caja-dev.libertyseguros.co

- Liberty Mutual Group -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 0b:c5:5b:68:b3:a8:c8:3e:a1:91:b2:82:c2:e7:e4:09 was issued on by Entrust, Inc..

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Liberty Mutual Group

Organization: Liberty Mutual Group
State / Province: New Hampshire
Locality: Portsmouth
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0b:c5:5b:68:b3:a8:c8:3e:a1:91:b2:82:c2:e7:e4:09
Serial Number (int): 15646244429370131354615088656914310153
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 64:6d:f5:0b:71:7e:4d:94:9f:2b:9f:cd:86:4d:14:0e:0e:60:8b:df
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): 0a:02:61:fe:b5:1c:64:d7:05:01:13:35:a3:7c:ba:ee:0b:41:61:b5
Fingerprint (sha256): 10:cf:0d:1a:6b:a0:6f:91:59:06:01:e4:4f:30:11:a2:86:80:32:fe:02:89:6d:9a:4d:22:40:a1:a9:b3:e2:66

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate caja-dev.libertyseguros.co

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for caja-dev.libertyseguros.co

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

caja-dev.libertyseguros.co

Other certificates including the domain name libertyseguros.co

(limited to 100 certificates)
uat.mediedge.com
adcl-agent.libertyseguros.co
brmspolicy-uat.libertyinsurance.in
libertymutual.com
www.libertyinsurance.ie
connect.libertyqa.pt
wlsquotation-uat.libertyseguros.co
soatenlinea-nonprod.libertyseguros.co
libertyseguros.com
adil.libertyseguros.co
sip.libertycolombia.com
digital-dev.libertyseguros.co
connect.libertyqa.pt
api-variables-tarifa-dev.libertyseguros.co
digital.libertyseguros.co
policy-servicingdev.libertyseguros.co
digital.libertyseguros.co
wslowtouch-uat.libertyseguros.co
sas.libertyseguros.co
connect.libertyqa.pt
libertyseguros.com
adcl-agent-api-nonprod.libertyseguros.co
adil-nonprod.libertyseguros.co
libertyseguros.com
consultaverificacion-dev.libertyseguros.co
sarlaftdigital.libertyseguros.co
uat.mediedge.com
act-www.libertyseguros.com.br
uat.mediedge.com
connect.libertyqa.pt
digital.libertyseguros.co
uat.mediedge.com
nuevaoficinaenlineauat-piloto.libertyseguros.co
ete-claims.safeco.com
uat.mediedge.com
internal-send-email.libertyseguros.co
wslowtouch.libertyseguros.co
internal-soa-services.libertyseguros.co
dynamic-pricing-dev.libertyseguros.co
legadas-dev.libertyseguros.co
libertycerts.com.sg
soadrp.libertyseguros.co
connect.libertyqa.pt
libertyseguros.com
connect.libertyqa.pt
inspecciones-uat.libertyseguros.co
libertyseguros.com
ete-claims.safeco.com
cotizacion-intermediarios-dev.libertyseguros.co
nonprod-easycare.libertymedicalinsurance.com
digital.libertyseguros.co
validaid-dev.libertyseguros.co
digital.libertyseguros.co
www.libertyinsurance.ie
crediscore-experian.libertyseguros.co
evault.libertyseguros.co
identverificacion-dev.libertyseguros.co
libertymutual.com
adil-dev.libertyseguros.co
cero.libertyseguros.co
caja-dev.libertyseguros.co
libertymutual.com
act-www.libertyseguros.com.br
isoat.libertyseguros.co
conferencia.libertyseguros.co
uatmicroserviciosint.libertyseguros.co
microservicios.libertyseguros.co
portaldev.libertycolombia.com
adil.libertyseguros.cl
ete-claims.safeco.com
bpmintpreprod.libertyseguros.co
adil-agent.libertyseguros.co
act-meucotadorfrota.libertyseguros.com.br
soatenlinea-nonprod.libertyseguros.co
nonprod-easycare.libertymedicalinsurance.com
bpmintdrp.libertyseguros.co
wsautogen.libertyseguros.co
solicitudes-clientes.libertyseguros.co
uat.mediedge.com
libertycerts.com.sg
listas-restrictivas.libertyseguros.co
nonprod-easycare.libertymedicalinsurance.com
digital.libertyseguros.co
wslowtouch.libertyseguros.co
libertycerts.com.sg
www.libertyinsurance.ie
adil-agent-dev.libertyseguros.co
act-www.libertyseguros.com.br
connect.libertyqa.pt
hogar-uat.libertyseguros.co
nonprod-easycare.libertymedicalinsurance.com
gestion-poliza.libertyseguros.co
nonprodmicroserviciosint.libertyseguros.co
habeasdata.libertyseguros.co
wlsquotation.libertyseguros.co
aplicaciones.libertyseguros.co
digital.libertyseguros.co
internal-integration-microservices-nonprod.libertyseguros.co
nuevaoficinaenlinea.libertyseguros.co
pyme-dev.libertyseguros.co

Certificate

The complete raw certificate details for caja-dev.libertyseguros.co in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIQC8VbaLOoyD6hkbKCwufkCTANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y
NDAzMTEyMTU4MTBaFw0yNTA0MTEyMTU4MDlaMH4xCzAJBgNVBAYTAlVTMRYwFAYD
VQQIEw1OZXcgSGFtcHNoaXJlMRMwEQYDVQQHEwpQb3J0c21vdXRoMR0wGwYDVQQK
ExRMaWJlcnR5IE11dHVhbCBHcm91cDEjMCEGA1UEAxMaY2FqYS1kZXYubGliZXJ0
eXNlZ3Vyb3MuY28wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwp9+J
jV8RyRygCgZ3kAEkPeYQR+AiuF28meWAWreaDYY9fI/PxtO0lLVPixZraxt+BxYq
oWgosHAgb7LoWy8ldV5NRIHZFIsZuVGAi+1zzMJarlQNgLI9iqOurx543iZoTZug
5b62drZX/oIHYWnnakP2Kie23BTkP31IDlJwE8t9p+r+8RhJrR3C7JZMRbQhYHPB
ySKLu95SBArHeTyt200Bv3vpWP7t68JsxHZ9Ktp3CHZpw5ORYxQwq+XR9LjjLJCB
ExwnW7X9KblZft/TckJcBEBLJRWfHgEj23fR4VuwNGh34w6j+daRLP0bvvDp1J18
nhCrdXGspxjbaxOBAgMBAAGjggFxMIIBbTAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW
BBRkbfULcX5NlJ8rn82GTRQODmCL3zAfBgNVHSMEGDAWgBSConB03bxTP8971PfN
f6dgxgpMvzBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3Nw
LmVudHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0
L2wxay1jaGFpbjI1Ni5jZXIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5l
bnRydXN0Lm5ldC9sZXZlbDFrLmNybDAlBgNVHREEHjAcghpjYWphLWRldi5saWJl
cnR5c2VndXJvcy5jbzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCMBMGA1UdIAQMMAowCAYGZ4EMAQICMBMGCisGAQQB1nkCBAMB
Af8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQANES+qQxfLwiKF5ju6aQswRXPW3tj5
/Oyf9vudwbiL12H9bxmPIXgM7PhFOvToPCTTLSQZ6gk1TlcXosjZbL4BUicSzHsa
JXPa8uKoY/4RzU1UUDTCCqtu6C/cHWZ6pNDMk0udJKh6SrlSCcZTORnJWTgnvLeL
9tMvly9SPRiEovNE44ey4pJk3BhEMU3srReFRjpP839gxhHz/KwZtORbid1lyDLh
/q6N6KXsDXjxu7rjqpOByTJDpo1py9I7GDvd8Ure8jbL18gu93zTObFnFspoGMZ9
ssv/cq68YXJsm3OqrgyRuxU/+vbVrpqrtbvJ9CNYJ/XJelwv3TiCw+dR
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8KffiY1fEckcoAoGd5AB
JD3mEEfgIrhdvJnlgFq3mg2GPXyPz8bTtJS1T4sWa2sbfgcWKqFoKLBwIG+y6Fsv
JXVeTUSB2RSLGblRgIvtc8zCWq5UDYCyPYqjrq8eeN4maE2boOW+tna2V/6CB2Fp
52pD9ionttwU5D99SA5ScBPLfafq/vEYSa0dwuyWTEW0IWBzwckii7veUgQKx3k8
rdtNAb976Vj+7evCbMR2fSradwh2acOTkWMUMKvl0fS44yyQgRMcJ1u1/Sm5WX7f
03JCXARASyUVnx4BI9t30eFbsDRod+MOo/nWkSz9G77w6dSdfJ4Qq3VxrKcY22sT
gQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 15646244429370131354615088656914310153
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-11 21:58:10 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-11 21:58:09 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Hampshire'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Portsmouth'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Liberty Mutual Group'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'caja-dev.libertyseguros.co'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30379974548443576761500948139826480633343723021639331382960022159932934439817303307499853526818016896114693122024674746994432208513070213223169972708120273596217089252083796694005219957675358136337573148783329218691211571378726207405465097895115901104517002635812846828652456272767775214648471437588744604767873736261322344751886339044584700145413256560649975948902237477628578037455987468769464683956745098636076549310769393440589930155812822941679484131492742225235000589702247260382775317639525884964833366728505851957846037109398233727833080225234558540416598047225471340490809299656841779210868097208869274194817
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							646df50b717e4d949f2b9fcd864d140e0e608bdf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'caja-dev.libertyseguros.co'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000d112faa4317cbc22285e63bba690b304573d6ded8f9fcec9ff6fb9dc1b88bd761fd6f198f21780cecf8453af4e83c24d32d2419ea09354e5717a2c8d96cbe01522712cc7b1a2573daf2e2a863fe11cd4d545034c20aab6ee82fdc1d667aa4d0cc934b9d24a87a4ab95209c6533919c9593827bcb78bf6d32f972f523d1884a2f344e387b2e29264dc1844314decad1785463a4ff37f60c611f3fcac19b4e45b89dd65c832e1feae8de8a5ec0d78f1bbbae3aa9381c93243a68d69cbd23b183bddf14adef236cbd7c82ef77cd339b16716ca6818c67db2cbff72aebc61726c9b73aaae0c91bb153ffaf6d5ae9aabb5bbc9f4235827f5c97a5c2fdd3882c3e751