nonprod-digital.libertyinsuranceasia.com

- Liberty Mutual Group -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 5f:86:53:c6:48:84:57:f6:ae:5d:1e:e7:62:bf:31:98 was issued on by Entrust, Inc..

With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Liberty Mutual Group

Organization: Liberty Mutual Group
State / Province: New Hampshire
Locality: Portsmouth
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 5f:86:53:c6:48:84:57:f6:ae:5d:1e:e7:62:bf:31:98
Serial Number (int): 126974126528226870052742048683812401560
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: da:a4:ea:84:61:aa:4f:8c:e8:b2:e8:64:3c:57:6d:be:c8:13:9a:57
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): a6:24:6b:19:a7:8a:3a:06:f1:72:95:2f:8d:31:18:46:ae:30:f9:24
Fingerprint (sha256): 33:16:21:90:29:b5:3b:a9:f9:39:25:55:cb:06:14:74:77:61:7e:fb:91:22:ca:cb:09:4d:bc:45:63:d2:d7:ba

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate nonprod-digital.libertyinsuranceasia.com

7

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for nonprod-digital.libertyinsuranceasia.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

nonprod-digital.libertyinsuranceasia.com
nonprod-vendorportal.libertyinsuranceasia.com
nonprod-pdpa.lmginsurance.co.th
nonprod-digital.lmginsurance.co.th
nonprod-digital.libertyinsurance.com.vn
nonprod-digital.libertyinsurance.com.hk
nonprod-apps.libertyinsurance.com.sg

Other certificates including the domain name libertyinsuranceasia.com

(limited to 100 certificates)
digital.libertyinsuranceasia.com
digital.libertyinsuranceasia.com
nonprod-digital.libertyinsuranceasia.com
nonprod-digital.libertyinsuranceasia.com
preprod-digital.libertyinsuranceasia.com
digital.libertyinsuranceasia.com
dev-digital.libertyinsuranceasia.com
nonprod-digital.libertyinsuranceasia.com
preprod-digital.libertyinsuranceasia.com
dev-digital.libertyinsuranceasia.com

Certificate

The complete raw certificate details for nonprod-digital.libertyinsuranceasia.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIH6jCCBtKgAwIBAgIQX4ZTxkiEV/auXR7nYr8xmDANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y
MzAzMjIwMzE5MjNaFw0yNDA0MDMwMzE5MjNaMIGMMQswCQYDVQQGEwJVUzEWMBQG
A1UECBMNTmV3IEhhbXBzaGlyZTETMBEGA1UEBxMKUG9ydHNtb3V0aDEdMBsGA1UE
ChMUTGliZXJ0eSBNdXR1YWwgR3JvdXAxMTAvBgNVBAMTKG5vbnByb2QtZGlnaXRh
bC5saWJlcnR5aW5zdXJhbmNlYXNpYS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDarDYREE88xlLW3z6JhJ4DhWVszbfRt3xDnckxZFe7ZJKc7Ivt
ywegND949KTArscFq1yKEc57eyEqdE9vpLCbcMgu86RRz5AyB0eT5B4OV5lPKmZA
ny/MAUr+7foV9gOhEfg3aq/StAECE339aXEH1y/sZWMhnHlKIwGPCDnh2aeMUjsZ
2ShE6zRWWbzUQMIhDChV7gEpVfyV/O39sfdiXXL159/9B+FeLIjJQ/tBm4ueMGS4
4tjBVLFhQDr7TLIb44wtLSdD63avBbGKRaLGSp9aMHvxD9cU0bcDtytUZDodeWgW
laz8COorlZiAjbXYgN8nLPbt1nuVC7m9d46hAgMBAAGjggQWMIIEEjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBTapOqEYapPjOiy6GQ8V22+yBOaVzAfBgNVHSMEGDAW
gBSConB03bxTP8971PfNf6dgxgpMvzBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUH
MAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8v
YWlhLmVudHJ1c3QubmV0L2wxay1jaGFpbjI1Ni5jZXIwMwYDVR0fBCwwKjAooCag
JIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNybDCCASMGA1UdEQSC
ARowggEWgihub25wcm9kLWRpZ2l0YWwubGliZXJ0eWluc3VyYW5jZWFzaWEuY29t
gi1ub25wcm9kLXZlbmRvcnBvcnRhbC5saWJlcnR5aW5zdXJhbmNlYXNpYS5jb22C
H25vbnByb2QtcGRwYS5sbWdpbnN1cmFuY2UuY28udGiCIm5vbnByb2QtZGlnaXRh
bC5sbWdpbnN1cmFuY2UuY28udGiCJ25vbnByb2QtZGlnaXRhbC5saWJlcnR5aW5z
dXJhbmNlLmNvbS52boInbm9ucHJvZC1kaWdpdGFsLmxpYmVydHlpbnN1cmFuY2Uu
Y29tLmhrgiRub25wcm9kLWFwcHMubGliZXJ0eWluc3VyYW5jZS5jb20uc2cwDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBMBgNV
HSAERTBDMDcGCmCGSAGG+mwKAQUwKTAnBggrBgEFBQcCARYbaHR0cHM6Ly93d3cu
ZW50cnVzdC5uZXQvcnBhMAgGBmeBDAECAjCCAX0GCisGAQQB1nkCBAIEggFtBIIB
aQFnAHYAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGHB1QWGAAA
BAMARzBFAiEAqwujvw/4NhUc4zKL2SKCSoBWTrXDM9MmCFR1faKCJrICIEgFZUlu
X/9d2xgX9GIaVwca9KiOtDPbNChDMelXpAV/AHYAc9meiRtMlnigIH1HneayxhzQ
UV5xGSqMa4AQesF3crUAAAGHB1QWIgAABAMARzBFAiA+SvjJPObpHFrNW+6IYGcA
MBchkledrGdosgRYQznwkwIhAJtPHFKbAVbV1uFNGlyOMXiZUylzLpKJh4Kxdh3E
xE0RAHUAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGHB1QWUwAA
BAMARjBEAiBi1qjvpMsw/E0gzcvNghtfEvsCT+ekeJ7u120cdSHzXAIgSwPCs49t
UVeRj6LEj0X7gF/Tylu70WOQOcbRg/WY2QQwDQYJKoZIhvcNAQELBQADggEBACfY
3pHZEAYyh3ym20eZoqGjIkwIQlkzOqa3c0Y1sJ4MjfI039vsITQrhh39vewX2zA+
N3wGxmeS8oYlWu9ckAFA+4W4plnLKGFGr4tLPqVacRxLIksOXgWwCFCaSBZAFZ9x
hlHCB3lmgJIi7lkL9M+kHqCSmqLZTirObomx61JQ27GA37D/bJoqK0vuYwPPbowY
48oyTfWGavGIF2iEhGL7mL9XNOxeJrPF7GMte/IEKb/KNfyeqfCsHUe4d9urMgpz
zkPJ/sj+BITtXFRiwGM5pTGWvS+v/uryrZnj2KqBnftYwOCyQI3qs7lws6CebDVw
yPz55lVPIcbmcs7ThLA=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qw2ERBPPMZS1t8+iYSe
A4VlbM230bd8Q53JMWRXu2SSnOyL7csHoDQ/ePSkwK7HBatcihHOe3shKnRPb6Sw
m3DILvOkUc+QMgdHk+QeDleZTypmQJ8vzAFK/u36FfYDoRH4N2qv0rQBAhN9/Wlx
B9cv7GVjIZx5SiMBjwg54dmnjFI7GdkoROs0Vlm81EDCIQwoVe4BKVX8lfzt/bH3
Yl1y9eff/QfhXiyIyUP7QZuLnjBkuOLYwVSxYUA6+0yyG+OMLS0nQ+t2rwWxikWi
xkqfWjB78Q/XFNG3A7crVGQ6HXloFpWs/AjqK5WYgI212IDfJyz27dZ7lQu5vXeO
oQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 126974126528226870052742048683812401560
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-22 03:19:23 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-03 03:19:23 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Hampshire'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Portsmouth'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Liberty Mutual Group'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nonprod-digital.libertyinsuranceasia.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27604870989301863201001486764266796738101484834777472616251536042105181404415901244655467939362433032857890030519064196942550557758726821070863274490634561202764979025185335991584574728478168799853006137476685981192355676757301720748624600496527827189356917742427300711595218147566607845974442067887987643779903969906749885281798012240300330815398294892461666299869003300025518601763114852920719552177127704283540200775585966358410822851605811108903921024004411045718465470047955258286074422105388638774055010430213209209147909465980438494058030797027424771061219216221298072329477660022369454617494411607365052239521
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							daa4ea8461aa4f8ce8b2e8643c576dbec8139a57
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (282 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nonprod-digital.libertyinsuranceasia.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nonprod-vendorportal.libertyinsuranceasia.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nonprod-pdpa.lmginsurance.co.th'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nonprod-digital.lmginsurance.co.th'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nonprod-digital.libertyinsurance.com.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nonprod-digital.libertyinsurance.com.hk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nonprod-apps.libertyinsurance.com.sg'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							01670076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad41700000187075416180000040300473045022100ab0ba3bf0ff836151ce3328bd922824a80564eb5c333d3260854757da28226b20220480565496e5fff5ddb1817f4621a57071af4a88eb433db34284331e957a4057f00760073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b50000018707541622000004030047304502203e4af8c93ce6e91c5acd5bee8860670030172192579dac6768b204584339f0930221009b4f1c529b0156d5d6e14d1a5c8e3178995329732e92898782b1761dc4c44d1100750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a7400000187075416530000040300463044022062d6a8efa4cb30fc4d20cdcbcd821b5f12fb024fe7a4789eeed76d1c7521f35c02204b03c2b38f6d5157918fa2c48f45fb805fd3ca5bbbd1639039c6d183f598d904
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0027d8de91d9100632877ca6db4799a2a1a3224c084259333aa6b7734635b09e0c8df234dfdbec21342b861dfdbdec17db303e377c06c66792f286255aef5c900140fb85b8a659cb286146af8b4b3ea55a711c4b224b0e5e05b008509a481640159f718651c2077966809222ee590bf4cfa41ea0929aa2d94e2ace6e89b1eb5250dbb180dfb0ff6c9a2a2b4bee6303cf6e8c18e3ca324df5866af1881768848462fb98bf5734ec5e26b3c5ec632d7bf20429bfca35fc9ea9f0ac1d47b877dbab320a73ce43c9fec8fe0484ed5c5462c06339a53196bd2faffeeaf2ad99e3d8aa819dfb58c0e0b2408deab3b970b3a09e6c3570c8fcf9e6554f21c6e672ced384b0