eservices1.ci.gc.ca
- Citizenship and Immigration Canada -
Issued by Entrust Certification Authority - L1C
About this certificate
This digital certificate with serial number 4c:1b:1c:f1 was issued on by Entrust, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Citizenship and Immigration Canada
Organization:
Citizenship and Immigration Canada
Organization unit: IMTB
Organization unit: IMTB
State / Province:
Ontario
Locality: Ottawa
Country: CA
Locality: Ottawa
Country: CA
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 4c:1b:1c:f1Serial Number (int): 1276845297
Serial Number lenght: 31 bits, 4 octets
SubjectKeyId: 55:59:b3:57:c7:bc:96:89:ed:67:b4:a2:ae:60:f1:37:e3:37:5b:d8
AuthorityKeyId: 1e:f1:ab:89:06:f8:49:0f:01:33:77:ee:14:7a:ee:19:7c:93:28:4d
Fingerprint (sha1): 16:d7:8d:ee:ca:3a:d0:b9:f3:1e:c3:1b:7c:3c:4f:a3:19:b9:f7:2e
Fingerprint (sha256): 31:52:b8:aa:97:65:6e:4a:ea:97:65:1c:9b:b5:c9:c6:c4:88:2d:00:46:c4:07:a8:82:0b:b1:e1:37:24:03:fc
Issuing Certificate URL: http://aia.entrust.net/l1c-chain.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1c.crl
Check the revocation status for certificate eservices1.ci.gc.ca
0
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for eservices1.ci.gc.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
This certificate doesn't contain any subject alternative names.
Other certificates including the domain name ci.gc.ca
(limited to 100 certificates)
gcms-smf.apps.ci.gc.ca
cic.gc.ca
NJES1S6308.apps.ci.gc.ca
gcs-ssc-i.apps.ci.gc.ca
extern.cic.gc.ca
*.apps.ci.gc.ca
gcms-prd-a-eai.apps.ci.gc.ca
onlineservices-training.ci.gc.ca
alm-int-tfs.apps.ci.gc.ca
gcs-ssc-isys.apps.ci.gc.ca
gcdocs2.ci.gc.ca
gcms-smgc.apps.ci.gc.ca
cicoemprd.apps.ci.gc.ca
ldaps-edc.apps.ci.gc.ca
irccsbxoms1.apps.ci.gc.ca
*.ci.gc.ca
irccsbxoms1.apps.ci.gc.ca
gcs-ssc-itrn.apps.ci.gc.ca
gcs-ssc-dev.apps.ci.gc.ca
service-stg.ci.gc.ca
ircc-oem.apps.ci.gc.ca
psoft89-gchrms.ci.gc.ca
onlineservices-development2.ci.gc.ca
ccps-stcc-trn.cic.gc.ca
gcms-smf-edc-prd.apps.ci.gc.ca
gcmsmgtaom1.apps.ci.gc.ca
ircc-cognos.ci.gc.ca
extern.cic.gc.ca
cicedw.ci.gc.ca
gcms-smf.apps.ci.gc.ca
eservices1.ci.gc.ca
extern.cic.gc.ca
NSEP1S5119.ci.gc.ca
gcdocs2-svc.ci.gc.ca
ircc-oem-npe.apps.ci.gc.ca
NJES1S6309.apps.ci.gc.ca
tempo-ste.apps.ci.gc.ca
tempo-pef.cic.gc.ca
eservices1.ci.gc.ca
*.ci.gc.ca
gcms-staging.apps.ci.gc.ca
ircc-cognossnd.ci.gc.ca
ircc-cognosint.ci.gc.ca
pss-fg-dev.apps.ci.gc.ca
onlineservices-dev.ci.gc.ca
ircc-oem-npe.apps.ci.gc.ca
gcmsmgtoms1.apps.ci.gc.ca
cicedwdev.ci.gc.ca
gcmssystestmel.apps.ci.gc.ca
psoft-hrms-gc89test-v854.ci.gc.ca
extern.cic.gc.ca
eservices3.ci.gc.ca
gcmssa.apps.ci.gc.ca
extern.cic.gc.ca
gcdocsmobile.apps.ci.gc.ca
pss-ds-dev.apps.ci.gc.ca
ircc-cognostrg.ci.gc.ca
tempo-trn.cic.gc.ca
ircc-cognosdev.ci.gc.ca
ircc-oem.apps.ci.gc.ca
tempo-pte.cic.gc.ca
cicedwsnd.ci.gc.ca
eservices2.ci.gc.ca
tempo-ste.cic.gc.ca
gcs-ssc-itrn.apps.ci.gc.ca
onlineservices-development2.ci.gc.ca
adssdev1.ci.gc.ca
tempo-stg.apps.ci.gc.ca
NJES1S1106.CI.GC.CA
gcmstgmel.apps.ci.gc.ca
gcdocs2.ci.gc.ca
*.ci.gc.ca
ircc-oem.apps.ci.gc.ca
cicoemnpe.apps.ci.gc.ca
gcs-ssc-sys.apps.ci.gc.ca
gcms-staging.apps.ci.gc.ca
mailrelay.ci.gc.ca
gcs-ssc-dev.apps.ci.gc.ca
extern.cic.gc.ca
gcmsprdmel.apps.ci.gc.ca
onlineservices-dev.ci.gc.ca
*.apps.ci.gc.ca
cic.gc.ca
gcmsprdmel.apps.ci.gc.ca
eservices5.ci.gc.ca
ccps-stcc-int.cic.gc.ca
extern.cic.gc.ca
iprms.ci.gc.ca
ccps-stcc.cic.gc.ca
gcms-pdf.apps.ci.gc.ca
gcs-ssc-stg.apps.ci.gc.ca
NJES1S1106.CI.GC.CA
extern.cic.gc.ca
gcs-ssc-isys.apps.ci.gc.ca
gcs-ssc-stg.apps.ci.gc.ca
psoft-hrms-gc89test.ci.gc.ca
gcs-ssc-isys.apps.ci.gc.ca
ccps-stcc-dev.cic.gc.ca
gcms-smgc.apps.ci.gc.ca
ircc-oem-sbx.apps.ci.gc.ca
cic.gc.ca
NJES1S6308.apps.ci.gc.ca
gcs-ssc-i.apps.ci.gc.ca
extern.cic.gc.ca
*.apps.ci.gc.ca
gcms-prd-a-eai.apps.ci.gc.ca
onlineservices-training.ci.gc.ca
alm-int-tfs.apps.ci.gc.ca
gcs-ssc-isys.apps.ci.gc.ca
gcdocs2.ci.gc.ca
gcms-smgc.apps.ci.gc.ca
cicoemprd.apps.ci.gc.ca
ldaps-edc.apps.ci.gc.ca
irccsbxoms1.apps.ci.gc.ca
*.ci.gc.ca
irccsbxoms1.apps.ci.gc.ca
gcs-ssc-itrn.apps.ci.gc.ca
gcs-ssc-dev.apps.ci.gc.ca
service-stg.ci.gc.ca
ircc-oem.apps.ci.gc.ca
psoft89-gchrms.ci.gc.ca
onlineservices-development2.ci.gc.ca
ccps-stcc-trn.cic.gc.ca
gcms-smf-edc-prd.apps.ci.gc.ca
gcmsmgtaom1.apps.ci.gc.ca
ircc-cognos.ci.gc.ca
extern.cic.gc.ca
cicedw.ci.gc.ca
gcms-smf.apps.ci.gc.ca
eservices1.ci.gc.ca
extern.cic.gc.ca
NSEP1S5119.ci.gc.ca
gcdocs2-svc.ci.gc.ca
ircc-oem-npe.apps.ci.gc.ca
NJES1S6309.apps.ci.gc.ca
tempo-ste.apps.ci.gc.ca
tempo-pef.cic.gc.ca
eservices1.ci.gc.ca
*.ci.gc.ca
gcms-staging.apps.ci.gc.ca
ircc-cognossnd.ci.gc.ca
ircc-cognosint.ci.gc.ca
pss-fg-dev.apps.ci.gc.ca
onlineservices-dev.ci.gc.ca
ircc-oem-npe.apps.ci.gc.ca
gcmsmgtoms1.apps.ci.gc.ca
cicedwdev.ci.gc.ca
gcmssystestmel.apps.ci.gc.ca
psoft-hrms-gc89test-v854.ci.gc.ca
extern.cic.gc.ca
eservices3.ci.gc.ca
gcmssa.apps.ci.gc.ca
extern.cic.gc.ca
gcdocsmobile.apps.ci.gc.ca
pss-ds-dev.apps.ci.gc.ca
ircc-cognostrg.ci.gc.ca
tempo-trn.cic.gc.ca
ircc-cognosdev.ci.gc.ca
ircc-oem.apps.ci.gc.ca
tempo-pte.cic.gc.ca
cicedwsnd.ci.gc.ca
eservices2.ci.gc.ca
tempo-ste.cic.gc.ca
gcs-ssc-itrn.apps.ci.gc.ca
onlineservices-development2.ci.gc.ca
adssdev1.ci.gc.ca
tempo-stg.apps.ci.gc.ca
NJES1S1106.CI.GC.CA
gcmstgmel.apps.ci.gc.ca
gcdocs2.ci.gc.ca
*.ci.gc.ca
ircc-oem.apps.ci.gc.ca
cicoemnpe.apps.ci.gc.ca
gcs-ssc-sys.apps.ci.gc.ca
gcms-staging.apps.ci.gc.ca
mailrelay.ci.gc.ca
gcs-ssc-dev.apps.ci.gc.ca
extern.cic.gc.ca
gcmsprdmel.apps.ci.gc.ca
onlineservices-dev.ci.gc.ca
*.apps.ci.gc.ca
cic.gc.ca
gcmsprdmel.apps.ci.gc.ca
eservices5.ci.gc.ca
ccps-stcc-int.cic.gc.ca
extern.cic.gc.ca
iprms.ci.gc.ca
ccps-stcc.cic.gc.ca
gcms-pdf.apps.ci.gc.ca
gcs-ssc-stg.apps.ci.gc.ca
NJES1S1106.CI.GC.CA
extern.cic.gc.ca
gcs-ssc-isys.apps.ci.gc.ca
gcs-ssc-stg.apps.ci.gc.ca
psoft-hrms-gc89test.ci.gc.ca
gcs-ssc-isys.apps.ci.gc.ca
ccps-stcc-dev.cic.gc.ca
gcms-smgc.apps.ci.gc.ca
ircc-oem-sbx.apps.ci.gc.ca
Certificate
The complete raw certificate details for eservices1.ci.gc.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgIETBsc8TANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMC VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 Lm5ldC9ycGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW KGMpIDIwMDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZp Y2F0aW9uIEF1dGhvcml0eSAtIEwxQzAeFw0xMTA5MDgxNjM1MTlaFw0xNTA0MDEw NTQ0MzVaMIGKMQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEPMA0GA1UE BxMGT3R0YXdhMSswKQYDVQQKEyJDaXRpemVuc2hpcCBhbmQgSW1taWdyYXRpb24g Q2FuYWRhMQ0wCwYDVQQLEwRJTVRCMRwwGgYDVQQDExNlc2VydmljZXMxLmNpLmdj LmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9z53vZRA5LY5kMV HlS/a1wWNqpfPNg8o+CP3gEoF1lT95oBF83tf5wCqEv+v5iYWjzWhmMJQyDs6z9O Dg6+UWoJ5aRiJtZY4vZx8uc9o5gEWm2uAw7LRT7JP14AOPOR/yKzpvtB0sBD004S TczlqiJayOE/l/gUFKLnSeUeHAkN/xuZ/k6/v4RKDr0j+Q2ZwSaa42ftYBSXk78b lVifDqou4RcBnH3QLfRGo544V7hBRK1IA+0WRpR5HX83ItT0ihMbEkaBfDwdCpKX lhUCzUP43CzXGMTdQYm2vkLuRhN8+1mJUq6VxAAhTr85eLT7wG8Z4rrmQ5SkvSRe NBaSZwIDAQABo4IBTzCCAUswCwYDVR0PBAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUF BwMBMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvbGV2 ZWwxYy5jcmwwZQYIKwYBBQUHAQEEWTBXMCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz cC5lbnRydXN0Lm5ldDAwBggrBgEFBQcwAoYkaHR0cDovL2FpYS5lbnRydXN0Lm5l dC9sMWMtY2hhaW4uY2VyMEAGA1UdIAQ5MDcwNQYJKoZIhvZ9B0sCMCgwJgYIKwYB BQUHAgEWGmh0dHA6Ly93d3cuZW50cnVzdC5uZXQvcnBhMB8GA1UdIwQYMBaAFB7x q4kG+EkPATN37hR67hl8kyhNMB0GA1UdDgQWBBRVWbNXx7yWie1ntKKuYPE34zdb 2DAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQBkb1BSDt7DoDs6eZ/picER CkVATdudsoBJrjjdjM4Wgw46MvP6rQhsbFF2WfXFpVgIjwy7Z5SlRr1pEcGsCZat PDpTM/T9QfJkLQGsm6cOjn+sSxqYZJcaIPAboezO2Y1Rq6j+/Ugk/s+ffwFzC90c Zk3iEX0AqF5SyRd6uviT2cj/cYOkShcapefKDyjr1K1O17Qje0/QzBjubDDGZ4el HrSXRLfBWvhHtRGodpwodT/cZaau1OXDBrLK+0QAnEWdcThpsckv2va0dKiNu0U1 MHycgckXcrUW6Xn82syJ/MCbjW4jCiPUV55sbkz2iWZP+GeUhkTfEUfTEv/1Eh7M -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9z53vZRA5LY5kMVHlS/ a1wWNqpfPNg8o+CP3gEoF1lT95oBF83tf5wCqEv+v5iYWjzWhmMJQyDs6z9ODg6+ UWoJ5aRiJtZY4vZx8uc9o5gEWm2uAw7LRT7JP14AOPOR/yKzpvtB0sBD004STczl qiJayOE/l/gUFKLnSeUeHAkN/xuZ/k6/v4RKDr0j+Q2ZwSaa42ftYBSXk78blVif Dqou4RcBnH3QLfRGo544V7hBRK1IA+0WRpR5HX83ItT0ihMbEkaBfDwdCpKXlhUC zUP43CzXGMTdQYm2vkLuRhN8+1mJUq6VxAAhTr85eLT7wG8Z4rrmQ5SkvSReNBaS ZwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1276845297 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.entrust.net/rpa is incorporated by reference' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2009 Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1C' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2011-09-08 16:35:19 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-04-01 05:44:35 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ottawa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Citizenship and Immigration Canada' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IMTB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'eservices1.ci.gc.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21190764284989299999263872260347898320420985080850226262378894243889869758323121871177520521555648445235849657699827299224049053960676520820377457968809739676274237608659820443882160005515497543611028325801712581579230452479455547634607803419975060298404079874246591442855259063602523876719748987337230040988603876680463697174569498413422959211028428137760590090120659022356234809106259213302067067056427849092673839188235398408520894065392324012594349005465352857383121980468645748307391209808138542745762947474010985352593162190192177181217661732794121503416141193935815681507235662183780789843329941275910730060391 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1c.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1c-chain.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113533.7.75.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1ef1ab8906f8490f013377ee147aee197c93284d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5559b357c7bc9689ed67b4a2ae60f137e3375bd8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00646f50520edec3a03b3a799fe989c1110a45404ddb9db28049ae38dd8cce16830e3a32f3faad086c6c517659f5c5a558088f0cbb6794a546bd6911c1ac0996ad3c3a5333f4fd41f2642d01ac9ba70e8e7fac4b1a9864971a20f01ba1ecced98d51aba8fefd4824fecf9f7f01730bdd1c664de2117d00a85e52c9177abaf893d9c8ff7183a44a171aa5e7ca0f28ebd4ad4ed7b4237b4fd0cc18ee6c30c66787a51eb49744b7c15af847b511a8769c28753fdc65a6aed4e5c306b2cafb44009c459d713869b1c92fdaf6b474a88dbb4535307c9c81c91772b516e979fcdacc89fcc09b8d6e230a23d4579e6c6e4cf689664ff867948644df1147d312fff5121ecc