www.kaisyahakken.metro.tokyo.lg.jp

- Tokyo Metropolitan Government -

Issued by SECOM Passport for Web SR 3.0 CA

About this certificate

This digital certificate with serial number 52:01:93:d6:f7:5f:2b:84:a6:33:f4:af:bb:b7:d2:dd was issued on by SECOM Trust Systems CO.,LTD..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

Tokyo Metropolitan Government

Organization: Tokyo Metropolitan Government
Organization unit: Sangyorodokyoku Koyoshugyobu Shugyosuishinka
State / Province: Tokyo
Locality: Shinjuku-ku
Country: JP

SECOM Trust Systems CO.,LTD.

Organization: SECOM Trust Systems CO.,LTD.
Country: JP

This certificate has expire since

Certificate Details

Serial Number (hex): 52:01:93:d6:f7:5f:2b:84:a6:33:f4:af:bb:b7:d2:dd
Serial Number (int): 109004886496818002141302062444399022813
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 5f:b8:ef:f5:c0:02:a9:ba:15:1b:0a:f1:58:d6:3b:0d:52:77:72:16
AuthorityKeyId: cb:ef:3d:ef:83:74:a1:a8:42:f0:3b:40:36:fa:6d:82:94:a9:27:36

Fingerprint (sha1): 73:1f:ef:56:fd:a6:f4:8c:ec:bb:1a:67:08:92:e8:45:cb:f6:95:d4
Fingerprint (sha256): 38:ed:17:98:6f:44:20:1e:73:07:27:c0:c1:18:bc:f7:a6:5b:2a:62:63:33:00:5d:58:7e:0a:bf:37:4b:71:23


Revocation information

OCSP Server: http://sr30.ocsp.secomtrust.net
CRL Distribution Point: http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl

Check the revocation status for certificate www.kaisyahakken.metro.tokyo.lg.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.kaisyahakken.metro.tokyo.lg.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.kaisyahakken.metro.tokyo.lg.jp

Other certificates including the domain name tokyo.lg.jp

(limited to 100 certificates)
www.ecosystem.metro.tokyo.lg.jp
en.sports-tokyo-info.metro.tokyo.lg.jp
www.tokyo-danjo.metro.tokyo.lg.jp
csyouboudoui-irai.tfd.metro.tokyo.lg.jp
www.kyoin-saiyo.tems.metro.tokyo.lg.jp
www9.kankyo.metro.tokyo.lg.jp
www.sports-tokyo-info.metro.tokyo.lg.jp
smooth-biz.metro.tokyo.lg.jp
ijime.metro.tokyo.lg.jp
www.locationbox.metro.tokyo.lg.jp
www.meisai.tems.metro.tokyo.lg.jp
www.digitalservice.metro.tokyo.lg.jp
stg.apr.applicant-api.2021.jitan.metro.tokyo.lg.jp
shuyojoho.metro.tokyo.lg.jp
www.hikaku.metro.tokyo.lg.jp
www.kankyo.metro.tokyo.lg.jp
www2.fukushihoken.metro.tokyo.lg.jp
yoyaku.sports.metro.tokyo.lg.jp
stg.kodomo-smile.metro.tokyo.lg.jp
www2.fukushihoken.metro.tokyo.lg.jp
koshikawakaikei.lfv.jp
nenryou-taisaku.metro.tokyo.lg.jp
wwwdojou.kankyo.metro.tokyo.lg.jp
www.kaisyahakken.metro.tokyo.lg.jp
stopcovid19.metro.tokyo.lg.jp
www.kodomo-dokusho.metro.tokyo.lg.jp
gairaisyu.metro.tokyo.lg.jp
futari-story.metro.tokyo.lg.jp
mypage.018support-system.metro.tokyo.lg.jp
www.wakanavi-tokyo.metro.tokyo.lg.jp
map-origin.bousai.metro.tokyo.lg.jp
www.lwb-expo.metro.tokyo.lg.jp
www.conrepo.metro.tokyo.lg.jp
catalog.data.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
stg.kenkou-hataraku.metro.tokyo.lg.jp
www5.kankyo.metro.tokyo.lg.jp
www8.kankyo.metro.tokyo.lg.jp
toritsuko.metro.tokyo.lg.jp
www.e-rule.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
www.hikaku.metro.tokyo.lg.jp
www.medclar.ro
www.hataraku.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
wwwdojou.kankyo.metro.tokyo.lg.jp
www.maedatei.metro.tokyo.lg.jp
search.metro.tokyo.lg.jp
filets01.metro.tokyo.lg.jp
www.tamajimu.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
portal.data.metro.tokyo.lg.jp
www.ecosystem.metro.tokyo.lg.jp
www.investtokyo.metro.tokyo.lg.jp
poc-ground.metro.tokyo.lg.jp
nihongoup.metro.tokyo.lg.jp
staff2.shintosei.metro.tokyo.lg.jp
suidonet.waterworks.metro.tokyo.lg.jp
wannyan.metro.tokyo.lg.jp
www3.kankyo.metro.tokyo.lg.jp
cms.hataraku.metro.tokyo.lg.jp
catalog.library.metro.tokyo.lg.jp
www.kyoin-saiyo.metro.tokyo.lg.jp
api.data.metro.tokyo.lg.jp
gamcheatsheet.com
futari-story.metro.tokyo.lg.jp
catalog.data.metro.tokyo.lg.jp
cms.hataraku.metro.tokyo.lg.jp
sabisapp-stage.websays.com
nihongoup.metro.tokyo.lg.jp
fukushikensa.metro.tokyo.lg.jp
*.support-navi.metro.tokyo.lg.jp
catalog.data.metro.tokyo.lg.jp
tems.kjssj.metro.tokyo.lg.jp
www.taiki.kankyo.metro.tokyo.lg.jp
www.anzenedu.metro.tokyo.lg.jp
www.mentor-cafe.metro.tokyo.lg.jp
018support-system.metro.tokyo.lg.jp
tokyovaccine-rsv.metro.tokyo.lg.jp
www.keishicho.metro.tokyo.lg.jp
www.takken.metro.tokyo.lg.jp
www.snsdouga.metro.tokyo.lg.jp
www.conrepo.metro.tokyo.lg.jp
www.tmiph.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
sumasapo.metro.tokyo.lg.jp
webtest.tfd.metro.tokyo.lg.jp
www.zeroemission-life.metro.tokyo.lg.jp
kodomosafetypj.metro.tokyo.lg.jp
www.kouwan.metro.tokyo.lg.jp
prod.41.slot.cdn.salesforce-communities.com
www.taiki.kankyo.metro.tokyo.lg.jp
kosodateswitch.metro.tokyo.lg.jp
www.fsis.metro.tokyo.lg.jp
futari-story.metro.tokyo.lg.jp
www.ifarc.metro.tokyo.lg.jp
www.kaisyahakken.metro.tokyo.lg.jp
stg.kenkou-hataraku.metro.tokyo.lg.jp
www.fukuho-kodomotsu.metro.tokyo.lg.jp
manabu.metro.tokyo.lg.jp

Certificate

The complete raw certificate details for www.kaisyahakken.metro.tokyo.lg.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGsTCCBZmgAwIBAgIQUgGT1vdfK4SmM/Svu7fS3TANBgkqhkiG9w0BAQsFADBf
MQswCQYDVQQGEwJKUDElMCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4s
TFRELjEpMCcGA1UEAxMgU0VDT00gUGFzc3BvcnQgZm9yIFdlYiBTUiAzLjAgQ0Ew
HhcNMTkwNDE5MDYyMTExWhcNMjEwNDE5MTQ1OTU5WjCBvzELMAkGA1UEBhMCSlAx
DjAMBgNVBAgTBVRva3lvMRQwEgYDVQQHEwtTaGluanVrdS1rdTEmMCQGA1UEChMd
VG9reW8gTWV0cm9wb2xpdGFuIEdvdmVybm1lbnQxNTAzBgNVBAsTLFNhbmd5b3Jv
ZG9reW9rdSBLb3lvc2h1Z3lvYnUgU2h1Z3lvc3Vpc2hpbmthMSswKQYDVQQDEyJ3
d3cua2Fpc3lhaGFra2VuLm1ldHJvLnRva3lvLmxnLmpwMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAreYq8pSubhdWIxNSdNDelYnZi7XZkpwIGmkm9Vd5
V2OQ5dA3IHO3AQIXdRpgmtuKORcWv/tM7MLmYo8HJQl8JdfL3Aejw37U1r36G+xL
2+ekz3h8vLgDudaeuJT0WjzkccgLyLMklfvwAJe1L0NYs/noJaVyAUI99L13yOV/
8voUXHeNuK62DIBJuHBgdN+8WHMiPOsFcYyqoNWURxnex2b0MoHACHKaAEaxUIEz
+7ULDhJQqoA6YN3IUldWKDkw74+FxgsYg7FN416sa/TthNUGd0dd1/c79DTf3m8T
JgzmmLrJy0VbJXkNjR1KfxQ1R51uiu7NvDEnP8rMR8yaHQIDAQABo4IDBjCCAwIw
HwYDVR0jBBgwFoAUy+8974N0oahC8DtANvptgpSpJzYwOwYIKwYBBQUHAQEELzAt
MCsGCCsGAQUFBzABhh9odHRwOi8vc3IzMC5vY3NwLnNlY29tdHJ1c3QubmV0MC0G
A1UdEQQmMCSCInd3dy5rYWlzeWFoYWtrZW4ubWV0cm8udG9reW8ubGcuanAwYQYD
VR0gBFowWDBMBgoqgwiMmxtkhW8BMD4wPAYIKwYBBQUHAgEWMGh0dHBzOi8vcmVw
bzEuc2Vjb210cnVzdC5uZXQvc3BjcHAvcGZ3L3Bmd3NyM2NhLzAIBgZngQwBAgIw
EwYDVR0lBAwwCgYIKwYBBQUHAwEwTAYDVR0fBEUwQzBBoD+gPYY7aHR0cDovL3Jl
cG8xLnNlY29tdHJ1c3QubmV0L3NwY3BwL3Bmdy9wZndzcjNjYS9mdWxsY3JsMi5j
cmwwHQYDVR0OBBYEFF+47/XAAqm6FRsK8VjWOw1Sd3IWMA4GA1UdDwEB/wQEAwIF
oDCCAXwGCisGAQQB1nkCBAIEggFsBIIBaAFmAHUApLkJkLQYWBSHuxOizGdwCjw1
mAT5G9+443fNDsgN3BAAAAFqNEqzMAAABAMARjBEAiAQhgj47dAOrDKg8nBLcXEt
xGG4ZBSHhvTjG2vLCieDTAIgDqYgmpU+745tw9xYv0/bLDcSTlqbAg18/s52UyRI
KtQAdQDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAWo0SrtaAAAE
AwBGMEQCIC7g/H9z1f+c5WHRTr3RGs+5o/ekStPYkQYA+gz2H4n2AiAxxAsrGodX
nsA/EoXrZYl2zyGa1Pb0+kQ1QnxbjV6+ngB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZ
AsEAKQaNsgiaN9kTAAABajRKws0AAAQDAEcwRQIhALwLpNfiw9i+rvpx2t0lSaTj
mEvk/lTjhEwkwsbyVEQYAiBONu22Bjd4ooyQjYItxBKKwanP2Yxwk1UUx0EU6scE
QTANBgkqhkiG9w0BAQsFAAOCAQEAc3s0Ybe6/ztpQD6te7U6MwwUam69mY8E57mP
a09YWuWbMUabbDgXsn38x5OdeAmpkCodLppTLrYwbsz8C4BPLEUJLKTnG5v2BxcK
LmN9c2Vz8yKjADzc8vcqCDEfVFVE++PRYV82ak0EUqpbKMSFYn1lPryp/fu4dQ/Q
fbHa+JtzmOIlcxiWkl1zUgwXA6jydqWc3YaPm50+BMUanDkTCuLGDKqJcdRqPXbi
V8wxDqFtSfflJZ+qMjP09tj1GQbE0yMjzw2ChKMR7JMaHxHYtcbP1ucFFisiLOGt
Oly1cosZ8IsXUXSCJQXJlTpKTID3PAZs30RFig7Ui/1hORCeuQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreYq8pSubhdWIxNSdNDe
lYnZi7XZkpwIGmkm9Vd5V2OQ5dA3IHO3AQIXdRpgmtuKORcWv/tM7MLmYo8HJQl8
JdfL3Aejw37U1r36G+xL2+ekz3h8vLgDudaeuJT0WjzkccgLyLMklfvwAJe1L0NY
s/noJaVyAUI99L13yOV/8voUXHeNuK62DIBJuHBgdN+8WHMiPOsFcYyqoNWURxne
x2b0MoHACHKaAEaxUIEz+7ULDhJQqoA6YN3IUldWKDkw74+FxgsYg7FN416sa/Tt
hNUGd0dd1/c79DTf3m8TJgzmmLrJy0VbJXkNjR1KfxQ1R51uiu7NvDEnP8rMR8ya
HQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 109004886496818002141302062444399022813
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Trust Systems CO.,LTD.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Passport for Web SR 3.0 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-19 06:21:11 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-19 14:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tokyo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Shinjuku-ku'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tokyo Metropolitan Government'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sangyorodokyoku Koyoshugyobu Shugyosuishinka'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.kaisyahakken.metro.tokyo.lg.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21952726713752383468460372957601055996617959919955878496057263704838999566027376217424621056574636751430200988509571812762569560542797124485986052925915561113522742622546213580873769567828486568202851196639978403313054254779732985185539351820832978591242076328031068239709117665321910527433476826528340684252794861841782908362840960364553657638989680658452414389840755959357370402841613299666598111379700131887869986970104960133901005487519008705976235454887976447500837925606242901586069304165457581917963346603429868547163510811218990180300400296202350501021215644095692619312689475666110166134314391126607821314589
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName cbef3def8374a1a842f03b4036fa6d8294a92736
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://sr30.ocsp.secomtrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kaisyahakken.metro.tokyo.lg.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.392.200091.100.751.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5fb8eff5c002a9ba151b0af158d63b0d52777216
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							0166007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016a344ab33000000403004630440220108608f8edd00eac32a0f2704b71712dc461b864148786f4e31b6bcb0a27834c02200ea6209a953eef8e6dc3dc58bf4fdb2c37124e5a9b020d7cfece765324482ad4007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016a344abb5a000004030046304402202ee0fc7f73d5ff9ce561d14ebdd11acfb9a3f7a44ad3d8910600fa0cf61f89f6022031c40b2b1a87579ec03f1285eb658976cf219ad4f6f4fa4435427c5b8d5ebe9e0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016a344ac2cd0000040300473045022100bc0ba4d7e2c3d8beaefa71dadd2549a4e3984be4fe54e3844c24c2c6f254441802204e36edb6063778a28c908d822dc4128ac1a9cfd98c70935514c74114eac70441
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00737b3461b7baff3b69403ead7bb53a330c146a6ebd998f04e7b98f6b4f585ae59b31469b6c3817b27dfcc7939d7809a9902a1d2e9a532eb6306eccfc0b804f2c45092ca4e71b9bf607170a2e637d736573f322a3003cdcf2f72a08311f545544fbe3d1615f366a4d0452aa5b28c485627d653ebca9fdfbb8750fd07db1daf89b7398e225731896925d73520c1703a8f276a59cdd868f9b9d3e04c51a9c39130ae2c60caa8971d46a3d76e257cc310ea16d49f7e5259faa3233f4f6d8f51906c4d32323cf0d8284a311ec931a1f11d8b5c6cfd6e705162b222ce1ad3a5cb5728b19f08b175174822505c9953a4a4c80f73c066cdf44458a0ed48bfd6139109eb9