kenpo.mcdonalds.co.jp

- McDonald's Health Insurance Society -

Issued by SECOM Passport for Web SR 3.0 CA

About this certificate

This digital certificate with serial number 6a:55:04:b6:3a:45:d6:2c:ec:b2:6e:e1:f5:08:7b:ca was issued on by SECOM Trust Systems CO.,LTD..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

McDonald's Health Insurance Society

Organization: McDonald's Health Insurance Society
State / Province: Tokyo
Locality: Shinjuku-ku
Country: JP

SECOM Trust Systems CO.,LTD.

Organization: SECOM Trust Systems CO.,LTD.
Country: JP

This certificate has expire since

Certificate Details

Serial Number (hex): 6a:55:04:b6:3a:45:d6:2c:ec:b2:6e:e1:f5:08:7b:ca
Serial Number (int): 141339608353375092945351091793655528394
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 10:0f:c4:be:3e:ff:73:b4:2c:84:22:5a:01:dc:9f:0c:f6:29:d2:41
AuthorityKeyId: cb:ef:3d:ef:83:74:a1:a8:42:f0:3b:40:36:fa:6d:82:94:a9:27:36

Fingerprint (sha1): 7f:c4:fb:5d:8e:31:42:43:27:6a:9a:0b:33:88:d5:83:5a:21:9b:37
Fingerprint (sha256): 17:76:88:34:13:76:56:10:05:b8:20:24:ef:f5:18:14:c9:b7:6c:16:e5:58:c7:b9:15:d2:61:0c:1d:77:0d:df


Revocation information

OCSP Server: http://sr30.ocsp.secomtrust.net
CRL Distribution Point: http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl

Check the revocation status for certificate kenpo.mcdonalds.co.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for kenpo.mcdonalds.co.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

kenpo.mcdonalds.co.jp

Other certificates including the domain name mcdonalds.co.jp

(limited to 100 certificates)
etiexc20.mcdonalds.co.jp
enquete-crew.mcdonalds.co.jp
www.mcdonalds.co.jp
ewailb01.mcdonalds.co.jp
stg.mcdonalds.co.jp
mcdelivery.mcdonalds.com
ispmdjpprodfix.mcdonalds.co.jp
ispmdjpprod.mcdonalds.co.jp
webgatemdjpprod.mcdonalds.co.jp
kenpo.mcdonalds.co.jp
*.vc-dcdp.mcdonalds.co.jp
webgatemdjpprodfix.mcdonalds.co.jp
www.mcdonalds.co.jp
ssl-vpn.mcdonalds.co.jp
ebsmdjpdev2.mcdonalds.co.jp
webgatemdjpprodfix.mcdonalds.co.jp
map.mcdonalds.co.jp
www.mcdonalds.co.jp
ewsautelb01.mcdonalds.co.jp
ewacdpalb01.mcdonalds.co.jp
etiexc20.mcdonalds.co.jp
enquete-crew.mcdonalds.co.jp
ebsmdjpdev2.mcdonalds.co.jp
prod-alcpn-alb-external.mcdonalds.co.jp
webgatemdjpprod.mcdonalds.co.jp
crewrecruiting.mcdonalds.co.jp
iarmdjpprod.mcdonalds.co.jp
oammdjptest.mcdonalds.co.jp
ewacdpcdn01.mcdonalds.co.jp
stg.mcdonalds.co.jp
history-crew.mcdonalds.co.jp
etiexc20.mcdonalds.co.jp
prod-alcpn-alb-external.mcdonalds.co.jp
www.mcdonalds.co.jp
stg.mcdonalds.co.jp
ebsmdjpdev7.mcdonalds.co.jp
iarmdjpprod.mcdonalds.co.jp
ispmdjpprodfix.mcdonalds.co.jp
net-b.mcdonalds.co.jp
ebsaccmdjpprodfix.mcdonalds.co.jp
ispmdjpprodfix.mcdonalds.co.jp
ssl-vpn.mcdonalds.co.jp
map.mcdonalds.co.jp
www.mcdonalds.co.jp
mcdonalds.co.jp
map.mcdonalds.co.jp
history-crew.mcdonalds.co.jp
map.mcdonalds.co.jp
etiexc20.mcdonalds.co.jp
www.mcdonalds.co.jp
enquete-crew.mcdonalds.co.jp
ebsmdjpdev4.mcdonalds.co.jp
crewrecruiting.mcdonalds.co.jp
map.mcdonalds.co.jp
etiexc20.mcdonalds.co.jp
idmmdjpprod.mcdonalds.co.jp
net-b.mcdonalds.co.jp
ssl-vpn.mcdonalds.co.jp
iarmdjpprod.mcdonalds.co.jp
www.mcdonalds.co.jp
mcdelivery.mcdonalds.com
www.mcdonalds.co.jp
ebsaccmdjpprodfix.mcdonalds.co.jp
www.mcdonalds.co.jp
adfmdjpprod.mcdonalds.co.jp
c.mcdonalds.co.jp
*.vc-dcdp.mcdonalds.co.jp
iarmdjpprodfix.mcdonalds.co.jp
etiexc20.mcdonalds.co.jp
ssl-vpn.mcdonalds.co.jp
prod-alcpn-alb-external.mcdonalds.co.jp
*.vc-dcdp.mcdonalds.co.jp
mcdelivery.mcdonalds.com
www.mcdonalds.co.jp
iarmdjpprod.mcdonalds.co.jp
www.mcdonalds.co.jp
ebsmdjpdev5.mcdonalds.co.jp
iarmdjpprod.mcdonalds.co.jp
iarmdjpprodfix.mcdonalds.co.jp
ewsautelb01.mcdonalds.co.jp
www.mcdonalds.co.jp
ispmdjpprod.mcdonalds.co.jp
search.mcdonalds.co.jp
img.mcdonalds.co.jp
mcdelivery.mcdonalds.com
stg.mcdonalds.co.jp
oammdjptest.mcdonalds.co.jp
www.mcdonalds.co.jp
ispmdjpprodfix.mcdonalds.co.jp
appcs.mcdonalds.co.jp
c.mcdonalds.co.jp
idmmdjpprod.mcdonalds.co.jp
crewrecruiting.mcdonalds.co.jp
ebsmdjpprod.mcdonalds.co.jp
www.mcdonalds.co.jp
ebsmdjpdev7.mcdonalds.co.jp
www.mcdonalds.co.jp
soamdjpprod.mcdonalds.co.jp
mcdelivery.mcdonalds.com
ebsmdjpdev6.mcdonalds.co.jp

Certificate

The complete raw certificate details for kenpo.mcdonalds.co.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGZzCCBU+gAwIBAgIQalUEtjpF1izssm7h9Qh7yjANBgkqhkiG9w0BAQsFADBf
MQswCQYDVQQGEwJKUDElMCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4s
TFRELjEpMCcGA1UEAxMgU0VDT00gUGFzc3BvcnQgZm9yIFdlYiBTUiAzLjAgQ0Ew
HhcNMjAwMzEzMDkwNzQ5WhcNMjIwMzEzMTQ1OTU5WjCBgTELMAkGA1UEBhMCSlAx
DjAMBgNVBAgTBVRva3lvMRQwEgYDVQQHEwtTaGluanVrdS1rdTEsMCoGA1UEChMj
TWNEb25hbGQncyBIZWFsdGggSW5zdXJhbmNlIFNvY2lldHkxHjAcBgNVBAMTFWtl
bnBvLm1jZG9uYWxkcy5jby5qcDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbPPt+6/5ziI3n1ZuRQEPXbOw7yq8CHGWzCMxnZ//NFRIzsQfaprTD1N8hr
ei5YH5mG5iWUGfNBrQR1g4tOJdROsLsLfmp+cnL/0Y6TSLMjdr7RMYcfZw/pv83O
fMw0LsJ3RTw/aECnVuZ5OnB1jXx1oCqLm9LX2a6szjbnpIhgEgHMD48Am5BfU2qW
bw19S1AMxvZeT6TA4pWY+hc1Lyf74A6ar9mKVK3D/xeys+NMH0pWr3vYsEt+pvf5
PZ1uoJjt9fY5HfeFTrj7fwqCYdCbgzhvXUkM6SGNaBQt5iUaOWid65j7O2xF47wY
GcEC5qBoCUopjD1jtfOKWJ6cu4cCAwEAAaOCAvowggL2MB8GA1UdIwQYMBaAFMvv
Pe+DdKGoQvA7QDb6bYKUqSc2MDsGCCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYf
aHR0cDovL3NyMzAub2NzcC5zZWNvbXRydXN0Lm5ldDAgBgNVHREEGTAXghVrZW5w
by5tY2RvbmFsZHMuY28uanAwYQYDVR0gBFowWDBMBgoqgwiMmxtkhW8BMD4wPAYI
KwYBBQUHAgEWMGh0dHBzOi8vcmVwbzEuc2Vjb210cnVzdC5uZXQvc3BjcHAvcGZ3
L3Bmd3NyM2NhLzAIBgZngQwBAgIwEwYDVR0lBAwwCgYIKwYBBQUHAwEwTAYDVR0f
BEUwQzBBoD+gPYY7aHR0cDovL3JlcG8xLnNlY29tdHJ1c3QubmV0L3NwY3BwL3Bm
dy9wZndzcjNjYS9mdWxsY3JsMi5jcmwwHQYDVR0OBBYEFBAPxL4+/3O0LIQiWgHc
nwz2KdJBMA4GA1UdDwEB/wQEAwIFoDCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFn
AHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFw0y9/3QAABAMA
RjBEAiAQx3eQJ3NNyWV8kQC8dYQAPL3uQOD3Vu8KSzeselgZ5QIgVK6uiK6ML3qR
i1SS0cqvdLazLHTpA0qzgb5VflNzk3EAdgDuS723dc5guuFCaR+r4Z5mow9+X7By
2IMAxHuJeqj9ywAAAXDTL4c4AAAEAwBHMEUCIQCBwHIG3tSjOs91M6blqqGuPHZV
11/jV3Whw1wddlfarAIgQ8/Qzfu1UmEMSYcj5M8aeEG7rwJwigr2KXV3UI4ONzEA
dgBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAXDTL4vaAAAEAwBH
MEUCIQCl12PEV/khftVZ4V5ZxSVdRM77P0FnV9LGcj3UMIs29gIgKLcRY4hlDZDx
9OH/K8Q8QZS43I/K1ocQjuLHw3drbsswDQYJKoZIhvcNAQELBQADggEBAJUT7I3c
lykhbbtx1e8jK16Y34M64T700haB3LzitUmpxi3qBM8zMhEm1fbj+qdEgo7bERC/
StYATzJh5aKUIk1+WE0OPGjjpbzh4Dpqwq/Fxh1S4oxmRO8hyHA5WwoRSSzY2I+A
evKC68Ima6JvEVpQ2x+JgeLqNxr6jDUzolXRpsjQhcA6RJmo12WQMqkTuWm8FJBI
W5MaCctgCRr77AgvIAUrUoe20F2dIquiTZ99b1nEXoLwGG/ghxkvjL5/FAs/C418
GSrcbOkih9qWrH6hdRW4eIvf4Cdc3a9YzKXGm3dXuVHnZBYCNbGuUPyy1atITlqd
RuOUMGyOCWDNHgI=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts8+37r/nOIjefVm5FAQ
9ds7DvKrwIcZbMIzGdn/80VEjOxB9qmtMPU3yGt6LlgfmYbmJZQZ80GtBHWDi04l
1E6wuwt+an5ycv/RjpNIsyN2vtExhx9nD+m/zc58zDQuwndFPD9oQKdW5nk6cHWN
fHWgKoub0tfZrqzONuekiGASAcwPjwCbkF9TapZvDX1LUAzG9l5PpMDilZj6FzUv
J/vgDpqv2YpUrcP/F7Kz40wfSlave9iwS36m9/k9nW6gmO319jkd94VOuPt/CoJh
0JuDOG9dSQzpIY1oFC3mJRo5aJ3rmPs7bEXjvBgZwQLmoGgJSimMPWO184pYnpy7
hwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 141339608353375092945351091793655528394
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Trust Systems CO.,LTD.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Passport for Web SR 3.0 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-13 09:07:49 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-03-13 14:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tokyo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Shinjuku-ku'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'McDonald's Health Insurance Society'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kenpo.mcdonalds.co.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23077568118771283650547415384715637435713300617852011214204284007226870844009944375003696309743606402507680721687785228142541209209322681771185515443978864325545331255455350162053826799063081261050142461811396307452375601435562829175750951709243733263340549320124284069772293414538278167135432228067593027295446173862726428242925664499178386741712936315706784025890925911378386134909654604745554363764680603856573595100619899210844500274391719589892037584251507885709315499247015567179371589912999838166703961580429400687108607782391413520397226888497267693569762413107638169683088851948765213478199026725625463094151
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName cbef3def8374a1a842f03b4036fa6d8294a92736
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://sr30.ocsp.secomtrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kenpo.mcdonalds.co.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.392.200091.100.751.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							100fc4be3eff73b42c84225a01dc9f0cf629d241
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000170d32f7fdd0000040300463044022010c7779027734dc9657c9100bc7584003cbdee40e0f756ef0a4b37ac7a5819e5022054aeae88ae8c2f7a918b5492d1caaf74b6b32c74e9034ab381be557e53739371007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000170d32f8738000004030047304502210081c07206ded4a33acf7533a6e5aaa1ae3c7655d75fe35775a1c35c1d7657daac022043cfd0cdfbb552610c498723e4cf1a7841bbaf02708a0af6297577508e0e37310076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000170d32f8bda0000040300473045022100a5d763c457f9217ed559e15e59c5255d44cefb3f416757d2c6723dd4308b36f6022028b7116388650d90f1f4e1ff2bc43c4194b8dc8fcad687108ee2c7c3776b6ecb
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009513ec8ddc9729216dbb71d5ef232b5e98df833ae13ef4d21681dcbce2b549a9c62dea04cf33321126d5f6e3faa744828edb1110bf4ad6004f3261e5a294224d7e584d0e3c68e3a5bce1e03a6ac2afc5c61d52e28c6644ef21c870395b0a11492cd8d88f807af282ebc2266ba26f115a50db1f8981e2ea371afa8c3533a255d1a6c8d085c03a4499a8d7659032a913b969bc1490485b931a09cb60091afbec082f20052b5287b6d05d9d22aba24d9f7d6f59c45e82f0186fe087192f8cbe7f140b3f0b8d7c192adc6ce92287da96ac7ea17515b8788bdfe0275cddaf58cca5c69b7757b951e764160235b1ae50fcb2d5ab484e5a9d46e394306c8e0960cd1e02