dv.interac-id.ca

- Interac Corp -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 31:f8:22:31:0a:a7:b9:db:a6:16:54:f3:2b:6d:54:87 was issued on by Entrust, Inc..

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Interac Corp

Organization: Interac Corp
State / Province: Ontario
Locality: Toronto
Country: CA

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 31:f8:22:31:0a:a7:b9:db:a6:16:54:f3:2b:6d:54:87
Serial Number (int): 66420554901781620779602288582926881927
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 01:da:ae:4b:4f:a3:00:69:8c:0f:ca:3d:96:61:19:1c:19:37:e3:df
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): 27:cb:74:09:91:9d:ae:93:72:a7:38:c1:66:82:e2:bc:14:93:8d:c7
Fingerprint (sha256): 35:90:27:56:bb:0d:b8:d0:f3:7c:87:cd:19:2c:c9:42:be:00:f8:e5:f1:d7:c8:80:ff:94:af:37:9c:cf:3d:9b

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate dv.interac-id.ca

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for dv.interac-id.ca

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

dv.interac-id.ca

Other certificates including the domain name interac-id.ca

(limited to 100 certificates)
dlbp.dph.dev.interac-id.ca
status.carolinahandling.com
*.qa.verify.interac-id.ca
*.stg.verify.interac-id.ca
status.clearcompany.com
trust.airgap.io
*.qa.verify.interac-id.ca
internal.preprod.hub-verify.interac-id.ca
short.mennek.es
*.qa.verify.interac-id.ca
iwm.interac-id.ca
app.verify.interac-id.ca
status.signin.interac-id.ca
on.signin.interac-id.ca
status.sirocco.global
retailstatus.sts.pl
api.dev.interac-id.ca
monitor.oaim.ca
mobile.dev.interac-id.ca
iwm.uat.interac-id.ca
iwm.dev.interac-id.ca
driverone.org
api.dev.interac-id.ca
status.sirocco.global
docs-verify.interac-id.ca
mobile.dev.interac-id.ca
*.dev.verify.interac-id.ca
api.dev.interac-id.ca
status.sirocco.global
services.signin.interac-id.ca
services.signin.interac-id.ca
*.qa.verify.interac-id.ca
status.puter.com
status.carolinahandling.com
iwm.interac-id.ca
hub-verify.interac-id.ca
status.signin.interac-id.ca
*.qa.verify.interac-id.ca
internal.preprod.hub-verify.interac-id.ca
status.clearcompany.com
www.symbri.com
iwm.qa.interac-id.ca
*.qa.verify.interac-id.ca
www.1n1g.com
*.stg.verify.interac-id.ca
fredhopperstatus.crownpeak.com
partner-status.verify.interac-id.ca
status.clearcompany.com
status.meshcaid.com
iwm.dev.interac-id.ca
sms.docs-verify.interac-id.ca
*.stg.verify.interac-id.ca
dv.interac-id.ca
dlbp.lcuc.dev.interac-id.ca
*.ff.verify.interac-id.ca
nt.signin.interac-id.ca
hub-verify.interac-id.ca
docs-verify.interac-id.ca
dv.interac-id.ca
status.sirocco.global
monitor.oaim.ca
api.interac-id.ca
app.verify.interac-id.ca
api.qa.interac-id.ca
iwm.uat.interac-id.ca
api.interac-id.ca
*.qa.verify.interac-id.ca
status.amecor.com
iwm.qa.interac-id.ca
status.sirocco.global
status.sirocco.global
*.qa.verify.interac-id.ca
iwm.qa.interac-id.ca
*.ff.verify.interac-id.ca
status.sirocco.global
*.stg.verify.interac-id.ca
preprod.hub-verify.interac-id.ca
iwm.qa.interac-id.ca
*.stg.verify.interac-id.ca
api.qa.interac-id.ca
auth.lcuc.dev.interac-id.ca
*.qa.verify.interac-id.ca
*.uat.verify.interac-id.ca
on.signin.interac-id.ca
api.interac-id.ca
*.ff.verify.interac-id.ca
status.clearcompany.com
status.meshcaid.com
iwm.dev.interac-id.ca
sim.bnc.dev.interac-id.ca
mobile.dev.interac-id.ca
*.stg.verify.interac-id.ca
mobile.interac-id.ca
iwm.uat.interac-id.ca
api.interac-id.ca
iwm.interac-id.ca
app.uat2.verify.interac-id.ca
team-v2.digiqc.com
monitor.oaim.ca
status.amecor.com

Certificate

The complete raw certificate details for dv.interac-id.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIQMfgiMQqnudumFlTzK21UhzANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y
MzEyMTMyMjMxMzRaFw0yNTAxMTMyMjMxMzNaMGMxCzAJBgNVBAYTAkNBMRAwDgYD
VQQIEwdPbnRhcmlvMRAwDgYDVQQHEwdUb3JvbnRvMRUwEwYDVQQKEwxJbnRlcmFj
IENvcnAxGTAXBgNVBAMTEGR2LmludGVyYWMtaWQuY2EwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCtbTT391cVBwpneZ8mWtT/L6fOtq5MDUUsLqyNzTGX
OVqSZiGp0AEb1iPqW94gUHkOVdm3MrypLGP4CgMs2S+SciltwdEMO1fpZkKxhOl+
ddG4Oufnexnfk8lBbUMDmdGJOn45MMW/yFoHFLLyCPAHuClHuk1jAthuP+90lnKi
uJVvD7/YWYv/LXN5RRypRmt/1fTMQa4exFWKVJ1gFBbQ1ZKoC2d0hji2xPhIKtwh
JijhZI2YooC/GIfwmkSc/e/s6XnXLWGwCJiXMcdXguSCsqtX34KUa43cq/9m/YQV
CSodxOm+GDytYmV57dki/7j40J5g0DgLMdUzcGZt1EOZAgMBAAGjggFnMIIBYzAM
BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQB2q5LT6MAaYwPyj2WYRkcGTfj3zAfBgNV
HSMEGDAWgBSConB03bxTP8971PfNf6dgxgpMvzBoBggrBgEFBQcBAQRcMFowIwYI
KwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDMGCCsGAQUFBzAChido
dHRwOi8vYWlhLmVudHJ1c3QubmV0L2wxay1jaGFpbjI1Ni5jZXIwMwYDVR0fBCww
KjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNybDAbBgNV
HREEFDASghBkdi5pbnRlcmFjLWlkLmNhMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEwYDVR0gBAwwCjAIBgZngQwBAgIwEwYK
KwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBABnFYXf7Zej6B0Va
eMC8Y+sxBzjc4T6kRkFyiqyydJth7i0PO71iEVwcYd+fVoeY6Gy07oRTr9vMPT4a
wEjxjK+gWzYBwNUAXk/xMYE9RdZdX8l08WiMoFEsIQGqTX/ANk26O7cMfV+yBmWa
WG6c5NLn9vHbee2IXIwssiMy5me5SKFeguEVDg8YpzKLsbLB8Br31iDlC4sdbgcz
mGBquF8c4ftwhZLu2h8azcMxvq2QHVg6qt3z/6yEBW6gn8iQj9wy06C0pXfX0IMC
NZX1zQvm5e043ItUc2MKZp6J88CJdtBqwe1ZEjtbfv996p8Kq8oTXRomDrkIeL/2
OUTdOzQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArW009/dXFQcKZ3mfJlrU
/y+nzrauTA1FLC6sjc0xlzlakmYhqdABG9Yj6lveIFB5DlXZtzK8qSxj+AoDLNkv
knIpbcHRDDtX6WZCsYTpfnXRuDrn53sZ35PJQW1DA5nRiTp+OTDFv8haBxSy8gjw
B7gpR7pNYwLYbj/vdJZyoriVbw+/2FmL/y1zeUUcqUZrf9X0zEGuHsRVilSdYBQW
0NWSqAtndIY4tsT4SCrcISYo4WSNmKKAvxiH8JpEnP3v7Ol51y1hsAiYlzHHV4Lk
grKrV9+ClGuN3Kv/Zv2EFQkqHcTpvhg8rWJlee3ZIv+4+NCeYNA4CzHVM3BmbdRD
mQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 66420554901781620779602288582926881927
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-13 22:31:34 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-13 22:31:33 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Toronto'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Interac Corp'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dv.interac-id.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21893078692879181044897158390817730260948511997047407285216470594067192872685587799584617989576208693167801771413730150762630485124002192043343871010740608390785420384361569434178632860821500262084481400150087291352843267402132256363600350601561085337109196499503003949682476243644424058271159409415509697274533201880620125757527098768759038143123725099930833635760377159412790690522454948427718856809269081679451535818820503087495350112856838187659780980259989788981388338157436805511332033063469676815064634850471160317315189372541851990824364581645036272325539000737002978437071492212635547367878530777816690344857
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							01daae4b4fa300698c0fca3d9661191c1937e3df
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dv.interac-id.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0019c56177fb65e8fa07455a78c0bc63eb310738dce13ea44641728aacb2749b61ee2d0f3bbd62115c1c61df9f568798e86cb4ee8453afdbcc3d3e1ac048f18cafa05b3601c0d5005e4ff131813d45d65d5fc974f1688ca0512c2101aa4d7fc0364dba3bb70c7d5fb206659a586e9ce4d2e7f6f1db79ed885c8c2cb22332e667b948a15e82e1150e0f18a7328bb1b2c1f01af7d620e50b8b1d6e073398606ab85f1ce1fb708592eeda1f1acdc331bead901d583aaaddf3ffac84056ea09fc8908fdc32d3a0b4a577d7d083023595f5cd0be6e5ed38dc8b5473630a669e89f3c08976d06ac1ed59123b5b7eff7dea9f0aabca135d1a260eb90878bff63944dd3b34