connect.nml-lmn.phac-aspc.gc.ca
- Department of Employment and Social Development Canada (ESDC) -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number 47:c0:ce:e9:c4:f1:16:29:02:47:24:20:42:1a:ba:16 was issued on by Entrust, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Department of Employment and Social Development Canada (ESDC)
Organization:
Department of Employment and Social Development Canada (ESDC)
State / Province:
Quebec
Locality: Gatineau
Country: CA
Locality: Gatineau
Country: CA
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 47:c0:ce:e9:c4:f1:16:29:02:47:24:20:42:1a:ba:16Serial Number (int): 95376305395058449644600177892456577558
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 20:c0:04:51:e4:8f:bb:0d:24:66:e8:ad:67:ca:50:96:ba:e1:7d:3a
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 34:96:b4:62:86:62:4f:47:2c:7e:e2:d3:6d:ea:25:ff:1e:81:06:1e
Fingerprint (sha256): 55:03:ef:55:0f:21:54:22:29:ef:bd:ec:ee:6e:6a:cc:d2:85:b0:79:f0:ee:a9:9e:52:99:f6:0c:ae:af:96:0d
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate connect.nml-lmn.phac-aspc.gc.ca
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for connect.nml-lmn.phac-aspc.gc.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
connect.nml-lmn.phac-aspc.gc.ca
storefront.nml-lmn.phac-aspc.gc.ca
storefront.nml-lmn.phac-aspc.gc.ca
Other certificates including the domain name phac-aspc.gc.ca
(limited to 100 certificates)
health-infobase.canada.ca
phac-aspc.gc.ca
www.cypc-ccjc.phac-aspc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
health-infobase.canada.ca
infobase.phac-aspc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
php-psp.phac-aspc.gc.ca
health-infobase.canada.ca
php-psp.phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
dev.mg-dsol.mapgears.com
phac-aspc.gc.ca
www.contracts-contrats.phac-aspc.gc.ca
aero-oitc.phac-aspc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
form-formulaire.phac-aspc.gc.ca
php-psp.phac-aspc.gc.ca
aids.gc.ca
infobase.phac-aspc.gc.ca
www.contracts-contrats.phac-aspc.gc.ca
dev.mg-dsol.mapgears.com
dev.mg-dsol.mapgears.com
lap-dmz-p01.hc-sc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
www.gcdisclosure-divulgationsc.phac-aspc.gc.ca
connect.nml-lmn.phac-aspc.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
tmate-devdbp1.phac-aspc.gc.ca
skills.phac-aspc.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
was855-ihs-prod.hc-sc.gc.ca
www.thexpenses-fraisva.phac-aspc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
aids.gc.ca
www.reclassification.phac-aspc.gc.ca
chnintranetrcs.phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
spupprxweb1.hc-sc.gc.ca
aids.gc.ca
infobase.phac-aspc.gc.ca
www.cypc-ccjc.phac-aspc.gc.ca
connect.nml-lmn.phac-aspc.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
vids-siv.phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
cpnp-pcnp.phac-aspc.gc.ca
cpnp-pcnp.phac-aspc.gc.ca
thosss-sssosv.phac-aspc.gc.ca
ttiss-ssit.phac-aspc.gc.ca
phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
popsl15.phac-aspc.gc.ca
phac-aspc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
popsl15.phac-aspc.gc.ca
popsl15.phac-aspc.gc.ca
cphs-sspc.phac-aspc.gc.ca
thcd-dcsv.phac-aspc.gc.ca
phac-aspc.gc.ca
aids.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
cphs-sspc.phac-aspc.gc.ca
php-psp.phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
www.thexpenses-fraisva.phac-aspc.gc.ca
training-formation.phac-aspc.gc.ca
dexa-exad.phac-aspc.gc.ca
www.contracts-contrats.phac-aspc.gc.ca
tmate-devdbp1.phac-aspc.gc.ca
health-infobase.canada.ca
chnintranetrcs.phac-aspc.gc.ca
dev.mg-dsol.mapgears.com
traveller-form.phac-aspc.gc.ca
aids.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
aids.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
aids.gc.ca
training-formation.phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
capc-pace.phac-aspc.gc.ca
vids-siv.phac-aspc.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
www.reclassification.phac-aspc.gc.ca
aids.gc.ca
fileshare.phac-aspc.gc.ca
form-formulaire.phac-aspc.gc.ca
dev.mg-dsol.mapgears.com
dev.mg-dsol.mapgears.com
dev.mg-dsol.mapgears.com
dev.mg-dsol.mapgears.com
training-formation.phac-aspc.gc.ca
phac-aspc.gc.ca
www.cypc-ccjc.phac-aspc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
health-infobase.canada.ca
infobase.phac-aspc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
php-psp.phac-aspc.gc.ca
health-infobase.canada.ca
php-psp.phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
dev.mg-dsol.mapgears.com
phac-aspc.gc.ca
www.contracts-contrats.phac-aspc.gc.ca
aero-oitc.phac-aspc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
form-formulaire.phac-aspc.gc.ca
php-psp.phac-aspc.gc.ca
aids.gc.ca
infobase.phac-aspc.gc.ca
www.contracts-contrats.phac-aspc.gc.ca
dev.mg-dsol.mapgears.com
dev.mg-dsol.mapgears.com
lap-dmz-p01.hc-sc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
www.gcdisclosure-divulgationsc.phac-aspc.gc.ca
connect.nml-lmn.phac-aspc.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
tmate-devdbp1.phac-aspc.gc.ca
skills.phac-aspc.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
was855-ihs-prod.hc-sc.gc.ca
www.thexpenses-fraisva.phac-aspc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
aids.gc.ca
www.reclassification.phac-aspc.gc.ca
chnintranetrcs.phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
spupprxweb1.hc-sc.gc.ca
aids.gc.ca
infobase.phac-aspc.gc.ca
www.cypc-ccjc.phac-aspc.gc.ca
connect.nml-lmn.phac-aspc.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
vids-siv.phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
cpnp-pcnp.phac-aspc.gc.ca
cpnp-pcnp.phac-aspc.gc.ca
thosss-sssosv.phac-aspc.gc.ca
ttiss-ssit.phac-aspc.gc.ca
phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
popsl15.phac-aspc.gc.ca
phac-aspc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
popsl15.phac-aspc.gc.ca
popsl15.phac-aspc.gc.ca
cphs-sspc.phac-aspc.gc.ca
thcd-dcsv.phac-aspc.gc.ca
phac-aspc.gc.ca
aids.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
cphs-sspc.phac-aspc.gc.ca
php-psp.phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
www.thexpenses-fraisva.phac-aspc.gc.ca
training-formation.phac-aspc.gc.ca
dexa-exad.phac-aspc.gc.ca
www.contracts-contrats.phac-aspc.gc.ca
tmate-devdbp1.phac-aspc.gc.ca
health-infobase.canada.ca
chnintranetrcs.phac-aspc.gc.ca
dev.mg-dsol.mapgears.com
traveller-form.phac-aspc.gc.ca
aids.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
aids.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
aids.gc.ca
training-formation.phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
capc-pace.phac-aspc.gc.ca
vids-siv.phac-aspc.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
www.reclassification.phac-aspc.gc.ca
aids.gc.ca
fileshare.phac-aspc.gc.ca
form-formulaire.phac-aspc.gc.ca
dev.mg-dsol.mapgears.com
dev.mg-dsol.mapgears.com
dev.mg-dsol.mapgears.com
dev.mg-dsol.mapgears.com
training-formation.phac-aspc.gc.ca
Certificate
The complete raw certificate details for connect.nml-lmn.phac-aspc.gc.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFvjCCBKagAwIBAgIQR8DO6cTxFikCRyQgQhq6FjANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y MjEyMDcyMzE4MzJaFw0yNDAxMDcyMzE4MzJaMIGjMQswCQYDVQQGEwJDQTEPMA0G A1UECBMGUXVlYmVjMREwDwYDVQQHEwhHYXRpbmVhdTFGMEQGA1UEChM9RGVwYXJ0 bWVudCBvZiBFbXBsb3ltZW50IGFuZCBTb2NpYWwgRGV2ZWxvcG1lbnQgQ2FuYWRh IChFU0RDKTEoMCYGA1UEAxMfY29ubmVjdC5ubWwtbG1uLnBoYWMtYXNwYy5nYy5j YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALCOOqALEgXWYrfgqL2a VosFsd+wyqNXMCXm6lAHK8si+OPRXXyrjxkrhbigT11i9TFMFmsnSbDkrU2MrBhr oMThJ6rI3qVnoaLBjpJdDp3fiual3efP2q0n0cxzhHUPzpqUBHgVQQkBpqqQwsER g/XjDGENI+IEqxFpnwxmREcf5g1bbr+WSvU26WvGQWeyUzVP3igMpy0iWGx3/XWa 4RIqVolLIjzAd9JyQ+UPAW2i/SbMtI9zZyhIMXoVT1aNW5m65KDErbwdqQlWF688 uXf2QyCzmWVUX7CBvqvVX9abl9L85/FsaeNU4bUa6vXtCxa3vNy4icQjT2XZjlB9 zIsCAwEAAaOCAdMwggHPMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFCDABFHkj7sN JGborWfKUJa64X06MB8GA1UdIwQYMBaAFIKicHTdvFM/z3vU981/p2DGCky/MGgG CCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5u ZXQwMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFrLWNoYWlu MjU2LmNlcjAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0 L2xldmVsMWsuY3JsME4GA1UdEQRHMEWCH2Nvbm5lY3Qubm1sLWxtbi5waGFjLWFz cGMuZ2MuY2GCInN0b3JlZnJvbnQubm1sLWxtbi5waGFjLWFzcGMuZ2MuY2EwDgYD VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBMBgNV HSAERTBDMDcGCmCGSAGG+mwKAQUwKTAnBggrBgEFBQcCARYbaHR0cHM6Ly93d3cu ZW50cnVzdC5uZXQvcnBhMAgGBmeBDAECAjATBgorBgEEAdZ5AgQDAQH/BAIFADAN BgkqhkiG9w0BAQsFAAOCAQEArgNrnT8BFV8nwvHCbE8Q0CMQwqaJcgmk1xtfKeNc z4KGTogeQhmXVxaYgUFyIa7Jr3jcZpNVWXifdqRz+kfHKI4xsV6H593O00wf5YFT GRNrEYAQwWp1eCqIkfVjNolO9FeUUzUOxMgotsVjCe+kKc/jWjAq3x0H8Vcy1czK ht+Ec0/Osf7xCnB09dfFwo7PSrDh5q6U6PCUc+k+jEGZrUpSS2pJF1FGZIdYOmCq LagrmCuOtQWmneEsI2WkRx43HfVK9c7jf54tOFmtoHSXj7BxFIscOLyRzE+8njr1 DVRF6oVRtBZ4rqgMU/SvGP8Ui5YeApW9K+6gQDtKV1OK5g== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI46oAsSBdZit+CovZpW iwWx37DKo1cwJebqUAcryyL449FdfKuPGSuFuKBPXWL1MUwWaydJsOStTYysGGug xOEnqsjepWehosGOkl0Ond+K5qXd58/arSfRzHOEdQ/OmpQEeBVBCQGmqpDCwRGD 9eMMYQ0j4gSrEWmfDGZERx/mDVtuv5ZK9Tbpa8ZBZ7JTNU/eKAynLSJYbHf9dZrh EipWiUsiPMB30nJD5Q8BbaL9Jsy0j3NnKEgxehVPVo1bmbrkoMStvB2pCVYXrzy5 d/ZDILOZZVRfsIG+q9Vf1puX0vzn8Wxp41ThtRrq9e0LFre83LiJxCNPZdmOUH3M iwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 95376305395058449644600177892456577558 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-07 23:18:32 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-07 23:18:32 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Quebec' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gatineau' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Department of Employment and Social Development Canada (ESDC)' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'connect.nml-lmn.phac-aspc.gc.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22288077410172543855060031767008826908320601595148161603772989705152027346747243778304464499858190534041681549961665399111279918899618078863428732120445166452798233215456953704276737181913835311907947136932224890465474459858690912481984752548303325986187256408353047034437358283847094824767277560096620203753469428804125970200515787989395076847409155257458919859961784379992769891791184501705283895334719964604582327229103173807247531792851856279599718403727889745631054663072457735221441205859722827769218663128931947876438673801391393545501495671196751658206254461878110852403135417683160572693300082372297371798667 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 20c00451e48fbb0d2466e8ad67ca5096bae17d3a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (71 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'connect.nml-lmn.phac-aspc.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'storefront.nml-lmn.phac-aspc.gc.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00ae036b9d3f01155f27c2f1c26c4f10d02310c2a6897209a4d71b5f29e35ccf82864e881e42199757169881417221aec9af78dc66935559789f76a473fa47c7288e31b15e87e7ddced34c1fe5815319136b118010c16a75782a8891f56336894ef4579453350ec4c828b6c56309efa429cfe35a302adf1d07f15732d5ccca86df84734fceb1fef10a7074f5d7c5c28ecf4ab0e1e6ae94e8f09473e93e8c4199ad4a524b6a491751466487583a60aa2da82b982b8eb505a69de12c2365a4471e371df54af5cee37f9e2d3859ada074978fb071148b1c38bc91cc4fbc9e3af50d5445ea8551b41678aea80c53f4af18ff148b961e0295bd2beea0403b4a57538ae6