homenow-d.bokf.com

- BOK Financial Corporation -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 0d:fc:02:b8:45:b5:66:13:00:00:00:00:50:f2:4a:af was issued on Tuesday May 28, 2019 at 8:15PM by Entrust, Inc..

With 14 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.

We have idenified some issues with this certificate:

Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

BOK Financial Corporation

Organization: BOK Financial Corporation

State / Province: Oklahoma
Locality: Tulsa
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only

Country: US

This certificate has expire since Friday May 28, 2021 at 8:45PM UTC

Certificate Details

Serial Number (hex): 0d:fc:02:b8:45:b5:66:13:00:00:00:00:50:f2:4a:af
Serial Number (int): 18588477917929556121010589693480422063
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 94:8d:c3:2c:6c:ef:04:5e:12:fc:83:6f:ab:32:ac:e9:9b:4a:86:a3
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): aa:4f:9b:00:98:69:6f:8a:00:18:5c:d9:f7:9d:6e:51:be:49:b7:d8
Fingerprint (sha256): 19:a3:75:45:e9:c1:de:08:1a:9f:ef:53:3b:52:6d:d4:2b:08:74:5a:20:60:43:13:fd:14:be:c0:25:da:07:77

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate homenow-d.bokf.com

14

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for homenow-d.bokf.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

Fully Qualified Domain Names

homenow-d.bokf.com

hfc-d.bokf.com

homenow-az-d.bokfinancial.com

homenow-co-d.bokfinancial.com

homenow-d.bankofalbuquerque.com

homenow-d.bankofarkansas.com

homenow-d.bankofoklahoma.com

homenow-d.bankoftexas.com

homenow-d.homedirectmortgage.com

homenow-d.mobank.com

mortgage-d.bankofalbuquerque.com

mortgage-d.bankofoklahoma.com

mortgage-d.bankoftexas.com

mortgage-d.bokf.com

homenow-d.bokf.com
hfc-d.bokf.com
homenow-az-d.bokfinancial.com
homenow-co-d.bokfinancial.com
homenow-d.bankofalbuquerque.com
homenow-d.bankofarkansas.com
homenow-d.bankofoklahoma.com
homenow-d.bankoftexas.com
homenow-d.homedirectmortgage.com
homenow-d.mobank.com
mortgage-d.bankofalbuquerque.com
mortgage-d.bankofoklahoma.com
mortgage-d.bankoftexas.com
mortgage-d.bokf.com

Other certificates including the domain name bokf.com

(limited to 100 certificates)

homenow-d.bokf.com
chat.bokf.com
onlinebanking.bokfinancial.com
VRT-CDT-F02-UAP.bokf.com
demo.spendcontrol.bokf.com
tradeadvance.bokf.com
tradeadvance.bokf.com
m3.treasurysource.bokf.com
mortgagenow.bokf.com
insights.bokf.com
thebeacon.bokf.com
onlinebanking.bokfinancial.com
treasurysource2.bokf.com
onlinebanking.bokfinancial.com
homenow-t.bokf.com
mortgagebanker.bokf.com
san-38-s12.tlsprovisioning.exacttarget.com
www.bokfinancial.com
fxadvance.bokf.com
media.bokf.com
FXAdvance3.bokf.com
s.bokf.com
homenow.bokf.com
san-38-s12.tlsprovisioning.exacttarget.com
www.bokf.com
remote.bokf.com
startrightauth.bokf.com
FXAdvance2.bokf.com
homenow-t.bokf.com
imperva.com
magnet.bokf.com
m2.businesssource.bokf.com
imperva.com
mortgage.bokf.com
treasurysource.bokf.com
bankconnect.bokf.com
startright.bokf.com
fxadvance.bokf.com
homenow-t.bokf.com
cashvault.bokf.com
m2.treasurysource.bokf.com
bankconnecttest.bokf.com
imperva.com
homenow.bokf.com
mortgagebanker.bokf.com
*.portal.bokf.com
san-38-s12.tlsprovisioning.exacttarget.com
remote.bokf.com
investor.bokf.com
thebeacon.bokf.com
businesssource2.bokf.com
clientsource.bokf.com
imperva.com
homenow-mqa.bokf.com
mortgagenow.bokf.com
imperva.com
response.bokf.com
evision.bokf.com
securemail.bokf.com
mortgage.bokf.com
mortgage.bokf.com
san-38-s12.tlsprovisioning.exacttarget.com
businesssource2.bokf.com
vrt-cdt-f02-uap.bokf.com
*.portal.bokf.com
spendcontrol.bokf.com
onlinebanking.bokfinancial.com
www.spendcontrol.bokf.com
dbpsamlsso.bokf.com
remitviewdemo.bokf.com
go.bokf.com
remitviewdemo.bokf.com
eserviceswc.bokf.com
demo.webera.bokf.com
imperva.com
investor.bokf.com
FXAdvance2.bokf.com
maintenance.bokf.com
homenow-d.bokf.com
owa.bokf.com
payweb.bokf.com
www.bokfinancial.com
businesssource.bokf.com
homenow.bokf.com
cs.bokf.com
homenow-t.bokf.com
www.bokfinancial.com
remote.bokf.com
m.businesssource.bokf.com
eserviceswc.bokf.com
pospay.bokf.com
returnsource.bokf.com
mortgagebanker.bokf.com
FXAdvance3.bokf.com
securemail.bokf.com
businesssource.bokf.com
BusinessSource.bokf.com
FXAdvance3.bokf.com
treasurysource2.bokf.com
s.bokf.com

Certificate

The complete raw certificate details for homenow-d.bokf.com in PEM and ASN.1 format.

Certificate (PEM)

Public Key (PEM)

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 18588477917929556121010589693480422063
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-28 20:15:46 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-05-28 20:45:45 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oklahoma'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tulsa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BOK Financial Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'homenow-d.bokf.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27031785232827951157994636702433391432340132786779111412186994516628260066601337008500359214479698750845427650191514953350729073585612083531175136679408979298098590700947275338142328976573966011173923076153813924538815272431329392427850733292845691930364570348699118952966514349304987496726000642612383478132470292139002334166458368023260821884899396591059892053283692429572505341363933324147640717342310055563928364547017771231805425484998917881608497723682000714329824637543720342741123981146990974890821892727216470669734041080056343905552670096157018193775057465148210204362271532872109352561442253360636408855053
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (392 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homenow-d.bokf.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hfc-d.bokf.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homenow-az-d.bokfinancial.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homenow-co-d.bokfinancial.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homenow-d.bankofalbuquerque.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homenow-d.bankofarkansas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homenow-d.bankofoklahoma.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homenow-d.bankoftexas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homenow-d.homedirectmortgage.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homenow-d.mobank.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mortgage-d.bankofalbuquerque.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mortgage-d.bankofoklahoma.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mortgage-d.bankoftexas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mortgage-d.bokf.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (481 bytes)
							01df0076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016b00311de5000004030047304502210089dae709c74ed80ccb990fc10b9002d2dd6105ed8bff6f95769889ca1ba546c602204a7dd5693e62cb15a2c2640bd20a0729739879830744800dafa281cfa50641d90075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016b00311e00000004030046304402200541446ee6ce233669905b6a9088cf0716c23c7845fcba84607fb096ee79c1650220127e287125b46e759e5bcd4171230ad01aee9fb341cecec85ef8c174cf795c800076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016b00311ea800000403004730450220531e12f3427bb799927fde4261933c16d332ba42c1443f93271590d704b6a671022100ebcc5930c1ff50d321f0e7e6c2f2205071825be0370b013c1f27593a0944c1f3007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016b00311dec000004030047304502210080c039313f7be7b57984e56e933808f340a91872b9d904c5bc9cbcb0a77c6b1502203e145a5666171d298d5786bce64839ad87fda745b052629a8507c3e19d39aaa4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							948dc32c6cef045e12fc836fab32ace99b4a86a3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006d7bc91e017406a0f4dc4a80cccd14a4fab35685a18381a34a8dc2ded264a099c00ee1eddc835515aa89de07e52d337b689efd09074d564ce4b6570fd76d53c04d81171182ff892b2f0db8b8dd2decbe2b6224e50cbd8854ecad2733f2ecbe6b23e240a005c8b74a36d56197a2567f869a52bb6f5bcfc2c7f1933f574e330c4f68944cf97e4d9ba2c09e530016f5d6dba6c7fefacc66173727ea717dd4c72c4f0108d399a6496175f995f3bfab73c6b0e19b75811b7d064bf30aa321fafa8348441a08af557a4419c994c8628037722c9235adb666b1b18c4495d42bf52693928866f99c29655b9a8bcf7ed9981c00645521a092e6565e563f12238ce07ba0a9