boulder-ssl2.ricoh-usa.com
- Ricoh USA, Inc. -
Issued by AffirmTrust Certificate Authority - OV1
About this certificate
This digital certificate with serial number 6f:a2:64:c1:1d:72:2a:c5:00:00:00:00:58:08:8e:98 was issued on by AffirmTrust.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Ricoh USA, Inc.
Organization:
Ricoh USA, Inc.
State / Province:
New Jersey
Locality: Caldwell
Country: US
Locality: Caldwell
Country: US
AffirmTrust
Organization:
AffirmTrust
Organization unit: See www.affirmtrust.com/repository
Organization unit: See www.affirmtrust.com/repository
Country:
CA
This certificate has expire since
Certificate Details
Serial Number (hex): 6f:a2:64:c1:1d:72:2a:c5:00:00:00:00:58:08:8e:98Serial Number (int): 148387503164317119189860012141855674008
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 28:45:77:8d:48:1b:70:b5:ae:a8:77:f6:54:85:d7:69:b8:6e:63:21
AuthorityKeyId: fe:60:c3:0d:a4:a2:9d:21:4f:7a:78:4c:62:c5:db:14:fc:39:78:c4
Fingerprint (sha1): a8:d9:28:00:9b:2b:39:10:3f:bb:af:93:bb:c9:3f:bc:ae:44:cc:be
Fingerprint (sha256): 13:56:d1:a1:be:4d:be:54:ed:12:c5:bd:01:63:10:f9:25:d6:3e:15:ed:7b:3b:51:db:f2:a4:ee:d4:34:93:66
Issuing Certificate URL: http://aia.affirmtrust.com/aftov1ca.crt
Revocation information
OCSP Server: http://ocsp.affirmtrust.comCRL Distribution Point: http://crl.affirmtrust.com/crl/aftov1ca.crl
Check the revocation status for certificate boulder-ssl2.ricoh-usa.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for boulder-ssl2.ricoh-usa.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
boulder-ssl2.ricoh-usa.com
ricoh-usa.com
ricoh-usa.com
Other certificates including the domain name ricoh-usa.com
(limited to 100 certificates)
*.ricoh-usa.com
ssl1.ricoh-usa.com
adaptiveformstest.ricoh-usa.com
boulder-ssl1.ricoh-usa.com
*.returnmailservices.ricoh-usa.com
support.rpp.ricoh-usa.com
*.ricoh-usa.com
storefront.ricoh-usa.com
cs2.ricoh-usa.com
mdm.ricoh-usa.com
xen.ricoh-usa.com
*.ricoh-usa.com
*.ricoh-usa.com
events.ricoh-usa.com
rworld-test.ricoh-usa.com
portal.ricoh-usa.com
UCAAS2-CTPC1-01.ricoh-usa.com
UCAAS11-CTPC1-01.dev.ricoh-usa.com
mdm.ricoh-usa.com
rworld-test.ricoh-usa.com
mobileha.ricoh-usa.com
support.rpp.ricoh-usa.com
sts.ricoh-usa.com
UCAAS11-CUCPUB2-01.dev.ricoh-usa.com
newsroom.ricoh-usa.com
pb1.ricoh-usa.com
sts.dev.ricoh-usa.com
ucaas11-cup1-01.dev.ricoh-usa.com
*.ricoh-usa.com
ricohaps.ricoh-usa.com
boulder-ssl2.ricoh-usa.com
sts.ricoh-usa.com
sts.preprod.ricoh-usa.com
newsroom.ricoh-usa.com
*.awsdev.ricoh-usa.com
UCAAS2-UCMPUB2-01-ms.ricoh-usa.com
*.Ricoh-usa.com
jobs.ricoh-usa.com
*.ricoh-usa.com
UCAAS1-CTPC1-01.ricoh-usa.com
*.ricoh-usa.com
cs3.ricoh-usa.com
tec.ricoh-usa.com
cs3.ricoh-usa.com
rworld-test.ricoh-usa.com
*.ricoh-usa.com
rscc.ricoh-usa.com
thedocshop.ricoh-usa.com
events.ricoh-usa.com
sts.dev.ricoh-usa.com
iapoc.intelligentdelivery.ricoh-usa.com
*.ricoh-usa.com
ricohspha.ricoh-usa.com
ctpat.ricoh-usa.com
rworld-test.ricoh-usa.com
mobile3.ricoh-usa.com
*.Ricoh-usa.com
sts.ricoh-usa.com
PhishReporter.ricoh-usa.com
solutionfinder.ricoh-usa.com
*.ricoh-usa.com
ddpe.ricoh-usa.com
*.ricoh-usa.com
asklola.ricoh-usa.com
GA16ARTDEV01.ricoh-usa.com
*.ricoh-usa.com
lpo.ricoh-usa.com
mobile.ricoh-usa.com
comms.ricoh-usa.com
my.ricoh-usa.com
ssl1.ricoh-usa.com
sts.ricoh-usa.com
UCAAS2-CUCPUB2-01-ms.ricoh-usa.com
adaptiveformsdev.ricoh-usa.com
UCAAS11-VCSE-01B.dev.ricoh-usa.com
newsroom.ricoh-usa.com
ssl2.ricoh-usa.com
images.learn.ricoh-usa.com
sts.ricoh-usa.com
UCAAS2-UCMPUB2-01.ricoh-usa.com
ddpe.ricoh-usa.com
sts.preprod.ricoh-usa.com
portal.ricoh-usa.com
ssl2.ricoh-usa.com
UCAAS2-CUP2-01-ms.ricoh-usa.com
mobileha.ricoh-usa.com
UCAAS11-VCSE1-01A.dev.ricoh-usa.com
ucaas11-cucpub1-01-ms.dev.ricoh-usa.com
*.ricoh-usa.com
portal.ricoh-usa.com
gitcloud.awsdev.ricoh-usa.com
*.ricoh-usa.com
rworld.ricoh-usa.com
mobilepoc.ricoh-usa.com
my.ricoh-usa.com
rworld-test.ricoh-usa.com
xenapp.ricoh-usa.com
rworld.ricoh-usa.com
ssl2.ricoh-usa.com
*.ricoh-usa.com
ssl1.ricoh-usa.com
adaptiveformstest.ricoh-usa.com
boulder-ssl1.ricoh-usa.com
*.returnmailservices.ricoh-usa.com
support.rpp.ricoh-usa.com
*.ricoh-usa.com
storefront.ricoh-usa.com
cs2.ricoh-usa.com
mdm.ricoh-usa.com
xen.ricoh-usa.com
*.ricoh-usa.com
*.ricoh-usa.com
events.ricoh-usa.com
rworld-test.ricoh-usa.com
portal.ricoh-usa.com
UCAAS2-CTPC1-01.ricoh-usa.com
UCAAS11-CTPC1-01.dev.ricoh-usa.com
mdm.ricoh-usa.com
rworld-test.ricoh-usa.com
mobileha.ricoh-usa.com
support.rpp.ricoh-usa.com
sts.ricoh-usa.com
UCAAS11-CUCPUB2-01.dev.ricoh-usa.com
newsroom.ricoh-usa.com
pb1.ricoh-usa.com
sts.dev.ricoh-usa.com
ucaas11-cup1-01.dev.ricoh-usa.com
*.ricoh-usa.com
ricohaps.ricoh-usa.com
boulder-ssl2.ricoh-usa.com
sts.ricoh-usa.com
sts.preprod.ricoh-usa.com
newsroom.ricoh-usa.com
*.awsdev.ricoh-usa.com
UCAAS2-UCMPUB2-01-ms.ricoh-usa.com
*.Ricoh-usa.com
jobs.ricoh-usa.com
*.ricoh-usa.com
UCAAS1-CTPC1-01.ricoh-usa.com
*.ricoh-usa.com
cs3.ricoh-usa.com
tec.ricoh-usa.com
cs3.ricoh-usa.com
rworld-test.ricoh-usa.com
*.ricoh-usa.com
rscc.ricoh-usa.com
thedocshop.ricoh-usa.com
events.ricoh-usa.com
sts.dev.ricoh-usa.com
iapoc.intelligentdelivery.ricoh-usa.com
*.ricoh-usa.com
ricohspha.ricoh-usa.com
ctpat.ricoh-usa.com
rworld-test.ricoh-usa.com
mobile3.ricoh-usa.com
*.Ricoh-usa.com
sts.ricoh-usa.com
PhishReporter.ricoh-usa.com
solutionfinder.ricoh-usa.com
*.ricoh-usa.com
ddpe.ricoh-usa.com
*.ricoh-usa.com
asklola.ricoh-usa.com
GA16ARTDEV01.ricoh-usa.com
*.ricoh-usa.com
lpo.ricoh-usa.com
mobile.ricoh-usa.com
comms.ricoh-usa.com
my.ricoh-usa.com
ssl1.ricoh-usa.com
sts.ricoh-usa.com
UCAAS2-CUCPUB2-01-ms.ricoh-usa.com
adaptiveformsdev.ricoh-usa.com
UCAAS11-VCSE-01B.dev.ricoh-usa.com
newsroom.ricoh-usa.com
ssl2.ricoh-usa.com
images.learn.ricoh-usa.com
sts.ricoh-usa.com
UCAAS2-UCMPUB2-01.ricoh-usa.com
ddpe.ricoh-usa.com
sts.preprod.ricoh-usa.com
portal.ricoh-usa.com
ssl2.ricoh-usa.com
UCAAS2-CUP2-01-ms.ricoh-usa.com
mobileha.ricoh-usa.com
UCAAS11-VCSE1-01A.dev.ricoh-usa.com
ucaas11-cucpub1-01-ms.dev.ricoh-usa.com
*.ricoh-usa.com
portal.ricoh-usa.com
gitcloud.awsdev.ricoh-usa.com
*.ricoh-usa.com
rworld.ricoh-usa.com
mobilepoc.ricoh-usa.com
my.ricoh-usa.com
rworld-test.ricoh-usa.com
xenapp.ricoh-usa.com
rworld.ricoh-usa.com
ssl2.ricoh-usa.com
*.ricoh-usa.com
Certificate
The complete raw certificate details for boulder-ssl2.ricoh-usa.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIQb6JkwR1yKsUAAAAAWAiOmDANBgkqhkiG9w0BAQsFADCB gjELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYDVQQLEyJT ZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTAwLgYDVQQDEydBZmZp cm1UcnVzdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBPVjEwHhcNMTgwOTA2MjEw MzU4WhcNMjAwOTA2MjEzMzU3WjB0MQswCQYDVQQGEwJVUzETMBEGA1UECBMKTmV3 IEplcnNleTERMA8GA1UEBxMIQ2FsZHdlbGwxGDAWBgNVBAoTD1JpY29oIFVTQSwg SW5jLjEjMCEGA1UEAxMaYm91bGRlci1zc2wyLnJpY29oLXVzYS5jb20wggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiwY3145iVg02i9ILxW8pcIvQS0aTG hFcu9uP5EoGY1s04OBWbgGSITKMA28pttUL1/yq9gsu9RBH8pEOxA69A1St8vdFU soaL6czOkxanyy9vi3ctdVrw2Mf+XOdxQ727XkD9PE4o8s3o3DyQ9m30LJ54l5Ju HMuWUBpvUPTgvMIR/+n/gLZV8dUTe5mfs21p9gvJCLxAzNzKGYFRnhjI6dIIwXju t8Mu5L38RLWRa+GeEQZp4MCPAZ1LspvtKIoPjmZD/9KtEJaKNgOCzS6mTL92JkXl pnDfUMje/m39I+lcFRMCwYaHVLmPUi8ckIVzfhJg57Bq7HE8HT2hUYqZAgMBAAGj ggHOMIIByjATBgorBgEEAdZ5AgQDAQH/BAIFADA0BgNVHREELTArghpib3VsZGVy LXNzbDIucmljb2gtdXNhLmNvbYINcmljb2gtdXNhLmNvbTAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAkGA1UdEwQCMAAwbAYI KwYBBQUHAQEEYDBeMCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hZmZpcm10cnVz dC5jb20wMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuYWZmaXJtdHJ1c3QuY29tL2Fm dG92MWNhLmNydDBXBgNVHSAEUDBOMEIGCisGAQQBgo8JAgUwNDAyBggrBgEFBQcC ARYmaHR0cHM6Ly93d3cuYWZmaXJtdHJ1c3QuY29tL3JlcG9zaXRvcnkwCAYGZ4EM AQICMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29t L2NybC9hZnRvdjFjYS5jcmwwHwYDVR0jBBgwFoAU/mDDDaSinSFPenhMYsXbFPw5 eMQwHQYDVR0OBBYEFChFd41IG3C1rqh39lSF12m4bmMhMA0GCSqGSIb3DQEBCwUA A4IBAQBqs4sM1VLQ+b8LdIwcqrHYs2mS6+GEleHiMSZbLwNYTbEtzb+JoVOrDaZC NYAcVLq7iNHeDmBlHSClBFdObqa4aS9cvLz3F4BkYaeuRGVbWpPysKM/bSLg/wbY 8dZE036juRkIftJe7B1SWRMS+OIEV/424Zj/4yvtF+HgZV9y9RJZbMBeDD03DU8n tG+wjGqiOgqT1IClJYjKASnju9LTUdbE/fXz3YO4LgypCU92jIB4PMdYG2sTTS1O Ix8sCIpq6scbcbA9duYTsou/4D+jtKoFV3zeNhzozRyZ8ED5w2e8Wst4Vql1SJXy c+ZOAhnxYSUY37woA0t16vXmpu4S -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosGN9eOYlYNNovSC8VvK XCL0EtGkxoRXLvbj+RKBmNbNODgVm4BkiEyjANvKbbVC9f8qvYLLvUQR/KRDsQOv QNUrfL3RVLKGi+nMzpMWp8svb4t3LXVa8NjH/lzncUO9u15A/TxOKPLN6Nw8kPZt 9CyeeJeSbhzLllAab1D04LzCEf/p/4C2VfHVE3uZn7NtafYLyQi8QMzcyhmBUZ4Y yOnSCMF47rfDLuS9/ES1kWvhnhEGaeDAjwGdS7Kb7SiKD45mQ//SrRCWijYDgs0u pky/diZF5aZw31DI3v5t/SPpXBUTAsGGh1S5j1IvHJCFc34SYOewauxxPB09oVGK mQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 148387503164317119189860012141855674008 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AffirmTrust' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.affirmtrust.com/repository' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AffirmTrust Certificate Authority - OV1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-06 21:03:58 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-06 21:33:57 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Jersey' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Caldwell' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ricoh USA, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'boulder-ssl2.ricoh-usa.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20546050702126793626539838833991208097389850473543957083490520221866677858912470660700613044220769127436588235085511816927014753361153832519739998440684137652677305138464676043164171048626266161990956703990607926395992500073194072897827538779371953504581182131453750591026346119808856392431876954494863079123510394824905973557009231003835277920280831230282601865814983242413768013797762302469484970998263274758418132587611517601469324726846451926456011833741056758743146795048994737324075569016623834111466544299923213712974492851970408857724295039100559603626800091574618095858140926781786102054799576449248308333209 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (45 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'boulder-ssl2.ricoh-usa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ricoh-usa.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.affirmtrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.affirmtrust.com/aftov1ca.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.34697.2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.affirmtrust.com/repository' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.affirmtrust.com/crl/aftov1ca.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName fe60c30da4a29d214f7a784c62c5db14fc3978c4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2845778d481b70b5aea877f65485d769b86e6321 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006ab38b0cd552d0f9bf0b748c1caab1d8b36992ebe18495e1e231265b2f03584db12dcdbf89a153ab0da64235801c54babb88d1de0e60651d20a504574e6ea6b8692f5cbcbcf717806461a7ae44655b5a93f2b0a33f6d22e0ff06d8f1d644d37ea3b919087ed25eec1d52591312f8e20457fe36e198ffe32bed17e1e0655f72f512596cc05e0c3d370d4f27b46fb08c6aa23a0a93d480a52588ca0129e3bbd2d351d6c4fdf5f3dd83b82e0ca9094f768c80783cc7581b6b134d2d4e231f2c088a6aeac71b71b03d76e613b28bbfe03fa3b4aa05577cde361ce8cd1c99f040f9c367bc5acb7856a9754895f273e64e0219f1612518dfbc28034b75eaf5e6a6ee12