uatimmunizationconsent.manitoba.ca
- Department of Finance (Province of Manitoba) -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number 54:4a:37:3e:63:98:52:75:5a:a1:8d:57:51:63:4a:9a was issued on by Entrust, Inc..
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Department of Finance (Province of Manitoba)
Organization:
Department of Finance (Province of Manitoba)
State / Province:
Manitoba
Locality: Winnipeg
Country: CA
Locality: Winnipeg
Country: CA
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 54:4a:37:3e:63:98:52:75:5a:a1:8d:57:51:63:4a:9aSerial Number (int): 112040502088961949390439191404521671322
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 81:0d:14:7a:49:3c:9d:a8:40:c7:0a:d5:a8:f5:cc:d9:47:7d:5f:a1
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): cd:f2:8c:4f:3b:4f:5c:41:f9:c2:96:49:50:e2:5c:fb:2d:5b:11:b5
Fingerprint (sha256): 22:df:58:23:dc:e3:d3:7b:3d:19:58:01:60:a1:dc:1f:35:b0:5a:be:be:40:86:40:57:60:c0:c7:ce:5a:c8:c0
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate uatimmunizationconsent.manitoba.ca
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for uatimmunizationconsent.manitoba.ca
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
uatimmunizationconsent.manitoba.ca
Other certificates including the domain name manitoba.ca
(limited to 100 certificates)
manitoba.ca
uatimmunizationcard.manitoba.ca
uatimmunizationconsent.manitoba.ca
manitoba.ca
*.manitoba.ca
manitoba.ca
manitoba.ca
immunizationconsent.manitoba.ca
manitoba.ca
60b725f10c9c85.manitoba.ca
manitoba.ca
www.manitoba.ca
immunizationcard.manitoba.ca
*.gov.mb.ca
manitoba.ca
stimmunizationconsent.manitoba.ca
manitoba.ca
immunizationcard.manitoba.ca
manitoba.ca
manitoba.ca
manitoba.ca
*.manitoba.ca
manitoba.ca
immunizationcard.manitoba.ca
SSO.MANITOBA.CA
SSODR.MANITOBA.CA
manitoba.ca
manitoba.ca
*.gov.mb.ca
*.gov.mb.ca
devimmunizationconsent.manitoba.ca
www.manitoba.ca
*.manitoba.ca
uatimmunizationcard.manitoba.ca
uatimmunizationconsent.manitoba.ca
manitoba.ca
*.manitoba.ca
manitoba.ca
manitoba.ca
immunizationconsent.manitoba.ca
manitoba.ca
60b725f10c9c85.manitoba.ca
manitoba.ca
www.manitoba.ca
immunizationcard.manitoba.ca
*.gov.mb.ca
manitoba.ca
stimmunizationconsent.manitoba.ca
manitoba.ca
immunizationcard.manitoba.ca
manitoba.ca
manitoba.ca
manitoba.ca
*.manitoba.ca
manitoba.ca
immunizationcard.manitoba.ca
SSO.MANITOBA.CA
SSODR.MANITOBA.CA
manitoba.ca
manitoba.ca
*.gov.mb.ca
*.gov.mb.ca
devimmunizationconsent.manitoba.ca
www.manitoba.ca
*.manitoba.ca
Certificate
The complete raw certificate details for uatimmunizationconsent.manitoba.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWDCCBUCgAwIBAgIQVEo3PmOYUnVaoY1XUWNKmjANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y MzExMjkxODE4MzFaFw0yNDEyMjcxODE4MzBaMIGXMQswCQYDVQQGEwJDQTERMA8G A1UECBMITWFuaXRvYmExETAPBgNVBAcTCFdpbm5pcGVnMTUwMwYDVQQKEyxEZXBh cnRtZW50IG9mIEZpbmFuY2UgKFByb3ZpbmNlIG9mIE1hbml0b2JhKTErMCkGA1UE AxMidWF0aW1tdW5pemF0aW9uY29uc2VudC5tYW5pdG9iYS5jYTCCAiIwDQYJKoZI hvcNAQEBBQADggIPADCCAgoCggIBAOnuNxH1eamlpFjp1hTQgnaTSx/KLa18ymQd hldoiHplY1MA4H49xTQDXVvQdTt5FOoTOd4gwJPc9BJKshIZMuDy9LIXTqWHQEjd zOPGTTYhEmgggCrehEMxI2dd7B7UnaTCiNDsx9UAbR7nXGqMiQwQRw4JsIhkKSO3 NNsAwk4xsLVt+QIBuBslEJBf+S+KAK0GmhI/2UTm2h7T6A4iXNBoWxuFyTGxqTHR uaqJWBXcCXjI9VjORQ5uVLX6R8ayELsaDyXtvUF/aiO6oDrP6NtRn5Fcixvz5PMw 1eo0ndCOJ4DP5ff7PZnvOajAVpF7l4fg8U5rGAuotlMvS45jMbUrcrhSKMVc2djp DKl9hD97jBEHUN4YZVv6TxWZyDz2lFpX7SOPkI65zO9Nkq0gDFvvEdZ6+MAsndLj HEwvU9AaKVItTLIGkzoju0TDWlVbPUZC+gV/zwNcLzLPWaE+1HWXUGzwW3CSFwqj zvVxXX9z7G0Sw5qC6zmSS2geDeVCIo/D/RHBvvduyp7olGdF/L3nQkSTSvujsvb0 K112+hsDBvDS1qYwhQGqEe+EIvWxwchUHG/PS7a+vLhsL9q4y1k8NsdFClr4opsQ knu8BemaDkmnV3LXbcTbKq59Ra7Im83ibubG8L1Mss0ElHjqFH/KC50G2/OehEZu BFYPw4zLAgMBAAGjggF5MIIBdTAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSBDRR6 STydqEDHCtWo9czZR31foTAfBgNVHSMEGDAWgBSConB03bxTP8971PfNf6dgxgpM vzBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1 c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0L2wxay1j aGFpbjI1Ni5jZXIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0 Lm5ldC9sZXZlbDFrLmNybDAtBgNVHREEJjAkgiJ1YXRpbW11bml6YXRpb25jb25z ZW50Lm1hbml0b2JhLmNhMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwEwYDVR0gBAwwCjAIBgZngQwBAgIwEwYKKwYBBAHWeQIE AwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAJN06uxb1fATdHVUdnFmb+3YSh9u iusEG1cl0+C/b45/y/NNQriyw4OQ89fqucsZEjB6xZa/vy5dU17Jvdy99RBshD+Z Ibe+QFh0c1gjbqpp0HAc9U3Vt8SN1pZyWzACf9zYjdRuIkjtBMD4aTT+kcWWBUa0 u3Lxy0lFr9L3c9CRlOuvUjciaJUcF8n+vVBu5H2gDNMCIDOQfcO65wN9CzpF3UkS pYEKSGQyJy2wRpagrdg0zX21TycJEP/NQ/zaieq0g1Kt6gg6ka1rdyLInlI0CEjk R/KZXjfWw0zPq6QmZ5lg8XM0e8Qwy54k3K6grOtSaTZ4K6yhIpUT3cY4YPM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6e43EfV5qaWkWOnWFNCC dpNLH8otrXzKZB2GV2iIemVjUwDgfj3FNANdW9B1O3kU6hM53iDAk9z0EkqyEhky 4PL0shdOpYdASN3M48ZNNiESaCCAKt6EQzEjZ13sHtSdpMKI0OzH1QBtHudcaoyJ DBBHDgmwiGQpI7c02wDCTjGwtW35AgG4GyUQkF/5L4oArQaaEj/ZRObaHtPoDiJc 0GhbG4XJMbGpMdG5qolYFdwJeMj1WM5FDm5UtfpHxrIQuxoPJe29QX9qI7qgOs/o 21GfkVyLG/Pk8zDV6jSd0I4ngM/l9/s9me85qMBWkXuXh+DxTmsYC6i2Uy9LjmMx tStyuFIoxVzZ2OkMqX2EP3uMEQdQ3hhlW/pPFZnIPPaUWlftI4+QjrnM702SrSAM W+8R1nr4wCyd0uMcTC9T0BopUi1MsgaTOiO7RMNaVVs9RkL6BX/PA1wvMs9ZoT7U dZdQbPBbcJIXCqPO9XFdf3PsbRLDmoLrOZJLaB4N5UIij8P9EcG+927KnuiUZ0X8 vedCRJNK+6Oy9vQrXXb6GwMG8NLWpjCFAaoR74Qi9bHByFQcb89Ltr68uGwv2rjL WTw2x0UKWviimxCSe7wF6ZoOSadXctdtxNsqrn1FrsibzeJu5sbwvUyyzQSUeOoU f8oLnQbb856ERm4EVg/DjMsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 112040502088961949390439191404521671322 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-29 18:18:31 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-27 18:18:30 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manitoba' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Winnipeg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Department of Finance (Province of Manitoba)' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'uatimmunizationconsent.manitoba.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 954353290083718797916282188580679654057970587768878465034762061769876518042344699075350938775659070256737699569998846963832587957957218969863256483538638061179296461901220448061438456757889810102785173119493243150941243511991899230281511360108367852781269635064794086404456716136256923171333798089347365691834047285997776431948417625921302779781267148994266538810668725489827167758481468590987220323329967249535637442574278999037856557514360437237280703806532465299778650183653401976491714396359246019612518309299644120101641831499924246317097024996540042176795981439662356009079180456495225756702648296671724406989557873762787186139490543148624777768858435002102451886739621343562003810481043292414347595995081380174465705090214680941112981855696394907196674437802589642883498940380276882495338541854926583893670830533095721403623589593048972063007322111357123119488872865059235701288893399215632316372622940626575126321238170344983518866216002172798465329177860905055436666981403543390596992340196514605696338688198462196349444582664560026288795594156549797330433161569689136535964122042475895834805394430931540703953515708881389768826480455677006445209228808871107132723901713559733913397813584511141982927917052265413286916492491 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 810d147a493c9da840c70ad5a8f5ccd9477d5fa1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatimmunizationconsent.manitoba.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009374eaec5bd5f0137475547671666fedd84a1f6e8aeb041b5725d3e0bf6f8e7fcbf34d42b8b2c38390f3d7eab9cb1912307ac596bfbf2e5d535ec9bddcbdf5106c843f9921b7be4058747358236eaa69d0701cf54dd5b7c48dd696725b30027fdcd88dd46e2248ed04c0f86934fe91c5960546b4bb72f1cb4945afd2f773d09194ebaf52372268951c17c9febd506ee47da00cd3022033907dc3bae7037d0b3a45dd4912a5810a486432272db04696a0add834cd7db54f270910ffcd43fcda89eab48352adea083a91ad6b7722c89e52340848e447f2995e37d6c34ccfaba426679960f173347bc430cb9e24dcaea0aceb526936782baca1229513ddc63860f3