dstsia-sspdai.hc-sc.gc.ca
- Health Canada -
Issued by Entrust Certification Authority - L1C
About this certificate
This digital certificate with serial number 4c:1f:9e:25 was issued on by Entrust, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Health Canada
Organization:
Health Canada
State / Province:
Ontario
Locality: Ottawa
Country: CA
Locality: Ottawa
Country: CA
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 4c:1f:9e:25Serial Number (int): 1277140517
Serial Number lenght: 31 bits, 4 octets
SubjectKeyId: 88:fa:0a:65:59:0a:10:3e:e9:8c:95:0a:75:37:21:19:b7:26:a1:79
AuthorityKeyId: 1e:f1:ab:89:06:f8:49:0f:01:33:77:ee:14:7a:ee:19:7c:93:28:4d
Fingerprint (sha1): c8:84:9e:c5:28:9e:5c:fb:d5:bc:7d:c7:0b:60:60:cd:cb:58:c9:bc
Fingerprint (sha256): 28:0d:49:fd:d2:9e:dc:fe:08:49:f5:81:4a:9d:f9:da:36:fd:0d:37:56:28:82:70:36:0e:72:20:9d:b6:66:26
Issuing Certificate URL: http://aia.entrust.net/2048-l1c.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1c.crl
Check the revocation status for certificate dstsia-sspdai.hc-sc.gc.ca
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for dstsia-sspdai.hc-sc.gc.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
dstsia-sspdai.hc-sc.gc.ca
Other certificates including the domain name hc-sc.gc.ca
(limited to 100 certificates)
training.mtrs-sctrm.hc-sc.gc.ca
HCQCK1AWVDCT001.tqa.hc-sc.gc.ca
ers-ser.hc-sc.gc.ca
HCQCK1AwvAST063.hc-sc.gc.ca
*.uat.hc-sc.gc.ca
ers-auth-ser-lb.hc-sc.gc.ca
h2o.hc-sc.gc.ca
biosecurity-portal.hc-sc.gc.ca
cgnw-01.hc-sc.gc.ca
sdx-edp.hc-sc.gc.ca
wasext-prd-1.hc-sc.gc.ca
eprs-serp.hc-sc.gc.ca
hc4ecc6.hc-sc.gc.ca
hconk2ewvasp001.hc-sc.gc.ca
mtrs-sctrm.hc-sc.gc.ca
PTH-PROXY.hc-sc.gc.ca
HCONK1VWVDCP002.ad.hc-sc.gc.ca
istopxrm.hc-sc.gc.ca
utils-test.hc-sc.gc.ca
gateway-passerelle.preprod.hc-sc.gc.ca
nihb-atl-fax.hc-sc.gc.ca
Inotes.hc-sc.gc.ca
SAD-TEM-DV1.hc-sc.gc.ca
HCONK1AwvAST058.hc-sc.gc.ca
int-services3.dev.hc-sc.gc.ca
eprs-serp.hc-sc.gc.ca
sad-pt2-devap1.hc-sc.gc.ca
cloud-vpn.hc-sc.gc.ca
www.mtrs-sctrm.hc-sc.gc.ca
international-health-commitments.canada.ca
training.mtrs-sctrm.hc-sc.gc.ca
sap-cms.hc-sc.gc.ca
HCQCK1AWVDCT002.tqa.hc-sc.gc.ca
training.mtrs-sctrm.hc-sc.gc.ca
dev.mg-dsol.mapgears.com
cgnw-01.hc-sc.gc.ca
int-services1.preprod.hc-sc.gc.ca
sgpp-dt.hc-sc.gc.ca
ocs-bsc.hc-sc.gc.ca
int-services1.uat.hc-sc.gc.ca
sdx-edp.hc-sc.gc.ca
ctls-sscdl.hc-sc.gc.ca
PTH-PROXY-TRAIN.hc-sc.gc.ca
webprod4.hc-sc.gc.ca
*.hc-sc.gc.ca
aero-oitc.phac-aspc.gc.ca
app80.hc-sc.gc.ca
ers-auth-ser.hc-sc.gc.ca
keycloak.hc-sc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
www.reclassification.hc-sc.gc.ca
sad-pth-qaap1.hc-sc.gc.ca
*.preprod.hc-sc.gc.ca
sad-pth-catap1.hc-sc.gc.ca
gateway-passerelle.uat.hc-sc.gc.ca
nnhpd-pla-dlmm-dpsnso.hc-sc.gc.ca
biosecurity-portal.hc-sc.gc.ca
pub-tom-mono.hc-sc.gc.ca
mobile.hc-sc.gc.ca
aids.gc.ca
h2o.hc-sc.gc.ca
www.CNF-CFG-classification-FCEN-GAC.hc-sc.gc.ca
dstsia-sspdai.hc-sc.gc.ca
CTXADC-HC-MCDC.HC-SC.GC.CA
collaboration.hc-sc.gc.ca
SAD-TEM-DV1.tqa.hc-sc.gc.ca
sgpp-dt.hc-sc.gc.ca
inotes.hc-sc.gc.ca
trn-csims-sgici.hc-sc.gc.ca
hc5ecc6.hc-sc.gc.ca
dev.mg-dsol.mapgears.com
fnihis-sispni.hc-sc.gc.ca
biosecurity-portal.hc-sc.gc.ca
uvupdatertest.hc-sc.gc.ca
ers-test-ser.hc-sc.gc.ca
www.CNF-CFG-classification-FCEN-GAC.hc-sc.gc.ca
sec2.hc-sc.gc.ca
HCONK1VWVDCP005.ad.hc-sc.gc.ca
tem01.hc-sc.gc.ca
dev.mg-dsol.mapgears.com
utils-test.hc-sc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
WAS7-SEXT-IHS.hc-sc.gc.ca
pr-rdb.hc-sc.gc.ca
www.reclassification.hc-sc.gc.ca
mfcsg01.hc-sc.gc.ca
ers-auth-ser-lb.hc-sc.gc.ca
sinpappsas-02.hc-sc.gc.ca
nihb-mb-faxfinder.hc-sc.gc.ca
cvp-pcv.hc-sc.gc.ca
int-services2.dev.hc-sc.gc.ca
DSTSIA-SSPDAI.hc-sc.gc.ca
www.fptgn-gnfpt.hc-sc.gc.ca
github.hc-sc.gc.ca
portaildgpsa.hc-sc.gc.ca
weboffice.hc-sc.gc.ca
sec2.hc-sc.gc.ca
sad-pth-qaap1.hc-sc.gc.ca
documents-dev.hc-sc.gc.ca
HCQCK1AWVDCT001.tqa.hc-sc.gc.ca
ers-ser.hc-sc.gc.ca
HCQCK1AwvAST063.hc-sc.gc.ca
*.uat.hc-sc.gc.ca
ers-auth-ser-lb.hc-sc.gc.ca
h2o.hc-sc.gc.ca
biosecurity-portal.hc-sc.gc.ca
cgnw-01.hc-sc.gc.ca
sdx-edp.hc-sc.gc.ca
wasext-prd-1.hc-sc.gc.ca
eprs-serp.hc-sc.gc.ca
hc4ecc6.hc-sc.gc.ca
hconk2ewvasp001.hc-sc.gc.ca
mtrs-sctrm.hc-sc.gc.ca
PTH-PROXY.hc-sc.gc.ca
HCONK1VWVDCP002.ad.hc-sc.gc.ca
istopxrm.hc-sc.gc.ca
utils-test.hc-sc.gc.ca
gateway-passerelle.preprod.hc-sc.gc.ca
nihb-atl-fax.hc-sc.gc.ca
Inotes.hc-sc.gc.ca
SAD-TEM-DV1.hc-sc.gc.ca
HCONK1AwvAST058.hc-sc.gc.ca
int-services3.dev.hc-sc.gc.ca
eprs-serp.hc-sc.gc.ca
sad-pt2-devap1.hc-sc.gc.ca
cloud-vpn.hc-sc.gc.ca
www.mtrs-sctrm.hc-sc.gc.ca
international-health-commitments.canada.ca
training.mtrs-sctrm.hc-sc.gc.ca
sap-cms.hc-sc.gc.ca
HCQCK1AWVDCT002.tqa.hc-sc.gc.ca
training.mtrs-sctrm.hc-sc.gc.ca
dev.mg-dsol.mapgears.com
cgnw-01.hc-sc.gc.ca
int-services1.preprod.hc-sc.gc.ca
sgpp-dt.hc-sc.gc.ca
ocs-bsc.hc-sc.gc.ca
int-services1.uat.hc-sc.gc.ca
sdx-edp.hc-sc.gc.ca
ctls-sscdl.hc-sc.gc.ca
PTH-PROXY-TRAIN.hc-sc.gc.ca
webprod4.hc-sc.gc.ca
*.hc-sc.gc.ca
aero-oitc.phac-aspc.gc.ca
app80.hc-sc.gc.ca
ers-auth-ser.hc-sc.gc.ca
keycloak.hc-sc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
www.reclassification.hc-sc.gc.ca
sad-pth-qaap1.hc-sc.gc.ca
*.preprod.hc-sc.gc.ca
sad-pth-catap1.hc-sc.gc.ca
gateway-passerelle.uat.hc-sc.gc.ca
nnhpd-pla-dlmm-dpsnso.hc-sc.gc.ca
biosecurity-portal.hc-sc.gc.ca
pub-tom-mono.hc-sc.gc.ca
mobile.hc-sc.gc.ca
aids.gc.ca
h2o.hc-sc.gc.ca
www.CNF-CFG-classification-FCEN-GAC.hc-sc.gc.ca
dstsia-sspdai.hc-sc.gc.ca
CTXADC-HC-MCDC.HC-SC.GC.CA
collaboration.hc-sc.gc.ca
SAD-TEM-DV1.tqa.hc-sc.gc.ca
sgpp-dt.hc-sc.gc.ca
inotes.hc-sc.gc.ca
trn-csims-sgici.hc-sc.gc.ca
hc5ecc6.hc-sc.gc.ca
dev.mg-dsol.mapgears.com
fnihis-sispni.hc-sc.gc.ca
biosecurity-portal.hc-sc.gc.ca
uvupdatertest.hc-sc.gc.ca
ers-test-ser.hc-sc.gc.ca
www.CNF-CFG-classification-FCEN-GAC.hc-sc.gc.ca
sec2.hc-sc.gc.ca
HCONK1VWVDCP005.ad.hc-sc.gc.ca
tem01.hc-sc.gc.ca
dev.mg-dsol.mapgears.com
utils-test.hc-sc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
WAS7-SEXT-IHS.hc-sc.gc.ca
pr-rdb.hc-sc.gc.ca
www.reclassification.hc-sc.gc.ca
mfcsg01.hc-sc.gc.ca
ers-auth-ser-lb.hc-sc.gc.ca
sinpappsas-02.hc-sc.gc.ca
nihb-mb-faxfinder.hc-sc.gc.ca
cvp-pcv.hc-sc.gc.ca
int-services2.dev.hc-sc.gc.ca
DSTSIA-SSPDAI.hc-sc.gc.ca
www.fptgn-gnfpt.hc-sc.gc.ca
github.hc-sc.gc.ca
portaildgpsa.hc-sc.gc.ca
weboffice.hc-sc.gc.ca
sec2.hc-sc.gc.ca
sad-pth-qaap1.hc-sc.gc.ca
documents-dev.hc-sc.gc.ca
Certificate
The complete raw certificate details for dstsia-sspdai.hc-sc.gc.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgIETB+eJTANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMC VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 Lm5ldC9ycGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW KGMpIDIwMDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZp Y2F0aW9uIEF1dGhvcml0eSAtIEwxQzAeFw0xMzA0MjYxMjA4MTZaFw0xNzA1MTUx NDQwMzRaMGwxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMQ8wDQYDVQQH EwZPdHRhd2ExFjAUBgNVBAoTDUhlYWx0aCBDYW5hZGExIjAgBgNVBAMTGWRzdHNp YS1zc3BkYWkuaGMtc2MuZ2MuY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQCnl+evZhsZ+M1NvnLucwBn0hKQRluuf1OAF/g4Sg9qDnZ51W3iOwgW2As4 F07jGMz45g+C6eNPEwfTAQZWtePFeUixVl7WWZtFjblgqvZGkn6wsTZhtIXAKv07 EX+DAhm/uI16WbgeulwcULpRa6+g2OxYXIcQ4JiY0Ws59PKRZOmDMli4CKzMWPnf uPrMHBmJV6Ji0XB4l+oAGELigjVCUvm5b5ijBijprV00mgG1o7DDRuGfxxefgFjm Sch3EcxHftxLcLNz5WclL90Zh8nCdQZ8F4jeSNHKebWZ65C8QPGE188/YFYTrYG/ kK30zSSP08GBEyidvBobi7xThrbzAgMBAAGjggGIMIIBhDALBgNVHQ8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDMGA1UdHwQsMCowKKAmoCSG Imh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwxYy5jcmwwZAYIKwYBBQUHAQEE WDBWMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAvBggrBgEF BQcwAoYjaHR0cDovL2FpYS5lbnRydXN0Lm5ldC8yMDQ4LWwxYy5jZXIwSgYDVR0g BEMwQTA1BgkqhkiG9n0HSwIwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRy dXN0Lm5ldC9ycGEwCAYGZ4EMAQICMCQGA1UdEQQdMBuCGWRzdHNpYS1zc3BkYWku aGMtc2MuZ2MuY2EwHwYDVR0jBBgwFoAUHvGriQb4SQ8BM3fuFHruGXyTKE0wHQYD VR0OBBYEFIj6CmVZChA+6YyVCnU3IRm3JqF5MAkGA1UdEwQCMAAwDQYJKoZIhvcN AQEFBQADggEBAFGgpALFwkyNtJqesHRJUSCmvaNZ1aURjQzIkaOf441rNKUi2BWb UV/+8K+8KW59P4fHmBEf94fzgzdekW4M1vDrGqTvEcUazCy38GvnEmYWqMzmdwLt e9Dt7/svH8YmIFwAspas+SKGhD7w1k/Klo1M3UN+Vq9YHTnOMpR3UOFzqq27viP3 dfFhhIfKRaF7iSIqwDN0/zQNa/Sa71qqgFuZKEOU9vNdVbSHdtpFcKJZoNnyPe/S 3kgc31F5mlzq6b70KgyrShCDLuUSEq4pYyEpik+HxfOyURWfEQCajJMV2Dxk5T1P /unLOLfl+gOgwzeCstFvhx4NpycHCc2vS6E= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5fnr2YbGfjNTb5y7nMA Z9ISkEZbrn9TgBf4OEoPag52edVt4jsIFtgLOBdO4xjM+OYPgunjTxMH0wEGVrXj xXlIsVZe1lmbRY25YKr2RpJ+sLE2YbSFwCr9OxF/gwIZv7iNelm4HrpcHFC6UWuv oNjsWFyHEOCYmNFrOfTykWTpgzJYuAiszFj537j6zBwZiVeiYtFweJfqABhC4oI1 QlL5uW+YowYo6a1dNJoBtaOww0bhn8cXn4BY5knIdxHMR37cS3Czc+VnJS/dGYfJ wnUGfBeI3kjRynm1meuQvEDxhNfPP2BWE62Bv5Ct9M0kj9PBgRMonbwaG4u8U4a2 8wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1277140517 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.entrust.net/rpa is incorporated by reference' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2009 Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1C' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-04-26 12:08:16 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-05-15 14:40:34 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ottawa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Health Canada' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dstsia-sspdai.hc-sc.gc.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21156704086582952378535596057201046561351512179594386581131388974996438382483186864357904884792934585356663013145052091632884398425045012464877222856207247771117650873133000111913979627195938243647375020550502749160216299018360074801910347857099416803964427999955917083812361796754830645791553832723606127669076538318063999599068203463592357225842596901836970710226910053295385303690354289935502867388439892694334202199214491311683689949763804407249446961371756567078526425221891474737232640291155088363126436689841433448878786156863598243097353537922387613605455065519857334074638549373591499991087012347824686151411 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1c.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/2048-l1c.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113533.7.75.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dstsia-sspdai.hc-sc.gc.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1ef1ab8906f8490f013377ee147aee197c93284d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 88fa0a65590a103ee98c950a75372119b726a179 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0051a0a402c5c24c8db49a9eb074495120a6bda359d5a5118d0cc891a39fe38d6b34a522d8159b515ffef0afbc296e7d3f87c798111ff787f383375e916e0cd6f0eb1aa4ef11c51acc2cb7f06be7126616a8cce67702ed7bd0edeffb2f1fc626205c00b296acf92286843ef0d64fca968d4cdd437e56af581d39ce32947750e173aaadbbbe23f775f1618487ca45a17b89222ac03374ff340d6bf49aef5aaa805b99284394f6f35d55b48776da4570a259a0d9f23defd2de481cdf51799a5ceae9bef42a0cab4a10832ee51212ae296321298a4f87c5f3b251159f11009a8c9315d83c64e53d4ffee9cb38b7e5fa03a0c33782b2d16f871e0da7270709cdaf4ba1