mobilepoc.ricoh-usa.com

- Ricoh USA, Inc. -

Issued by AffirmTrust Certificate Authority - OV1

About this certificate

This digital certificate with serial number f1:6b:52:d9:93:7d:e5:69:00:00:00:00:58:08:6f:6a was issued on by AffirmTrust.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Ricoh USA, Inc.

Organization: Ricoh USA, Inc.
State / Province: New Jersey
Locality: West Caldwell
Country: US

AffirmTrust

Organization: AffirmTrust
Organization unit: See www.affirmtrust.com/repository
Country: CA

This certificate has expire since

Certificate Details

Serial Number (hex): f1:6b:52:d9:93:7d:e5:69:00:00:00:00:58:08:6f:6a
Serial Number (int): 320901203143773212488428544747547160426
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: e0:2b:01:6f:f4:78:ee:ba:70:54:71:3b:15:1e:74:1b:0c:3a:d7:0c
AuthorityKeyId: fe:60:c3:0d:a4:a2:9d:21:4f:7a:78:4c:62:c5:db:14:fc:39:78:c4

Fingerprint (sha1): de:77:4c:20:fb:be:09:5b:ba:49:f2:ca:86:22:31:1e:90:a7:48:a2
Fingerprint (sha256): 3c:50:94:97:2c:b7:40:a7:fc:cb:38:1a:2f:8b:b6:30:63:ed:11:de:4a:2b:6d:25:64:6b:41:2d:1d:63:1d:68

Issuing Certificate URL: http://aia.affirmtrust.com/aftov1ca.crt

Revocation information

OCSP Server: http://ocsp.affirmtrust.com
CRL Distribution Point: http://crl.affirmtrust.com/crl/aftov1ca.crl

Check the revocation status for certificate mobilepoc.ricoh-usa.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mobilepoc.ricoh-usa.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mobilepoc.ricoh-usa.com

Other certificates including the domain name ricoh-usa.com

(limited to 100 certificates)
*.ricoh-usa.com
ssl1.ricoh-usa.com
adaptiveformstest.ricoh-usa.com
boulder-ssl1.ricoh-usa.com
*.returnmailservices.ricoh-usa.com
support.rpp.ricoh-usa.com
*.ricoh-usa.com
storefront.ricoh-usa.com
cs2.ricoh-usa.com
mdm.ricoh-usa.com
xen.ricoh-usa.com
*.ricoh-usa.com
*.ricoh-usa.com
events.ricoh-usa.com
rworld-test.ricoh-usa.com
portal.ricoh-usa.com
UCAAS2-CTPC1-01.ricoh-usa.com
UCAAS11-CTPC1-01.dev.ricoh-usa.com
mdm.ricoh-usa.com
rworld-test.ricoh-usa.com
mobileha.ricoh-usa.com
support.rpp.ricoh-usa.com
sts.ricoh-usa.com
UCAAS11-CUCPUB2-01.dev.ricoh-usa.com
newsroom.ricoh-usa.com
pb1.ricoh-usa.com
sts.dev.ricoh-usa.com
ucaas11-cup1-01.dev.ricoh-usa.com
*.ricoh-usa.com
ricohaps.ricoh-usa.com
boulder-ssl2.ricoh-usa.com
sts.ricoh-usa.com
sts.preprod.ricoh-usa.com
newsroom.ricoh-usa.com
*.awsdev.ricoh-usa.com
UCAAS2-UCMPUB2-01-ms.ricoh-usa.com
*.Ricoh-usa.com
jobs.ricoh-usa.com
*.ricoh-usa.com
UCAAS1-CTPC1-01.ricoh-usa.com
*.ricoh-usa.com
cs3.ricoh-usa.com
tec.ricoh-usa.com
cs3.ricoh-usa.com
rworld-test.ricoh-usa.com
*.ricoh-usa.com
rscc.ricoh-usa.com
thedocshop.ricoh-usa.com
events.ricoh-usa.com
sts.dev.ricoh-usa.com
iapoc.intelligentdelivery.ricoh-usa.com
*.ricoh-usa.com
ricohspha.ricoh-usa.com
ctpat.ricoh-usa.com
rworld-test.ricoh-usa.com
mobile3.ricoh-usa.com
*.Ricoh-usa.com
sts.ricoh-usa.com
PhishReporter.ricoh-usa.com
solutionfinder.ricoh-usa.com
*.ricoh-usa.com
ddpe.ricoh-usa.com
*.ricoh-usa.com
asklola.ricoh-usa.com
GA16ARTDEV01.ricoh-usa.com
*.ricoh-usa.com
lpo.ricoh-usa.com
mobile.ricoh-usa.com
comms.ricoh-usa.com
my.ricoh-usa.com
ssl1.ricoh-usa.com
sts.ricoh-usa.com
UCAAS2-CUCPUB2-01-ms.ricoh-usa.com
adaptiveformsdev.ricoh-usa.com
UCAAS11-VCSE-01B.dev.ricoh-usa.com
newsroom.ricoh-usa.com
ssl2.ricoh-usa.com
images.learn.ricoh-usa.com
sts.ricoh-usa.com
UCAAS2-UCMPUB2-01.ricoh-usa.com
ddpe.ricoh-usa.com
sts.preprod.ricoh-usa.com
portal.ricoh-usa.com
ssl2.ricoh-usa.com
UCAAS2-CUP2-01-ms.ricoh-usa.com
mobileha.ricoh-usa.com
UCAAS11-VCSE1-01A.dev.ricoh-usa.com
ucaas11-cucpub1-01-ms.dev.ricoh-usa.com
*.ricoh-usa.com
portal.ricoh-usa.com
gitcloud.awsdev.ricoh-usa.com
*.ricoh-usa.com
rworld.ricoh-usa.com
mobilepoc.ricoh-usa.com
my.ricoh-usa.com
rworld-test.ricoh-usa.com
xenapp.ricoh-usa.com
rworld.ricoh-usa.com
ssl2.ricoh-usa.com
*.ricoh-usa.com

Certificate

The complete raw certificate details for mobilepoc.ricoh-usa.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIRAPFrUtmTfeVpAAAAAFgIb2owDQYJKoZIhvcNAQELBQAw
gYIxCzAJBgNVBAYTAkNBMRQwEgYDVQQKEwtBZmZpcm1UcnVzdDErMCkGA1UECxMi
U2VlIHd3dy5hZmZpcm10cnVzdC5jb20vcmVwb3NpdG9yeTEwMC4GA1UEAxMnQWZm
aXJtVHJ1c3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gT1YxMB4XDTE4MDYxOTE1
MjkyNVoXDTIwMDYxOTE1NTkyM1owdjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5l
dyBKZXJzZXkxFjAUBgNVBAcTDVdlc3QgQ2FsZHdlbGwxGDAWBgNVBAoTD1JpY29o
IFVTQSwgSW5jLjEgMB4GA1UEAxMXbW9iaWxlcG9jLnJpY29oLXVzYS5jb20wggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtt6bXt9dB+qqxq8hjdTiMb3Nc
AHUChhS4KxeQarOov4KZNVaUM+2isqi+xG498zHb+9kM+6yNqur9N4UIOCJNY2C1
yClSLIMk1UbcgSWMOBdI1Y51rG3mgtpQiZj6Ed7eKeITbL7yjb+BJs+pvMFoDWBK
z1L+bVxK9uMNyx0zNEhrwGV+4TeF4/Qjo3bMp7M4/rgyqlgOq+bXNzWxculERFiT
7GcCHSBMp1fbOebxn+Qo7FekgfbtYEIUecAqa2I4kYJDRNCfKummRJPbnoSYDR9B
WL0VishgwX9DBPX27MWCjmYOX3HOulV+badtfzSZzDs3sn6HhPyaucQvO0nfAgMB
AAGjggG8MIIBuDATBgorBgEEAdZ5AgQDAQH/BAIFADAiBgNVHREEGzAZghdtb2Jp
bGVwb2Mucmljb2gtdXNhLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMAkGA1UdEwQCMAAwbAYIKwYBBQUHAQEEYDBeMCcG
CCsGAQUFBzABhhtodHRwOi8vb2NzcC5hZmZpcm10cnVzdC5jb20wMwYIKwYBBQUH
MAKGJ2h0dHA6Ly9haWEuYWZmaXJtdHJ1c3QuY29tL2FmdG92MWNhLmNydDBXBgNV
HSAEUDBOMEIGCisGAQQBgo8JAgUwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cu
YWZmaXJtdHJ1c3QuY29tL3JlcG9zaXRvcnkwCAYGZ4EMAQICMDwGA1UdHwQ1MDMw
MaAvoC2GK2h0dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29tL2NybC9hZnRvdjFjYS5j
cmwwHwYDVR0jBBgwFoAU/mDDDaSinSFPenhMYsXbFPw5eMQwHQYDVR0OBBYEFOAr
AW/0eO66cFRxOxUedBsMOtcMMA0GCSqGSIb3DQEBCwUAA4IBAQBg/4kckuHd8LIP
diJmwxqEcV4r+lvlpAd8lZg2m+hg/agRj/hG6pxHbnj51qLqz0SgV+aMvIc+sekJ
8RiVVXmpiHsIM317XCzSSLbB6bwU4d4glahMISIu2aCEcnkOBCDZ7+hP02oGFdMG
/DtaOeo94T2iML0RyKtS5PYknmkhzlIiZlt47BF6+ok6o9q2fGdp2KpgpTse9lYN
A+o7RuMDmhsj7LFncYzoUk+GfMKD+kUrcda2Oc9nJzJgrcZrP8W07VsCu1MbYi3X
OuS85LE/rFg2Pq2T8ocMteECLpWNd+pMB1/ohBMjunDpehwymMzKl/Hv4J1OPxTJ
23X5ja4z
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbem17fXQfqqsavIY3U4
jG9zXAB1AoYUuCsXkGqzqL+CmTVWlDPtorKovsRuPfMx2/vZDPusjarq/TeFCDgi
TWNgtcgpUiyDJNVG3IEljDgXSNWOdaxt5oLaUImY+hHe3iniE2y+8o2/gSbPqbzB
aA1gSs9S/m1cSvbjDcsdMzRIa8BlfuE3heP0I6N2zKezOP64MqpYDqvm1zc1sXLp
RERYk+xnAh0gTKdX2znm8Z/kKOxXpIH27WBCFHnAKmtiOJGCQ0TQnyrppkST256E
mA0fQVi9FYrIYMF/QwT19uzFgo5mDl9xzrpVfm2nbX80mcw7N7J+h4T8mrnELztJ
3wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 320901203143773212488428544747547160426
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AffirmTrust'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.affirmtrust.com/repository'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AffirmTrust Certificate Authority - OV1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-06-19 15:29:25 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-19 15:59:23 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Jersey'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'West Caldwell'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ricoh USA, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mobilepoc.ricoh-usa.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21929788802039640530246716130236259020184099951568003166990327145860357736305928569992693791255744002065650616612370468069856456891019085141653531341980961649274485490258142508502289093629401274267964945560847947947635351748622983026101120976925043479967172831934390083468841876806045608068298414086843100270467364227732808035879239648063107580415025789722291933115643187183428953422925220622173140999893096920016213577473687477467942250855464413207758197552094793816928043676348142765072331549942917751090260631751403039882332507424999258230323748266365988723444723801327284933596047577449935148789249091483331152351
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mobilepoc.ricoh-usa.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.affirmtrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.affirmtrust.com/aftov1ca.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.34697.2.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.affirmtrust.com/repository'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.affirmtrust.com/crl/aftov1ca.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName fe60c30da4a29d214f7a784c62c5db14fc3978c4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e02b016ff478eeba7054713b151e741b0c3ad70c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0060ff891c92e1ddf0b20f762266c31a84715e2bfa5be5a4077c9598369be860fda8118ff846ea9c476e78f9d6a2eacf44a057e68cbc873eb1e909f118955579a9887b08337d7b5c2cd248b6c1e9bc14e1de2095a84c21222ed9a08472790e0420d9efe84fd36a0615d306fc3b5a39ea3de13da230bd11c8ab52e4f6249e6921ce5222665b78ec117afa893aa3dab67c6769d8aa60a53b1ef6560d03ea3b46e3039a1b23ecb167718ce8524f867cc283fa452b71d6b639cf67273260adc66b3fc5b4ed5b02bb531b622dd73ae4bce4b13fac58363ead93f2870cb5e1022e958d77ea4c075fe8841323ba70e97a1c3298ccca97f1efe09d4e3f14c9db75f98dae33