client.marsh-afrs.com
- Marsh & McLennan Companies, Inc. -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number b1:10:d0:4b:9f:92:dd:08:00:00:00:00:50:da:61:69 was issued on by Entrust, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Marsh & McLennan Companies, Inc.
Organization:
Marsh & McLennan Companies, Inc.
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): b1:10:d0:4b:9f:92:dd:08:00:00:00:00:50:da:61:69Serial Number (int): 235360656736362078385128106724324696425
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 49:9f:73:8c:35:0f:47:82:28:b0:98:b4:70:73:5a:13:86:e5:ca:0b
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 7c:44:bf:2a:6b:d6:d2:d8:15:6b:d9:a2:93:4f:7d:66:0b:73:4d:51
Fingerprint (sha256): 34:55:91:3f:cc:53:b7:66:08:24:f2:0f:86:a5:bf:1f:2c:2f:cf:7a:08:44:c7:c4:5d:8e:f8:51:58:ac:6d:92
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate client.marsh-afrs.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for client.marsh-afrs.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
client.marsh-afrs.com
Other certificates including the domain name marsh-afrs.com
(limited to 100 certificates)
citrixdr.marsh-afrs.com
marshactive.marsh-afrs.com
staging.marshactive.marsh-afrs.com
extranet.marsh-afrs.com
client.marsh-afrs.com
extranet.marsh-afrs.com
client.marsh-afrs.com
staging.marshactive.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
citrix.marsh-afrs.com
staging.marshactive.marsh-afrs.com
extranet.marsh-afrs.com
extranet.marsh-afrs.com
extranet.marsh-afrs.com
marshactive.marsh-afrs.com
stg.client.marsh-afrs.com
extranet.marsh-afrs.com
staging.marshactive.marsh-afrs.com
citrixdr.marsh-afrs.com
qa.client.marsh-afrs.com
client.marsh-afrs.com
marshactive.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
client.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
client.marsh-afrs.com
staging.marshactive.marsh-afrs.com
marshactive.marsh-afrs.com
staging.marshactive.marsh-afrs.com
extranet.marsh-afrs.com
client.marsh-afrs.com
extranet.marsh-afrs.com
client.marsh-afrs.com
staging.marshactive.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
citrix.marsh-afrs.com
staging.marshactive.marsh-afrs.com
extranet.marsh-afrs.com
extranet.marsh-afrs.com
extranet.marsh-afrs.com
marshactive.marsh-afrs.com
stg.client.marsh-afrs.com
extranet.marsh-afrs.com
staging.marshactive.marsh-afrs.com
citrixdr.marsh-afrs.com
qa.client.marsh-afrs.com
client.marsh-afrs.com
marshactive.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
client.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
client.marsh-afrs.com
staging.marshactive.marsh-afrs.com
Certificate
The complete raw certificate details for client.marsh-afrs.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFUjCCBDqgAwIBAgIRALEQ0Eufkt0IAAAAAFDaYWkwDQYJKoZIhvcNAQELBQAw gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg MjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcN MTYxMTExMDY0ODA1WhcNMTgxMjAxMDcxODA0WjB+MQswCQYDVQQGEwJVUzERMA8G A1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMSkwJwYDVQQKDCBNYXJz aCAmIE1jTGVubmFuIENvbXBhbmllcywgSW5jLjEeMBwGA1UEAxMVY2xpZW50Lm1h cnNoLWFmcnMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaUI uFDPVfC5ZHiBjeVWP9A3tIl65GbsbCDsRV3NriwwXUSon0P2UocX2HkZUOkR+e8x K8g3LZSVS5GBUGPrkvIf1k9ZgM6JEK73BmThrmY1Bvj6ChtjTIPcSUvuimifSnEU G35ZuVITii4WcaaeHqxtfSuICiIGWpnxHD9VeeLsWf9Seod6DTSTrF9H9+A8aczw CV8Jyz7dOh2t7XheVL4gnFWKV7uobvSlvx8duCxW4UHTfs83EDEWc2Gr/lGx+oHE V2Qzh4cSsFJWSoJI6WfAefoWfGUXwhjDQfe8b95mPCPV3IsC9u4LwAkPA5BHQWWF 5eYhy69y/F6k2JdpEQIDAQABo4IBjDCCAYgwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAzBgNVHR8ELDAqMCigJqAkhiJodHRw Oi8vY3JsLmVudHJ1c3QubmV0L2xldmVsMWsuY3JsMEsGA1UdIAREMEIwNgYKYIZI AYb6bAoBBTAoMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0L3Jw YTAIBgZngQwBAgIwaAYIKwYBBQUHAQEEXDBaMCMGCCsGAQUFBzABhhdodHRwOi8v b2NzcC5lbnRydXN0Lm5ldDAzBggrBgEFBQcwAoYnaHR0cDovL2FpYS5lbnRydXN0 Lm5ldC9sMWstY2hhaW4yNTYuY2VyMCAGA1UdEQQZMBeCFWNsaWVudC5tYXJzaC1h ZnJzLmNvbTAfBgNVHSMEGDAWgBSConB03bxTP8971PfNf6dgxgpMvzAdBgNVHQ4E FgQUSZ9zjDUPR4IosJi0cHNaE4blygswCQYDVR0TBAIwADANBgkqhkiG9w0BAQsF AAOCAQEAfPUMgOT4R4BLiAHN7+hbbpkIBlDOmiIQDJclAGWQQ6iQdt0/qvGGqFZe GdfOd8BSEzrUMgSR7VWcbFxXEos7b9pOyRjm8P2Fc20KE9itKseB2tHEM7Mi7SaU v2EDF8nqVu8fm3Wcgf8aVTMNCxbsuDz52Ev4Zw+r0KmFQIKPy1Ecw1pYGJ/8dMns WxffZE3AOhTvxVrPIafBK73vGu1GO41dutTl9ARvrt8Q/j5ox4zzUSDag34IslQR z57UHK0Kj5h66Mv9UAZ9wCfi1y8dwWWhYHpB/gDuYlSO1eoyBPRaSGueM8GVTBQQ XObNpMdWYLAspTwq9uPT0sp4b4RFCw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaUIuFDPVfC5ZHiBjeVW P9A3tIl65GbsbCDsRV3NriwwXUSon0P2UocX2HkZUOkR+e8xK8g3LZSVS5GBUGPr kvIf1k9ZgM6JEK73BmThrmY1Bvj6ChtjTIPcSUvuimifSnEUG35ZuVITii4Wcaae HqxtfSuICiIGWpnxHD9VeeLsWf9Seod6DTSTrF9H9+A8aczwCV8Jyz7dOh2t7Xhe VL4gnFWKV7uobvSlvx8duCxW4UHTfs83EDEWc2Gr/lGx+oHEV2Qzh4cSsFJWSoJI 6WfAefoWfGUXwhjDQfe8b95mPCPV3IsC9u4LwAkPA5BHQWWF5eYhy69y/F6k2Jdp EQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 235360656736362078385128106724324696425 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-11-11 06:48:05 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-01 07:18:04 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Marsh & McLennan Companies, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'client.marsh-afrs.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20910701648709476552399532247960154907716596051383391489577198699107439601075750056683412594677221507550251360068254394825675128260801669745780077569593173257933802249881577024210529155074260345247668062277473016522625580353995348965803144067053164957776600624950303517989665760696487770961272196148623590034632939459979536481788951259788825905780154835099426646634998700629590849098017104775602857212731435657945989345627025832885886021478019077337326766785451214379548835688544615783793505350624315212905910228747053147676646641788354195199327181176406785563882471149836384674224135796405338774886144683505979189521 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'client.marsh-afrs.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 499f738c350f478228b098b470735a1386e5ca0b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007cf50c80e4f847804b8801cdefe85b6e99080650ce9a22100c972500659043a89076dd3faaf186a8565e19d7ce77c052133ad4320491ed559c6c5c57128b3b6fda4ec918e6f0fd85736d0a13d8ad2ac781dad1c433b322ed2694bf610317c9ea56ef1f9b759c81ff1a55330d0b16ecb83cf9d84bf8670fabd0a98540828fcb511cc35a58189ffc74c9ec5b17df644dc03a14efc55acf21a7c12bbdef1aed463b8d5dbad4e5f4046faedf10fe3e68c78cf35120da837e08b25411cf9ed41cad0a8f987ae8cbfd50067dc027e2d72f1dc165a1607a41fe00ee62548ed5ea3204f45a486b9e33c1954c14105ce6cda4c75660b02ca53c2af6e3d3d2ca786f84450b