- REDE NACIONAL DE ENSINO E PESQUISA - RNP -

Issued by ICPEdu

About this certificate

This digital certificate with serial number 29:f4:18:39:a0:d1:6a:3e:2a:33:27:65 was issued on by Rede Nacional de Ensino e Pesquisa - RNP.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

REDE NACIONAL DE ENSINO E PESQUISA - RNP

Organization: REDE NACIONAL DE ENSINO E PESQUISA - RNP
State / Province: RJ
Locality: Rio de Janeiro
Country: BR

Rede Nacional de Ensino e Pesquisa - RNP

Organization: Rede Nacional de Ensino e Pesquisa - RNP
Organization unit: Gerencia de Servicos (GSer)
State / Province: Rio de Janeiro
Locality: Rio de Janeiro
Country: BR

This certificate has expire since

Certificate Details

Serial Number (hex): 29:f4:18:39:a0:d1:6a:3e:2a:33:27:65
Serial Number (int): 12983977702509278540703410021
Serial Number lenght: 94 bits, 12 octets

SubjectKeyId: 40:a8:9f:67:33:2f:8c:0c:2a:74:80:26:25:96:fe:22:76:9c:30:8f
AuthorityKeyId: 95:f0:a4:84:1a:a7:5c:20:36:a6:c5:08:d7:65:42:02:e5:77:68:e3

Fingerprint (sha1): 31:82:fa:12:99:cb:1d:98:c2:9c:09:04:f3:01:1e:8d:7b:c1:0b:e6
Fingerprint (sha256): 0f:94:86:7e:7c:de:de:85:7e:7c:1f:dc:b9:ec:4b:91:0a:ee:f7:36:dd:c9:09:f6:9f:8d:58:26:d8:96:c7:f7

Issuing Certificate URL: http://secure.globalsign.com/cacert/icpedusha2g2.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/icpedusha2g2
CRL Distribution Point: http://crl.globalsign.com/gs/icpedusha2g2.crl

Check the revocation status for certificate hmg-idp-edu-v3.rnp.br

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for hmg-idp-edu-v3.rnp.br

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

hmg-idp-edu-v3.rnp.br

Other certificates including the domain name rnp.br

(limited to 100 certificates)
cert00047-azurecdn.akamaized.net
lcp-drm.prd.app.rnp.br
cert00047-azurecdn.akamaized.net
viaipe.rnp.br
*.pop-mt.rnp.br
homolog.perfil.rnp.br
marker-eduroam.rnp.br
*.dev.mconf.rnp.br
cert00047-azurecdn.akamaized.net
hipchat-pratico.rnp.br
hmg.splunk.rnp.br
atendimento.rnp.br
www.pop-pi.rnp.br
filesender.rnp.br
va05-cps.rnp.br
*.ebc.rnp.br
splunk.rnp.br
nuvem.esr.rnp.br
mp.mconf.rnp.br
p1.icpedu.rnp.br
*.pop-ba.rnp.br
*.cafe.rnp.br
viaipecoletor-rn.rnp.br
*.pop-pr.rnp.br
*.repositorio.rnp.br
cert00047-azurecdn.akamaized.net
*.fies.hmg.apps.rnp.br
portal-fibre.cafeexpresso.rnp.br
git.pop-pi.rnp.br
dados.rnp.br
*.curadoria-homolog.rnp.br
centreon-cdc-pe.rnp.br
*.pop-pe.rnp.br
appstarter-exemplo.tst.apps.rnp.br
*.intbr.loadtest.apps.rnp.br
*.cafeexpresso.rnp.br
flow.hmg-nasnuvens.rnp.br
*.pop-al.rnp.br
cert00047-azurecdn.akamaized.net
*.pop-ce.rnp.br
*.pop-mg.rnp.br
mconf.rnp.br
*.cipo.rnp.br
cert00047-azurecdn.akamaized.net
centreon-ac.rnp.br
portal.iguassu.rnp.br
*.nasnuvens.gsc-tst.rnp.br
cert00047-azurecdn.akamaized.net
api.ciencianaescola.dev.apps.kloud.rnp.br
redecinema.rnp.br
*.ceo.rnp.br
hmg-git.rnp.br
*.h.mconf.rnp.br
*.impactaclima-hmg.rnp.br
monitoramento-hml.rnp.br
mail.pop-pi.rnp.br
edge-ac-01.eduplay.rnp.br
*.pop-ac.rnp.br
intbr.tst.apps.rnp.br
atestoweb-api.hmg.apps.kloud.rnp.br
gti-df-senhasegura-01.rnp.br
api.cep.tst.apps.kloud.rnp.br
*.intbr.tst.apps.rnp.br
hmg-idp-edu-v3.rnp.br
idp.rnp.br
centreon-mg.rnp.br
plag.prd.apps.rnp.br
diplomadigital.rnp.br
integra.rnp.br
cert00047-azurecdn.akamaized.net
plataformafor.tst.apps.rnp.br
encsirts.rnp.br
cloud.pop-pi.rnp.br
cert00047-azurecdn.akamaized.net
viaipecoletor-am.rnp.br
centreon-rr.rnp.br
listas.rnp.br
*.pop-mg.rnp.br
ustore1.rnp.br
mail.pop-pi.rnp.br
*.nasnuvens.gsc-hmg.rnp.br
evault02.rnp.br
cert00047-azurecdn.akamaized.net
rocketchat.rnp.br
vcenter-infras-locais.rnp.br
cert00047-azurecdn.akamaized.net
cadvisor.prometheus.pop-mg.rnp.br
cert00047-azurecdn.akamaized.net
graylog.pop-ma.rnp.br
cert00047-azurecdn.akamaized.net
intbr.prd.apps.rnp.br
homolog-icd.rnp.br
ustore1.rnp.br
*.filesender.rnp.br
www.pop-pi.rnp.br
vcenter-np.rnp.br
cafeexpresso.rnp.br
ldap.pop-rj.rnp.br
cert00047-azurecdn.akamaized.net
cert00047-azurecdn.akamaized.net

Certificate

The complete raw certificate details for hmg-idp-edu-v3.rnp.br in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIMKfQYOaDRaj4qMydlMA0GCSqGSIb3DQEBCwUAMIGpMQsw
CQYDVQQGEwJCUjEXMBUGA1UECBMOUmlvIGRlIEphbmVpcm8xFzAVBgNVBAcTDlJp
byBkZSBKYW5laXJvMSQwIgYDVQQLExtHZXJlbmNpYSBkZSBTZXJ2aWNvcyAoR1Nl
cikxMTAvBgNVBAoTKFJlZGUgTmFjaW9uYWwgZGUgRW5zaW5vIGUgUGVzcXVpc2Eg
LSBSTlAxDzANBgNVBAMTBklDUEVkdTAeFw0xNzExMjQyMDI2MDJaFw0yMDExMjQy
MDI2MDJaMIGGMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp
byBkZSBKYW5laXJvMTEwLwYDVQQKEyhSRURFIE5BQ0lPTkFMIERFIEVOU0lOTyBF
IFBFU1FVSVNBIC0gUk5QMR4wHAYDVQQDExVobWctaWRwLWVkdS12My5ybnAuYnIw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB4kbVLyxsgH1JuSgBpmd/
y37tEuWWtt6Z5YScBpRQgnBfuKXjjbimTc0374m33HNQddS05BjcWo33zX7bzKSx
ckEs7VpfC7fVe7mva1qLwAW5OVQKCUAPn3QpLlIMPgzSW47AyMJCizYyEFZARfwd
rO6cG/Fe/4sHzKI39tajE9/p7hKpffQbZvNbnaepxMVcd5iGDd5ZtNse0wOmf55A
kK6EM10RuG0IVqcjw2z4PH6JmCOpztfpfY3M9RW2ABdDCOzjP/63Jr6TITXpxHgE
FbIkB9lSugHIxD3GiTWuFClMqzqgidfEr0gkMHQsgBKmCu0zZ3pJA14FVHNqtVyd
AgMBAAGjggHWMIIB0jAOBgNVHQ8BAf8EBAMCBaAwgYYGCCsGAQUFBwEBBHoweDBA
BggrBgEFBQcwAoY0aHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQv
aWNwZWR1c2hhMmcyLmNydDA0BggrBgEFBQcwAYYoaHR0cDovL29jc3AyLmdsb2Jh
bHNpZ24uY29tL2ljcGVkdXNoYTJnMjBWBgNVHSAETzBNMEEGCSsGAQQBoDIBFDA0
MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0
b3J5LzAIBgZngQwBAgIwCQYDVR0TBAIwADA+BgNVHR8ENzA1MDOgMaAvhi1odHRw
Oi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzL2ljcGVkdXNoYTJnMi5jcmwwIAYDVR0R
BBkwF4IVaG1nLWlkcC1lZHUtdjMucm5wLmJyMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjAdBgNVHQ4EFgQUQKifZzMvjAwqdIAmJZb+InacMI8wHwYDVR0j
BBgwFoAUlfCkhBqnXCA2psUI12VCAuV3aOMwEwYKKwYBBAHWeQIEAwEB/wQCBQAw
DQYJKoZIhvcNAQELBQADggEBACsqAY2Bpd5p3IcLrWNVHm0BoessuoSO5azSYuNR
xTV/hQ1Xzdo6uSIBFBmznCekhCsySRcBU9LnuT0uWxOxliuGsGiS4VS8hvjB+8bw
AzmnUGHgXhby6y0uRwsbwioX4/U3VcnUBOsQ6H4qz386j/sQcJnA837xwcgIYun+
aQXxBNp5fJk3NbQ073zJM2XqYE6bDDJYolNF0V0l2r7O5kDWpf6AkkI+8R2JwnLi
d92BF4/4WzBDnIw1JBamPYKfJKUg+gQY2IuJww9CGJEaVTPV6F4Atfvdm23isSsm
EfGactNPeeM8RYfs0P3Bwds2OUedQ2jMS9ofvjGj/K54A7Q=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweJG1S8sbIB9SbkoAaZn
f8t+7RLllrbemeWEnAaUUIJwX7il4424pk3NN++Jt9xzUHXUtOQY3FqN981+28yk
sXJBLO1aXwu31Xu5r2tai8AFuTlUCglAD590KS5SDD4M0luOwMjCQos2MhBWQEX8
HazunBvxXv+LB8yiN/bWoxPf6e4SqX30G2bzW52nqcTFXHeYhg3eWbTbHtMDpn+e
QJCuhDNdEbhtCFanI8Ns+Dx+iZgjqc7X6X2NzPUVtgAXQwjs4z/+tya+kyE16cR4
BBWyJAfZUroByMQ9xok1rhQpTKs6oInXxK9IJDB0LIASpgrtM2d6SQNeBVRzarVc
nQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 12983977702509278540703410021
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rio de Janeiro'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rio de Janeiro'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gerencia de Servicos (GSer)'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rede Nacional de Ensino e Pesquisa - RNP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ICPEdu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-24 20:26:02 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-11-24 20:26:02 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RJ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rio de Janeiro'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'REDE NACIONAL DE ENSINO E PESQUISA - RNP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hmg-idp-edu-v3.rnp.br'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24475574053190316068198722254678185460930627274299637899307926363756636332561777345987488808995612156047355051956121763855779399541236687599821707693602160867728769204485097709157188165687052927913208984469226530734749527895168474333180174178043312855196777248129943176160807682912603875770799677652991967937890359387547228784642032630880966577000755494480528245080915704699473634145950786793850475009487723078197231982097925101802884252723494835303284892603412968993798903168950329989585841624041828658279574176388524437418250860015142254808942995709804443964218164524998126499485203003342938640435347440137389038749
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (122 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/icpedusha2g2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/icpedusha2g2'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/icpedusha2g2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hmg-idp-edu-v3.rnp.br'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							40a89f67332f8c0c2a7480262596fe22769c308f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 95f0a4841aa75c2036a6c508d7654202e57768e3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002b2a018d81a5de69dc870bad63551e6d01a1eb2cba848ee5acd262e351c5357f850d57cdda3ab922011419b39c27a4842b3249170153d2e7b93d2e5b13b1962b86b06892e154bc86f8c1fbc6f00339a75061e05e16f2eb2d2e470b1bc22a17e3f53755c9d404eb10e87e2acf7f3a8ffb107099c0f37ef1c1c80862e9fe6905f104da797c993735b434ef7cc93365ea604e9b0c3258a25345d15d25dabecee640d6a5fe8092423ef11d89c272e277dd81178ff85b30439c8c352416a63d829f24a520fa0418d88b89c30f4218911a5533d5e85e00b5fbdd9b6de2b12b2611f19a72d34f79e33c4587ecd0fdc1c1db3639479d4368cc4bda1fbe31a3fcae7803b4