yo-ke.pref.hiroshima.lg.jp

- Hiroshima Prefecture -

Issued by SECOM Passport for Web SR 3.0 CA

About this certificate

This digital certificate with serial number 31:07:28:2f:cf:1f:c3:23:dc:e8:0b:3d:15:b0:f9:5d was issued on by SECOM Trust Systems CO.,LTD..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

Hiroshima Prefecture

Organization: Hiroshima Prefecture
State / Province: Hiroshima
Locality: Hiroshima
Country: JP

SECOM Trust Systems CO.,LTD.

Organization: SECOM Trust Systems CO.,LTD.
Country: JP

This certificate has expire since

Certificate Details

Serial Number (hex): 31:07:28:2f:cf:1f:c3:23:dc:e8:0b:3d:15:b0:f9:5d
Serial Number (int): 65169332955680201059371754345680927069
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: de:aa:ea:8a:d8:cf:0e:6c:d1:6e:26:be:17:e0:ba:88:f7:b2:73:39
AuthorityKeyId: cb:ef:3d:ef:83:74:a1:a8:42:f0:3b:40:36:fa:6d:82:94:a9:27:36

Fingerprint (sha1): 5f:dc:16:8f:3d:ea:2e:07:84:3d:c8:b4:b8:a4:ce:6e:aa:43:d1:c2
Fingerprint (sha256): 39:7d:29:79:b3:7b:42:ac:e1:6c:ed:73:cf:2f:0a:42:75:e0:32:97:90:5e:b1:6b:e3:80:47:a1:a6:21:87:63


Revocation information

OCSP Server: http://sr30.ocsp.secomtrust.net
CRL Distribution Point: http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl

Check the revocation status for certificate yo-ke.pref.hiroshima.lg.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for yo-ke.pref.hiroshima.lg.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

yo-ke.pref.hiroshima.lg.jp

Other certificates including the domain name hiroshima.lg.jp

(limited to 100 certificates)
ebid.keiyaku.city.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
www.sabo-map.pref.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
*.pref.hiroshima.lg.jp
www.city.hiroshima.lg.jp
sts.city.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
gyosei.bousai.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
www.iju-cms.pref.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
*.saiyou.pref.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
lw-dcn12athsv00.pref.hiroshima.lg.jp
*.sabo-map.pref.hiroshima.lg.jp
www.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
nourin.pref.hiroshima.lg.jp
*.dogis.pref.hiroshima.lg.jp
lw-dcn12vpnsv00.pref.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
chotatsu2.pref.hiroshima.lg.jp
eas.city.hiroshima.lg.jp
gyosei.bousai.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
hirodsv007.keiyaku.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
prefalb.dogis.pref.hiroshima.lg.jp
yo-ke.pref.hiroshima.lg.jp
saiyou.pref.hiroshima.lg.jp
gyosei.bousai.city.hiroshima.lg.jp
www.sabo-map.pref.hiroshima.lg.jp
chotatsu2.pref.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
*.city.hiroshima.lg.jp
map.bousai.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
www.sabo.pref.hiroshima.lg.jp
vm.pref.hiroshima.lg.jp
www.manabi.pref.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
gc-dcn14exesv02.pref.hiroshima.lg.jp
dennyu.pref.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
saiyou.pref.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
chotatsu.pref.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
*.pref.hiroshima.lg.jp
*.pref.hiroshima.lg.jp
chotatsu.pref.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
extgw.pref.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
www.sabo.pref.hiroshima.lg.jp
hozen.pref.hiroshima.lg.jp
www.city.hiroshima.lg.jp
yo-ke.pref.hiroshima.lg.jp
www.city.hiroshima.lg.jp
www.iju.pref.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
chotatsu2.pref.hiroshima.lg.jp
lw-dcn12athsv00.pref.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
chotatsu.pref.hiroshima.lg.jp
chotatsu.pref.hiroshima.lg.jp
hiroshima-brand.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
gc-dcn14exesv01.pref.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
saiyou.pref.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
*.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
lw-dcn12vpnsv00.pref.hiroshima.lg.jp
shokuin.bousai.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
extgw.pref.hiroshima.lg.jp

Certificate

The complete raw certificate details for yo-ke.pref.hiroshima.lg.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG3jCCBcagAwIBAgIQMQcoL88fwyPc6As9FbD5XTANBgkqhkiG9w0BAQsFADBf
MQswCQYDVQQGEwJKUDElMCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4s
TFRELjEpMCcGA1UEAxMgU0VDT00gUGFzc3BvcnQgZm9yIFdlYiBTUiAzLjAgQ0Ew
HhcNMjIwMzAzMDg1ODUzWhcNMjMwMzI3MTQ1OTU5WjB5MQswCQYDVQQGEwJKUDES
MBAGA1UECBMJSGlyb3NoaW1hMRIwEAYDVQQHEwlIaXJvc2hpbWExHTAbBgNVBAoT
FEhpcm9zaGltYSBQcmVmZWN0dXJlMSMwIQYDVQQDExp5by1rZS5wcmVmLmhpcm9z
aGltYS5sZy5qcDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMvdgRzt
whpd2bYWSgj8mLLYjW0ebYoPhjY+UjW7WesXsolLxe/homhW1AyW096iUDXvlekR
hp9UAXdlqgI6QOSGz9ytY9Zfdf8yShOjjh2wTfBa9WIQ4XIW+vPkCg8hcrjcqkYa
FuPhU6i7nHz57OhJUApfojKEgpa76x5gXFhFoS29cp6YfmgD4BlliYpFJkO3oIa7
m5I0gD/hREsT//TTfLIPCxNIag6mR7M8JWq4uDhiBGWcX5ZwBpWZGOhBRpS9sWek
AwoCiLAbBPBWAECx+vj70YSLeG6qAeLodgeZPByDcRTAZ93AICYADapqWr/uirzv
e47AhpQExwdGaE8CAwEAAaOCA3owggN2MB8GA1UdIwQYMBaAFMvvPe+DdKGoQvA7
QDb6bYKUqSc2MDsGCCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL3Ny
MzAub2NzcC5zZWNvbXRydXN0Lm5ldDAlBgNVHREEHjAcghp5by1rZS5wcmVmLmhp
cm9zaGltYS5sZy5qcDBhBgNVHSAEWjBYMEwGCiqDCIybG2SFbwEwPjA8BggrBgEF
BQcCARYwaHR0cHM6Ly9yZXBvMS5zZWNvbXRydXN0Lm5ldC9zcGNwcC9wZncvcGZ3
c3IzY2EvMAgGBmeBDAECAjATBgNVHSUEDDAKBggrBgEFBQcDATBMBgNVHR8ERTBD
MEGgP6A9hjtodHRwOi8vcmVwbzEuc2Vjb210cnVzdC5uZXQvc3BjcHAvcGZ3L3Bm
d3NyM2NhL2Z1bGxjcmwyLmNybDAdBgNVHQ4EFgQU3qrqitjPDmzRbia+F+C6iPey
czkwDgYDVR0PAQH/BAQDAgWgMIIB+AYKKwYBBAHWeQIEAgSCAegEggHkAeIAdwDo
PtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAX9PChGzAAAEAwBIMEYC
IQCajPjAbpr68oGVjGsrVgMFtovOWF3xJbQZhUnWK5J+JwIhAIAOxHlyCyhv41uo
kMXqcLsiHhn4RWNw6t+rZNX0QNIdAHcArfe++nz/EMiLnT2cHj4YarRnKV3PsQwk
yoWGNOvcgooAAAF/TwoXNwAABAMASDBGAiEAxvjKvXZdXsydBz+QwUwEwvfRBgKR
mh4EIxIt6F/E+GgCIQDTFy4+1zUQQbClwqJzxHBcRONqsNt5ZnJd+YjcNOjzTgB2
ALNzdwfhhFD4Y4bWBancEQlKeS2xZwwLh9zwAw55NqWaAAABf08KG1sAAAQDAEcw
RQIhAIRIFFhRyWVAiNCddfTSSMJVoE1MKb1Jk85RA42jrFTNAiBekMs+JmTukU+L
pdV9eIVaC1zWC6D+MXJybDTxkspFDAB2AHoyjFTYty22IOo44FIe6YQWcDIThU07
0ivBOlejUutSAAABf08KHIwAAAQDAEcwRQIgNfshF02e9ZEp8ukvZ+XLlp4RDAFM
7F66iO+C5STSBycCIQCHxtudH3YCbXH86P7ggzYN3eSGQQQYiVpF0wdc7v/+/TAN
BgkqhkiG9w0BAQsFAAOCAQEAsPGkYV+1zf23GPOumabf2mPp/Fv9L0CvWCY7udyS
LeLliPUHt/CpuV9k8uVeGvhGqyNrEt+9VV/4trGA3r0rOsrvNYNDLSle2bKMnnrq
fE87GfaDPgAhCz1g3e89OUN+r5ov1urPMfYnWbstF7gI5RYm75/zmVg1cvVS5vKq
ouB+ftyCv14hBic3dJ1IcElapHq+qMt9EqjGzuRrRewrRb/Xms3BKWUwavHdtLqt
CC3eSnCCXNrRkQbnPS5Hb6hmfp3+t8GNChU91pF+I8XUIhg2RuxnJA3nNkkc1erj
7LFY9qIZINxOEjh8V9GbO8tTAsrQsbMPLHULla6arUpMKw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy92BHO3CGl3ZthZKCPyY
stiNbR5tig+GNj5SNbtZ6xeyiUvF7+GiaFbUDJbT3qJQNe+V6RGGn1QBd2WqAjpA
5IbP3K1j1l91/zJKE6OOHbBN8Fr1YhDhchb68+QKDyFyuNyqRhoW4+FTqLucfPns
6ElQCl+iMoSClrvrHmBcWEWhLb1ynph+aAPgGWWJikUmQ7eghrubkjSAP+FESxP/
9NN8sg8LE0hqDqZHszwlari4OGIEZZxflnAGlZkY6EFGlL2xZ6QDCgKIsBsE8FYA
QLH6+PvRhIt4bqoB4uh2B5k8HINxFMBn3cAgJgANqmpav+6KvO97jsCGlATHB0Zo
TwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 65169332955680201059371754345680927069
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Trust Systems CO.,LTD.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Passport for Web SR 3.0 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-03-03 08:58:53 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-27 14:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hiroshima'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hiroshima'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hiroshima Prefecture'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'yo-ke.pref.hiroshima.lg.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25735603772923059735733206182078473980748663684782849995307226811671258578180394716386938933087409863132509748971079078526093467863254423650128134949497905910385432568478677519297125477289900025896647672813514401782471051466727642659245912904521811279317809529898777525027614604909687067515980401125989552532143693599991505278355288427164838538075880204864947118411612127437732902263735624701813939399291440166198192191249968847620581609005111938365077919859989973644216265409905832315175699582468326892107479044467017677963350906095272390572528330986784753568967108834220359485297022856663062918626561364936760911951
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName cbef3def8374a1a842f03b4036fa6d8294a92736
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://sr30.ocsp.secomtrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yo-ke.pref.hiroshima.lg.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.392.200091.100.751.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							deaaea8ad8cf0e6cd16e26be17e0ba88f7b27339
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (488 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (484 bytes)
							01e2007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017f4f0a11b300000403004830460221009a8cf8c06e9afaf281958c6b2b560305b68bce585df125b4198549d62b927e27022100800ec479720b286fe35ba890c5ea70bb221e19f8456370eadfab64d5f440d21d007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017f4f0a17370000040300483046022100c6f8cabd765d5ecc9d073f90c14c04c2f7d10602919a1e0423122de85fc4f868022100d3172e3ed7351041b0a5c2a273c4705c44e36ab0db7966725df988dc34e8f34e007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017f4f0a1b5b00000403004730450221008448145851c9654088d09d75f4d248c255a04d4c29bd4993ce51038da3ac54cd02205e90cb3e2664ee914f8ba5d57d78855a0b5cd60ba0fe3172726c34f192ca450c0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000017f4f0a1c8c0000040300473045022035fb21174d9ef59129f2e92f67e5cb969e110c014cec5eba88ef82e524d2072702210087c6db9d1f76026d71fce8fee083360ddde486410418895a45d3075ceefffefd
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b0f1a4615fb5cdfdb718f3ae99a6dfda63e9fc5bfd2f40af58263bb9dc922de2e588f507b7f0a9b95f64f2e55e1af846ab236b12dfbd555ff8b6b180debd2b3acaef3583432d295ed9b28c9e7aea7c4f3b19f6833e00210b3d60ddef3d39437eaf9a2fd6eacf31f62759bb2d17b808e51626ef9ff399583572f552e6f2aaa2e07e7edc82bf5e21062737749d4870495aa47abea8cb7d12a8c6cee46b45ec2b45bfd79acdc12965306af1ddb4baad082dde4a70825cdad19106e73d2e476fa8667e9dfeb7c18d0a153dd6917e23c5d422183646ec67240de736491cd5eae3ecb158f6a21920dc4e12387c57d19b3bcb5302cad0b1b30f2c750b95ae9aad4a4c2b