clubcard.cz
- Tesco Stores CR a.s. -
Issued by Entrust Certification Authority - L1M
About this certificate
This digital certificate with serial number 35:fe:98:b8:1a:13:16:87:52:e0:34:01:cb:48:72:09 was issued on by Entrust, Inc..
With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Tesco Stores CR a.s.
Company registration number:
45308314
Organization: Tesco Stores CR a.s.
Organization: Tesco Stores CR a.s.
Locality:
Praha 10
Country: CZ
Country: CZ
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 35:fe:98:b8:1a:13:16:87:52:e0:34:01:cb:48:72:09Serial Number (int): 71771024690979731394363630569113809417
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: f0:f9:17:64:e0:f4:19:4b:6e:7d:64:6d:65:b9:e1:60:7a:e0:56:f5
AuthorityKeyId: c3:f7:d0:b5:2a:30:ad:af:0d:91:21:70:39:54:dd:bc:89:70:c7:3a
Fingerprint (sha1): 46:e0:ab:07:1c:ff:89:11:0e:52:f6:b0:d5:2b:12:ce:3e:aa:84:55
Fingerprint (sha256): 46:00:50:53:c5:30:ab:e0:13:5e:63:75:b5:99:78:ee:3d:d2:d3:2d:f2:03:9f:ad:d9:b6:79:15:f3:34:60:6f
Issuing Certificate URL: http://aia.entrust.net/l1m-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1m.crl
Check the revocation status for certificate clubcard.cz
8
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for clubcard.cz
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
clubcard.cz
www.clubcard.cz
vyhody.clubcard.cz
tescorecepty.cz
www.tescorecepty.cz
tescodocuments.com
www.tescodocuments.com
nlimg.itesco.cz
www.clubcard.cz
vyhody.clubcard.cz
tescorecepty.cz
www.tescorecepty.cz
tescodocuments.com
www.tescodocuments.com
nlimg.itesco.cz
Other certificates including the domain name clubcard.cz
(limited to 100 certificates)
Certificate
The complete raw certificate details for clubcard.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHTDCCBjSgAwIBAgIQNf6YuBoTFodS4DQBy0hyCTANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDE0IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxTTAeFw0y NDAxMTYxMDE2NDlaFw0yNTAyMTUxMDE2NDhaMIGcMQswCQYDVQQGEwJDWjERMA8G A1UEBxMIUHJhaGEgMTAxEzARBgsrBgEEAYI3PAIBAxMCQ1oxHTAbBgNVBAoTFFRl c2NvIFN0b3JlcyBDUiBhLnMuMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlv bjERMA8GA1UEBRMINDUzMDgzMTQxFDASBgNVBAMTC2NsdWJjYXJkLmN6MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0Z+S66R2aTWrQaOss0epuRo1epM mlul7Peq4EfWlYmI+JP6N29rgCeJXxGv4ZsRzcr2nEeR+nnm9W9hSWMrTtBSfx0O tFFqNrQulRTYXyazUmQoJPnPsnmgxK4Mv9qR3bhMXke131oQTCzoKWyxtoYMzwcY bRWAhekTZjI1QIcQHdWbnNvCBc/0aa9L80c4gRm4OUmwSzUS0wbMC3SZYghCSp6Q lleL8BlKi1t8vCLzLMcx5eAmmi8X3cpZvs/cI743C+q41/6cQ/DANu6dzjKz5FNQ HzXv4Z9gR10pwn0ZIEAllrDF4sFFWZI36z31Lfy6qTHgzvXloHkwnG88QwIDAQAB o4IDaDCCA2QwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU8PkXZOD0GUtufWRtZbnh YHrgVvUwHwYDVR0jBBgwFoAUw/fQtSowra8NkSFwOVTdvIlwxzowaAYIKwYBBQUH AQEEXDBaMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAzBggr BgEFBQcwAoYnaHR0cDovL2FpYS5lbnRydXN0Lm5ldC9sMW0tY2hhaW4yNTYuY2Vy MDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwx bS5jcmwwgaAGA1UdEQSBmDCBlYILY2x1YmNhcmQuY3qCD3d3dy5jbHViY2FyZC5j eoISdnlob2R5LmNsdWJjYXJkLmN6gg90ZXNjb3JlY2VwdHkuY3qCE3d3dy50ZXNj b3JlY2VwdHkuY3qCEnRlc2NvZG9jdW1lbnRzLmNvbYIWd3d3LnRlc2NvZG9jdW1l bnRzLmNvbYIPbmxpbWcuaXRlc2NvLmN6MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIAYDVR0gBBkwFzAHBgVngQwBATAMBgpg hkgBhvpsCgECMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdQDm0jFjQHeMwRBB Btdxuc7B0kD2loSG+7qHMh39HjeOUAAAAY0RxhCuAAAEAwBGMEQCICIrc7Qjbb5H Ek3xwAlRN+hM1ACR+Ot5kEtr6FS1/eimAiAm86P6UbCT8K7URLLoLC43uQ7JJv2L WA5yQsI/1RdedAB3AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAAB jRHGENoAAAQDAEgwRgIhAKWP2x1uFi8MSdGig5yLdJon7Rvk7Jn9ptAjqdfx+RPG AiEA9MvClUuUQRaCVo2nprQkUy68A/pRq0ulBsi1gyN9xH0AdwCi4wrkRe+9rZt+ OO1HZ3dT14JbhJTXK14bLMS5UKRH5wAAAY0RxhDfAAAEAwBIMEYCIQDmyEHg/gKu /O4rJgp75nSoczysJJxdLeC12NIUxpNlnAIhALIV3FbWvTXhxmr7J03j1IgPxYNl ca5Hbf1jC8PFCJfcMA0GCSqGSIb3DQEBCwUAA4IBAQC/zfsKIKBtpa4ArVkIHC1U 4UGpgNN2Qgj6A71CG8HlaRZDmrZqrWvdHtAg24jqxRtv+FLBCSrDbzZ7B1o79xhy MWbcE5lFUocz0B17yTlGh9qIpqUxthFlBdQV9zL7TJWa1m0drcR7ngdMFuZZWWx3 u0isWAgav01o9Zi+xkmcsRgF5EIHXrsgOdOuGdVpqBnUBibXrPXZ/xeTrmCxoNJD 7k0eKfpZAwz4mOuKxru9ccTR/C+uREYujanpqMoqchZs9Mq8DDLs+iJgshBXHKty DRsAQgz3pER8XL9K8WE6HHXNYZmk+mI2i05ogG7+ujtaxEzUO4Lp5vq++PWDaYI2 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0Z+S66R2aTWrQaOss0e puRo1epMmlul7Peq4EfWlYmI+JP6N29rgCeJXxGv4ZsRzcr2nEeR+nnm9W9hSWMr TtBSfx0OtFFqNrQulRTYXyazUmQoJPnPsnmgxK4Mv9qR3bhMXke131oQTCzoKWyx toYMzwcYbRWAhekTZjI1QIcQHdWbnNvCBc/0aa9L80c4gRm4OUmwSzUS0wbMC3SZ YghCSp6QlleL8BlKi1t8vCLzLMcx5eAmmi8X3cpZvs/cI743C+q41/6cQ/DANu6d zjKz5FNQHzXv4Z9gR10pwn0ZIEAllrDF4sFFWZI36z31Lfy6qTHgzvXloHkwnG88 QwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 71771024690979731394363630569113809417 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2014 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1M' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-16 10:16:49 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-15 10:16:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Praha 10' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tesco Stores CR a.s.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '45308314' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'clubcard.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25156184250922053366029496751260709652028208849437869929649309800316235847496895565412572516522988200182494711168242930696741584916786042784829075542828250747338538197987972436054022623614984942756911100230713145279042146614954411717816988490655967068778796639375555795209050834278799472783608070620749585320870519414663585343992737378656761712889675034183582793860962681899133283512050295266160169325111165997325104849077274922036378496430146046387461846074254183537173572970907019054932693548931173618170011064293904694112161397934937032248805355696523051821734190786253898206803964418853780698424587621715699252291 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f0f91764e0f4194b6e7d646d65b9e1607ae056f5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c3f7d0b52a30adaf0d9121703954ddbc8970c73a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1m-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1m.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (152 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clubcard.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.clubcard.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vyhody.clubcard.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tescorecepty.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tescorecepty.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tescodocuments.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tescodocuments.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nlimg.itesco.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.2 (Entrust EV policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018d11c610ae00000403004630440220222b73b4236dbe47124df1c0095137e84cd40091f8eb79904b6be854b5fde8a6022026f3a3fa51b093f0aed444b2e82c2e37b90ec926fd8b580e7242c23fd5175e740077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d11c610da0000040300483046022100a58fdb1d6e162f0c49d1a2839c8b749a27ed1be4ec99fda6d023a9d7f1f913c6022100f4cbc2954b94411682568da7a6b424532ebc03fa51ab4ba506c8b583237dc47d007700a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018d11c610df0000040300483046022100e6c841e0fe02aefcee2b260a7be674a8733cac249c5d2de0b5d8d214c693659c022100b215dc56d6bd35e1c66afb274de3d4880fc5836571ae476dfd630bc3c50897dc . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bfcdfb0a20a06da5ae00ad59081c2d54e141a980d3764208fa03bd421bc1e56916439ab66aad6bdd1ed020db88eac51b6ff852c1092ac36f367b075a3bf718723166dc139945528733d01d7bc9394687da88a6a531b6116505d415f732fb4c959ad66d1dadc47b9e074c16e659596c77bb48ac58081abf4d68f598bec6499cb11805e442075ebb2039d3ae19d569a819d40626d7acf5d9ff1793ae60b1a0d243ee4d1e29fa59030cf898eb8ac6bbbd71c4d1fc2fae44462e8da9e9a8ca2a72166cf4cabc0c32ecfa2260b210571cab720d1b00420cf7a4447c5cbf4af1613a1c75cd6199a4fa62368b4e68806efeba3b5ac44cd43b82e9e6fabef8f583698236