erp.intermountain.net

- Intermountain Health Care Inc -

Issued by VeriSign Class 3 Secure Server CA - G3

About this certificate

This digital certificate with serial number 4c:fb:99:a5:c6:70:6e:da:78:20:94:17:c6:9a:2c:df was issued on by VeriSign, Inc..

With 12 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Intermountain Health Care Inc

Organization: Intermountain Health Care Inc
Organization unit: Intermountain Health Care Inc
State / Province: Utah
Locality: Salt Lake City
Country: US

VeriSign, Inc.

Organization: VeriSign, Inc.
Organization unit: VeriSign Trust Network
Organization unit: Terms of use at https://www.verisign.com/rpa (c)10
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 4c:fb:99:a5:c6:70:6e:da:78:20:94:17:c6:9a:2c:df
Serial Number (int): 102327710533875976761423625142511742175
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: 0d:44:5c:16:53:44:c1:82:7e:1d:20:ab:25:f4:01:63:d8:be:79:a5

Fingerprint (sha1): 10:66:2a:e9:f1:80:0d:2c:73:ac:52:11:50:45:69:b0:15:00:5f:bb
Fingerprint (sha256): 1d:77:01:8b:1c:5c:fe:3f:17:88:3a:6c:8f:2a:ec:2c:ca:5e:16:f8:be:f4:88:83:bc:07:b1:63:d6:ec:32:d1

Issuing Certificate URL: http://SVRSecure-G3-aia.verisign.com/SVRSecureG3.cer

Revocation information

OCSP Server: http://ocsp.verisign.com
CRL Distribution Point: http://SVRSecure-G3-crl.verisign.com/SVRSecureG3.crl

Check the revocation status for certificate erp.intermountain.net

12

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for erp.intermountain.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

erp-tst01.intermountain.net
upk.intermountain.net
upk-tst01.intermountain.net
planning.intermountain.net
planning-tst01.intermountain.net
erp-bus.intermountain.net
erp-bus-tst01.intermountain.net
erp-bi.intermountain.net
erp-bi-tst01.intermountain.net
erp-sftp.intermountain.net
erp-sftp-tst01.intermountain.net
erp.intermountain.net

Other certificates including the domain name intermountain.net

(limited to 100 certificates)
fsso-tst.intermountain.net
sso.intermountain.net
m.intermountain.net
drift.bnaa.dk
physician.intermountain.net
icare-dr.intermountain.net
sso.appservice.co.azs.intermountain.net
account.intermountain.net
drift.bnaa.dk
xlib.intermountain.net
erp.intermountain.net
imperva.com
dev.intermountain.net
awcm.intermountain.net
intermountain.net
drift.bnaa.dk
erp-tst01.intermountain.net
drift.bnaa.dk
imperva.com
drift.bnaa.dk
m.intermountain.net
drift.bnaa.dk
intermountain.net
m.intermountain.net
icare.intermountain.net
*.intermountainhealthcare.org
erp.intermountain.net
awcm.intermountain.net
jsstest.intermountain.net
drift.bnaa.dk
xlib.intermountain.net
m.intermountain.net
sso.intermountain.net
reportstst.intermountain.net
tst.intermountain.net
*.sso.appservice.co.azs.intermountain.net
drift.bnaa.dk
printit.intermountain.net
imperva.com
imperva.com
storefront.co.ihc.com
drift.bnaa.dk
ciportal.intermountain.net
reports.intermountain.net
sso.intermountain.net
drift.bnaa.dk
adfs.intermountain.net
drift.bnaa.dk
drift.bnaa.dk
tableau.intermountain.net
mtst.intermountain.net
dfd-dev.intermountain.net
drift.bnaa.dk
erp.intermountain.net
intermountain.net
drift.bnaa.dk
securedrop.intermountain.net
drift.bnaa.dk
reports.intermountain.net
drift.bnaa.dk
mtst.intermountain.net
netaxept-status.developers.nets.eu
awcm.intermountain.net
drift.bnaa.dk
sso.intermountain.net
imperva.com
drift.bnaa.dk
adminmanagement.co.azs.intermountain.net
awcm.intermountain.net
drift.bnaa.dk
*.vault.co.azs.intermountain.net
m.intermountain.net
sso.intermountain.net
drift.bnaa.dk
jss.intermountain.net
fssocaregiver.intermountain.net
drift.bnaa.dk
intermountain.net
printit.intermountain.net
m.intermountain.net
imperva.com
m.intermountain.net
datamart.intermountain.net
imperva.com
*.hosting.co.azs.intermountain.net
teamspace.intermountain.net
icare-test.intermountain.net
intermountain.net
netaxept-status.developers.nets.eu
awcm.intermountain.net
*.adminhosting.co.azs.intermountain.net
drift.bnaa.dk
drift.bnaa.dk
intermountain.net
drift.bnaa.dk
imperva.com
*.table.co.azs.intermountain.net
icare.intermountain.net
drift.bnaa.dk
jsstest.intermountain.net

Certificate

The complete raw certificate details for erp.intermountain.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGtjCCBZ6gAwIBAgIQTPuZpcZwbtp4IJQXxpos3zANBgkqhkiG9w0BAQUFADCB
tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTQwMTA3
MDAwMDAwWhcNMTUwMjIwMjM1OTU5WjCBpTELMAkGA1UEBhMCVVMxDTALBgNVBAgT
BFV0YWgxFzAVBgNVBAcUDlNhbHQgTGFrZSBDaXR5MSYwJAYDVQQKFB1JbnRlcm1v
dW50YWluIEhlYWx0aCBDYXJlIEluYzEmMCQGA1UECxQdSW50ZXJtb3VudGFpbiBI
ZWFsdGggQ2FyZSBJbmMxHjAcBgNVBAMUFWVycC5pbnRlcm1vdW50YWluLm5ldDCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOnN+jqTMM0RMfxMdWsFsP7R
pYeQZyezEjLPZrIgDCPhVQa1Hi0tOTGBetr57/csw0WExCSa8TQIHZyv3o9Egbkj
UfQ3aa4+Uw4xq81d7etPvIQxWkDptJq3JqUxNLxZOkDZVypN7Ybsvhb15iQgMdpr
YplNJt1o3lLGYkvJn2AaJZrt7tc1ZWh1VNS6CYNZoRhvrem7ACADK5qMy2fAGXAG
HAtfTVsEd/3XW5LYVN8UgfWDgeMlnTmD6S73as3yvM14sj89Lnni7FgWjPBq0w/4
39fy4xr7fjnItvUkKuxYm1q92qZEh7MDyj1VahRXrfQwxb4PxZGsmW6gN/x5fPkC
AwEAAaOCAs4wggLKMIIBZwYDVR0RBIIBXjCCAVqCG2VycC10c3QwMS5pbnRlcm1v
dW50YWluLm5ldIIVdXBrLmludGVybW91bnRhaW4ubmV0ght1cGstdHN0MDEuaW50
ZXJtb3VudGFpbi5uZXSCGnBsYW5uaW5nLmludGVybW91bnRhaW4ubmV0giBwbGFu
bmluZy10c3QwMS5pbnRlcm1vdW50YWluLm5ldIIZZXJwLWJ1cy5pbnRlcm1vdW50
YWluLm5ldIIfZXJwLWJ1cy10c3QwMS5pbnRlcm1vdW50YWluLm5ldIIYZXJwLWJp
LmludGVybW91bnRhaW4ubmV0gh5lcnAtYmktdHN0MDEuaW50ZXJtb3VudGFpbi5u
ZXSCGmVycC1zZnRwLmludGVybW91bnRhaW4ubmV0giBlcnAtc2Z0cC10c3QwMS5p
bnRlcm1vdW50YWluLm5ldIIVZXJwLmludGVybW91bnRhaW4ubmV0MAkGA1UdEwQC
MAAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjBDBgNVHSAEPDA6MDgGCmCGSAGG+EUBBzYwKjAoBggrBgEFBQcCARYcaHR0cHM6
Ly93d3cudmVyaXNpZ24uY29tL2NwczAfBgNVHSMEGDAWgBQNRFwWU0TBgn4dIKsl
9AFj2L55pTBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vU1ZSU2VjdXJlLUczLWNy
bC52ZXJpc2lnbi5jb20vU1ZSU2VjdXJlRzMuY3JsMHYGCCsGAQUFBwEBBGowaDAk
BggrBgEFBQcwAYYYaHR0cDovL29jc3AudmVyaXNpZ24uY29tMEAGCCsGAQUFBzAC
hjRodHRwOi8vU1ZSU2VjdXJlLUczLWFpYS52ZXJpc2lnbi5jb20vU1ZSU2VjdXJl
RzMuY2VyMA0GCSqGSIb3DQEBBQUAA4IBAQCLvS/uZGvmjYkTFjujsqW2ufh+Zz+x
hjNnx5i4ldXCPpfON2ukekIv0k2W+lfd+3LbfoZ9iDRRyKkCoBKAPTkYoMKKJtoX
Y37dghd+b1kBz4rMoOKGidrXsT5/4V73t6EVmFUfjkGkIx8Q6UrkJ0JDEpRYrCdW
vlZQ3cxbFeVHRoko7LbqtvJOOKBPEaT9Luq/8TMIkg6FzEIev6e8ZR2Rp2C1zLc2
9+7uGxAuTymIs+Cg7Jckr0HpiF0yIiSB41rc2heiLSgPd5+SWJODED+DhT/NegJB
iqUzA6aodJVZq9bpqjEOFKddPxIsP41EUPGpplZn71mPzeUl/zPJG8fQ
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6c36OpMwzREx/Ex1awWw
/tGlh5BnJ7MSMs9msiAMI+FVBrUeLS05MYF62vnv9yzDRYTEJJrxNAgdnK/ej0SB
uSNR9Ddprj5TDjGrzV3t60+8hDFaQOm0mrcmpTE0vFk6QNlXKk3thuy+FvXmJCAx
2mtimU0m3WjeUsZiS8mfYBolmu3u1zVlaHVU1LoJg1mhGG+t6bsAIAMrmozLZ8AZ
cAYcC19NWwR3/ddbkthU3xSB9YOB4yWdOYPpLvdqzfK8zXiyPz0ueeLsWBaM8GrT
D/jf1/LjGvt+Oci29SQq7FibWr3apkSHswPKPVVqFFet9DDFvg/FkayZbqA3/Hl8
+QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 102327710533875976761423625142511742175
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'VeriSign, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'VeriSign Trust Network'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Terms of use at https://www.verisign.com/rpa (c)10'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'VeriSign Class 3 Secure Server CA - G3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-01-07 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-02-20 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Utah'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Salt Lake City'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Intermountain Health Care Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Intermountain Health Care Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'erp.intermountain.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29515096326397861032273251749917156596047793618192292611022258527489171683011608028720595538184656550336129334634958936402533755103363267906210655709752191942087850203405721249969331268636011710720280259844714095537559036974637096753249552068164068069611634989738109069523542107089241966067798912520301888869842507100575931795006807820462788766131581921979609053521590351803788738415042849273767127912216001303902087507966284610265472144723899950568589482271066191514621052438779471239503478056788283927015943796494660771804888872681809387995456831169796867209019028102652112332285302966039861859359779373763075341561
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (350 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'erp-tst01.intermountain.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'upk.intermountain.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'upk-tst01.intermountain.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'planning.intermountain.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'planning-tst01.intermountain.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'erp-bus.intermountain.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'erp-bus-tst01.intermountain.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'erp-bi.intermountain.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'erp-bi-tst01.intermountain.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'erp-sftp.intermountain.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'erp-sftp-tst01.intermountain.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'erp.intermountain.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.verisign.com/cps'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0d445c165344c1827e1d20ab25f40163d8be79a5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://SVRSecure-G3-crl.verisign.com/SVRSecureG3.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.verisign.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://SVRSecure-G3-aia.verisign.com/SVRSecureG3.cer'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008bbd2fee646be68d8913163ba3b2a5b6b9f87e673fb1863367c798b895d5c23e97ce376ba47a422fd24d96fa57ddfb72db7e867d883451c8a902a012803d3918a0c28a26da17637edd82177e6f5901cf8acca0e28689dad7b13e7fe15ef7b7a11598551f8e41a4231f10e94ae4274243129458ac2756be5650ddcc5b15e547468928ecb6eab6f24e38a04f11a4fd2eeabff13308920e85cc421ebfa7bc651d91a760b5ccb736f7eeee1b102e4f2988b3e0a0ec9724af41e9885d32222481e35adcda17a22d280f779f92589383103f83853fcd7a02418aa53303a6a8749559abd6e9aa310e14a75d3f122c3f8d4450f1a9a65667ef598fcde525ff33c91bc7d0