cobogavacrm01.libertycolombia.com

- Liberty Mutual Group -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 23:1d:1c:2e:04:a8:e5:65:2b:ba:bc:a8:f6:f9:db:69 was issued on by Entrust, Inc..

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Liberty Mutual Group

Organization: Liberty Mutual Group
State / Province: New Hampshire
Locality: Portsmouth
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 23:1d:1c:2e:04:a8:e5:65:2b:ba:bc:a8:f6:f9:db:69
Serial Number (int): 46674128014776066320969436222268758889
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: f1:7c:09:b2:33:5a:49:07:df:26:86:57:1d:fe:90:aa:8d:90:3f:b4
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): 4c:92:d6:a5:d3:1e:1c:94:2e:dc:3d:58:95:7d:33:57:ac:8f:e7:40
Fingerprint (sha256): 20:84:c5:b2:87:47:af:aa:15:2a:13:06:bb:7b:5b:f2:42:c2:03:cf:74:99:ef:56:0a:e1:03:6c:38:97:49:87

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate cobogavacrm01.libertycolombia.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cobogavacrm01.libertycolombia.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cobogavacrm01.libertycolombia.com

Other certificates including the domain name libertycolombia.com

(limited to 100 certificates)
libertycolombia.com
cobognicesmb.libertycolombia.com
ews.libertycolombia.com
sip.libertycolombia.com
oficinaenlineaadm.libertycolombia.com
sas.libertyseguros.co
sip-kdc-03.libertymutual.com
soanonprod.libertycolombia.com
sip-pdc-03.libertymutual.com
bpm-uat.libertycolombia.com
co-reportes-dwh.libertycolombia.com
conferencia.libertyseguros.co
portaldev.libertycolombia.com
awsuat.libertycolombia.com
mailcol.libertycolombia.com
bpmuat.libertycolombia.com
bpmuat.libertycolombia.com
cero.libertycolombia.com
cobogavacrm01.libertycolombia.com
co-reportes-dwh.libertycolombia.com
oficinaenlineatrv.libertyseguros.co
soauat.libertycolombia.com
conferencia.libertyseguros.co
oficinaenlineadev.libertycolombia.com
cobogpldap2012.libertycolombia.com
ews.libertycolombia.com
soatest.libertycolombia.com
coawsprodsql04.libertycolombia.com
aru.libertycolombia.com
ews.libertycolombia.com
aplicaciones.libertyseguros.co
mailcol.libertycolombia.com
mailcol.libertycolombia.com.co
mailcol.libertycolombia.com
AplicacionesQA.libertycolombia.com
oficinaenlineaadm.libertyseguros.co
webmail.libertycolombia.com.co
conferencia.libertyseguros.co
aru.libertycolombia.com
cs-pool-03k.lm.lmig.com
cobogniceair01.libertycolombia.com
instaladores.libertycolombia.com
ews.libertycolombia.com
mailcol.libertycolombia.com
cobognicesent01.libertycolombia.com
sip.libertycolombia.com
evault11.libertycolombia.com
webmail.libertycolombia.com.co
sip.libertycolombia.com
cobogserv11.libertycolombia.com
sip.libertycolombia.com
aru.libertycolombia.com
ews.libertycolombia.com
cobogvcms.cms.libertycolombia.com
experianauthnoprod.libertycolombia.com
ews.libertycolombia.com
oficinaenlineauat.libertycolombia.com
colnxappresoag1.libertycolombia.com
COBOGNICEUS01.libertycolombia.com
sip.libertycolombia.com
cs-pool-03p.lm.lmig.com
awsnonprodci.libertycolombia.com
wsqa.libertycolombia.com
coboguscech.libertycolombia.com
soadev.libertycolombia.com
sip.libertycolombia.com
dynamic-pricing.libertycolombia.com
gitlab.libertycolombia.com
hybrid.libertycolombia.com
aru.libertycolombia.com
cobogexpresswayc.libertycolombia.com
ews.libertycolombia.com
wsqa.libertycolombia.com
soauat.libertycolombia.com
mailcol.libertycolombia.com
awsdev.libertycolombia.com
hybrid.libertycolombia.com
libertycolombia.com
webmail.libertycolombia.com.co
coawsprodsql04.libertycolombia.com
cobogniceair02.libertycolombia.com
soauat.libertycolombia.com
sas.libertyseguros.co
co-dev-reportes-dwh.libertycolombia.com
experianauthprod.libertycolombia.com
conferencia.libertyseguros.co
cobognicesear01.libertycolombia.com
core.libertycolombia.com
mailcol.libertycolombia.com
aru.libertycolombia.com
ews.libertycolombia.com
intermediariosdev.libertycolombia.com
cobognpldap01.libertycolombia.com
sip-kdc-03.libertymutual.com
awsnonprod.libertycolombia.com
sip.libertycolombia.com
soa1dev.libertycolombia.com
sas.libertyseguros.co
soa.libertycolombia.com

Certificate

The complete raw certificate details for cobogavacrm01.libertycolombia.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIQIx0cLgSo5WUruryo9vnbaTANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y
NDA1MDkxNzAwMDFaFw0yNTA2MDkxNzAwMDBaMIGFMQswCQYDVQQGEwJVUzEWMBQG
A1UECBMNTmV3IEhhbXBzaGlyZTETMBEGA1UEBxMKUG9ydHNtb3V0aDEdMBsGA1UE
ChMUTGliZXJ0eSBNdXR1YWwgR3JvdXAxKjAoBgNVBAMTIWNvYm9nYXZhY3JtMDEu
bGliZXJ0eWNvbG9tYmlhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQ2PZ7Ir9wyiT9ZMZBTROnQmj5R6u0r+VN4krlRzgPizs84PorauVPw99nf
IogY7arm7RiHLpQ6+6sctEP8VGRYAj9dMbpQKBQ0DuAqJT+Cz+lyC3/MXwdCgmEP
A0XHyRTqUVH2UKBjOVwHGNesoeNaVf5OjjOvMKqda9lZriQZiAquKgk4ykEj3CRA
i5CIyOqQXGW22XIymwCIDsYLKm6EZFQv1PPQtGGAfTqfmSc+AFG6oriKLhLOYHoI
jwj1DBsvTgKkIX5ObYCbOKYoBYM6WjAHWmI9AQV6p/T+sVb4AuZBMTiYoHX68LRV
76IbLKj+Y7fyJL53x6az7mI2CxECAwEAAaOCAXgwggF0MAwGA1UdEwEB/wQCMAAw
HQYDVR0OBBYEFPF8CbIzWkkH3yaGVx3+kKqNkD+0MB8GA1UdIwQYMBaAFIKicHTd
vFM/z3vU981/p2DGCky/MGgGCCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0
cDovL29jc3AuZW50cnVzdC5uZXQwMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50
cnVzdC5uZXQvbDFrLWNoYWluMjU2LmNlcjAzBgNVHR8ELDAqMCigJqAkhiJodHRw
Oi8vY3JsLmVudHJ1c3QubmV0L2xldmVsMWsuY3JsMCwGA1UdEQQlMCOCIWNvYm9n
YXZhY3JtMDEubGliZXJ0eWNvbG9tYmlhLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBMGA1UdIAQMMAowCAYGZ4EMAQIC
MBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAudtSAc0ne
NuL2HETZ5Eg3K2eLGpsLWoO/W0dOAUbujzwRBmeastCSn1O3q43PnO49FAVNIlvn
ueHr4L9l4YQMPbBn4BQvMyIAeaJz/9pTtI1ycciSoQMRQS6nHajB1JD5QtOWePcb
T97VX/8IboQdaA6IyQGoN5d5xv/8bBcVQ8xGRGS9Qt6D5A6ldtvfM3chaN23YlG5
MN3LpDzO3tURvueYwM8euztznw4xoOqDAOPFTY8Z9Gby2CpYa8k7pe2o438rVN69
xoN7GSYkZd+t+60QQR2Gi6BccLIvd4DhmhW4Dyz2COb57WJrWLQcCaL7jrXpSWAy
OInZzq2LQ2DS
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDY9nsiv3DKJP1kxkFNE
6dCaPlHq7Sv5U3iSuVHOA+LOzzg+itq5U/D32d8iiBjtqubtGIculDr7qxy0Q/xU
ZFgCP10xulAoFDQO4ColP4LP6XILf8xfB0KCYQ8DRcfJFOpRUfZQoGM5XAcY16yh
41pV/k6OM68wqp1r2VmuJBmICq4qCTjKQSPcJECLkIjI6pBcZbbZcjKbAIgOxgsq
boRkVC/U89C0YYB9Op+ZJz4AUbqiuIouEs5gegiPCPUMGy9OAqQhfk5tgJs4pigF
gzpaMAdaYj0BBXqn9P6xVvgC5kExOJigdfrwtFXvohssqP5jt/IkvnfHprPuYjYL
EQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 46674128014776066320969436222268758889
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-09 17:00:01 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-09 17:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Hampshire'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Portsmouth'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Liberty Mutual Group'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cobogavacrm01.libertycolombia.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20729829102503217687160073077270582269105324925326689879654707390415436338479586511943590344092340737394711736377384588826272765736307591679557533442705175305475922583478665481916002000910470604447612244444819638046564779945721093997111012078633207741663722492589691721822293051403115634956325369114911667335580037634403207952316109607552945071216921145301948958475263985045244376521443465601277926369006202995746663353411032060605713413003589141092584494916066574893919495503371943517356535733399518197520012942197792915251852094735676932443591335238989981382574893306253353913525247734858441925914801498312255343377
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f17c09b2335a4907df2686571dfe90aa8d903fb4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (37 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cobogavacrm01.libertycolombia.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002e76d4807349de36e2f61c44d9e448372b678b1a9b0b5a83bf5b474e0146ee8f3c1106679ab2d0929f53b7ab8dcf9cee3d14054d225be7b9e1ebe0bf65e1840c3db067e0142f33220079a273ffda53b48d7271c892a10311412ea71da8c1d490f942d39678f71b4fded55fff086e841d680e88c901a8379779c6fffc6c171543cc464464bd42de83e40ea576dbdf33772168ddb76251b930ddcba43cceded511bee798c0cf1ebb3b739f0e31a0ea8300e3c54d8f19f466f2d82a586bc93ba5eda8e37f2b54debdc6837b19262465dfadfbad10411d868ba05c70b22f7780e19a15b80f2cf608e6f9ed626b58b41c09a2fb8eb5e94960323889d9cead8b4360d2