sso-fi.fiacardservices.com

- Bank of America Corporation -

Issued by Entrust Certification Authority - L1M

About this certificate

This digital certificate with serial number fa:f9:52:23:03:28:9a:35:00:00:00:00:54:ce:23:6c was issued on by Entrust, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Bank of America Corporation

Company registration number: 2927442
Organization: Bank of America Corporation
Organization unit: Network Infrastructure
State / Province: Illinois
Locality: Chicago
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): fa:f9:52:23:03:28:9a:35:00:00:00:00:54:ce:23:6c
Serial Number (int): 333601546795554868026046856311260193644
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: b8:1c:c7:b8:8a:38:a7:ff:6d:07:15:bd:3a:52:f7:84:5d:46:5d:af
AuthorityKeyId: c3:f7:d0:b5:2a:30:ad:af:0d:91:21:70:39:54:dd:bc:89:70:c7:3a

Fingerprint (sha1): e4:a2:05:74:e1:80:fc:ba:54:a8:70:7b:82:6f:78:dc:e4:da:cc:94
Fingerprint (sha256): 31:a0:9b:23:2a:55:2e:13:ec:56:de:1f:6f:7e:78:3c:2f:7e:35:00:45:a7:d0:4d:89:4b:30:f2:41:8a:fc:c7

Issuing Certificate URL: http://aia.entrust.net/l1m-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1m.crl

Check the revocation status for certificate sso-fi.fiacardservices.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sso-fi.fiacardservices.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sso-fi.fiacardservices.com

Other certificates including the domain name fiacardservices.com

(limited to 100 certificates)
www.managerewardsonline.fiacardservices.com
godirectdebit.fiacardservices.com
epass-uat.bankofamerica.com
www.managerewardsonline.fiacardservices.com
affinityweb.fiacardservices.com
wwwn.managerewardsonline.fiacardservices.com
Easyrewards.fiacardservices.com
affinityweb.fiacardservices.com
shopsafe-devps.ecnp.fiacardservices.com
reward-redemption.fiacardservices.com
mydirectdebit.fiacardservices.com
campus.bankofamerica.com
ddoxlogin.dynamicdox.com
travelcenter.fiacardservices.com
travelcenter.fiacardservices.com
www.staging.managerewardsonline.fiacardservices.com
affinityweb.fiacardservices.com
wwwa.managerewardsonline.fiacardservices.com
about-dev.bankofamerica.com
www5-staging.managerewardsonline.com
www5-staging.managerewardsonline.com
shopsafe-qaps.ecnp.fiacardservices.com
easyrewards.fiacardservices.com
mydirectdebit.fiacardservices.com
shopsafe-cert1.ecnp.fiacardservices.com
secure.fiacardservices.com
www.managerewardsonline.fiacardservices.com
mynewcard.fiacardservices.com
reward-redemption.fiacardservices.com
secure-cert2.ecnp.fiacardservices.com
onlinedirectdebit.fiacardservices.com
mynewcard.fiacardservices.com
travelcenterfaq.fiacardservices.com
secure.fiacardservices.com
ddoxlogin.dynamicdox.com
mydirectdebit.fiacardservices.com
shopsafe-devflex.ecnp.fiacardservices.com
epass-uat.bankofamerica.com
shopsafe-devflex.ecnp.fiacardservices.com
preferences.em.fiacardservices.com
sso-fi.fiacardservices.com
secure-pt2.ecnp.fiabusinesscard.com
preferences.em.fiacardservices.com
campus.bankofamerica.com
reward-redemption.fiacardservices.com
ddoxlogin-uat.bankofamerica.com
eesorigin.bankofamerica.com
www.managerewardsonline.fiacardservices.com
secure-pt2.ecnp.fiacardservices.com
businesscard.fiacardservices.com
www.managerewardsonline.fiacardservices.com
www.managerewardsonline.fiacardservices.com
secure-preview2.ecnp.fiacardservices.com
wwwn.staging.managerewardsonline.fiacardservices.com
preferencesorigin-dev.em.fiacardservices.com
www.staging.managerewardsonline.fiacardservices.com
godirectdebit.fiacardservices.com
www.managerewardsonline.fiacardservices.com
secure.fiacardservices.com
wwwa.managerewardsonline.fiacardservices.com
secure-dev1.ecnp.fiacardservices.com
sso-fi.fiacardservices.com
ddoxlogin.dynamicdox.com
secure.fiacardservices.com
aboutorigin-dev.bankofamerica.com
preferences-qa.em.fiacardservices.com
www5-staging.managerewardsonline.com
giftcard.fiacardservices.com
rewardsshoppingmall.fiacardservices.com
www.managerewardsonline.fiacardservices.com
shopsafe-pt1.ecnp.fiacardservices.com
secure-dev3.ecnp.fiacardservices.com
testSymantecStandardSSL-FIACardServices-SHA1.fiacardservices.com
mynewcard.fiacardservices.com
ddoxlogin.dynamicdox.com
www.staging.managerewardsonline.fiacardservices.com
redorigin-dev.bankofamerica.com
secure-qa2.ecnp.fiacardservices.com
ddoxlogin-uat-ah.dynamicdox.com
wwwa.managerewardsonline.fiacardservices.com
redorigin-dev.bankofamerica.com
uat.travelcenter.fiacardservices.com
choosedirectdebit.fiacardservices.com
campus.bankofamerica.com
onlinedirectdebit.fiacardservices.com
mynewcard.fiacardservices.com
mynewcarda.fiacardservices.com
choosedirectdebit.fiacardservices.com
secure-pt2.ecnp.fiacardservices.com
shopsafe-dev2.ecnp.fiacardservices.com
secure-dev2.ecnp.fiacardservices.com
redorigin-dev.bankofamerica.com
campus.bankofamerica.com
epass-uat.bankofamerica.com
miu-test.fiacardservices.com
travelcenter.sit1.fiacardservices.com
wwwn.managerewardsonline.fiacardservices.com
secure-preview2.ecnp.fiacardservices.com
affinityweb.fiacardservices.com
mynewcardn.fiacardservices.com

Certificate

The complete raw certificate details for sso-fi.fiacardservices.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHWjCCBkKgAwIBAgIRAPr5UiMDKJo1AAAAAFTOI2wwDQYJKoZIhvcNAQELBQAw
gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL
Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg
MjAxNCBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs
BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMU0wHhcN
MTgwMjE0MTk1ODI2WhcNMTkwMjE0MjAyODI0WjCB/zELMAkGA1UEBhMCVVMxETAP
BgNVBAgTCElsbGlub2lzMRAwDgYDVQQHEwdDaGljYWdvMRMwEQYLKwYBBAGCNzwC
AQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMSQwIgYDVQQKExtCYW5r
IG9mIEFtZXJpY2EgQ29ycG9yYXRpb24xHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5p
emF0aW9uMR8wHQYDVQQLExZOZXR3b3JrIEluZnJhc3RydWN0dXJlMRAwDgYDVQQF
EwcyOTI3NDQyMSMwIQYDVQQDExpzc28tZmkuZmlhY2FyZHNlcnZpY2VzLmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALr6iyVZG2QL6W8A07KnITEY
4SQInwcqAOUVwrEBgkk5nkam/4dJwSVx8MfgRTV0Dn5KN0rgq1JJDaPM44B0Kkng
rOxrNsiqQZq+tCZgttAevKg5KpsMwQX/Nn0vaaVA7RwaBQ+6WW+YhvSHRU/XD1Ab
RuE2tsSSJLdB8AU23Ml4u0WwzwxvGs+xEOfdzqkkEs94YMKVaW6ZS0WYlhmJrtsZ
asDMC5xx8/QRRm8rnvzC0Z08HJx1ruMUra7I2O15/cbVGKrvFzF3RxH1JdcPN84U
oNSsDIJndiWHxwKid7h20eEn8nBesR7iXBx4fa6lgmmYumJmbB86MsawTS+FeAEC
AwEAAaOCAxIwggMOMCUGA1UdEQQeMByCGnNzby1maS5maWFjYXJkc2VydmljZXMu
Y29tMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgDuS723dc5guuFCaR+r4Z5m
ow9+X7By2IMAxHuJeqj9ywAAAWGWARGmAAAEAwBHMEUCIGL0dtDu8zSDwqpQqNRi
2XbfdXoXv0dbSHhl75dxvVcHAiEA4OCFffb0b/xNFVCmGfC+Aw2wJS2KIjdRnzPW
YuX5sSYAdgADAZ3z/YWmmo69H6zG2punPkaXdP539Xn8Wgi4MowdawAAAWGWARQY
AAAEAwBHMEUCIQDeXPStStzZ/UP/4huAmLAs6J/uWY8SSJ4s6cCVUQDlUwIgAPho
gVMfxqbROFcgsXeToZJWVQAkata0GLfFyH9/9H8AdgCkuQmQtBhYFIe7E6LMZ3AK
PDWYBPkb37jjd80OyA3cEAAAAWGWARWBAAAEAwBHMEUCIQCC7zPamlycLS9UwKfX
3B257nojBRr1bS3w9sfwuG0xrQIgQLPs/PKlGPuDkuBgEVqpnxEklg9R/k60C7RL
/yQhDUwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
BQcDAjBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVu
dHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0L2wx
bS1jaGFpbjI1Ni5jZXIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRy
dXN0Lm5ldC9sZXZlbDFtLmNybDBKBgNVHSAEQzBBMDYGCmCGSAGG+mwKAQIwKDAm
BggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwBwYFZ4EMAQEw
HwYDVR0jBBgwFoAUw/fQtSowra8NkSFwOVTdvIlwxzowHQYDVR0OBBYEFLgcx7iK
OKf/bQcVvTpS94RdRl2vMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBADSx
uFLWs7SXk6FxyUNtwXleF0GCvlXHjvgCJlpawq/TmsQA4b6oxP6sL2s0Uu3V2bRz
P99r3HMeyPZbGcVNhmcCB/eyPgJ4bcGV0Fd0St+oMM12ar4/2DebImHJTEoe0CQb
t2bjT17RmN0eJOHK1GMhLBr4xGdsg7XuO16QoBHZqAWqUHoHhto4bK2lQX01PHA+
tZlsE+tT3K+CSRgitrwWA5x+vsGY1pNJIdO90+YkaYH24qw2Mi/idZ/mxbUrnU1M
0fYR0NT86dXv5ur1Q8snw/XxGclBBkMJSZ6Nfsh9Yy44t02LfTp0G0YkM2rdEpcK
ZtYCxTrzycG+UW4rGj0=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvqLJVkbZAvpbwDTsqch
MRjhJAifByoA5RXCsQGCSTmeRqb/h0nBJXHwx+BFNXQOfko3SuCrUkkNo8zjgHQq
SeCs7Gs2yKpBmr60JmC20B68qDkqmwzBBf82fS9ppUDtHBoFD7pZb5iG9IdFT9cP
UBtG4Ta2xJIkt0HwBTbcyXi7RbDPDG8az7EQ593OqSQSz3hgwpVpbplLRZiWGYmu
2xlqwMwLnHHz9BFGbyue/MLRnTwcnHWu4xStrsjY7Xn9xtUYqu8XMXdHEfUl1w83
zhSg1KwMgmd2JYfHAqJ3uHbR4SfycF6xHuJcHHh9rqWCaZi6YmZsHzoyxrBNL4V4
AQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 333601546795554868026046856311260193644
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2014 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1M'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-02-14 19:58:26 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-14 20:28:24 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Illinois'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chicago'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bank of America Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Network Infrastructure'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2927442'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sso-fi.fiacardservices.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23603872347271495936503374311827427419162247339450811866481562739427193890106299225305860596146163885980665374301594262975148627679322583828857363124122359955190294724852631548415313630450319900466953462042230061372686393021347440392461691459396251876184395325995163938923822963580032880991401719930264874239221017359474102222610093249831435811752694380124986002625032783368468624516934482939812509120130483691851773363915595974673772618926162115796583995151196480664695921129681866667108729418075439523677606867419500069108891714776730972435687545598371879320057009784684941194051150606156550912837099783759805642753
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sso-fi.fiacardservices.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000161960111a60000040300473045022062f476d0eef33483c2aa50a8d462d976df757a17bf475b487865ef9771bd5707022100e0e0857df6f46ffc4d1550a619f0be030db0252d8a2237519f33d662e5f9b12600760003019df3fd85a69a8ebd1facc6da9ba73e469774fe77f579fc5a08b8328c1d6b00000161960114180000040300473045022100de5cf4ad4adcd9fd43ffe21b8098b02ce89fee598f12489e2ce9c0955100e553022000f86881531fc6a6d1385720b17793a192565500246ad6b418b7c5c87f7ff47f007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016196011581000004030047304502210082ef33da9a5c9c2d2f54c0a7d7dc1db9ee7a23051af56d2df0f6c7f0b86d31ad022040b3ecfcf2a518fb8392e060115aa99f1124960f51fe4eb40bb44bff24210d4c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1m-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1m.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.2 (Entrust EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c3f7d0b52a30adaf0d9121703954ddbc8970c73a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b81cc7b88a38a7ff6d0715bd3a52f7845d465daf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0034b1b852d6b3b49793a171c9436dc1795e174182be55c78ef802265a5ac2afd39ac400e1bea8c4feac2f6b3452edd5d9b4733fdf6bdc731ec8f65b19c54d86670207f7b23e02786dc195d057744adfa830cd766abe3fd8379b2261c94c4a1ed0241bb766e34f5ed198dd1e24e1cad463212c1af8c4676c83b5ee3b5e90a011d9a805aa507a0786da386cada5417d353c703eb5996c13eb53dcaf82491822b6bc16039c7ebec198d6934921d3bdd3e6246981f6e2ac36322fe2759fe6c5b52b9d4d4cd1f611d0d4fce9d5efe6eaf543cb27c3f5f119c941064309499e8d7ec87d632e38b74d8b7d3a741b4624336add12970a66d602c53af3c9c1be516e2b1a3d