online.cityofwhittier.org

- City of Whittier -

Issued by Entrust Certification Authority - L1M

About this certificate

This digital certificate with serial number 54:cb:e6:a8 was issued on by Entrust, Inc..

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)

City of Whittier

Company registration number: 02 28 1898
Organization: City of Whittier
Organization unit: IT
State / Province: California
Locality: Whittier
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 54:cb:e6:a8
Serial Number (int): 1422649000
Serial Number lenght: 31 bits, 4 octets

SubjectKeyId: 2a:2a:1c:3a:55:7f:26:d2:07:74:6a:c0:7c:fa:cd:ea:bb:ac:9f:36
AuthorityKeyId: c3:f7:d0:b5:2a:30:ad:af:0d:91:21:70:39:54:dd:bc:89:70:c7:3a

Fingerprint (sha1): 11:26:78:7f:97:ff:3a:59:ea:72:c5:0e:11:e8:fa:09:3f:aa:12:48
Fingerprint (sha256): 17:08:0e:52:bd:f8:94:b6:fc:e6:b6:78:6b:26:8f:05:4b:73:f0:f3:2e:53:f8:b8:2a:c1:2d:42:b2:3a:5b:09

Issuing Certificate URL: http://aia.entrust.net/l1m-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1m.crl

Check the revocation status for certificate online.cityofwhittier.org

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for online.cityofwhittier.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

online.cityofwhittier.org
online.whittierch.org
fs.cityofwhittier.org

Other certificates including the domain name cityofwhittier.org

(limited to 100 certificates)
mail.whittierch.org
san-g2.granicusgovaccess.net
online.cityofwhittier.org
cityofwhittier.org
helpdesk.deistermachine.com
guest.cityofwhittier.org
fs.cityofwhittier.org
mail.whittierch.org
support.cityofwhittier.org
helpdesk.gapsi.com
online.cityofwhittier.org
san-a2.granicusgovaccess.net
help.lafayetteco.gov
online.cityofwhittier.org
techsupport.maxsold.com
san-g2.granicusgovaccess.net
san-g2.granicusgovaccess.net
san-g2.granicusgovaccess.net
san-a2.granicusgovaccess.net
san-g2.granicusgovaccess.net
support.sifco.com
san-g2.granicusgovaccess.net
hermes.whittierch.org
mail.whittierch.org
support.cityofwhittier.org
online.cityofwhittier.org
cityofwhittier.org
online.cityofwhittier.org
*.cityofwhittier.org
support.cityofwhittier.org
online.cityofwhittier.org
support.sifco.com
techsupport.maxsold.com
cityofwhittier.org
san-g2.granicusgovaccess.net
helpdesk.deistermachine.com
mail.whittierch.org
www.cityofwhittier.org
support.cityofwhittier.org
online.cityofwhittier.org
online.cityofwhittier.org
mft.cityofwhittier.org
mail.whittierch.org
help.lafayetteco.gov
mail.whittierch.org
h2oremote.cityofwhittier.org
online.cityofwhittier.org
help.lafayetteco.gov
san-g2.granicusgovaccess.net
fs.cityofwhittier.org
online.cityofwhittier.org
hermes.whittierch.org
hermes.whittierch.org
cityofwhittier.org
san-a2.granicusgovaccess.net
mft.cityofwhittier.org
san-g2.granicusgovaccess.net
guest.cityofwhittier.org
online.cityofwhittier.org
mft.cityofwhittier.org
san-f2.granicusgovaccess.net
san-a2.granicusgovaccess.net
fs.cityofwhittier.org
guest.cityofwhittier.org
help.lafayetteco.gov
san-g2.granicusgovaccess.net
online.cityofwhittier.org
san-g2.granicusgovaccess.net
cityofwhittier.org
mft.cityofwhittier.org
helpdesk.gapsi.com
san-a2.granicusgovaccess.net
mft.cityofwhittier.org
san-g2.granicusgovaccess.net
guest.cityofwhittier.org
cityofwhittier.org
online.cityofwhittier.org
san-g2.granicusgovaccess.net
san-g2.granicusgovaccess.net
guest.cityofwhittier.org
guest.cityofwhittier.org
mft.cityofwhittier.org
online.cityofwhittier.org
mft.cityofwhittier.org
online.cityofwhittier.org
cityofwhittier.org
san-g2.granicusgovaccess.net
cityofwhittier.org
techsupport.maxsold.com
cityofwhittier.org
mail.cityofwhittier.org
www.cityofwhittier.org
san-a2.granicusgovaccess.net
techsupport.maxsold.com
mail.whittierch.org
www.cityofwhittier.org
fs.cityofwhittier.org
san-a2.granicusgovaccess.net
san-g2.granicusgovaccess.net
www.cityofwhittier.org

Certificate

The complete raw certificate details for online.cityofwhittier.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgIEVMvmqDANBgkqhkiG9w0BAQsFADCBujELMAkGA1UEBhMC
VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50
cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDE0IEVudHJ1c3Qs
IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwGA1UEAxMlRW50cnVz
dCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxTTAeFw0xNTAyMTEwMDI4Mzha
Fw0xNTExMDYxNzA4NTlaMIHkMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv
cm5pYTERMA8GA1UEBxMIV2hpdHRpZXIxEzARBgsrBgEEAYI3PAIBAxMCVVMxGzAZ
BgsrBgEEAYI3PAIBAhMKQ2FsaWZvcm5pYTEZMBcGA1UEChMQQ2l0eSBvZiBXaGl0
dGllcjEaMBgGA1UEDxMRR292ZXJubWVudCBFbnRpdHkxCzAJBgNVBAsTAklUMRMw
EQYDVQQFEwowMiAyOCAxODk4MSIwIAYDVQQDExlvbmxpbmUuY2l0eW9md2hpdHRp
ZXIub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ADPx8eNGQp6
eyVf63/v9Xjg/P9wBXMmEvDJAp+BNvbjM6GUHKkKi1E2ag8F5/VP4YQDtMhCemm9
v3WNZxEartMEfXx+GY7KcKP4JZJE9kbXG2eMaj2LsOfYdhatLxI4cOL7Tc016DUi
sq/uJksloeKvLQZ9Ea1kz+Id+4pnM32hSApDnkwdEKQKXH8BP1rXKFf/o6C8W50O
IjVsBECemKh8bSyR1zBxUy7UcnecpjRU4U8Rjsf+jvAkokaU7AuDJTLm/NE4OEky
NzTNKfDvltY9FMik1VikX6QlCOOn2awys8hZ/hQ39KYTUqkfXYhxx4TUE5sF69HI
rTSPVz1C+wIDAQABo4IBxjCCAcIwEwYKKwYBBAHWeQIEAwEB/wQCBQAwUgYDVR0R
BEswSYIZb25saW5lLmNpdHlvZndoaXR0aWVyLm9yZ4IVb25saW5lLndoaXR0aWVy
Y2gub3JnghVmcy5jaXR5b2Z3aGl0dGllci5vcmcwCwYDVR0PBAQDAgWgMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBoBggrBgEFBQcBAQRcMFowIwYIKwYB
BQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRw
Oi8vYWlhLmVudHJ1c3QubmV0L2wxbS1jaGFpbjI1Ni5jZXIwMwYDVR0fBCwwKjAo
oCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFtLmNybDBBBgNVHSAE
OjA4MDYGCmCGSAGG+mwKAQIwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRy
dXN0Lm5ldC9ycGEwHwYDVR0jBBgwFoAUw/fQtSowra8NkSFwOVTdvIlwxzowHQYD
VR0OBBYEFCoqHDpVfybSB3RqwHz6zeq7rJ82MAkGA1UdEwQCMAAwDQYJKoZIhvcN
AQELBQADggEBACd3z8J4HQHcTiQhRCs2S5OKJxcdlo/JTPifbfVRKwp0HKHeHOGz
8YP7AF4LjpMyLtMKYpnhVLP3PoTATL99ApYmQ6QN0E6XE0Rg93DQ4CWvcpsnbpue
5YOqf4OhJaLpUrHGNbfhFlZEBeyUYyFJOgCPdDAtyBwHiebmvGHL/z+OWxVZwqy/
G+rwduhXKauUMOXpLjZlnBHIVGk2lE3dUGJROatft32E4fzmhI0Y6ybymvblXam6
Z8ISDyWeaJWhZcMMRrFYrwGz7GSvQjb0MUnW/aPtFfF/1yJn8ym+6GP9kea8FrFi
3mvdPP1vMqRQTaBeI75huqiqhfS215yrFuc=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ADPx8eNGQp6eyVf63/v
9Xjg/P9wBXMmEvDJAp+BNvbjM6GUHKkKi1E2ag8F5/VP4YQDtMhCemm9v3WNZxEa
rtMEfXx+GY7KcKP4JZJE9kbXG2eMaj2LsOfYdhatLxI4cOL7Tc016DUisq/uJksl
oeKvLQZ9Ea1kz+Id+4pnM32hSApDnkwdEKQKXH8BP1rXKFf/o6C8W50OIjVsBECe
mKh8bSyR1zBxUy7UcnecpjRU4U8Rjsf+jvAkokaU7AuDJTLm/NE4OEkyNzTNKfDv
ltY9FMik1VikX6QlCOOn2awys8hZ/hQ39KYTUqkfXYhxx4TUE5sF69HIrTSPVz1C
+wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1422649000
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2014 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1M'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-02-11 00:28:38 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-11-06 17:08:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Whittier'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'City of Whittier'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '02 28 1898'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'online.cityofwhittier.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28277780548054930380217687866924694947802768148718155528142774873558130545060496708582476202077528638157151856030667172276658669228418966192848505633213800403832734154169550093263792221848196104470028801710289780343401941548486746435300811022140326807457720842021743669649839216607378194692051314761927812262658208275315050459159495806009434745409307854838968850369277847712706023394425178221027179154508752329390799073774844438655909384384801992395955893422813577928304259728719039525128164617789737359257547031717768811531791173068831223246548701954205250143012922543060296032315312608499304109315558567442563023611
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.cityofwhittier.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.whittierch.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fs.cityofwhittier.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1m-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1m.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.2 (Entrust EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c3f7d0b52a30adaf0d9121703954ddbc8970c73a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							2a2a1c3a557f26d207746ac07cfacdeabbac9f36
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002777cfc2781d01dc4e2421442b364b938a27171d968fc94cf89f6df5512b0a741ca1de1ce1b3f183fb005e0b8e93322ed30a6299e154b3f73e84c04cbf7d02962643a40dd04e97134460f770d0e025af729b276e9b9ee583aa7f83a125a2e952b1c635b7e116564405ec946321493a008f74302dc81c0789e6e6bc61cbff3f8e5b1559c2acbf1beaf076e85729ab9430e5e92e36659c11c8546936944ddd50625139ab5fb77d84e1fce6848d18eb26f29af6e55da9ba67c2120f259e6895a165c30c46b158af01b3ec64af4236f43149d6fda3ed15f17fd72267f329bee863fd91e6bc16b162de6bdd3cfd6f32a4504da05e23be61baa8aa85f4b6d79cab16e7