UCAAS1-CTPC1-01.ricoh-usa.com

- Ricoh USA, Inc. -

Issued by AffirmTrust Certificate Authority - OV1

About this certificate

This digital certificate with serial number 3c:69:fd:a4:26:31:73:b8:00:00:00:00:58:08:b4:09 was issued on by AffirmTrust.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Ricoh USA, Inc.

Organization: Ricoh USA, Inc.
State / Province: New Jersey
Locality: Caldwell
Country: US

AffirmTrust

Organization: AffirmTrust
Organization unit: See www.affirmtrust.com/repository
Country: CA

This certificate has expire since

Certificate Details

Serial Number (hex): 3c:69:fd:a4:26:31:73:b8:00:00:00:00:58:08:b4:09
Serial Number (int): 80304015372109699691911418741508322313
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: a2:b6:30:36:27:5a:c4:d7:1f:e9:b1:3d:54:cf:6c:64:38:d8:43:fa
AuthorityKeyId: fe:60:c3:0d:a4:a2:9d:21:4f:7a:78:4c:62:c5:db:14:fc:39:78:c4

Fingerprint (sha1): 83:d1:b6:34:e6:a8:6c:d7:da:ca:d5:fa:a5:5e:41:76:85:6b:9f:a4
Fingerprint (sha256): 17:cd:6d:c1:a0:de:09:5a:5f:43:49:57:e8:74:11:1a:d8:ad:88:2c:bd:97:65:c0:ee:54:f4:db:12:0a:61:7f

Issuing Certificate URL: http://aia.affirmtrust.com/aftov1ca.crt

Revocation information

OCSP Server: http://ocsp.affirmtrust.com
CRL Distribution Point: http://crl.affirmtrust.com/crl/aftov1ca.crl

Check the revocation status for certificate UCAAS1-CTPC1-01.ricoh-usa.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for UCAAS1-CTPC1-01.ricoh-usa.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

UCAAS1-CTPC1-01.ricoh-usa.com

Other certificates including the domain name ricoh-usa.com

(limited to 100 certificates)
*.ricoh-usa.com
ssl1.ricoh-usa.com
adaptiveformstest.ricoh-usa.com
boulder-ssl1.ricoh-usa.com
*.returnmailservices.ricoh-usa.com
support.rpp.ricoh-usa.com
*.ricoh-usa.com
proxyapi.my3dhealthcaredev.ricoh-usa.com
storefront.ricoh-usa.com
cs2.ricoh-usa.com
mdm.ricoh-usa.com
xen.ricoh-usa.com
*.ricoh-usa.com
*.ricoh-usa.com
events.ricoh-usa.com
rworld-test.ricoh-usa.com
portal.ricoh-usa.com
UCAAS2-CTPC1-01.ricoh-usa.com
UCAAS11-CTPC1-01.dev.ricoh-usa.com
mdm.ricoh-usa.com
rworld-test.ricoh-usa.com
mobileha.ricoh-usa.com
support.rpp.ricoh-usa.com
sts.ricoh-usa.com
UCAAS11-CUCPUB2-01.dev.ricoh-usa.com
newsroom.ricoh-usa.com
pb1.ricoh-usa.com
sts.dev.ricoh-usa.com
ucaas11-cup1-01.dev.ricoh-usa.com
*.ricoh-usa.com
ricohaps.ricoh-usa.com
boulder-ssl2.ricoh-usa.com
sts.ricoh-usa.com
sts.preprod.ricoh-usa.com
newsroom.ricoh-usa.com
*.awsdev.ricoh-usa.com
UCAAS2-UCMPUB2-01-ms.ricoh-usa.com
*.Ricoh-usa.com
jobs.ricoh-usa.com
*.ricoh-usa.com
UCAAS1-CTPC1-01.ricoh-usa.com
*.ricoh-usa.com
cs3.ricoh-usa.com
tec.ricoh-usa.com
cs3.ricoh-usa.com
rworld-test.ricoh-usa.com
*.ricoh-usa.com
rscc.ricoh-usa.com
thedocshop.ricoh-usa.com
events.ricoh-usa.com
sts.dev.ricoh-usa.com
iapoc.intelligentdelivery.ricoh-usa.com
*.ricoh-usa.com
ricohspha.ricoh-usa.com
ctpat.ricoh-usa.com
rworld-test.ricoh-usa.com
mobile3.ricoh-usa.com
*.Ricoh-usa.com
sts.ricoh-usa.com
PhishReporter.ricoh-usa.com
solutionfinder.ricoh-usa.com
*.ricoh-usa.com
ddpe.ricoh-usa.com
*.ricoh-usa.com
asklola.ricoh-usa.com
GA16ARTDEV01.ricoh-usa.com
*.ricoh-usa.com
lpo.ricoh-usa.com
mobile.ricoh-usa.com
comms.ricoh-usa.com
my.ricoh-usa.com
ssl1.ricoh-usa.com
sts.ricoh-usa.com
UCAAS2-CUCPUB2-01-ms.ricoh-usa.com
adaptiveformsdev.ricoh-usa.com
UCAAS11-VCSE-01B.dev.ricoh-usa.com
newsroom.ricoh-usa.com
ssl2.ricoh-usa.com
images.learn.ricoh-usa.com
sts.ricoh-usa.com
UCAAS2-UCMPUB2-01.ricoh-usa.com
ddpe.ricoh-usa.com
sts.preprod.ricoh-usa.com
portal.ricoh-usa.com
ssl2.ricoh-usa.com
UCAAS2-CUP2-01-ms.ricoh-usa.com
mobileha.ricoh-usa.com
UCAAS11-VCSE1-01A.dev.ricoh-usa.com
ucaas11-cucpub1-01-ms.dev.ricoh-usa.com
*.ricoh-usa.com
portal.ricoh-usa.com
gitcloud.awsdev.ricoh-usa.com
*.ricoh-usa.com
rworld.ricoh-usa.com
mobilepoc.ricoh-usa.com
my.ricoh-usa.com
rworld-test.ricoh-usa.com
xenapp.ricoh-usa.com
rworld.ricoh-usa.com
ssl2.ricoh-usa.com

Certificate

The complete raw certificate details for UCAAS1-CTPC1-01.ricoh-usa.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGSDCCBTCgAwIBAgIQPGn9pCYxc7gAAAAAWAi0CTANBgkqhkiG9w0BAQsFADCB
gjELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYDVQQLEyJT
ZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTAwLgYDVQQDEydBZmZp
cm1UcnVzdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBPVjEwHhcNMTgxMjEzMTYx
NDI3WhcNMjAxMjEzMTY0NDI0WjB3MQswCQYDVQQGEwJVUzETMBEGA1UECBMKTmV3
IEplcnNleTERMA8GA1UEBxMIQ2FsZHdlbGwxGDAWBgNVBAoTD1JpY29oIFVTQSwg
SW5jLjEmMCQGA1UEAxMdVUNBQVMxLUNUUEMxLTAxLnJpY29oLXVzYS5jb20wggIi
MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC5UAkdQ4xI/5EXK8YHxJjyl6zA
+Ac76vvBXdiUvyVSSqY9nGPzPbzyaqW3rpLvpecgGnTeb/GWDPAc6AreDJr2G1JH
r1ccGT1a3gcaqkvSltEqxIionMA9q41r6m8N4GzDuGb2xjgoxZVVSfXJ/hoLj91V
omnuJor1s9nqvi2j1y0j946O7l8eT6v5f/aCCunXT4K2bJd2UrMCs0gZIkigu6TB
82xLmsH6XAy1U4qmxOp3dzG0F9Qzhc9hpYM1SHQ0nBaFV3oy1qVN8+1u6oPOPgA3
VFGW5+lPr2US6o5VwdRsHf6z4R+VkEVmM1YzZxEQu+Ka3MTVKyQn2asL6WW2sDva
3UgwEtdfncsW9TUOaa5DkYz1HbIA91HJuNp/6nTNehtYNP5hI2wNFqnzOC3KuDDZ
F1HGPKjsTS9k/CUIvExVAY39JSYlMKjNPPwOk5ZpyGmjtq9eN+aYge/s7/mwj6Oo
5/zw3F76F6+GkwoNMEe3n9f7XTj78H6QUFhnjpMPql6o2Tq3C/SL/US2ek4S3OoO
S8bnEIetkSQ3Cg8lpZ0/F2aKE3crdJ35W8dMHXdW86hh7Zb5Iumf/xDaNF7Nqyda
wL6OiGd3WCElcjyVpEoWBK9bQkff7a61q1VSCKfaRmbcQdQ6Z4uTehCWCeFq2iDi
YjPvVGj2NAFhLa+T2QIDAQABo4IBwjCCAb4wEwYKKwYBBAHWeQIEAwEB/wQCBQAw
KAYDVR0RBCEwH4IdVUNBQVMxLUNUUEMxLTAxLnJpY29oLXVzYS5jb20wDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAJBgNVHRME
AjAAMGwGCCsGAQUFBwEBBGAwXjAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AuYWZm
aXJtdHJ1c3QuY29tMDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmFmZmlybXRydXN0
LmNvbS9hZnRvdjFjYS5jcnQwVwYDVR0gBFAwTjBCBgorBgEEAYKPCQIFMDQwMgYI
KwYBBQUHAgEWJmh0dHBzOi8vd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5
MAgGBmeBDAECAjA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3JsLmFmZmlybXRy
dXN0LmNvbS9jcmwvYWZ0b3YxY2EuY3JsMB8GA1UdIwQYMBaAFP5gww2kop0hT3p4
TGLF2xT8OXjEMB0GA1UdDgQWBBSitjA2J1rE1x/psT1Uz2xkONhD+jANBgkqhkiG
9w0BAQsFAAOCAQEAQsXb1YX5Lht+w6Bsb3X8jUi3U+/X9/D9Czehq0zdgbtbVBFf
Yr/X6rLo/tjkB6GHUcw/8E3pHVU4XqHRYvcivCmADYYg7Caxk6FdrsmqmKnv97dv
eyGfcQ9LOiwRbr1tDtUVIblt0cSL7mwG+avi1qYm62+mZjzB7wbaJWWZOxcQEY+n
eJdBku71LYWzekjSpCiW1gL8eEh++1gnIupmSwN8szmH/YyLV2hocX0dA2XYWUcB
OXQE+bTxt63YpBBe+bBGdZxzl0ZbBFXPVlgvBXvWXQ1EnLaiZVCaR4HLheMaNSRP
Pm+b6QynxGztxj1JjLAK1JFltWirfK6mavOeAg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuVAJHUOMSP+RFyvGB8SY
8peswPgHO+r7wV3YlL8lUkqmPZxj8z288mqlt66S76XnIBp03m/xlgzwHOgK3gya
9htSR69XHBk9Wt4HGqpL0pbRKsSIqJzAPauNa+pvDeBsw7hm9sY4KMWVVUn1yf4a
C4/dVaJp7iaK9bPZ6r4to9ctI/eOju5fHk+r+X/2ggrp10+CtmyXdlKzArNIGSJI
oLukwfNsS5rB+lwMtVOKpsTqd3cxtBfUM4XPYaWDNUh0NJwWhVd6MtalTfPtbuqD
zj4AN1RRlufpT69lEuqOVcHUbB3+s+EflZBFZjNWM2cRELvimtzE1SskJ9mrC+ll
trA72t1IMBLXX53LFvU1DmmuQ5GM9R2yAPdRybjaf+p0zXobWDT+YSNsDRap8zgt
yrgw2RdRxjyo7E0vZPwlCLxMVQGN/SUmJTCozTz8DpOWachpo7avXjfmmIHv7O/5
sI+jqOf88Nxe+hevhpMKDTBHt5/X+104+/B+kFBYZ46TD6peqNk6twv0i/1EtnpO
EtzqDkvG5xCHrZEkNwoPJaWdPxdmihN3K3Sd+VvHTB13VvOoYe2W+SLpn/8Q2jRe
zasnWsC+johnd1ghJXI8laRKFgSvW0JH3+2utatVUgin2kZm3EHUOmeLk3oQlgnh
atog4mIz71Ro9jQBYS2vk9kCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 80304015372109699691911418741508322313
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AffirmTrust'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.affirmtrust.com/repository'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AffirmTrust Certificate Authority - OV1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-13 16:14:27 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-13 16:44:24 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Jersey'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Caldwell'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ricoh USA, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'UCAAS1-CTPC1-01.ricoh-usa.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 756009608724802214288666417165560828726113173070673855660406396441943546782051029088230767282923437268614449674964145175421639949190307216292150479073134376586554569033983144719041959728857230184278222532385783511621069374419382719371351445068775408107882563044974164743768330397671642193575407266792275278090127790155414970637472625460782532636997813685128993026233538302957974856234095094452273037727245965159020023524724826420601365345701821068515355023313738440464667598697817343187412625093074256742219994594018354490233275080548518375793576543426681404062325707541339369913476224295811622116514746054116936211218774958936812023739912610438880281712126139835183868907029573065690238937384266033312832679423220895442429975377232809605363000027086180130145469896473751482790458032008875413201970942058722754334134175596136672938573818671323592760029158396167296113419776194231621890319080275640020615066113363841238236901028643962247380188129980960084380051988993014642487458961834485437784921514158120379791199525195760514402732102113221618775407925788269864398065689793161687339771106419571847814600514620646116738397510504166398389066745876571345998525673458737408460881894971064121018863423437699651262216327852325191893881817
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'UCAAS1-CTPC1-01.ricoh-usa.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.affirmtrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.affirmtrust.com/aftov1ca.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.34697.2.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.affirmtrust.com/repository'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.affirmtrust.com/crl/aftov1ca.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName fe60c30da4a29d214f7a784c62c5db14fc3978c4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a2b63036275ac4d71fe9b13d54cf6c6438d843fa
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0042c5dbd585f92e1b7ec3a06c6f75fc8d48b753efd7f7f0fd0b37a1ab4cdd81bb5b54115f62bfd7eab2e8fed8e407a18751cc3ff04de91d55385ea1d162f722bc29800d8620ec26b193a15daec9aa98a9eff7b76f7b219f710f4b3a2c116ebd6d0ed51521b96dd1c48bee6c06f9abe2d6a626eb6fa6663cc1ef06da2565993b1710118fa778974192eef52d85b37a48d2a42896d602fc78487efb582722ea664b037cb33987fd8c8b576868717d1d0365d8594701397404f9b4f1b7add8a4105ef9b046759c7397465b0455cf56582f057bd65d0d449cb6a265509a4781cb85e31a35244f3e6f9be90ca7c46cedc63d498cb00ad49165b568ab7caea66af39e02