saml.managed.entrust.net

- Entrust Inc. -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 37:eb:7f:33:41:2e:53:34:00:00:00:00:50:fa:1e:da was issued on by Entrust, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Entrust Inc.

Organization: Entrust Inc.
State / Province: Ontario
Locality: Kanata
Country: CA

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 37:eb:7f:33:41:2e:53:34:00:00:00:00:50:fa:1e:da
Serial Number (int): 74330309456754538633777585948395708122
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 84:76:8a:b1:a2:b6:e1:f2:8f:4a:ee:61:64:05:54:f6:20:dd:66:47
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): 48:99:22:d5:78:0a:ab:87:1e:4d:3c:ba:10:f8:b2:43:e7:d6:48:b9
Fingerprint (sha256): 2b:fb:d4:9c:ad:7e:6d:a4:33:6a:46:dc:35:a7:15:90:50:ad:b3:f7:cd:6a:ca:2c:65:40:16:d3:ef:d1:a6:08

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate saml.managed.entrust.net

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for saml.managed.entrust.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

saml.managed.entrust.net

Other certificates including the domain name entrust.net

(limited to 100 certificates)
www.entrust.net
buy.entrust.net
validg2.entrust.net
www.entrust.net
validec.entrust.net
ottmgmt.entrust.net
certenroll.entrust.net
testcertificate5.entrust.net
discovery.entrust.net
privateott.entrust.net
validecc.entrust.net
confirm.entrust.net
home.entrust.net
revokedg2.entrust.net
testcertificate.entrust.net
cloud.entrust.net
revokedg2.entrust.net
managed.entrust.net
stgportal.entrust.net
validp384tlsr2022.entrust.net
Taha.test2.entrust.net
confirm.entrust.net
enroll.entrust.net
www.entrust.net
validev.entrust.net
certenroll.entrust.net
privateott.entrust.net
partners.entrust.net
evupdater.entrust.net
www.entrust.net
revokedg2.entrust.net
validev.entrust.net
validec.entrust.net
home.entrust.net
stgportal.entrust.net
validec.entrust.net
evupdater.entrust.net
testcertificate8.entrust.net
validev.entrust.net
cloud.entrust.net
managed.entrust.net
validp384evtlsr2022.entrust.net
ecscloudapp.entrust.net
vira.entrust.net
privateott.entrust.net
www.entrust.net
www.entrust.net
indusfaceconsulting.entrust.net
partneradmin.entrust.net
testcertificate.entrust.net
ecsf2f.entrust.net
enroll.entrust.net
logininternal.entrust.net
validev.entrust.net
enroll.entrust.net
expiredg2.entrust.net
certchecker.entrust.net
revokedev.entrust.net
ecsf2f.entrust.net
validg2.entrust.net
www.entrust.net
verification.entrust.net
discovery.entrust.net
www.entrust.net
testcertificate2.entrust.net
evupdater.entrust.net
expiredg2.entrust.net
ecsigfmexternal.entrust.net
saml.managed.entrust.net
revoked4kevtlsr2022.entrust.net
revokedg2.entrust.net
expiredg2.entrust.net
buy.entrust.net
partners.entrust.net
login.entrust.net
managed.entrust.net
login.entrust.net
www.entrust.net
expiredev.entrust.net
ocsp.entrust.net
ottinfragw.entrust.net
ecsf2f.entrust.net
ott-aftadc02.int.entrust.net
tormgmt.entrust.net
privateott.entrust.net
certenroll.entrust.net
buy.entrust.net
vira.entrust.net
ssltest.entrust.net
testcertificate.entrust.net
timestamp.entrust.net
revokedec.entrust.net
www.entrust.net
privatetor.entrust.net
managed.entrust.net
test.testcertificates.com
www.entrust.net
cloud.entrust.net
testcertificate2.entrust.net
2048test.entrust.net

Certificate

The complete raw certificate details for saml.managed.entrust.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIQN+t/M0EuUzQAAAAAUPoe2jANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0x
OTExMTMyMDAyMDFaFw0yMTA5MjQyMDMyMDBaMGoxCzAJBgNVBAYTAkNBMRAwDgYD
VQQIEwdPbnRhcmlvMQ8wDQYDVQQHEwZLYW5hdGExFTATBgNVBAoTDEVudHJ1c3Qg
SW5jLjEhMB8GA1UEAxMYc2FtbC5tYW5hZ2VkLmVudHJ1c3QubmV0MIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOGx3J1NLWsijBGZuNUrQRrBulFI/iao
F0IvMkmTNXIW8TmMletXazFRTpLtlhr2wPTx0DWVD2Rzefh5Le98POYokhQaq1a1
sGY9MXyUlWiUFwNpexLC1qGd0vrnz1gbuGlqXkqJpFgAaj7SljnqqdkVjamxAzxp
Vfyu2VyqpSS45IM7bvkbXaDifANYNLQukRJb9a1rDaEcjbI3+jpJ12MyVDOJG34L
r6e6Lx/VNIuHnBmufWByYaw0G1U8cKz6KCgzY9jlrA9/Hn4vYl2h8Bi6Yt0lXCpG
f4Try+nl3EXKSkpviJ53VVQgxxvjdUdk7uVfTOibsPN5bZQMlFILfwIDAQABo4IB
pDCCAaAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwIwYDVR0RBBwwGoIYc2FtbC5tYW5h
Z2VkLmVudHJ1c3QubmV0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRy
dXN0Lm5ldC9sZXZlbDFrLmNybDBLBgNVHSAERDBCMDYGCmCGSAGG+mwKAQUwKDAm
BggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwCAYGZ4EMAQIC
MGgGCCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVz
dC5uZXQwMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFrLWNo
YWluMjU2LmNlcjAfBgNVHSMEGDAWgBSConB03bxTP8971PfNf6dgxgpMvzAdBgNV
HQ4EFgQUhHaKsaK24fKPSu5hZAVU9iDdZkcwCQYDVR0TBAIwADANBgkqhkiG9w0B
AQsFAAOCAQEAMtM4R8MdG/FDjIo+01bPUBA0o1STEFDEnG1aFJFiSsvEEzzaJ5BZ
fSuKUxWnoJmcftYAStlry/4yU5Xnqy4rRkDyu4I88LLV2wVTH8wASdl76QV6J/yI
6LmNmpk+URh8XAtm5xC4Kl6gXhcfJBU/Lj8dpxmhbsfbqRSeuE4Y5Ff2vZ1Fyqar
3nSXGq9UoHMqruAX65onYyQhncCwNkR/9wLa88aAz8NNCuAz2DuYqFLh8PT+HAHR
fQFzV6DJJK5ZbfROa9iUY2LzEsQL/aVELhwgG7ZYSTErbf4tVQauX0agxh1mR3u1
Jw3z5FjFGZTFHB38OZw+evPkHp09lJapjA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOGx3J1NLWsijBGZuNUr
QRrBulFI/iaoF0IvMkmTNXIW8TmMletXazFRTpLtlhr2wPTx0DWVD2Rzefh5Le98
POYokhQaq1a1sGY9MXyUlWiUFwNpexLC1qGd0vrnz1gbuGlqXkqJpFgAaj7Sljnq
qdkVjamxAzxpVfyu2VyqpSS45IM7bvkbXaDifANYNLQukRJb9a1rDaEcjbI3+jpJ
12MyVDOJG34Lr6e6Lx/VNIuHnBmufWByYaw0G1U8cKz6KCgzY9jlrA9/Hn4vYl2h
8Bi6Yt0lXCpGf4Try+nl3EXKSkpviJ53VVQgxxvjdUdk7uVfTOibsPN5bZQMlFIL
fwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 74330309456754538633777585948395708122
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-13 20:02:01 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-09-24 20:32:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Kanata'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'saml.managed.entrust.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16269797275997731859017750496673089299722090194602757251204576535967373717279196361885101207425841852070579968019045757729004381437030305629429405534247544095229140603255544580878897448274159073178160286367644488376978805650160413267832328987262656963071945163204274899981078338261953633257003341943612229041593514173363687312402161283219592161595565396884113404930127368136577187681958043746135456660895261015390853255837402329278771690910028444667046553705751450524578740110504142732907798833525330245375767308454404943834084438271974294381660258686878378243807727543242792991387808137604760290318951170977270205311
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'saml.managed.entrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							84768ab1a2b6e1f28f4aee61640554f620dd6647
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0032d33847c31d1bf1438c8a3ed356cf501034a354931050c49c6d5a1491624acbc4133cda2790597d2b8a5315a7a0999c7ed6004ad96bcbfe325395e7ab2e2b4640f2bb823cf0b2d5db05531fcc0049d97be9057a27fc88e8b98d9a993e51187c5c0b66e710b82a5ea05e171f24153f2e3f1da719a16ec7dba9149eb84e18e457f6bd9d45caa6abde74971aaf54a0732aaee017eb9a276324219dc0b036447ff702daf3c680cfc34d0ae033d83b98a852e1f0f4fe1c01d17d017357a0c924ae596df44e6bd8946362f312c40bfda5442e1c201bb65849312b6dfe2d5506ae5f46a0c61d66477bb5270df3e458c51994c51c1dfc399c3e7af3e41e9d3d9496a98c