ci.onvio.us

- Thomson Reuters Inc -

Issued by COMODO RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number 35:f5:82:fb:d6:56:19:db:f9:65:3e:91:f1:6c:d0:1a was issued on by COMODO CA Limited.

With 26 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Thomson Reuters Inc

Organization: Thomson Reuters Inc
Address: 3 Times Square
Postal code: 10036
State / Province: NY
Locality: New York
Country: US

COMODO CA Limited

Organization: COMODO CA Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 35:f5:82:fb:d6:56:19:db:f9:65:3e:91:f1:6c:d0:1a
Serial Number (int): 71723853172792721669620160301999378458
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: c1:3a:3b:ae:ce:f7:24:e5:25:73:e6:16:d5:ef:71:39:d6:7d:ba:8f
AuthorityKeyId: 9a:f3:2b:da:cf:ad:4f:b6:2f:bb:2a:48:48:2a:12:b7:1b:42:c1:24

Fingerprint (sha1): 5d:f9:d4:b9:9f:1c:95:69:3c:4f:96:86:bc:d9:fc:bd:bd:f5:45:47
Fingerprint (sha256): 0f:c2:a0:29:ed:8e:62:25:ef:80:1c:77:5f:68:5e:d2:7a:a9:d8:01:7f:f3:28:6d:da:40:79:8f:32:03:68:e6

Issuing Certificate URL: http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.comodoca.com
CRL Distribution Point: http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate ci.onvio.us

26

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ci.onvio.us

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ci.onvio.us
ci.auth.onvio.us
ci.bankfeeds.thomsonreuters.com
ci.cs-user.thomsonreuters.com
ci.identity.tax.thomsonreuters.com
ci.mfa.onvio.us
ci.onbalance.thomsonreuters.ca
ci.onbalance.thomsonreuters.co.uk
ci.onbalance.thomsonreuters.com.ar
ci.onbalance.thomsonreuters.com.au
ci.onbalance.thomsonreuters.com.br
ci.onbalance.thomsonreuters.nl
ci.onboard.tax.thomsonreuters.com
ci.onboarding.mypaysolutions.com
ci.onvio.ca
ci.onvio.co.uk
ci.onvio.com.ar
ci.onvio.com.au
ci.onvio.com.br
ci.onvio.thomsonreuters.nl
ci.recibos.onvio.com.ar
ci.renew.tax.thomsonreuters.com
ci.samba.onvio.com.ar
ci.samba.onvio.com.br
ci.samba.onvio.us
ci.samba.thomsonreuters.com

Other certificates including the domain name onvio.us

(limited to 100 certificates)
coreservices.int.demo.onvio.us
qed.onvio.us
ci.onvio.us

demo.onvio.us
onvio.us
demo.onvio.us
ci.int.onvio.us
qed.api.onvio.us
taxcenter.int.demo.onvio.us
demo.int.onvio.us
qed.onvio.us
demo.int.onvio.us
onvio.us
internaloperations.int.onvio.us
www.onvio.us
es.ci.int.onvio.us
demo.api.onvio.us
tools.int.demo.onvio.us
onvio.us
onvio.us
qed.onvio.us
qed.onvio.us
es.demo.int.onvio.us
onvio.us
ci.api.onvio.us
ci.onvio.us
ci.int.onvio.us
qed.onvio.us
demo.onvio.us
onvio.us
qed.onvio.us
demo.onvio.us
internaloperations.int.demo.onvio.us
onvio.us
onvio.us
onvio.us
demo.onvio.us
ci.onvio.us
qed.onvio.us
onvio.us
*.onvio.us
demo.int.onvio.us
demo.onvio.us
onvio.us
api.onvio.us
uds.int.demo.onvio.us
internaloperations.int.onvio.us
*.platform.int.onvio.us
es.ci.int.onvio.us
ci.onvio.us
es.demo.int.onvio.us
onvio.us
int.onviosamba.xyz

ci.int.onvio.us
onvio.us
demo.int.onvio.us
ci.int.onvio.us
ci.int.onvio.us
ci.onvio.us
demo.onvio.us
ci.int.onvio.us
ci.onvio.us
ci.onvio.us
onvio.us
ci.int.onvio.us
es.int.onvio.us
*.platform.int.onvio.us
demo.onvio.us
demo.onvio.us
onvio.us
ci.int.onvio.us
demo.int.onvio.us
ci.onvio.us
int.onviosamba.xyz
qed.onvio.us
ci.onvio.us
qed.onvio.us

Certificate

The complete raw certificate details for ci.onvio.us in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJrDCCCJSgAwIBAgIQNfWC+9ZWGdv5ZT6R8WzQGjANBgkqhkiG9w0BAQsFADCB
ljELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPDA6BgNV
BAMTM0NPTU9ETyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl
cnZlciBDQTAeFw0xODExMTUwMDAwMDBaFw0yMDExMTQyMzU5NTlaMIGKMQswCQYD
VQQGEwJVUzEOMAwGA1UEERMFMTAwMzYxCzAJBgNVBAgTAk5ZMREwDwYDVQQHEwhO
ZXcgWW9yazEXMBUGA1UECRMOMyBUaW1lcyBTcXVhcmUxHDAaBgNVBAoTE1Rob21z
b24gUmV1dGVycyBJbmMxFDASBgNVBAMTC2NpLm9udmlvLnVzMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKSj5z0BR0/uL8bZQEtA6bOJ5iILR961GjDL
2iGNPEoQXoUX6qPOe35Ns+RX3zyOXkrtM7fVO6YJTAgkjQa6kB4klZ+dDEXzeZCQ
dRtw5Pxe+OrJqXsu9AgS+TKsm+sl+8MfvN0SeafIXk37C//PTfrMmu5mhb8nlTXG
wPi2UPiVDv+Qx+IAcynJ4Y13U/evDy3mh3TyaspqGjDXfva3/tHTIr2m8nLsWlfy
0Kvkao/H6wtI7+8Wn27ELWMRSkAOOaXZur0T882gNF3ozq426TzZkSsnWvwHJIGA
a4I6SLnydTm+ipxit0xkaieKud7MmzbPf0S9MEcXDUchFNFNEwIDAQABo4IF/jCC
BfowHwYDVR0jBBgwFoAUmvMr2s+tT7YvuypISCoStxtCwSQwHQYDVR0OBBYEFME6
O67O9yTlJXPmFtXvcTnWfbqPMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBQBgNVHSAESTBHMDsGDCsG
AQQBsjEBAgEDBDArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8u
Y29tL0NQUzAIBgZngQwBAgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5j
b21vZG9jYS5jb20vQ09NT0RPUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3Vy
ZVNlcnZlckNBLmNybDCBiwYIKwYBBQUHAQEEfzB9MFUGCCsGAQUFBzAChklodHRw
Oi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0
aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5j
b21vZG9jYS5jb20wggK5BgNVHREEggKwMIICrIILY2kub252aW8udXOCEGNpLmF1
dGgub252aW8udXOCH2NpLmJhbmtmZWVkcy50aG9tc29ucmV1dGVycy5jb22CHWNp
LmNzLXVzZXIudGhvbXNvbnJldXRlcnMuY29tgiJjaS5pZGVudGl0eS50YXgudGhv
bXNvbnJldXRlcnMuY29tgg9jaS5tZmEub252aW8udXOCHmNpLm9uYmFsYW5jZS50
aG9tc29ucmV1dGVycy5jYYIhY2kub25iYWxhbmNlLnRob21zb25yZXV0ZXJzLmNv
LnVrgiJjaS5vbmJhbGFuY2UudGhvbXNvbnJldXRlcnMuY29tLmFygiJjaS5vbmJh
bGFuY2UudGhvbXNvbnJldXRlcnMuY29tLmF1giJjaS5vbmJhbGFuY2UudGhvbXNv
bnJldXRlcnMuY29tLmJygh5jaS5vbmJhbGFuY2UudGhvbXNvbnJldXRlcnMubmyC
IWNpLm9uYm9hcmQudGF4LnRob21zb25yZXV0ZXJzLmNvbYIgY2kub25ib2FyZGlu
Zy5teXBheXNvbHV0aW9ucy5jb22CC2NpLm9udmlvLmNhgg5jaS5vbnZpby5jby51
a4IPY2kub252aW8uY29tLmFygg9jaS5vbnZpby5jb20uYXWCD2NpLm9udmlvLmNv
bS5icoIaY2kub252aW8udGhvbXNvbnJldXRlcnMubmyCF2NpLnJlY2lib3Mub252
aW8uY29tLmFygh9jaS5yZW5ldy50YXgudGhvbXNvbnJldXRlcnMuY29tghVjaS5z
YW1iYS5vbnZpby5jb20uYXKCFWNpLnNhbWJhLm9udmlvLmNvbS5icoIRY2kuc2Ft
YmEub252aW8udXOCG2NpLnNhbWJhLnRob21zb25yZXV0ZXJzLmNvbTCCAYAGCisG
AQQB1nkCBAIEggFwBIIBbAFqAHcA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7
iXqo/csAAAFnGHNvLgAABAMASDBGAiEAth8HBpfAP/6Akk8HWDRjVK5Z1P42CNho
FHdoos/83bYCIQCZd0zDQ8YToB7rzXpW2SR2s9efGe4FvV5rGbvgn1WiXwB3AF6n
c/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABZxhzb3cAAAQDAEgwRgIh
ALzAuuBnFRgmviWRTSmoZRMTAcE6LJ/zWr14OdKVH9nVAiEAzp6JTVVKqxuU5PA1
eo2b1yPq4zmeNV6mqlxI/PwMy3sAdgDwlaRZ8gDRgkAQLS+TiI6tS/4dR+OZ4dA0
prCoqo6ycwAAAWcYc296AAAEAwBHMEUCIHSG1uOQV3dSR1ye1eXsvAyO+xRHWKSh
poi+7G6a96FiAiEAuvn3MINbULduG6Lkbg5mdSFc6clorj1JBqJx4sEzlCUwDQYJ
KoZIhvcNAQELBQADggEBALeQ5JN30k4MpJSRNYMYk+foUKJpjYdt36XlattFMASx
/iUIvBFT8YjWG0hltmHxKViAhVVYyo2tAkEPz5EVl70O3z5N6o/eEu8iEmBZMxUG
9chODiC9Lsu80XT1KLldQ/JbYviubClDU0SB3EWy6p3uT0ISvzXYMVLjetQfJDzd
IKqTI3FTwEKcfLNkkN0IAgd8Tl1GBT6e2Uw3kK50Ux5+7QD917w8lyns054Angsx
Mx5Ja8rls/pddqbh3dILGpw+MAht5EeJZeW+bX8sE/ZbN/Lq9irfbzrU0ivjOK8j
qnLGTsckHhCmtNoM517gYelwfj9ZRX1tFNe9HKxEDT4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKSj5z0BR0/uL8bZQEtA
6bOJ5iILR961GjDL2iGNPEoQXoUX6qPOe35Ns+RX3zyOXkrtM7fVO6YJTAgkjQa6
kB4klZ+dDEXzeZCQdRtw5Pxe+OrJqXsu9AgS+TKsm+sl+8MfvN0SeafIXk37C//P
TfrMmu5mhb8nlTXGwPi2UPiVDv+Qx+IAcynJ4Y13U/evDy3mh3TyaspqGjDXfva3
/tHTIr2m8nLsWlfy0Kvkao/H6wtI7+8Wn27ELWMRSkAOOaXZur0T882gNF3ozq42
6TzZkSsnWvwHJIGAa4I6SLnydTm+ipxit0xkaieKud7MmzbPf0S9MEcXDUchFNFN
EwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 71723853172792721669620160301999378458
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-11-14 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '10036'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NY'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '3 Times Square'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thomson Reuters Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ci.onvio.us'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24318941685246873236318054443579129039094384829552939696773956695666492520206783077312854046527886012753485109049542024447454957872458967163916974219767974389354993603499607607195624379061471162570850650332568138765658119149685669588019029173804693426647093558207598739829396145971749104691098363685104651639570355722035848344375918250527842785434828487015815348162744146620442195561155287390107514040312630910361205312355226479663545717987554133255061585200202706064870282846830760939679034083163714471079599448706678432006075811633596898079538620486534716038075455366697100110146006462553582411586483039985852304659
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9af32bdacfad4fb62fbb2a48482a12b71b42c124
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c13a3baecef724e52573e616d5ef7139d67dba8f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (127 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (688 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onvio.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.auth.onvio.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.bankfeeds.thomsonreuters.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.cs-user.thomsonreuters.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.identity.tax.thomsonreuters.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.mfa.onvio.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onbalance.thomsonreuters.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onbalance.thomsonreuters.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onbalance.thomsonreuters.com.ar'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onbalance.thomsonreuters.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onbalance.thomsonreuters.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onbalance.thomsonreuters.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onboard.tax.thomsonreuters.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onboarding.mypaysolutions.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onvio.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onvio.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onvio.com.ar'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onvio.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onvio.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onvio.thomsonreuters.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.recibos.onvio.com.ar'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.renew.tax.thomsonreuters.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.samba.onvio.com.ar'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.samba.onvio.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.samba.onvio.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.samba.thomsonreuters.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016718736f2e0000040300483046022100b61f070697c03ffe80924f0758346354ae59d4fe3608d868147768a2cffcddb602210099774cc343c613a01eebcd7a56d92476b3d79f19ee05bd5e6b19bbe09f55a25f0077005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016718736f770000040300483046022100bcc0bae067151826be25914d29a865131301c13a2c9ff35abd7839d2951fd9d5022100ce9e894d554aab1b94e4f0357a8d9bd723eae3399e355ea6aa5c48fcfc0ccb7b007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016718736f7a000004030047304502207486d6e390577752475c9ed5e5ecbc0c8efb144758a4a1a688beec6e9af7a162022100baf9f730835b50b76e1ba2e46e0e6675215ce9c968ae3d4906a271e2c1339425
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b790e49377d24e0ca4949135831893e7e850a2698d876ddfa5e56adb453004b1fe2508bc1153f188d61b4865b661f1295880855558ca8dad02410fcf911597bd0edf3e4dea8fde12ef22126059331506f5c84e0e20bd2ecbbcd174f528b95d43f25b62f8ae6c2943534481dc45b2ea9dee4f4212bf35d83152e37ad41f243cdd20aa93237153c0429c7cb36490dd0802077c4e5d46053e9ed94c3790ae74531e7eed00fdd7bc3c9729ecd39e009e0b31331e496bcae5b3fa5d76a6e1ddd20b1a9c3e30086de4478965e5be6d7f2c13f65b37f2eaf62adf6f3ad4d22be338af23aa72c64ec7241e10a6b4da0ce75ee061e9707e3f59457d6d14d7bd1cac440d3e