external.dma.mil
Issued by DOD ID SW CA-38
About this certificate
This digital certificate with serial number 02:82:fa was issued on by U.S. Government.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Subscriber Certificate: extKeyUsage values other than id-kp-serverAuth, id-kp-clientAuth, and id-kp-emailProtection SHOULD NOT be present. (BRs: 7.1.2.3)
Certificate Subject
CN=external.dma.mil,OU=USGOVT+OU=DoD+OU=PKI+OU=DMA,C=US
U.S. Government
Organization:
U.S. Government
Organization unit: DoD
Organization unit: PKI
Organization unit: DoD
Organization unit: PKI
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 02:82:faSerial Number (int): 164602
Serial Number lenght: 18 bits, 3 octets
SubjectKeyId: 05:92:6b:bf:75:f8:f2:11:50:c6:53:26:8c:79:78:4d:6f:c1:cd:20
AuthorityKeyId: 8e:c5:b9:cc:fc:ce:8e:53:b4:2a:ce:e8:11:2a:cf:9b:29:6c:67:ca
Fingerprint (sha1): fa:5b:22:75:63:fd:4e:6b:1c:bf:ba:95:6a:89:6a:ab:71:7f:0f:08
Fingerprint (sha256): 3f:83:0d:53:29:40:ad:f0:50:d1:cc:74:b8:7c:86:20:56:6f:ff:54:80:7e:a9:76:9b:96:1e:6c:b1:95:fe:b3
Issuing Certificate URL: http://crl.disa.mil/sign/DODIDSWCA_38.cer
Revocation information
OCSP Server: http://ocsp.disa.milCRL Distribution Point: http://crl.disa.mil/crl/DODIDSWCA_38.crl
Check the revocation status for certificate external.dma.mil
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for external.dma.mil
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
external.dma.mil
Other certificates including the domain name dma.mil
(limited to 100 certificates)
www.dma.mil
www.dma.mil
dras.dinfos.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.pentagon.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.pentagon.mil
dcp.dinfos.dma.mil
www.dma.mil
www.dodlive.mil
smc-ctgwy
dma-rdg.dma.pa.mil
www.dodlive.mil
www.pentagon.mil
connect38.dma.mil
tracking.dmaana.dma.mil
www.dodlive.mil
www.dodlive.mil
afstaging.dma.mil
remoteconnect.dma.mil
www.dodlive.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.pentagon.mil
www.dodlive.mil
hnforms.dmasa.dma.mil
www.dma.mil
www.dodlive.mil
www.pentagon.mil
www.dma.mil
jhns.release.dma.mil
www.dma.mil
www.dma.mil
www.dodlive.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dodlive.mil
www.dodlive.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dodlive.mil
www.dma.mil
www.dma.mil
dels.dinfos.dma.mil
www.dodlive.mil
www.dma.mil
aftraining.dma.mil
dras.dinfos.dma.mil
www.dma.mil
www.dma.mil
DMALyncHQ.dma.mil
www.dodlive.mil
navcms.dma.mil
www.dodlive.mil
www.pentagon.mil
www.dodlive.mil
www.pentagon.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
DMALyncHQ.dma.mil
www.dodlive.mil
www.dma.mil
www.dma.mil
navcms.staging.dma.mil
www.dma.mil
www.dma.mil
external.dma.mil
www.pentagon.mil
www.pentagon.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dodlive.mil
www.dodlive.mil
www.dma.mil
navcms.dma.mil
dras.dinfos.dma.mil
arkansas.nationalguard.mil
portal.dinfos.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.pentagon.mil
www.dma.mil
dras.dinfos.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.pentagon.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.pentagon.mil
dcp.dinfos.dma.mil
www.dma.mil
www.dodlive.mil
smc-ctgwy
dma-rdg.dma.pa.mil
www.dodlive.mil
www.pentagon.mil
connect38.dma.mil
tracking.dmaana.dma.mil
www.dodlive.mil
www.dodlive.mil
afstaging.dma.mil
remoteconnect.dma.mil
www.dodlive.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.pentagon.mil
www.dodlive.mil
hnforms.dmasa.dma.mil
www.dma.mil
www.dodlive.mil
www.pentagon.mil
www.dma.mil
jhns.release.dma.mil
www.dma.mil
www.dma.mil
www.dodlive.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dodlive.mil
www.dodlive.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dodlive.mil
www.dma.mil
www.dma.mil
dels.dinfos.dma.mil
www.dodlive.mil
www.dma.mil
aftraining.dma.mil
dras.dinfos.dma.mil
www.dma.mil
www.dma.mil
DMALyncHQ.dma.mil
www.dodlive.mil
navcms.dma.mil
www.dodlive.mil
www.pentagon.mil
www.dodlive.mil
www.pentagon.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
DMALyncHQ.dma.mil
www.dodlive.mil
www.dma.mil
www.dma.mil
navcms.staging.dma.mil
www.dma.mil
www.dma.mil
external.dma.mil
www.pentagon.mil
www.pentagon.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dodlive.mil
www.dodlive.mil
www.dma.mil
navcms.dma.mil
dras.dinfos.dma.mil
arkansas.nationalguard.mil
portal.dinfos.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.dma.mil
www.pentagon.mil
Certificate
The complete raw certificate details for external.dma.mil in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIElTCCA32gAwIBAgIDAoL6MA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNVBAYTAlVT MRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UE CxMDUEtJMRgwFgYDVQQDEw9ET0QgSUQgU1cgQ0EtMzgwHhcNMTcwOTA3MTc1MTU3 WhcNMjAwOTA3MTc1MTU3WjBjMQswCQYDVQQGEwJVUzEPMA0GA1UECxMGVVNHT1ZU MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsTA1BLSTEMMAoGA1UECxMDRE1BMRkwFwYD VQQDExBleHRlcm5hbC5kbWEubWlsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEA53n53BGpfxgMuZHRSdLfgLdej/PIdLxDK/NTLh7rYrfsWStgDaVA04/W M0CIGun0rjTgqnsyLOCeuYZFk9ZqI++FoRuUQL9oVocWxJ3iHTPjADUkkFqmrv7b I6J3WmgHXJmH60JA26LZN3Dh3i3PfMAlztraGYCtIqWyrns9xQh/vjXDc7/6iF+y 6CkXmKTON76bnBZ3vBrimBHQ1x/g51uPZNoOyS8u2zMUA2PW2ZajXADHbPq4zaNx QnC/YUEVAXonCU3qJ2wDfcrsEEQeb3aEdtalbsE8HDxv4Zwe97elEqK893lyyfab XboQOKZIlg4Ao5ZInwXeU5fUBgau/wIDAQABo4IBVjCCAVIwHwYDVR0jBBgwFoAU jsW5zPzOjlO0Ks7oESrPmylsZ8owHQYDVR0OBBYEFAWSa791+PIRUMZTJox5eE1v wc0gMGcGCCsGAQUFBwEBBFswWTA1BggrBgEFBQcwAoYpaHR0cDovL2NybC5kaXNh Lm1pbC9zaWduL0RPRElEU1dDQV8zOC5jZXIwIAYIKwYBBQUHMAGGFGh0dHA6Ly9v Y3NwLmRpc2EubWlsMA4GA1UdDwEB/wQEAwIFoDA5BgNVHR8EMjAwMC6gLKAqhiho dHRwOi8vY3JsLmRpc2EubWlsL2NybC9ET0RJRFNXQ0FfMzguY3JsMBsGA1UdEQQU MBKCEGV4dGVybmFsLmRtYS5taWwwFgYDVR0gBA8wDTALBglghkgBZQIBCycwJwYD VR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQgCAjANBgkqhkiG9w0B AQsFAAOCAQEAdujhBuM/RGJnT7npaDn+EhBOfbFqk2DqXze127faGLLYJ3Wer7DG SqM0L8+6HEsVEPYnl97kdPyvDSHMuJcyfa7MFNNb3p1kecVwBYQ3KVux/kGTEbJw KtyqUHsi9F/8uI0Y4RdmrlPZ30Yt1YU8C2lZyP5RFBF4QqP+x/ATCGM+Gb1/UmY6 /+KQKHs4ddeDxamEjvw5Id8VfqFVjUt0U68itvyaKIBQkqSweVHcoDnTt3TZe+Vd IxYONZDjSQkqxQP+uGC7XOgwWGLLZLjIao6T5ixsdZyU87Nx5X0D5l9+QEbtsFyM ehAfIWC4aB9k5eEWHjcLbDzjtl55loAYXg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA53n53BGpfxgMuZHRSdLf gLdej/PIdLxDK/NTLh7rYrfsWStgDaVA04/WM0CIGun0rjTgqnsyLOCeuYZFk9Zq I++FoRuUQL9oVocWxJ3iHTPjADUkkFqmrv7bI6J3WmgHXJmH60JA26LZN3Dh3i3P fMAlztraGYCtIqWyrns9xQh/vjXDc7/6iF+y6CkXmKTON76bnBZ3vBrimBHQ1x/g 51uPZNoOyS8u2zMUA2PW2ZajXADHbPq4zaNxQnC/YUEVAXonCU3qJ2wDfcrsEEQe b3aEdtalbsE8HDxv4Zwe97elEqK893lyyfabXboQOKZIlg4Ao5ZInwXeU5fUBgau /wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 164602 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'U.S. Government' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DoD' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DOD ID SW CA-38' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-09-07 17:51:57 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-07 17:51:57 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'USGOVT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DoD' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DMA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'external.dma.mil' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29221197061549037752106621325310213604891316075319880851641131338225566251980234344554131369983703829955584442523596541672660216275677713597892290485476573271543022053903093922980973802949098911205871809653154227463797294663483906220022665418549589093576326038692316147500822073768913154965572244842338292471608089405334202071938830329573445960959830436926104271777168951892871315525345440370198813908134477252738896877483866442161544439569493984974484322015089160617928419793866144305751157393701427536842736659836908506867123801119450560312043593388911660746907633052101494647075540304952745847544550362643192786687 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8ec5b9ccfcce8e53b42acee8112acf9b296c67ca . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 05926bbf75f8f21150c653268c79784d6fc1cd20 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.disa.mil/sign/DODIDSWCA_38.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.disa.mil' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.disa.mil/crl/DODIDSWCA_38.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'external.dma.mil' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.2.1.11.39 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.8.2.2 (iKEIntermediate) . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0076e8e106e33f4462674fb9e96839fe12104e7db16a9360ea5f37b5dbb7da18b2d827759eafb0c64aa3342fcfba1c4b1510f62797dee474fcaf0d21ccb897327daecc14d35bde9d6479c570058437295bb1fe419311b2702adcaa507b22f45ffcb88d18e11766ae53d9df462dd5853c0b6959c8fe5114117842a3fec7f01308633e19bd7f52663affe290287b3875d783c5a9848efc3921df157ea1558d4b7453af22b6fc9a28805092a4b07951dca039d3b774d97be55d23160e3590e349092ac503feb860bb5ce8305862cb64b8c86a8e93e62c6c759c94f3b371e57d03e65f7e4046edb05c8c7a101f2160b8681f64e5e1161e370b6c3ce3b65e799680185e