prod-mbam.ad.hc-sc.gc.ca
- Health Canada (Department of Health) -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number f5:8e:fb:e8:db:97:a5:78:00:00:00:00:50:fa:8c:09 was issued on by Entrust, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Health Canada (Department of Health)
Organization:
Health Canada (Department of Health)
State / Province:
Ontario
Locality: Ottawa
Country: CA
Locality: Ottawa
Country: CA
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): f5:8e:fb:e8:db:97:a5:78:00:00:00:00:50:fa:8c:09Serial Number (int): 326403274454921100617002134103775677449
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: a0:9f:33:01:cf:b9:f6:a6:cc:5b:4a:43:aa:f8:96:25:88:07:88:2f
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): db:b4:50:49:f4:cd:9a:ae:64:63:ba:96:59:d2:82:41:8f:d4:55:fa
Fingerprint (sha256): 3b:77:90:be:6b:ac:fc:cf:fd:0b:45:d6:ec:d0:34:2a:06:84:53:06:92:e2:63:18:df:e6:b4:91:08:90:1c:3c
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate prod-mbam.ad.hc-sc.gc.ca
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for prod-mbam.ad.hc-sc.gc.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
prod-mbam.ad.hc-sc.gc.ca
bitlocker.ad.hc-sc.gc.ca
bitlocker.ad.hc-sc.gc.ca
Other certificates including the domain name hc-sc.gc.ca
(limited to 100 certificates)
training.mtrs-sctrm.hc-sc.gc.ca
HCQCK1AWVDCT001.tqa.hc-sc.gc.ca
ers-ser.hc-sc.gc.ca
HCQCK1AwvAST063.hc-sc.gc.ca
*.uat.hc-sc.gc.ca
ers-auth-ser-lb.hc-sc.gc.ca
h2o.hc-sc.gc.ca
biosecurity-portal.hc-sc.gc.ca
cgnw-01.hc-sc.gc.ca
sdx-edp.hc-sc.gc.ca
wasext-prd-1.hc-sc.gc.ca
eprs-serp.hc-sc.gc.ca
hc4ecc6.hc-sc.gc.ca
hconk2ewvasp001.hc-sc.gc.ca
mtrs-sctrm.hc-sc.gc.ca
PTH-PROXY.hc-sc.gc.ca
HCONK1VWVDCP002.ad.hc-sc.gc.ca
istopxrm.hc-sc.gc.ca
utils-test.hc-sc.gc.ca
gateway-passerelle.preprod.hc-sc.gc.ca
nihb-atl-fax.hc-sc.gc.ca
int-services1.hc-sc.gc.ca
Inotes.hc-sc.gc.ca
SAD-TEM-DV1.hc-sc.gc.ca
HCONK1AwvAST058.hc-sc.gc.ca
int-services3.dev.hc-sc.gc.ca
eprs-serp.hc-sc.gc.ca
sad-pt2-devap1.hc-sc.gc.ca
cloud-vpn.hc-sc.gc.ca
www.mtrs-sctrm.hc-sc.gc.ca
international-health-commitments.canada.ca
training.mtrs-sctrm.hc-sc.gc.ca
sap-cms.hc-sc.gc.ca
HCQCK1AWVDCT002.tqa.hc-sc.gc.ca
training.mtrs-sctrm.hc-sc.gc.ca
dev.mg-dsol.mapgears.com
cgnw-01.hc-sc.gc.ca
int-services1.preprod.hc-sc.gc.ca
sgpp-dt.hc-sc.gc.ca
ocs-bsc.hc-sc.gc.ca
int-services1.uat.hc-sc.gc.ca
sdx-edp.hc-sc.gc.ca
ctls-sscdl.hc-sc.gc.ca
PTH-PROXY-TRAIN.hc-sc.gc.ca
webprod4.hc-sc.gc.ca
*.hc-sc.gc.ca
aero-oitc.phac-aspc.gc.ca
app80.hc-sc.gc.ca
ers-auth-ser.hc-sc.gc.ca
keycloak.hc-sc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
www.reclassification.hc-sc.gc.ca
sad-pth-qaap1.hc-sc.gc.ca
*.preprod.hc-sc.gc.ca
sad-pth-catap1.hc-sc.gc.ca
gateway-passerelle.uat.hc-sc.gc.ca
nnhpd-pla-dlmm-dpsnso.hc-sc.gc.ca
biosecurity-portal.hc-sc.gc.ca
pub-tom-mono.hc-sc.gc.ca
ocs-bsc.hc-sc.gc.ca
mobile.hc-sc.gc.ca
aids.gc.ca
h2o.hc-sc.gc.ca
www.CNF-CFG-classification-FCEN-GAC.hc-sc.gc.ca
dstsia-sspdai.hc-sc.gc.ca
CTXADC-HC-MCDC.HC-SC.GC.CA
collaboration.hc-sc.gc.ca
SAD-TEM-DV1.tqa.hc-sc.gc.ca
sgpp-dt.hc-sc.gc.ca
inotes.hc-sc.gc.ca
trn-csims-sgici.hc-sc.gc.ca
hc5ecc6.hc-sc.gc.ca
dev.mg-dsol.mapgears.com
fnihis-sispni.hc-sc.gc.ca
biosecurity-portal.hc-sc.gc.ca
uvupdatertest.hc-sc.gc.ca
ers-test-ser.hc-sc.gc.ca
www.CNF-CFG-classification-FCEN-GAC.hc-sc.gc.ca
sec2.hc-sc.gc.ca
HCONK1VWVDCP005.ad.hc-sc.gc.ca
tem01.hc-sc.gc.ca
dev.mg-dsol.mapgears.com
utils-test.hc-sc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
WAS7-SEXT-IHS.hc-sc.gc.ca
pr-rdb.hc-sc.gc.ca
www.reclassification.hc-sc.gc.ca
mfcsg01.hc-sc.gc.ca
ers-auth-ser-lb.hc-sc.gc.ca
sinpappsas-02.hc-sc.gc.ca
nihb-mb-faxfinder.hc-sc.gc.ca
cvp-pcv.hc-sc.gc.ca
int-services2.dev.hc-sc.gc.ca
DSTSIA-SSPDAI.hc-sc.gc.ca
www.fptgn-gnfpt.hc-sc.gc.ca
github.hc-sc.gc.ca
portaildgpsa.hc-sc.gc.ca
weboffice.hc-sc.gc.ca
sec2.hc-sc.gc.ca
HCQCK1AWVDCT001.tqa.hc-sc.gc.ca
ers-ser.hc-sc.gc.ca
HCQCK1AwvAST063.hc-sc.gc.ca
*.uat.hc-sc.gc.ca
ers-auth-ser-lb.hc-sc.gc.ca
h2o.hc-sc.gc.ca
biosecurity-portal.hc-sc.gc.ca
cgnw-01.hc-sc.gc.ca
sdx-edp.hc-sc.gc.ca
wasext-prd-1.hc-sc.gc.ca
eprs-serp.hc-sc.gc.ca
hc4ecc6.hc-sc.gc.ca
hconk2ewvasp001.hc-sc.gc.ca
mtrs-sctrm.hc-sc.gc.ca
PTH-PROXY.hc-sc.gc.ca
HCONK1VWVDCP002.ad.hc-sc.gc.ca
istopxrm.hc-sc.gc.ca
utils-test.hc-sc.gc.ca
gateway-passerelle.preprod.hc-sc.gc.ca
nihb-atl-fax.hc-sc.gc.ca
int-services1.hc-sc.gc.ca
Inotes.hc-sc.gc.ca
SAD-TEM-DV1.hc-sc.gc.ca
HCONK1AwvAST058.hc-sc.gc.ca
int-services3.dev.hc-sc.gc.ca
eprs-serp.hc-sc.gc.ca
sad-pt2-devap1.hc-sc.gc.ca
cloud-vpn.hc-sc.gc.ca
www.mtrs-sctrm.hc-sc.gc.ca
international-health-commitments.canada.ca
training.mtrs-sctrm.hc-sc.gc.ca
sap-cms.hc-sc.gc.ca
HCQCK1AWVDCT002.tqa.hc-sc.gc.ca
training.mtrs-sctrm.hc-sc.gc.ca
dev.mg-dsol.mapgears.com
cgnw-01.hc-sc.gc.ca
int-services1.preprod.hc-sc.gc.ca
sgpp-dt.hc-sc.gc.ca
ocs-bsc.hc-sc.gc.ca
int-services1.uat.hc-sc.gc.ca
sdx-edp.hc-sc.gc.ca
ctls-sscdl.hc-sc.gc.ca
PTH-PROXY-TRAIN.hc-sc.gc.ca
webprod4.hc-sc.gc.ca
*.hc-sc.gc.ca
aero-oitc.phac-aspc.gc.ca
app80.hc-sc.gc.ca
ers-auth-ser.hc-sc.gc.ca
keycloak.hc-sc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
www.reclassification.hc-sc.gc.ca
sad-pth-qaap1.hc-sc.gc.ca
*.preprod.hc-sc.gc.ca
sad-pth-catap1.hc-sc.gc.ca
gateway-passerelle.uat.hc-sc.gc.ca
nnhpd-pla-dlmm-dpsnso.hc-sc.gc.ca
biosecurity-portal.hc-sc.gc.ca
pub-tom-mono.hc-sc.gc.ca
ocs-bsc.hc-sc.gc.ca
mobile.hc-sc.gc.ca
aids.gc.ca
h2o.hc-sc.gc.ca
www.CNF-CFG-classification-FCEN-GAC.hc-sc.gc.ca
dstsia-sspdai.hc-sc.gc.ca
CTXADC-HC-MCDC.HC-SC.GC.CA
collaboration.hc-sc.gc.ca
SAD-TEM-DV1.tqa.hc-sc.gc.ca
sgpp-dt.hc-sc.gc.ca
inotes.hc-sc.gc.ca
trn-csims-sgici.hc-sc.gc.ca
hc5ecc6.hc-sc.gc.ca
dev.mg-dsol.mapgears.com
fnihis-sispni.hc-sc.gc.ca
biosecurity-portal.hc-sc.gc.ca
uvupdatertest.hc-sc.gc.ca
ers-test-ser.hc-sc.gc.ca
www.CNF-CFG-classification-FCEN-GAC.hc-sc.gc.ca
sec2.hc-sc.gc.ca
HCONK1VWVDCP005.ad.hc-sc.gc.ca
tem01.hc-sc.gc.ca
dev.mg-dsol.mapgears.com
utils-test.hc-sc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
WAS7-SEXT-IHS.hc-sc.gc.ca
pr-rdb.hc-sc.gc.ca
www.reclassification.hc-sc.gc.ca
mfcsg01.hc-sc.gc.ca
ers-auth-ser-lb.hc-sc.gc.ca
sinpappsas-02.hc-sc.gc.ca
nihb-mb-faxfinder.hc-sc.gc.ca
cvp-pcv.hc-sc.gc.ca
int-services2.dev.hc-sc.gc.ca
DSTSIA-SSPDAI.hc-sc.gc.ca
www.fptgn-gnfpt.hc-sc.gc.ca
github.hc-sc.gc.ca
portaildgpsa.hc-sc.gc.ca
weboffice.hc-sc.gc.ca
sec2.hc-sc.gc.ca
Certificate
The complete raw certificate details for prod-mbam.ad.hc-sc.gc.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgIRAPWO++jbl6V4AAAAAFD6jAkwDQYJKoZIhvcNAQELBQAw gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg MjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcN MTkxMTIxMTQwODU0WhcNMjIwMjIwMTQzODUzWjCBgjELMAkGA1UEBhMCQ0ExEDAO BgNVBAgTB09udGFyaW8xDzANBgNVBAcTBk90dGF3YTEtMCsGA1UEChMkSGVhbHRo IENhbmFkYSAoRGVwYXJ0bWVudCBvZiBIZWFsdGgpMSEwHwYDVQQDExhwcm9kLW1i YW0uYWQuaGMtc2MuZ2MuY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCzJdbmgAUUtwyAUFVYHAR0j3pwMfrD8HIZzj1i2yLSPlaRW59rqlEhA/TijfDm 3qR3HxCtqffBBY2QlN6LVSnFjUb82OQ76pWn/vlXlBiT9A5R1MAu1Pvk8c/0Xotq BCkVDmohkbcMPruS+zEi1w4RNmx8yLwAdR5jYgNFrkWWPhZona77e+QlMBtmu2fV BnBEb4XkVVJLdGfzddf+bBy9J5rI69Ci9hROIJjBzhKjCYjtJq+A6YH642pZcn9i UgvrN0E8Rq/WYPKGJBxRLgMh/zFi0llQGBf33119lvB3YXwidOcKTSAIC9WocF4B m5gzEMUUASkmCq3eQGpJSfa9AgMBAAGjggG+MIIBujATBgorBgEEAdZ5AgQDAQH/ BAIFADA9BgNVHREENjA0ghhwcm9kLW1iYW0uYWQuaGMtc2MuZ2MuY2GCGGJpdGxv Y2tlci5hZC5oYy1zYy5nYy5jYTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwu ZW50cnVzdC5uZXQvbGV2ZWwxay5jcmwwSwYDVR0gBEQwQjA2BgpghkgBhvpsCgEF MCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuZW50cnVzdC5uZXQvcnBhMAgGBmeB DAECAjBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVu dHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0L2wx ay1jaGFpbjI1Ni5jZXIwHwYDVR0jBBgwFoAUgqJwdN28Uz/Pe9T3zX+nYMYKTL8w HQYDVR0OBBYEFKCfMwHPufamzFtKQ6r4liWIB4gvMAkGA1UdEwQCMAAwDQYJKoZI hvcNAQELBQADggEBAFfGOesdtkC0bJkxlg0anPDJWOp3w6FbGo4gFAAbcD52PKpV T4GBSP3zsS04svqRKCZKsMYIQH+146QyPCOxifkqZ3SXgcUEYdvc0MN7FQ0MulCj jiEJJm/V6iONDF4quiwCoGEB0Qgh0aaDGqiKCb8sLhpNvDyVl3lwAx0HKAtS1elV FsEN5XAnYlqbDMRKYuYYLGDkJED9xrLyqYnlTB+4zhFz3dPNVaZqW03DCsyZcBQs 9AlOEzV0GW3v6HNx8d2A99hcISzgBpyOmv+TV4zANUV2T5emRz6cK8p3tQPIu91m AEaxCH1qdpMxTJ/Of8/LvCwH1CIoDQAgrjFWuWA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyXW5oAFFLcMgFBVWBwE dI96cDH6w/ByGc49Ytsi0j5WkVufa6pRIQP04o3w5t6kdx8Qran3wQWNkJTei1Up xY1G/NjkO+qVp/75V5QYk/QOUdTALtT75PHP9F6LagQpFQ5qIZG3DD67kvsxItcO ETZsfMi8AHUeY2IDRa5Flj4WaJ2u+3vkJTAbZrtn1QZwRG+F5FVSS3Rn83XX/mwc vSeayOvQovYUTiCYwc4SowmI7SavgOmB+uNqWXJ/YlIL6zdBPEav1mDyhiQcUS4D If8xYtJZUBgX999dfZbwd2F8InTnCk0gCAvVqHBeAZuYMxDFFAEpJgqt3kBqSUn2 vQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 326403274454921100617002134103775677449 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-21 14:08:54 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-02-20 14:38:53 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ottawa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Health Canada (Department of Health)' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'prod-mbam.ad.hc-sc.gc.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22615315919456197822560336295065387466089153872484195735521501859871017669497464125185491208150667080367505919714541988651208144027311942869114775577999847385329562852390968069725351857752402800224154265597520263057814818091696603148425222991617321139436213084290682859758705997705819528382146588615699223768743477885712630229546879555223836813669812281255436701762378437212304162755519291742993015426185207796554309945246130412918739844689851345032935326173354761941022897655250691067844633405073704622339398856027026293390841671881363757564061226330078545678923825356069746600247278799953898715359388803948559857341 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod-mbam.ad.hc-sc.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bitlocker.ad.hc-sc.gc.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a09f3301cfb9f6a6cc5b4a43aaf896258807882f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0057c639eb1db640b46c9931960d1a9cf0c958ea77c3a15b1a8e2014001b703e763caa554f818148fdf3b12d38b2fa9128264ab0c608407fb5e3a4323c23b189f92a67749781c50461dbdcd0c37b150d0cba50a38e2109266fd5ea238d0c5e2aba2c02a06101d10821d1a6831aa88a09bf2c2e1a4dbc3c95977970031d07280b52d5e95516c10de57027625a9b0cc44a62e6182c60e42440fdc6b2f2a989e54c1fb8ce1173ddd3cd55a66a5b4dc30acc9970142cf4094e133574196defe87371f1dd80f7d85c212ce0069c8e9aff93578cc03545764f97a6473e9c2bca77b503c8bbdd660046b1087d6a7693314c9fce7fcfcbbc2c07d422280d0020ae3156b960