extern.cic.gc.ca
- Citizenship and Immigration Canada -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number 3b:1b:d7:ff:41:bd:52:e7:00:00:00:00:51:02:80:51 was issued on by Entrust, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Citizenship and Immigration Canada
Organization:
Citizenship and Immigration Canada
State / Province:
Ontario
Locality: Ottawa
Country: CA
Locality: Ottawa
Country: CA
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 3b:1b:d7:ff:41:bd:52:e7:00:00:00:00:51:02:80:51Serial Number (int): 78569024708082107207386245690466402385
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: 25:41:f3:6e:6e:c2:45:52:c2:ad:2c:d4:6d:9d:c1:38:eb:85:c4:59
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 55:f2:02:1e:e3:e6:d5:da:00:7c:5f:ec:16:47:ee:74:df:1d:cd:c6
Fingerprint (sha256): 27:e4:bc:96:ca:54:d1:e6:af:70:1d:d7:cc:2a:8e:dc:4b:6c:e4:11:99:7b:86:50:9f:32:8e:d1:1e:d3:b2:be
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate extern.cic.gc.ca
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for extern.cic.gc.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
extern.cic.gc.ca
extern.ci.gc.ca
extern.ci.gc.ca
Other certificates including the domain name cic.gc.ca
(limited to 100 certificates)
Secure.cic.gc.ca
remote.cic.gc.ca
refugee-refugie-development.apps.cic.gc.ca
newgcs-nouveaussc.cic.gc.ca
cic.gc.ca
icare-iedec.cic.gc.ca
portal-portail.apps.cic.gc.ca
prson-srpel-emergency-fix.apps.cic.gc.ca
gcmsjobbank-SYSTESTMEL.cic.gc.ca
eservices.cic.gc.ca
extern.cic.gc.ca
*.cic.gc.ca
mobile.cic.gc.ca
services3.cic.gc.ca
ct-tc-pef.apps.cic.gc.ca
gcmsjobbank-PRD.cic.gc.ca
frs-stg.cic.gc.ca
gccic-psoft-gchrms-ig.cic.gc.ca
cicgatewaysigning-aus.cic.gc.ca
refugee-refugie-sandbox.apps.cic.gc.ca
frs-prd.cic.gc.ca
gccic-psoft-ig-gc89cert.cic.gc.ca
prt-srp.apps.cic.gc.ca
gcs-ssc.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
extern.cic.gc.ca
citapply-citdemande.apps.cic.gc.ca
mobile.cic.gc.ca
pgp-development.apps.cic.gc.ca
ccps-stcc-trn.cic.gc.ca
sra-ads.cic.gc.ca
pgp-sandbox.apps.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
eservices.cic.gc.ca
extern.cic.gc.ca
refugee-refugie.apps.cic.gc.ca
portal-portail.apps.cic.gc.ca
gcmscasestatus-PRD.cic.gc.ca
*.ra.apps.cic.gc.ca
extern.cic.gc.ca
api.a2sc-csa2-dev.apps.cic.gc.ca
tempo-pef.cic.gc.ca
gcmsjobbank-STG.cic.gc.ca
esubmission-soumissionenligne.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
extern.cic.gc.ca
gcs-ssc.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
CICPRCard.cic.gc.ca
extern.cic.gc.ca
pgp.cic.gc.ca
citapply-citdemande.apps.cic.gc.ca
services3.cic.gc.ca
gcs-ssc-sys.cic.gc.ca
frs-ste.cic.gc.ca
api.pgp-vt-ov-sandbox.apps.cic.gc.ca
tempo-trn.cic.gc.ca
MAIL.cic.gc.ca
icare-iedec-train.canada.ca
gcmsjobbank-PRD.cic.gc.ca
tempo-pte.cic.gc.ca
b.sra-ads.cic.gc.ca
specialmeasures-mesuresspeciales-emergency-fix.apps.cic.gc.ca
extern.cic.gc.ca
gcmsjobbank-PRD.cic.gc.ca
icare-iedec.cic.gc.ca
tempo-ste.cic.gc.ca
ra.apps.cic.gc.ca
a.sra-ads.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
thingate.cic.gc.ca
*.cic.gc.ca
gcs-ssc.cic.gc.ca
cicgateway-dev.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
icare-iedec.cic.gc.ca
NJES1S1106.CI.GC.CA
gcmsPIL005-SYSTESTMEL.cic.gc.ca
frs-ste.cic.gc.ca
cic.gc.ca
gcs-ssc.cic.gc.ca
icare-iedec.cic.gc.ca
dmp-portal.cic.gc.ca
gcs-ssc.cic.gc.ca
frs-dev.cic.gc.ca
prson-srpel-dev.apps.cic.gc.ca
thingate.cic.gc.ca
gcmsPIL005-PRD.cic.gc.ca
mobile.cic.gc.ca
ct-tc-stg.apps.cic.gc.ca
prson-srpel-emergency-fix.apps.cic.gc.ca
thingate.cic.gc.ca
extern.cic.gc.ca
secure.cic.gc.ca
gcmscasestatus-PRD.cic.gc.ca
tracker-suivi.apps.cic.gc.ca
onlineservices-dev.ci.gc.ca
icare-iedec.cic.gc.ca
pgp-sandbox.apps.cic.gc.ca
cic.gc.ca
remote.cic.gc.ca
refugee-refugie-development.apps.cic.gc.ca
newgcs-nouveaussc.cic.gc.ca
cic.gc.ca
icare-iedec.cic.gc.ca
portal-portail.apps.cic.gc.ca
prson-srpel-emergency-fix.apps.cic.gc.ca
gcmsjobbank-SYSTESTMEL.cic.gc.ca
eservices.cic.gc.ca
extern.cic.gc.ca
*.cic.gc.ca
mobile.cic.gc.ca
services3.cic.gc.ca
ct-tc-pef.apps.cic.gc.ca
gcmsjobbank-PRD.cic.gc.ca
frs-stg.cic.gc.ca
gccic-psoft-gchrms-ig.cic.gc.ca
cicgatewaysigning-aus.cic.gc.ca
refugee-refugie-sandbox.apps.cic.gc.ca
frs-prd.cic.gc.ca
gccic-psoft-ig-gc89cert.cic.gc.ca
prt-srp.apps.cic.gc.ca
gcs-ssc.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
extern.cic.gc.ca
citapply-citdemande.apps.cic.gc.ca
mobile.cic.gc.ca
pgp-development.apps.cic.gc.ca
ccps-stcc-trn.cic.gc.ca
sra-ads.cic.gc.ca
pgp-sandbox.apps.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
eservices.cic.gc.ca
extern.cic.gc.ca
refugee-refugie.apps.cic.gc.ca
portal-portail.apps.cic.gc.ca
gcmscasestatus-PRD.cic.gc.ca
*.ra.apps.cic.gc.ca
extern.cic.gc.ca
api.a2sc-csa2-dev.apps.cic.gc.ca
tempo-pef.cic.gc.ca
gcmsjobbank-STG.cic.gc.ca
esubmission-soumissionenligne.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
extern.cic.gc.ca
gcs-ssc.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
CICPRCard.cic.gc.ca
extern.cic.gc.ca
pgp.cic.gc.ca
citapply-citdemande.apps.cic.gc.ca
services3.cic.gc.ca
gcs-ssc-sys.cic.gc.ca
frs-ste.cic.gc.ca
api.pgp-vt-ov-sandbox.apps.cic.gc.ca
tempo-trn.cic.gc.ca
MAIL.cic.gc.ca
icare-iedec-train.canada.ca
gcmsjobbank-PRD.cic.gc.ca
tempo-pte.cic.gc.ca
b.sra-ads.cic.gc.ca
specialmeasures-mesuresspeciales-emergency-fix.apps.cic.gc.ca
extern.cic.gc.ca
gcmsjobbank-PRD.cic.gc.ca
icare-iedec.cic.gc.ca
tempo-ste.cic.gc.ca
ra.apps.cic.gc.ca
a.sra-ads.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
thingate.cic.gc.ca
*.cic.gc.ca
gcs-ssc.cic.gc.ca
cicgateway-dev.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
icare-iedec.cic.gc.ca
NJES1S1106.CI.GC.CA
gcmsPIL005-SYSTESTMEL.cic.gc.ca
frs-ste.cic.gc.ca
cic.gc.ca
gcs-ssc.cic.gc.ca
icare-iedec.cic.gc.ca
dmp-portal.cic.gc.ca
gcs-ssc.cic.gc.ca
frs-dev.cic.gc.ca
prson-srpel-dev.apps.cic.gc.ca
thingate.cic.gc.ca
gcmsPIL005-PRD.cic.gc.ca
mobile.cic.gc.ca
ct-tc-stg.apps.cic.gc.ca
prson-srpel-emergency-fix.apps.cic.gc.ca
thingate.cic.gc.ca
extern.cic.gc.ca
secure.cic.gc.ca
gcmscasestatus-PRD.cic.gc.ca
tracker-suivi.apps.cic.gc.ca
onlineservices-dev.ci.gc.ca
icare-iedec.cic.gc.ca
pgp-sandbox.apps.cic.gc.ca
cic.gc.ca
Certificate
The complete raw certificate details for extern.cic.gc.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGzjCCBbagAwIBAgIQOxvX/0G9UucAAAAAUQKAUTANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y MDA0MTMxNjM5MTdaFw0yMTA0MjUxNzA5MTZaMHgxCzAJBgNVBAYTAkNBMRAwDgYD VQQIEwdPbnRhcmlvMQ8wDQYDVQQHEwZPdHRhd2ExKzApBgNVBAoTIkNpdGl6ZW5z aGlwIGFuZCBJbW1pZ3JhdGlvbiBDYW5hZGExGTAXBgNVBAMTEGV4dGVybi5jaWMu Z2MuY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsXtcN1BHHxa5g jFlc9YI+A/+ywfA1fGX3T0HXMO/603dlYaXijOYvmEhxtCj7Fh/0qqHeWjXAvV29 O7vYnYMT7gXXO+uvdwH6FoxouAt48qTBZle8GVMKCwmMLQbdQciadiYnbVnyXeLQ kGol/hf2WryNDXDLADs9a+RbUbw7zuxy9OGgXh3Vy4Gq3ZGYQCXv4kE0o3KyO+Xo EiIZHeA37KOcoX3BTsCPJWLNLRyAE2VQmywh9Ofsf8fipeDqcLyErbTPu22CnSA6 ChfaakyTlQmoZT6gyyhUeyX1NaPIIvF+sfoJs+JlY/8LvIMw6vBCecBW8ZX1K35U KD0mNl1jAgMBAAGjggMPMIIDCzAsBgNVHREEJTAjghBleHRlcm4uY2ljLmdjLmNh gg9leHRlcm4uY2kuZ2MuY2EwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB1AFWB 1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABcXSERHQAAAQDAEYwRAIg Ip1dKmLxP9h8GizATj370a1e+Xmwe8I0B7lcPpH7vX4CIA/4xcqB4kM7gGLgKc3Z 9fHuTWzeKU+/wWyOAn3/DuzQAHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq /16ggw8AAAFxdIREnwAABAMARzBFAiEAmUOhdmsm79Uw31XyvQdj5auxqRHiocfp x8Fa6lInmdECIFHEE1HPPR7d93UILaSvDIVyZn2wRk6hdMQgiq7v9bYFAHYAfT7y +I//iFVoJMLAyp5SiXkrxQ54CX8uapdomX4i8NcAAAFxdIRE7QAABAMARzBFAiEA yXk3FW3l36iZYfIixWYOc6YS2Q+HtFCYxBx9O8I2KOQCIBNWXCrWzxw4vp7KlPPj XF1Oqft7Xwwal9NWoiuNOgklMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggr BgEFBQcDATAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0 L2xldmVsMWsuY3JsMEsGA1UdIAREMEIwNgYKYIZIAYb6bAoBBTAoMCYGCCsGAQUF BwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0L3JwYTAIBgZngQwBAgIwaAYIKwYB BQUHAQEEXDBaMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAz BggrBgEFBQcwAoYnaHR0cDovL2FpYS5lbnRydXN0Lm5ldC9sMWstY2hhaW4yNTYu Y2VyMB8GA1UdIwQYMBaAFIKicHTdvFM/z3vU981/p2DGCky/MB0GA1UdDgQWBBQl QfNubsJFUsKtLNRtncE464XEWTAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IB AQAvnh4Oxb1m8/q61XxPkQjzojWhn9MA/S31lSYnpX7RgcTY7AUYxeCvb7GV9OUg caTRxbBjyVg6WiMkUUecFpryK6fK9Z3GNVQPQFanKVr16fB2csNKCo8QDqabc55i Sf7eeqDLpBd8+RHQLPQysg/mUvLsjSqu7sAW7dRX035IeIih22goilknZC9MHVsK o6vlFKY2/hPGw2knENp/O5YLO0G/tveNRUAXed26ROYGyhcwEtmzIpimuHbMqHv6 dvDSAPYcCuwRYlURhjhVVs5FXI3YBI+TQFpMPN23OBfmvz+5FE/Nh0fhp3OeZDUh QcMB4N+C4Kg9p2OdMuYW3n1X -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArF7XDdQRx8WuYIxZXPWC PgP/ssHwNXxl909B1zDv+tN3ZWGl4ozmL5hIcbQo+xYf9Kqh3lo1wL1dvTu72J2D E+4F1zvrr3cB+haMaLgLePKkwWZXvBlTCgsJjC0G3UHImnYmJ21Z8l3i0JBqJf4X 9lq8jQ1wywA7PWvkW1G8O87scvThoF4d1cuBqt2RmEAl7+JBNKNysjvl6BIiGR3g N+yjnKF9wU7AjyVizS0cgBNlUJssIfTn7H/H4qXg6nC8hK20z7ttgp0gOgoX2mpM k5UJqGU+oMsoVHsl9TWjyCLxfrH6CbPiZWP/C7yDMOrwQnnAVvGV9St+VCg9JjZd YwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 78569024708082107207386245690466402385 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-13 16:39:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-25 17:09:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ottawa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Citizenship and Immigration Canada' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'extern.cic.gc.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21759755828205468423258232547902355421655163273210491131860218857260728009714445204210526641143626907979341240485865360375696814781789361913603305149512929176120057022209982784548391855426674918622320517660966292981377284895934489686982906367574405597534850654024023327080276308034778763117811933967870206599424674178668050746298308371058659847094466579619719642393744473229815866499203264441227556797443823870107128360494193613500648693048513117192833929125164456581965735093023532799425052932358540415548937998808133197644388521387448676580634101089245140805182890891551589860448636439723653242043705443709472890211 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (37 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'extern.cic.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'extern.ci.gc.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 01670075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001717484447400000403004630440220229d5d2a62f13fd87c1a2cc04e3dfbd1ad5ef979b07bc23407b95c3e91fbbd7e02200ff8c5ca81e2433b8062e029cdd9f5f1ee4d6cde294fbfc16c8e027dff0eecd00076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f000001717484449f00000403004730450221009943a1766b26efd530df55f2bd0763e5abb1a911e2a1c7e9c7c15aea522799d1022051c41351cf3d1eddf775082da4af0c8572667db0464ea174c4208aaeeff5b6050076007d3ef2f88fff88556824c2c0ca9e5289792bc50e78097f2e6a9768997e22f0d700000171748444ed0000040300473045022100c97937156de5dfa89961f222c5660e73a612d90f87b45098c41c7d3bc23628e4022013565c2ad6cf1c38be9eca94f3e35c5d4ea9fb7b5f0c1a97d356a22b8d3a0925 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2541f36e6ec24552c2ad2cd46d9dc138eb85c459 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002f9e1e0ec5bd66f3fabad57c4f9108f3a235a19fd300fd2df5952627a57ed181c4d8ec0518c5e0af6fb195f4e52071a4d1c5b063c9583a5a232451479c169af22ba7caf59dc635540f4056a7295af5e9f07672c34a0a8f100ea69b739e6249fede7aa0cba4177cf911d02cf432b20fe652f2ec8d2aaeeec016edd457d37e487888a1db68288a5927642f4c1d5b0aa3abe514a636fe13c6c3692710da7f3b960b3b41bfb6f78d45401779ddba44e606ca173012d9b32298a6b876cca87bfa76f0d200f61c0aec1162551186385556ce455c8dd8048f93405a4c3cddb73817e6bf3fb9144fcd8747e1a7739e64352141c301e0df82e0a83da7639d32e616de7d57