digital.libertyinsurance.com.sg

- Liberty Mutual Group -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 76:8a:3f:9b:74:5b:1f:5d:00:00:00:00:50:f3:51:cc was issued on by Entrust, Inc..

With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Liberty Mutual Group

Organization: Liberty Mutual Group
Organization unit: GRM East
State / Province: New Hampshire
Locality: Portsmouth
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 76:8a:3f:9b:74:5b:1f:5d:00:00:00:00:50:f3:51:cc
Serial Number (int): 157566730577278520479364604324977267148
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 15:63:87:57:32:df:f7:83:9c:64:f6:70:cd:3b:5e:a8:ac:20:19:bf
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): 97:8a:39:97:c5:9a:a1:b4:55:fe:84:f6:a5:92:f5:91:e3:90:d8:64
Fingerprint (sha256): 38:62:26:b0:cb:e4:10:5c:34:44:9e:14:3c:cb:4e:97:52:3c:4e:69:ae:b9:70:4d:ea:2e:2b:a2:cf:00:c4:3c

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate digital.libertyinsurance.com.sg

7

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for digital.libertyinsurance.com.sg

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

digital.libertyinsurance.com.sg
printaws.lmginsurance.co.th
ebizcrm.lmginsurance.co.th
moem.libertyinsurance.in
videostreaming.libertyinsurance.in
payment.libertyinsurance.com.sg
api.libertyinsurance.com.sg

Other certificates including the domain name libertyinsurance.com.sg

(limited to 100 certificates)
uat.mediedge.com
brmspolicy-uat.libertyinsurance.in
libertymutual.com
digital.libertyinsuranceasia.com
www.libertyseguros.com.br
www.libertyseguros.com.br
www.libertyseguros.com.br
act-dmz.libertyseguros.com.br
sip-kdc-03.libertymutual.com
sip-pdc-03.libertymutual.com
uat.mediedge.com
uat.mediedge.com
digital.libertyinsurance.com.sg
uat.mediedge.com
digital.libertyinsurance.com.sg
uat.mediedge.com
uat.mediedge.com
digital.libertyinsurance.com.sg
uat.mediedge.com
libertymutual.com
libertymutual.com
libertyinsurance.com.sg
nonprod-corp.libertyinsurance.com.hk
brmspolicy-uat.libertyinsurance.in
libertymutual.com
nonprod-easycare.libertymedicalinsurance.com
filetransfer.libertyinsurance.com.sg
uat.mediedge.com
libertymutual.com
libertymutual.com
uat.mediedge.com
libertymutual.com
digital.libertyinsurance.com.sg
online.libertyinsurance.com.sg
pwkipgf-gflnc02.gfab.lmig.com
filetransfer.libertyinsurance.com.sg
nonprod-easycare.libertymedicalinsurance.com
mail-na.lm.lmig.com
digital.libertyinsurance.com.sg
uat.mediedge.com
digital.libertyinsurance.com.sg
digital.libertyinsurance.com.sg
pwwipgf-gflnc01.gfab.lmig.com
uat.mediedge.com
nonprod-easycare.libertymedicalinsurance.com
uat.mediedge.com
libertymutual.com
sg-webmail.libertyinsurance.com.sg
digital.libertyinsurance.com.sg
uat.mediedge.com
nonprod-easycare.libertymedicalinsurance.com
libertymutual.com
www.libertyinsurance.com.sg
digital.libertyinsurance.com.sg
onelink.libertyinsurance.com.sg
libertymutual.com
digital.libertyinsuranceasia.com
uat.mediedge.com
nonprod-easycare.libertymedicalinsurance.com
act-dmz.libertyseguros.com.br
act-dmz.libertyseguros.com.br
libertymutual.com
nonprod-easycare.libertymedicalinsurance.com
brmspolicy-uat.libertyinsurance.in
uat.mediedge.com
www.libertyseguros.com.br
brmspolicy-uat.libertyinsurance.in
nonprod-easycare.libertymedicalinsurance.com
libertymutual.com
uat.mediedge.com
act-dmz.libertyseguros.com.br
libertymutual.com
uat.mediedge.com
www.libertyinsurance.com.sg
libertymutual.com
uat.mediedge.com
nonprod-easycare.libertymedicalinsurance.com
act-dmz.libertyseguros.com.br
ezcare.libertyinsurance.com.sg
www.libertyinsurance.com.sg
act-dmz.libertyseguros.com.br
onelink.libertyinsurance.com.sg
libertymutual.com
uat.mediedge.com
libertymutual.com
act-dmz.libertyseguros.com.br
ezcare.libertyinsurance.com.sg
uat.mediedge.com
nonprod-easycare.libertymedicalinsurance.com
nonprod-easycare.libertymedicalinsurance.com
libertymutual.com
act-dmz.libertyseguros.com.br
pwwipgf-gflnc02.gfab.lmig.com
libertymutual.com
mail-na.lm.lmig.com
pwkipgf-gflnc02.gfab.lmig.com
brmspolicy-uat.libertyinsurance.in
libertymutual.com
nonprod-easycare.libertymedicalinsurance.com
nonprod-easycare.libertymedicalinsurance.com

Certificate

The complete raw certificate details for digital.libertyinsurance.com.sg in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHrzCCBpegAwIBAgIQdoo/m3RbH10AAAAAUPNRzDANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0x
OTA2MjAwMDM0NTlaFw0yMDA1MTUwMTA0NThaMIGWMQswCQYDVQQGEwJVUzEWMBQG
A1UECBMNTmV3IEhhbXBzaGlyZTETMBEGA1UEBxMKUG9ydHNtb3V0aDEdMBsGA1UE
ChMUTGliZXJ0eSBNdXR1YWwgR3JvdXAxETAPBgNVBAsTCEdSTSBFYXN0MSgwJgYD
VQQDEx9kaWdpdGFsLmxpYmVydHlpbnN1cmFuY2UuY29tLnNnMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6e2J8/c5W1wEjPTu1ZfKjQUCZjpNlm3bR9Ho
YiXlVUcSUm7R8QIvZMplNcm3OtkH9vSSjszAdZzotIN7R8cpK04fwqco9bxXbMGm
u6BhphI5iYAsIPUyfDuYh71qMq9ajtDfjQEdtdkVpFuE6O7bOKqz+12MA9/qUXzv
n0HqFmv0N48DXaYd1xHW0YOhNUqQO1DE5yBS31gDKUktFM6phEEAvXKK/cI71XSt
ZkFQ3s4I1ln239UvIHZKvFI+a709/Yxb/oeamljv8gREJBoLghSh2LB9Z6Dk+Svx
UGt2swyGVHwzpnVmJX+spyLxOi+PLQyz3FdaA8hmK7H2fQbruwIDAQABo4ID0TCC
A80wgeEGA1UdEQSB2TCB1oIfZGlnaXRhbC5saWJlcnR5aW5zdXJhbmNlLmNvbS5z
Z4IbcHJpbnRhd3MubG1naW5zdXJhbmNlLmNvLnRoghplYml6Y3JtLmxtZ2luc3Vy
YW5jZS5jby50aIIYbW9lbS5saWJlcnR5aW5zdXJhbmNlLmlugiJ2aWRlb3N0cmVh
bWluZy5saWJlcnR5aW5zdXJhbmNlLmlugh9wYXltZW50LmxpYmVydHlpbnN1cmFu
Y2UuY29tLnNnghthcGkubGliZXJ0eWluc3VyYW5jZS5jb20uc2cwggF/BgorBgEE
AdZ5AgQCBIIBbwSCAWsBaQB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0H
E9MMAAABa3JqVI8AAAQDAEcwRQIhAKfhvrXVu2MUBQF3rHSrwwNSeztR4tt3PRpp
BvSC3Wy/AiAXfbKL0bSmXh9RAICtwZUJUm5rYZU2AcarUvwPn44XlgB2AId1v+dZ
fPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABa3JqVJIAAAQDAEcwRQIgD0Mv
wJvz74m9YvW7r2YghsMOdN7X1OAn7iiUxp+V++QCIQCFmKkAFkvrlmxyUZJU5vuK
QFLj0AxJnkhtOETYo7QOkAB3ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO
HtGFAAABa3JqVHIAAAQDAEgwRgIhAN1n44/BqH2zGan+THJC+BEx4IKsLWoBUhEF
Q93nSWPNAiEA/8g/O1Hyrq+q7wa0I7tnqUvcQWA1oZil4IugICon2bowDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAzBgNVHR8E
LDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L2xldmVsMWsuY3JsMEsG
A1UdIAREMEIwNgYKYIZIAYb6bAoBBTAoMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3
LmVudHJ1c3QubmV0L3JwYTAIBgZngQwBAgIwaAYIKwYBBQUHAQEEXDBaMCMGCCsG
AQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAzBggrBgEFBQcwAoYnaHR0
cDovL2FpYS5lbnRydXN0Lm5ldC9sMWstY2hhaW4yNTYuY2VyMB8GA1UdIwQYMBaA
FIKicHTdvFM/z3vU981/p2DGCky/MB0GA1UdDgQWBBQVY4dXMt/3g5xk9nDNO16o
rCAZvzAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCHkt+tu1+kdPdSt77E
wPZJapj1sNxZ/pwWlycUk3s+Dd0qkQamwRwnk0OpCfJl2C6QvMGK9lM876INaqLq
gZN2izAmQx0SBEwKQ+v14URp5F5xqpHXHS5XiWpp8zuE5KRFe/p7nsZY4jKQ7YAD
8G1aE9eX2poJHjmitKGuaM/+AiRyH+22ASkSRRJLMvE1cRxXKNj9rVfj3yln0Z50
6WaDCCi1b4rUE5+s3x+OquqQd56o+XdHDZtf+G1R4C6YTRBCowR/8VluRqD79Vg5
LlJ3nKi41f9Oe4rOm4iNGkzf7uvPEtli6roilQOJZcYxUrsvuLfmko/5gdZKFcHc
na5Z
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6e2J8/c5W1wEjPTu1ZfK
jQUCZjpNlm3bR9HoYiXlVUcSUm7R8QIvZMplNcm3OtkH9vSSjszAdZzotIN7R8cp
K04fwqco9bxXbMGmu6BhphI5iYAsIPUyfDuYh71qMq9ajtDfjQEdtdkVpFuE6O7b
OKqz+12MA9/qUXzvn0HqFmv0N48DXaYd1xHW0YOhNUqQO1DE5yBS31gDKUktFM6p
hEEAvXKK/cI71XStZkFQ3s4I1ln239UvIHZKvFI+a709/Yxb/oeamljv8gREJBoL
ghSh2LB9Z6Dk+SvxUGt2swyGVHwzpnVmJX+spyLxOi+PLQyz3FdaA8hmK7H2fQbr
uwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 157566730577278520479364604324977267148
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-20 00:34:59 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-15 01:04:58 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Hampshire'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Portsmouth'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Liberty Mutual Group'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GRM East'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'digital.libertyinsurance.com.sg'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29530659843936459738876863385320633637657891586751560520911494628050256327995417885495010137148247525398845702109898986021873975761515834087700162613374958232772972643861866704548519073220161106089816307954955082762821313977491307218818876769719349343532741949786662956759477036863422509099123731230974381411698209226837526650807824501133042150100013057688417054108106715231509448414477108969504061401884881519920446190294666105996004916100007577077926456870854731837768012136203804464219164219669077041246308731247791866226745253837268074456466589011118590721350642325469189380094072932589846751535099868773182008251
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (217 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'digital.libertyinsurance.com.sg'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'printaws.lmginsurance.co.th'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ebizcrm.lmginsurance.co.th'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'moem.libertyinsurance.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'videostreaming.libertyinsurance.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'payment.libertyinsurance.com.sg'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.libertyinsurance.com.sg'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							01690076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016b726a548f0000040300473045022100a7e1beb5d5bb6314050177ac74abc303527b3b51e2db773d1a6906f482dd6cbf0220177db28bd1b4a65e1f510080adc19509526e6b61953601c6ab52fc0f9f8e17960076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016b726a5492000004030047304502200f432fc09bf3ef89bd62f5bbaf662086c30e74ded7d4e027ee2894c69f95fbe40221008598a900164beb966c72519254e6fb8a4052e3d00c499e486d3844d8a3b40e90007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016b726a54720000040300483046022100dd67e38fc1a87db319a9fe4c7242f81131e082ac2d6a0152110543dde74963cd022100ffc83f3b51f2aeafaaef06b423bb67a94bdc416035a198a5e08ba0202a27d9ba
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1563875732dff7839c64f670cd3b5ea8ac2019bf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008792dfadbb5fa474f752b7bec4c0f6496a98f5b0dc59fe9c16972714937b3e0ddd2a9106a6c11c279343a909f265d82e90bcc18af6533cefa20d6aa2ea8193768b3026431d12044c0a43ebf5e14469e45e71aa91d71d2e57896a69f33b84e4a4457bfa7b9ec658e23290ed8003f06d5a13d797da9a091e39a2b4a1ae68cffe0224721fedb601291245124b32f135711c5728d8fdad57e3df2967d19e74e966830828b56f8ad4139facdf1f8eaaea90779ea8f977470d9b5ff86d51e02e984d1042a3047ff1596e46a0fbf558392e52779ca8b8d5ff4e7b8ace9b888d1a4cdfeeebcf12d962eaba2295038965c63152bb2fb8b7e6928ff981d64a15c1dc9dae59