rworld-test.ricoh-usa.com
- Ricoh USA, Inc. -
Issued by AffirmTrust Certificate Authority - OV1
About this certificate
This digital certificate with serial number 29:d3:20:15:b2:dd:92:65:00:00:00:00:58:08:ab:24 was issued on by AffirmTrust.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Ricoh USA, Inc.
Organization:
Ricoh USA, Inc.
State / Province:
New Jersey
Locality: Caldwell
Country: US
Locality: Caldwell
Country: US
AffirmTrust
Organization:
AffirmTrust
Organization unit: See www.affirmtrust.com/repository
Organization unit: See www.affirmtrust.com/repository
Country:
CA
This certificate has expire since
Certificate Details
Serial Number (hex): 29:d3:20:15:b2:dd:92:65:00:00:00:00:58:08:ab:24Serial Number (int): 55594573220587324754642585668387646244
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: 38:a4:c2:d3:25:24:92:d8:26:b5:81:ce:c3:d4:b2:3b:74:8d:45:d3
AuthorityKeyId: fe:60:c3:0d:a4:a2:9d:21:4f:7a:78:4c:62:c5:db:14:fc:39:78:c4
Fingerprint (sha1): 4e:0f:d8:0d:a2:9d:01:22:07:ec:4f:03:4f:7a:98:89:b0:74:5e:98
Fingerprint (sha256): 21:d9:21:25:23:02:7d:82:c5:8e:9e:3e:02:a5:0b:b7:f9:6a:38:92:93:f1:bd:5f:de:5c:ce:d7:e4:c6:f3:67
Issuing Certificate URL: http://aia.affirmtrust.com/aftov1ca.crt
Revocation information
OCSP Server: http://ocsp.affirmtrust.comCRL Distribution Point: http://crl.affirmtrust.com/crl/aftov1ca.crl
Check the revocation status for certificate rworld-test.ricoh-usa.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for rworld-test.ricoh-usa.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
rworld-test.ricoh-usa.com
Other certificates including the domain name ricoh-usa.com
(limited to 100 certificates)
*.ricoh-usa.com
ssl1.ricoh-usa.com
adaptiveformstest.ricoh-usa.com
boulder-ssl1.ricoh-usa.com
*.returnmailservices.ricoh-usa.com
support.rpp.ricoh-usa.com
*.ricoh-usa.com
storefront.ricoh-usa.com
cs2.ricoh-usa.com
mdm.ricoh-usa.com
xen.ricoh-usa.com
*.ricoh-usa.com
*.ricoh-usa.com
events.ricoh-usa.com
rworld-test.ricoh-usa.com
portal.ricoh-usa.com
UCAAS2-CTPC1-01.ricoh-usa.com
UCAAS11-CTPC1-01.dev.ricoh-usa.com
mdm.ricoh-usa.com
rworld-test.ricoh-usa.com
mobileha.ricoh-usa.com
support.rpp.ricoh-usa.com
sts.ricoh-usa.com
UCAAS11-CUCPUB2-01.dev.ricoh-usa.com
newsroom.ricoh-usa.com
pb1.ricoh-usa.com
sts.dev.ricoh-usa.com
ucaas11-cup1-01.dev.ricoh-usa.com
*.ricoh-usa.com
ricohaps.ricoh-usa.com
boulder-ssl2.ricoh-usa.com
sts.ricoh-usa.com
sts.preprod.ricoh-usa.com
newsroom.ricoh-usa.com
*.awsdev.ricoh-usa.com
UCAAS2-UCMPUB2-01-ms.ricoh-usa.com
*.Ricoh-usa.com
jobs.ricoh-usa.com
*.ricoh-usa.com
UCAAS1-CTPC1-01.ricoh-usa.com
*.ricoh-usa.com
cs3.ricoh-usa.com
tec.ricoh-usa.com
cs3.ricoh-usa.com
rworld-test.ricoh-usa.com
*.ricoh-usa.com
rscc.ricoh-usa.com
thedocshop.ricoh-usa.com
events.ricoh-usa.com
sts.dev.ricoh-usa.com
iapoc.intelligentdelivery.ricoh-usa.com
*.ricoh-usa.com
ricohspha.ricoh-usa.com
ctpat.ricoh-usa.com
rworld-test.ricoh-usa.com
mobile3.ricoh-usa.com
*.Ricoh-usa.com
sts.ricoh-usa.com
PhishReporter.ricoh-usa.com
solutionfinder.ricoh-usa.com
*.ricoh-usa.com
ddpe.ricoh-usa.com
*.ricoh-usa.com
asklola.ricoh-usa.com
GA16ARTDEV01.ricoh-usa.com
*.ricoh-usa.com
lpo.ricoh-usa.com
mobile.ricoh-usa.com
comms.ricoh-usa.com
my.ricoh-usa.com
ssl1.ricoh-usa.com
sts.ricoh-usa.com
UCAAS2-CUCPUB2-01-ms.ricoh-usa.com
adaptiveformsdev.ricoh-usa.com
UCAAS11-VCSE-01B.dev.ricoh-usa.com
newsroom.ricoh-usa.com
ssl2.ricoh-usa.com
images.learn.ricoh-usa.com
sts.ricoh-usa.com
UCAAS2-UCMPUB2-01.ricoh-usa.com
ddpe.ricoh-usa.com
sts.preprod.ricoh-usa.com
portal.ricoh-usa.com
ssl2.ricoh-usa.com
UCAAS2-CUP2-01-ms.ricoh-usa.com
mobileha.ricoh-usa.com
UCAAS11-VCSE1-01A.dev.ricoh-usa.com
ucaas11-cucpub1-01-ms.dev.ricoh-usa.com
*.ricoh-usa.com
portal.ricoh-usa.com
gitcloud.awsdev.ricoh-usa.com
*.ricoh-usa.com
rworld.ricoh-usa.com
mobilepoc.ricoh-usa.com
my.ricoh-usa.com
rworld-test.ricoh-usa.com
xenapp.ricoh-usa.com
rworld.ricoh-usa.com
ssl2.ricoh-usa.com
*.ricoh-usa.com
ssl1.ricoh-usa.com
adaptiveformstest.ricoh-usa.com
boulder-ssl1.ricoh-usa.com
*.returnmailservices.ricoh-usa.com
support.rpp.ricoh-usa.com
*.ricoh-usa.com
storefront.ricoh-usa.com
cs2.ricoh-usa.com
mdm.ricoh-usa.com
xen.ricoh-usa.com
*.ricoh-usa.com
*.ricoh-usa.com
events.ricoh-usa.com
rworld-test.ricoh-usa.com
portal.ricoh-usa.com
UCAAS2-CTPC1-01.ricoh-usa.com
UCAAS11-CTPC1-01.dev.ricoh-usa.com
mdm.ricoh-usa.com
rworld-test.ricoh-usa.com
mobileha.ricoh-usa.com
support.rpp.ricoh-usa.com
sts.ricoh-usa.com
UCAAS11-CUCPUB2-01.dev.ricoh-usa.com
newsroom.ricoh-usa.com
pb1.ricoh-usa.com
sts.dev.ricoh-usa.com
ucaas11-cup1-01.dev.ricoh-usa.com
*.ricoh-usa.com
ricohaps.ricoh-usa.com
boulder-ssl2.ricoh-usa.com
sts.ricoh-usa.com
sts.preprod.ricoh-usa.com
newsroom.ricoh-usa.com
*.awsdev.ricoh-usa.com
UCAAS2-UCMPUB2-01-ms.ricoh-usa.com
*.Ricoh-usa.com
jobs.ricoh-usa.com
*.ricoh-usa.com
UCAAS1-CTPC1-01.ricoh-usa.com
*.ricoh-usa.com
cs3.ricoh-usa.com
tec.ricoh-usa.com
cs3.ricoh-usa.com
rworld-test.ricoh-usa.com
*.ricoh-usa.com
rscc.ricoh-usa.com
thedocshop.ricoh-usa.com
events.ricoh-usa.com
sts.dev.ricoh-usa.com
iapoc.intelligentdelivery.ricoh-usa.com
*.ricoh-usa.com
ricohspha.ricoh-usa.com
ctpat.ricoh-usa.com
rworld-test.ricoh-usa.com
mobile3.ricoh-usa.com
*.Ricoh-usa.com
sts.ricoh-usa.com
PhishReporter.ricoh-usa.com
solutionfinder.ricoh-usa.com
*.ricoh-usa.com
ddpe.ricoh-usa.com
*.ricoh-usa.com
asklola.ricoh-usa.com
GA16ARTDEV01.ricoh-usa.com
*.ricoh-usa.com
lpo.ricoh-usa.com
mobile.ricoh-usa.com
comms.ricoh-usa.com
my.ricoh-usa.com
ssl1.ricoh-usa.com
sts.ricoh-usa.com
UCAAS2-CUCPUB2-01-ms.ricoh-usa.com
adaptiveformsdev.ricoh-usa.com
UCAAS11-VCSE-01B.dev.ricoh-usa.com
newsroom.ricoh-usa.com
ssl2.ricoh-usa.com
images.learn.ricoh-usa.com
sts.ricoh-usa.com
UCAAS2-UCMPUB2-01.ricoh-usa.com
ddpe.ricoh-usa.com
sts.preprod.ricoh-usa.com
portal.ricoh-usa.com
ssl2.ricoh-usa.com
UCAAS2-CUP2-01-ms.ricoh-usa.com
mobileha.ricoh-usa.com
UCAAS11-VCSE1-01A.dev.ricoh-usa.com
ucaas11-cucpub1-01-ms.dev.ricoh-usa.com
*.ricoh-usa.com
portal.ricoh-usa.com
gitcloud.awsdev.ricoh-usa.com
*.ricoh-usa.com
rworld.ricoh-usa.com
mobilepoc.ricoh-usa.com
my.ricoh-usa.com
rworld-test.ricoh-usa.com
xenapp.ricoh-usa.com
rworld.ricoh-usa.com
ssl2.ricoh-usa.com
*.ricoh-usa.com
Certificate
The complete raw certificate details for rworld-test.ricoh-usa.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHJDCCBgygAwIBAgIQKdMgFbLdkmUAAAAAWAirJDANBgkqhkiG9w0BAQsFADCB gjELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYDVQQLEyJT ZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTAwLgYDVQQDEydBZmZp cm1UcnVzdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBPVjEwHhcNMTgxMTIwMTUx OTExWhcNMjAxMTIwMTU0OTA5WjBzMQswCQYDVQQGEwJVUzETMBEGA1UECBMKTmV3 IEplcnNleTERMA8GA1UEBxMIQ2FsZHdlbGwxGDAWBgNVBAoTD1JpY29oIFVTQSwg SW5jLjEiMCAGA1UEAxMZcndvcmxkLXRlc3Qucmljb2gtdXNhLmNvbTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAON/Kdr+SpjAE+0xFZy4vBk8+njKnV52 2HVhTaClrlk5y8BRDxadXqsJwqP973AhIMps7un6CB1l5yJZkZRnGHzOMPy4g/+N 3rs25nN/GPNSMFKwXWY01vkqV6F5s47Q2JVFqNiiofxujqDy6FdrdcNm4X3zmicX gMw6SXBSUcATjUZw7jcEMbufxoawCvsLC5fLmBUfxncKJuopp4tG3oeZfHGQo+wT bNpjTMYFgAvTfY+E9NtttdZ0D8Zx185jca0ta0uuYxcysYKRcWzULaEejVQHzIrn QzUAoTDzFL7SAvTL/r9QEM6326eVCcy6CgN25M4aKBdS3WFG/CnsQ30CAwEAAaOC A6IwggOeMCQGA1UdEQQdMBuCGXJ3b3JsZC10ZXN0LnJpY29oLXVzYS5jb20wggH1 BgorBgEEAdZ5AgQCBIIB5QSCAeEB3wB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUI Fy+jqh0HE9MMAAABZzHPqR0AAAQDAEcwRQIhAPE7/khMJkO3q6hwYNzUN9rTUG+M OxUgvj9XA+rQuTPdAiAdgVU0Yo47r9XZGGZP1k/apfOWRzwc+WTFpiOmKrM46AB3 ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABZzHPqPcAAAQDAEgw RgIhAK1u9tjWfViktopgTwf/7CWsnU/j3MvRr56B4V9xtZpGAiEAqCWiaDJTwlRL PGsYOkuU/oQ8e2u4KNZWUmzyDyl9ALQAdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9K tWDBtOr/XqCDDwAAAWcxz6mEAAAEAwBGMEQCIArXiUe5RdiR3vNLUlKPSHhzmMBi IysFmfy3v50hcZ4lAiAoz07exmmZMW3kY29LYQzN6u5V52FVtoEp89XiOPQBbAB1 AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZzHPqPsAAAQDAEYw RAIgVgkeCDP/pVjzOgY08JzWOsl/StYH4P9hOKcQY/tAKQICIHuxn9kTSie8qpTA A7oydgF7HZeGqeZJ0M3RwrrpCvFbMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwCQYDVR0TBAIwADBsBggrBgEFBQcBAQRgMF4w JwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLmFmZmlybXRydXN0LmNvbTAzBggrBgEF BQcwAoYnaHR0cDovL2FpYS5hZmZpcm10cnVzdC5jb20vYWZ0b3YxY2EuY3J0MFcG A1UdIARQME4wQgYKKwYBBAGCjwkCBTA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3 dy5hZmZpcm10cnVzdC5jb20vcmVwb3NpdG9yeTAIBgZngQwBAgIwPAYDVR0fBDUw MzAxoC+gLYYraHR0cDovL2NybC5hZmZpcm10cnVzdC5jb20vY3JsL2FmdG92MWNh LmNybDAfBgNVHSMEGDAWgBT+YMMNpKKdIU96eExixdsU/Dl4xDAdBgNVHQ4EFgQU OKTC0yUkktgmtYHOw9SyO3SNRdMwDQYJKoZIhvcNAQELBQADggEBAJjm2tbSgcx/ T7pKjwlvY1SkNxfj0qG60/C6uRQjDJnjREmVjsKKjtgzLtKMYhjFT9dCuGMuTvC3 qODVhTsRnALceTbwa9qrGz2hO1iawq2K9ONF5a5QDFWD32x6M84mT+s67Jx3z1IG 4Q8dd8dScYtVz2bZadTRlDDOpNNHxWzeUxOsT9CisWoEMgWn/DMNRyegKvN6Afft zH1YWqghpCVZAIiOP+5w3AsWIxX+EimE/iJWYq6Ccy8futMuvyNVoFXFeQ2Wp/6D pkk+LOXa2+3XXMi5/LUGkR3amjOCZLMJL6umkzSASQRNbeEqTuUGtlDOy0eTY/aB qnveocbpGTQ= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA438p2v5KmMAT7TEVnLi8 GTz6eMqdXnbYdWFNoKWuWTnLwFEPFp1eqwnCo/3vcCEgymzu6foIHWXnIlmRlGcY fM4w/LiD/43euzbmc38Y81IwUrBdZjTW+SpXoXmzjtDYlUWo2KKh/G6OoPLoV2t1 w2bhffOaJxeAzDpJcFJRwBONRnDuNwQxu5/GhrAK+wsLl8uYFR/Gdwom6imni0be h5l8cZCj7BNs2mNMxgWAC9N9j4T022211nQPxnHXzmNxrS1rS65jFzKxgpFxbNQt oR6NVAfMiudDNQChMPMUvtIC9Mv+v1AQzrfbp5UJzLoKA3bkzhooF1LdYUb8KexD fQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 55594573220587324754642585668387646244 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AffirmTrust' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.affirmtrust.com/repository' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AffirmTrust Certificate Authority - OV1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-20 15:19:11 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-11-20 15:49:09 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Jersey' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Caldwell' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ricoh USA, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'rworld-test.ricoh-usa.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28718801885180955828214473437049597468092447708298268232539582690299634604731499972320491161541603342685532727847333995849973994949698397334195697091231666654680179350121308393496237231670203371384485438182996231872834258200146528974926890002659876004632735858123998395889200596681223165586858237128749101863130804543038720022798130978532584684660383389631205616225157358257251900713330886592048928698901657028383019873405934793135904034308985128539758567945182438144871299216415205545466217299708722542435297609330891143901461564538793615452294283869920391888216763001760140723501320591982293594190263092046006600573 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rworld-test.ricoh-usa.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (481 bytes) 01df0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016731cfa91d0000040300473045022100f13bfe484c2643b7aba87060dcd437dad3506f8c3b1520be3f5703ead0b933dd02201d815534628e3bafd5d918664fd64fdaa5f396473c1cf964c5a623a62ab338e8007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016731cfa8f70000040300483046022100ad6ef6d8d67d58a4b68a604f07ffec25ac9d4fe3dccbd1af9e81e15f71b59a46022100a825a2683253c2544b3c6b183a4b94fe843c7b6bb828d656526cf20f297d00b40075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016731cfa984000004030046304402200ad78947b945d891def34b52528f48787398c062232b0599fcb7bf9d21719e25022028cf4edec66999316de4636f4b610ccdeaee55e76155b68129f3d5e238f4016c007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016731cfa8fb0000040300463044022056091e0833ffa558f33a0634f09cd63ac97f4ad607e0ff6138a71063fb40290202207bb19fd9134a27bcaa94c003ba3276017b1d9786a9e649d0cdd1c2bae90af15b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.affirmtrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.affirmtrust.com/aftov1ca.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.34697.2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.affirmtrust.com/repository' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.affirmtrust.com/crl/aftov1ca.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName fe60c30da4a29d214f7a784c62c5db14fc3978c4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 38a4c2d3252492d826b581cec3d4b23b748d45d3 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0098e6dad6d281cc7f4fba4a8f096f6354a43717e3d2a1bad3f0bab914230c99e34449958ec28a8ed8332ed28c6218c54fd742b8632e4ef0b7a8e0d5853b119c02dc7936f06bdaab1b3da13b589ac2ad8af4e345e5ae500c5583df6c7a33ce264feb3aec9c77cf5206e10f1d77c752718b55cf66d969d4d19430cea4d347c56cde5313ac4fd0a2b16a043205a7fc330d4727a02af37a01f7edcc7d585aa821a4255900888e3fee70dc0b162315fe122984fe225662ae82732f1fbad32ebf2355a055c5790d96a7fe83a6493e2ce5dadbedd75cc8b9fcb506911dda9a338264b3092faba693348049044d6de12a4ee506b650cecb479363f681aa7bdea1c6e91934