pw1-ssor7a.edf.fr

- EDF -

Issued by CLASS 2 KEYNECTIS CA

About this certificate

This digital certificate with serial number 11:21:26:e4:9b:16:24:26:3d:94:1f:35:66:50:04:6a:d4:55 was issued on by KEYNECTIS.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

EDF

Organization: EDF
Organization unit: CSP IT
State / Province: PARIS
Locality: PARIS
Country: FR

KEYNECTIS

Organization: KEYNECTIS
Country: FR

This certificate has expire since

Certificate Details

Serial Number (hex): 11:21:26:e4:9b:16:24:26:3d:94:1f:35:66:50:04:6a:d4:55
Serial Number (int): 1492189876601366430862421470521062140335189
Serial Number lenght: 141 bits, 18 octets

SubjectKeyId: 02:c7:90:0f:28:26:17:cc:a6:d5:07:80:ad:af:00:c5:15:43:65:ac
AuthorityKeyId: 00:11:41:df:3b:9d:3b:cb:b8:a2:c1:33:92:a8:81:cc:e5:7d:e7:99

Fingerprint (sha1): cd:6b:0d:2a:ca:20:33:f2:8e:73:2c:ce:99:e2:a8:66:b3:cc:84:10
Fingerprint (sha256): 1a:30:af:ad:93:b4:53:42:d6:70:9b:65:ec:7d:ea:b4:32:9f:06:27:41:2b:7d:9d:92:96:51:52:7a:60:9f:b3


Revocation information

OCSP Server: http://ocsp-ssl.certificat2.com/ssl-ocsp
CRL Distribution Point: http://crl-ssl.certificat2.com/keynectis/class2keynectisca.crl

Check the revocation status for certificate pw1-ssor7a.edf.fr

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for pw1-ssor7a.edf.fr

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

pw1-ssor7a.edf.fr
pwa-ssor7a.edf.fr
pw1-ssor7a.edf.com

Other certificates including the domain name edf.fr

(limited to 100 certificates)
mypgi-recette.edf.fr
s02.noe.ldap.qualif.alpha.swb.enedis.fr
VDI1380023.atlas.edf.fr
m02.noe.ldap.prod.alpha.swb.enedis.fr
monagencepart.edf.fr
zep304di.distribution.edf.fr
pwa-sso-rbb.edf.fr
portail-osr-prestataires.enedis.fr
sso.edf.fr
zer331b7.distribution.edf.fr
ldap-part-interne-a-rbb.edf.fr
pblock-dev.edf.fr
ldap-part-interne-a-perf.edf.fr
publish-rcc-siterc.cie.edf.fr
commerce-ottawa-rbb.edf.fr
pcyintplypdi001.neoprod.edf.fr
emm-iq.edf.fr
test-websso-gardian.edf.fr
paas-pp.edf.fr
services-mobiles-iq.edf.fr
distri-vermeer.edf.fr
bo-preprod-travaux.cie.edf.fr
int-myaccess.edf.fr
sei-raccordement.edf.fr
one-module.edf.fr
websso-gardian.myelectricnetwork.com
odicee.edf.fr
portail-osr-prestataires.enedis.fr
preiq-websso-gardian.edf.fr
iceua.edf.fr
intranetetendu.edf.fr
acces-1.a2i.edf.fr
appli-ssa-qual-fhm.edf.fr
publish-rf2-siterc.cie.edf.fr
mypaas-r7.edf.fr
ELECTRICITE DE FRANCE
hydrovigie-int.edf.fr
*.usine-stg2.edf.fr
hydro-doctopus-rec.edf.fr
prod-sdin-passerelle-partenaire.edf.fr
paas-data-r7.edf.fr
icesb.edf.fr
mrbot-edf-entreprises-prd.edf.fr
pcydmzplywfe001.intranet.edf.com
opendata-martinique.edf.fr
noefy8jc.noe.edf.fr
noeintplypfe001.neoprod.edf.fr
cws.edf.fr
appli-ssa-prod-web2.edf.fr
icecp.edf.fr
equilibre.corse.edf.fr
eboard-recette-r1.edf.fr
pwb-sso.edf.fr
opendata-guadeloupe.edf.fr
collab.intranet.enedis.fr
opendata-reunion.edf.fr
si-devops-repository.edf.fr
sso-perf.edf.fr
noea06te.noe.edf.fr
remit.cie.edf.fr
rh-olimp-distributeur.edf.fr
owapcy.extranet.edf.fr
iceua.edf.fr
projet-piscine.edf.fr
no2fyb45.noe.edf.fr
autoconsommation.dn.edf.fr
travaux.edf.fr
partenaires.edf.fr
eboard-recette-r2.edf.fr
commerce-smoothie.edf.fr
ldap-part-b-perf.edf.fr
vote-pulse.cie.edf.fr
portail-osr-prestataires-rec1.enedis.fr
emm-iq.edf.fr
immoconforme.edf.fr
proto-b-prod.edf.fr
rh-gama.edf.fr
itzmirecette.edf.fr
partenaires.edf.fr
pcyintpirgw001-mopieurs.edf.fr
panel-particuliers.dn.edf.fr
eboard.edf.fr
www.paiement-particulier.edf.fr
edfrecrute.edf.fr
edf.fr
iasvi-recette.edf.fr
opendata-guadeloupe.edf.fr
prod.sfdb.edf.fr
noeintplypfe002.neoprod.edf.fr
owa.extranet.ppmccu.fr
opendata-corse.edf.fr
pc2fy72t.pcy.edf.fr
zep3321n.distribution.edf.fr
api-r7.edf.fr
opendata-reunion.edf.fr
mrbot-edf-entreprises-prd.edf.fr
publish-pp2-siterc.cie.edf.fr
dbi-dev.edf.fr
noedmzplywdi001.intranet.edf.com
pilotimmo.edf.fr

Certificate

The complete raw certificate details for pw1-ssor7a.edf.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgISESEm5JsWJCY9lB81ZlAEatRVMA0GCSqGSIb3DQEBCwUA
MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKEwlLRVlORUNUSVMxHTAbBgNVBAMTFENM
QVNTIDIgS0VZTkVDVElTIENBMB4XDTE2MDQyMDEzMzY1MVoXDTE3MDQyMTEzMzY1
MVowaDELMAkGA1UEBhMCRlIxDjAMBgNVBAgMBVBBUklTMQ4wDAYDVQQHDAVQQVJJ
UzEPMA0GA1UECwwGQ1NQIElUMQwwCgYDVQQKDANFREYxGjAYBgNVBAMTEXB3MS1z
c29yN2EuZWRmLmZyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8+V
R+kDMh61vSG80lihDbZ9vwpKA2tJrQolamd71RcfnxG1iJREjWTRXzpdcWa5VBvA
bsPIUIrgOg8ubKDkKsjDjxjxk09jO3SY8TNVPHZhOuZYPqLMjjiYchHRu2f2zV7S
+wtsc+5mxVwmh44+t7L1nCcavZMaxfCeKjD3i1ksbGgkV1nxFIUWffM0RzVwuDdK
xv54alAt3c0Q1qiz8q8ZjP6OWLiseCg639QB48sRI6mgUyXN0ym57NY7c+xLsEze
eI9P6um/GSHmVv4+Q9iCkyx68GqWNQmXez03F4z2oRwpeHj7yqtjBMjQk+w46fRQ
HNIjY4pbL8daaOdxcQIDAQABo4IBpDCCAaAwDAYDVR0TAQH/BAIwADAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEMGA1UdEQQ8
MDqCEXB3MS1zc29yN2EuZWRmLmZyghFwd2Etc3NvcjdhLmVkZi5mcoIScHcxLXNz
b3I3YS5lZGYuY29tME8GA1UdHwRIMEYwRKBCoECGPmh0dHA6Ly9jcmwtc3NsLmNl
cnRpZmljYXQyLmNvbS9rZXluZWN0aXMvY2xhc3Mya2V5bmVjdGlzY2EuY3JsMEQG
CCsGAQUFBwEBBDgwNjA0BggrBgEFBQcwAYYoaHR0cDovL29jc3Atc3NsLmNlcnRp
ZmljYXQyLmNvbS9zc2wtb2NzcDBFBgNVHSAEPjA8MDoGDSsGAQQBga1aAgUCBQEw
KTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5vcGVudHJ1c3QuY29tL1BDMB0GA1Ud
DgQWBBQCx5APKCYXzKbVB4CtrwDFFUNlrDAfBgNVHSMEGDAWgBQAEUHfO507y7ii
wTOSqIHM5X3nmTANBgkqhkiG9w0BAQsFAAOCAQEAUsfvYoMkqCJhGYi4+lr4DQfv
YhybFh5Hpjo2x47tUEpjolOX6SKpo93PBLzdaUwjhSncr8SspTZ4s93TqVEtDLFM
kFt/am4LL2FqZ0PMh0JEV+AitOuI/F2PS9PVfRQ6K/yrMnmGaT7t6GbkzmamstDg
EnvZwRSgw2h0iaSI9hrAeuF9pl6WgXkASoEDHX6znMhV7sjg0OA2UFhKsAxAopJE
4eWc3+VSx0CIYVn+f5Nmy6HChHEwocUsc/G9wjQJD67mPmHC+r4/EhStPjulCJ6J
7Ix+dKWTzKd50IJewa6KazChy28bmtStd+IYSYB0+E3liez1uQKY/PF4j4UAQw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8+VR+kDMh61vSG80lih
DbZ9vwpKA2tJrQolamd71RcfnxG1iJREjWTRXzpdcWa5VBvAbsPIUIrgOg8ubKDk
KsjDjxjxk09jO3SY8TNVPHZhOuZYPqLMjjiYchHRu2f2zV7S+wtsc+5mxVwmh44+
t7L1nCcavZMaxfCeKjD3i1ksbGgkV1nxFIUWffM0RzVwuDdKxv54alAt3c0Q1qiz
8q8ZjP6OWLiseCg639QB48sRI6mgUyXN0ym57NY7c+xLsEzeeI9P6um/GSHmVv4+
Q9iCkyx68GqWNQmXez03F4z2oRwpeHj7yqtjBMjQk+w46fRQHNIjY4pbL8daaOdx
cQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1492189876601366430862421470521062140335189
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'KEYNECTIS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CLASS 2 KEYNECTIS CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-04-20 13:36:51 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-04-21 13:36:51 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'PARIS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'PARIS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'CSP IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'EDF'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'pw1-ssor7a.edf.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21184159985124713425114940649872360371613379904002385043049924722896602727789232989395848460200320775022355301519665487232398513302572125512589933357621950230658171691213716528532075999811179146369442124043908582371725434010905055637336193942563523438562547287782037137755026523478986414964609594857970255389965301880356198968263372062342587463994727598763712789569164952627050150213809816162910531391809465888683429724378673213924745442087137759551821579934486964269329991203371633412562310667556593914907071994653430097406225790135175922083092075150621059167839541631863191119182525534925305838756561862427920527729
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pw1-ssor7a.edf.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pwa-ssor7a.edf.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pw1-ssor7a.edf.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl-ssl.certificat2.com/keynectis/class2keynectisca.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp-ssl.certificat2.com/ssl-ocsp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22234.2.5.2.5.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.opentrust.com/PC'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							02c7900f282617cca6d50780adaf00c5154365ac
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 001141df3b9d3bcbb8a2c13392a881cce57de799
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0052c7ef628324a822611988b8fa5af80d07ef621c9b161e47a63a36c78eed504a63a25397e922a9a3ddcf04bcdd694c238529dcafc4aca53678b3ddd3a9512d0cb14c905b7f6a6e0b2f616a6743cc87424457e022b4eb88fc5d8f4bd3d57d143a2bfcab327986693eede866e4ce66a6b2d0e0127bd9c114a0c3687489a488f61ac07ae17da65e968179004a81031d7eb39cc855eec8e0d0e03650584ab00c40a29244e1e59cdfe552c740886159fe7f9366cba1c2847130a1c52c73f1bdc234090faee63e61c2fabe3f1214ad3e3ba5089e89ec8c7e74a593cca779d0825ec1ae8a6b30a1cb6f1b9ad4ad77e218498074f84de589ecf5b90298fcf1788f850043