test1-cba-sso.experian.com.au

- Experian Information Solutions, Inc. -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 27:9c:57:54:4b:7e:e1:8a:9a:5e:78:a6:39:b2:7b:b5 was issued on by Entrust, Inc..

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Experian Information Solutions, Inc.

Organization: Experian Information Solutions, Inc.
State / Province: Texas
Locality: Allen
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 27:9c:57:54:4b:7e:e1:8a:9a:5e:78:a6:39:b2:7b:b5
Serial Number (int): 52651661393709086525935586104287853493
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: af:36:d9:95:18:4b:6c:74:e4:0a:7b:19:61:ec:7c:d8:dd:6b:c2:8e
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): c2:f4:f4:1c:bd:22:39:5a:67:08:51:ef:47:31:32:20:16:f7:62:35
Fingerprint (sha256): 30:7a:00:23:b1:99:86:42:0f:8b:90:39:ca:a2:54:a7:b6:2c:bf:33:c1:16:a3:09:45:cb:a1:72:35:a4:3d:bc

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate test1-cba-sso.experian.com.au

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for test1-cba-sso.experian.com.au

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

test1-cba-sso.experian.com.au

Other certificates including the domain name experian.com.au

(limited to 100 certificates)
www.experian.co.jp
uat.fraudnet.experian.com.au
creditservices.experian.com.au
wbc-ws-connectivity.experian.com.au
correx-bat.experian.com.au
voltbank.experian.com.au
cba-mi.experian.com.au
incapsula.com
cde.experian.com.au
incapsula.com
incapsula.com
incapsula.com
incapsula.com
api.uat.crosscore.experian.com.au
incapsula.com
wbc-pcc.experian.com.au
incapsula.com
incapsula.com
kxs-encryption.experian.com.au
uat-tallymanrams-gateway.secure.experian.com.au
incapsula.com
www.experian.co.jp
creditservices-uat.experian.com.au
correx.experian.com.au
login.crosscore.experian.com.au
creditservices-uat.experian.com.au
support.fraudnet.experian.com.au
test1-cba-ws.experian.com.au
incapsula.com
training-cba-collections.experian.com.au
demo-gateway.experian.com.au
correx.experian.com.au
incapsula.com
qat.fraudnet.experian.com.au
h2.experian.com.au
eacollections.experian.com.au
h2.experian.com.au
training-cba-api.experian.com.au
trn-wbc-ws.experian.com.au
npd-wbc-client.experian.com.au
cdsw-wb-mel.experian.com.au
incapsula.com
uat.crosscore.experian.com.au
ppd-wbc-sso.experian.com.au
dev-asb-sso.experian.com.au
wbc-sso.experian.com.au
incapsula.com
horizon.experian.com.au
sftm.stg.experian.com.au
incapsula.com
lynx.experian.com.au
incapsula.com
creditservices-uat.experian.com.au
trn-wbc-sso.experian.com.au
dev-asb-pcc.experian.com.au
cba-collections.experian.com.au
tallymancuadev.experian.com.au
cba-mi.experian.com.au
incapsula.com
incapsula.com
www.experian.co.jp
h2.experian.com.au
incapsula.com
tallymanramstest.experian.com.au
creditservices.experian.com.au
sft2.experian.com.au
incapsula.com
incapsula.com
uat.creditbureau.experian.com.au
sft2.experian.com.au
eacollectionssit.experian.com.au
incapsula.com
uat-gateway.secure.experian.com.au
api.experian.com.au
experian.com
imperva.com
sso-uat.experian.com.au
tallymanramstest.experian.com.au
feezy.experian.com.au
sft2.experian.com.au
ui.uat.crosscore.experian.com.au
uat-gsb-mi.experian.com.au
sftm.stg.experian.com.au
gateway.experian.com.au
www.experian.co.jp
nonprod-cba-mi.experian.com.au
incapsula.com
tallymanrams.experian.com.au
tallymancuadev.experian.com.au
sit-wbc-cicd.experian.com.au
wbc-ws.experian.com.au
syt-gsb-api.experian.com.au
test1-cba-sso.experian.com.au
sit-wbc-pcc.experian.com.au
creditservices.experian.com.au
support.fraudnet.experian.com.au
creditservices.experian.com.au
eacollectionssit.experian.com.au
uat-gsb-api.experian.com.au
www.experian.co.jp

Certificate

The complete raw certificate details for test1-cba-sso.experian.com.au in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIQJ5xXVEt+4YqaXnimObJ7tTANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y
NDA1MTUwOTEwMDVaFw0yNTA2MTQwOTEwMDRaMIGEMQswCQYDVQQGEwJVUzEOMAwG
A1UECBMFVGV4YXMxDjAMBgNVBAcTBUFsbGVuMS0wKwYDVQQKEyRFeHBlcmlhbiBJ
bmZvcm1hdGlvbiBTb2x1dGlvbnMsIEluYy4xJjAkBgNVBAMTHXRlc3QxLWNiYS1z
c28uZXhwZXJpYW4uY29tLmF1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy8pAev3o8gbmpV3BDsFqBoHW3IRTJpwh8zynW6nN90ZEPb9QDc9FnV6VXMoi
erWYgRGJLysHWipvMxYCHFnczdvyTeTcmPhrpxDFoopTIYJ0a+7DZyavP+hVtO/U
1Lp2k7fhp9Vu3WrXAiLToLhrc4pU19bJ65XNXSgafSeLFcnmUkkvC3HaE+hIYvDQ
71KasWD2mjvBNOI4+dTsH5eWLTPKlK3jXTELTsWiTB1pPtN/xoDa1FlMTErVEi/W
rbMX6UGddMfxLsnlL7HGyuZf0c48O4pYVdr6EzDjb8/LIXIFrvGBHsCL8c5og0RJ
jde3kU7jL8OOtUCmG3cxkoWEAwIDAQABo4IBdDCCAXAwDAYDVR0TAQH/BAIwADAd
BgNVHQ4EFgQUrzbZlRhLbHTkCnsZYex82N1rwo4wHwYDVR0jBBgwFoAUgqJwdN28
Uz/Pe9T3zX+nYMYKTL8waAYIKwYBBQUHAQEEXDBaMCMGCCsGAQUFBzABhhdodHRw
Oi8vb2NzcC5lbnRydXN0Lm5ldDAzBggrBgEFBQcwAoYnaHR0cDovL2FpYS5lbnRy
dXN0Lm5ldC9sMWstY2hhaW4yNTYuY2VyMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6
Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwxay5jcmwwKAYDVR0RBCEwH4IddGVzdDEt
Y2JhLXNzby5leHBlcmlhbi5jb20uYXUwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjATBgNVHSAEDDAKMAgGBmeBDAECAjATBgor
BgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR7AqI6hXEm2VggoS
ZJS/8fJCcHQV8zfQd/W+5tvroz50nivgZ2vvjJSFG+lB75C1i+rIDpRSPzJwZQK7
V+dJ/e+7ieNJRiiS414pIEbowxNq0t5/Xnt4ItsabJNrenXXgmSP9mccYaPJI8HP
W1D5wpXBIn0p4d4bF+9w/UyzDNEl363Azgs1wP2DVExjVRGWLZURm9RN+dygAHJZ
evXyi7wnCn7XLXac0Om2fLd+wolKh07AHUlCm2wNn/qnGHJA/HRnPByEhRUuN23v
iaFRckGv7sRBYCDWwNCrVKq8JOy4F3q8c7d+qkMCVMGWzDwgNTiRpZiQ0RVPRhXd
mkhf/g==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8pAev3o8gbmpV3BDsFq
BoHW3IRTJpwh8zynW6nN90ZEPb9QDc9FnV6VXMoierWYgRGJLysHWipvMxYCHFnc
zdvyTeTcmPhrpxDFoopTIYJ0a+7DZyavP+hVtO/U1Lp2k7fhp9Vu3WrXAiLToLhr
c4pU19bJ65XNXSgafSeLFcnmUkkvC3HaE+hIYvDQ71KasWD2mjvBNOI4+dTsH5eW
LTPKlK3jXTELTsWiTB1pPtN/xoDa1FlMTErVEi/WrbMX6UGddMfxLsnlL7HGyuZf
0c48O4pYVdr6EzDjb8/LIXIFrvGBHsCL8c5og0RJjde3kU7jL8OOtUCmG3cxkoWE
AwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 52651661393709086525935586104287853493
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-15 09:10:05 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-14 09:10:04 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Texas'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Allen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Experian Information Solutions, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'test1-cba-sso.experian.com.au'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25726110025655330029369268241488441523027991915096696804172087661267417247934459863004052665422913303476865051175448194223157089777839881775720228560902109115841612185580156063455088547490905587181526679705203760618583279378185074799947208768367123124254622890181142134708962156913763404078411720479287975582651830640841901505816098881612727435348788980685969500335050871421885125479568115909625105176790386781256781173185148321045159947374356911641698665871303679459063314445765030995891479560533879416147781711528719384929486496656783292868695190354862976525296202991623973054139660432343313217638617473446563906563
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							af36d995184b6c74e40a7b1961ec7cd8dd6bc28e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test1-cba-sso.experian.com.au'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0047b02a23a857126d95820a126494bff1f242707415f337d077f5bee6dbeba33e749e2be0676bef8c94851be941ef90b58beac80e94523f32706502bb57e749fdefbb89e349462892e35e292046e8c3136ad2de7f5e7b7822db1a6c936b7a75d782648ff6671c61a3c923c1cf5b50f9c295c1227d29e1de1b17ef70fd4cb30cd125dfadc0ce0b35c0fd83544c635511962d95119bd44df9dca00072597af5f28bbc270a7ed72d769cd0e9b67cb77ec2894a874ec01d49429b6c0d9ffaa7187240fc74673c1c8485152e376def89a1517241afeec4416020d6c0d0ab54aabc24ecb8177abc73b77eaa430254c196cc3c20353891a59890d1154f4615dd9a485ffe