www.contact.nextweb.mofa.go.jp

- The Ministry of Foreign Affairs -

Issued by SECOM Passport for Web SR 3.0 CA

About this certificate

This digital certificate with serial number 2e:97:71:40:93:f2:9d:a3:7f:0b:16:48:db:7a:98:ef was issued on by SECOM Trust Systems CO.,LTD..

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

The Ministry of Foreign Affairs

Organization: The Ministry of Foreign Affairs
State / Province: Tokyo-to
Locality: Chiyoda-ku
Country: JP

SECOM Trust Systems CO.,LTD.

Organization: SECOM Trust Systems CO.,LTD.
Country: JP

This certificate will expire on

Certificate Details

Serial Number (hex): 2e:97:71:40:93:f2:9d:a3:7f:0b:16:48:db:7a:98:ef
Serial Number (int): 61930821660420103596754736826329766127
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 0b:4b:45:e3:ce:69:60:59:1b:c7:59:c7:f8:85:3c:e6:ad:44:e6:1d
AuthorityKeyId: cb:ef:3d:ef:83:74:a1:a8:42:f0:3b:40:36:fa:6d:82:94:a9:27:36

Fingerprint (sha1): dd:6f:e9:40:67:d6:68:e7:e7:36:22:1e:df:f9:3b:84:bf:13:51:85
Fingerprint (sha256): 58:05:28:1d:1d:08:99:05:87:f5:be:88:4d:b4:1a:e0:91:bf:76:17:46:88:4d:68:e3:ee:87:82:81:d2:bf:aa

Issuing Certificate URL: http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/ca2-der.cer

Revocation information

OCSP Server: http://sr30.ocsp.secomtrust.net
CRL Distribution Point: http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl

Check the revocation status for certificate www.contact.nextweb.mofa.go.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.contact.nextweb.mofa.go.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.contact.nextweb.mofa.go.jp

Other certificates including the domain name mofa.go.jp

(limited to 100 certificates)
www.ezairyu.mofa.go.jp
www3.a.anzen.mofa.go.jp
www3.a.anzen.mofa.go.jp
www.ezairyu.mofa.go.jp
www3.mofa.go.jp
www3.mofa.go.jp
www.pilot.evisa.mofa.go.jp
t.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.anzen.mofa.go.jp
www3.anzen.mofa.go.jp
www3.anzen.mofa.go.jp
ft1.iws.mofa.go.jp
www.contact.mofa.go.jp
www.anzen.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www3.anzen.mofa.go.jp
www3.a.anzen.mofa.go.jp
www.pilot.evisa.mofa.go.jp
www.da.mofa.go.jp
www.deliver.mofa.go.jp
mofa.go.jp
www.ezairyu.mofa.go.jp
www3.anzen.mofa.go.jp
www3.mofa.go.jp
www3.anzen.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.a.ezairyu.mofa.go.jp
mailapi.ryoujimail.mofa.go.jp
*.mofa.go.jp
www3.mofa.go.jp
www.t.mofa.go.jp
www3.mofa.go.jp
mailapi.ryoujimail.mofa.go.jp
www.mofa.go.jp
www.mmwtojapan.mofa.go.jp
www.a.ezairyu.mofa.go.jp
www3.t.mofa.go.jp
www.mofa.go.jp
www.deliver.mofa.go.jp
www.anzen.mofa.go.jp
mofa.go.jp
mailapi.ryoujimail.mofa.go.jp
remote.a.ezairyu.mofa.go.jp
www1.anpi.mofa.go.jp
content.evisa.mofa.go.jp
www.ezairyu.mofa.go.jp
www.pilot.evisa.mofa.go.jp
www3.a.anzen.mofa.go.jp
www.contact.nextweb.mofa.go.jp
mofa.go.jp
www.anzen.mofa.go.jp
www.deliver.mofa.go.jp
www3.anzen.mofa.go.jp
www.mofa.go.jp
remote.a.ezairyu.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.contact.nextweb.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
*.mofa.go.jp
remote.ezairyu.mofa.go.jp
www3.mofa.go.jp
*.mofa.go.jp
www.pilot.evisa.mofa.go.jp
www3.anzen.mofa.go.jp
remote.ezairyu.mofa.go.jp
mailmng.ryoujimail.mofa.go.jp
www3.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www.pilot.a.evisa.mofa.go.jp
www3.anzen.mofa.go.jp
www3.mofa.go.jp
www.contact.nextweb.mofa.go.jp
www.ezairyu.mofa.go.jp
wwwc.e-procurement.mofa.go.jp
www.mofa.go.jp
www.ezairyu.mofa.go.jp
www1.anpi.mofa.go.jp
mailmng.ryoujimail.mofa.go.jp
www.stg.anzen.mofa.go.jp
www.ezairyu.mofa.go.jp
mofa.go.jp
www.contact.mofa.go.jp
rmac.mofa.go.jp
www.deliver.mofa.go.jp
rgp.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www.mofa.go.jp
www3.nextweb.mofa.go.jp
www.a.evisa.mofa.go.jp
www.e-procurement.mofa.go.jp
www1.anpi.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.anzen.mofa.go.jp
mailmng.ryoujimail.mofa.go.jp
www.evisa.mofa.go.jp
www.evisa.mofa.go.jp
www3.a.anzen.mofa.go.jp
www3.n.mofa.go.jp

Certificate

The complete raw certificate details for www.contact.nextweb.mofa.go.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHOTCCBiGgAwIBAgIQLpdxQJPynaN/CxZI23qY7zANBgkqhkiG9w0BAQsFADBf
MQswCQYDVQQGEwJKUDElMCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4s
TFRELjEpMCcGA1UEAxMgU0VDT00gUGFzc3BvcnQgZm9yIFdlYiBTUiAzLjAgQ0Ew
HhcNMjMxMjE0MDkwNjM4WhcNMjUwMTEwMTQ1OTU5WjCBiDELMAkGA1UEBhMCSlAx
ETAPBgNVBAgTCFRva3lvLXRvMRMwEQYDVQQHEwpDaGl5b2RhLWt1MSgwJgYDVQQK
Ex9UaGUgTWluaXN0cnkgb2YgRm9yZWlnbiBBZmZhaXJzMScwJQYDVQQDEx53d3cu
Y29udGFjdC5uZXh0d2ViLm1vZmEuZ28uanAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9uCOx2JW45sZtRlOAJFfhjVQKhyx9RwTVZEMYaB5gCNsKATJ8
Ii6kbOnnY0+yYvoq2NIhHwZta5yWFmG7vDk7sXr6sYx+B0q9dVG15rfd4wBLY4lo
BYuBM2gJq0Em27sfrxCcZiU3ms1I5X+aSz7YUNRX/7C2OJ8pq9tJLZmpMXaKhmfW
eox2cJafDj0idkVNEmFREF6Banmcf2XCqeZNMNfzIC6IA1sP1+mBl7VzI1IO5YmR
W3IuL2UBuUHWFL6KaC0+SH/EO9faElSHQ4Aoist+W8oZtdxsRLPsA4NJgwuWFbA1
yKP3Whi/HbR3O7cljoQyhwY6CpJMiLiKKMXvAgMBAAGjggPFMIIDwTAfBgNVHSME
GDAWgBTL7z3vg3ShqELwO0A2+m2ClKknNjCBgwYIKwYBBQUHAQEEdzB1MEYGCCsG
AQUFBzAChjpodHRwOi8vcmVwbzEuc2Vjb210cnVzdC5uZXQvc3BjcHAvcGZ3L3Bm
d3NyM2NhL2NhMi1kZXIuY2VyMCsGCCsGAQUFBzABhh9odHRwOi8vc3IzMC5vY3Nw
LnNlY29tdHJ1c3QubmV0MCkGA1UdEQQiMCCCHnd3dy5jb250YWN0Lm5leHR3ZWIu
bW9mYS5nby5qcDBhBgNVHSAEWjBYMEwGCiqDCIybG2SFbwEwPjA8BggrBgEFBQcC
ARYwaHR0cHM6Ly9yZXBvMS5zZWNvbXRydXN0Lm5ldC9zcGNwcC9wZncvcGZ3c3Iz
Y2EvMAgGBmeBDAECAjATBgNVHSUEDDAKBggrBgEFBQcDATBMBgNVHR8ERTBDMEGg
P6A9hjtodHRwOi8vcmVwbzEuc2Vjb210cnVzdC5uZXQvc3BjcHAvcGZ3L3Bmd3Ny
M2NhL2Z1bGxjcmwyLmNybDAdBgNVHQ4EFgQUC0tF485pYFkbx1nH+IU85q1E5h0w
DgYDVR0PAQH/BAQDAgWgMIIB9gYKKwYBBAHWeQIEAgSCAeYEggHiAeAAdgBOdaMn
XJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAYxnnSeFAAAEAwBHMEUCIEpc
/PyNrLBQESby1IrDm13Vs7r73TSCBRQAcJQSNKdFAiEA81YIXpGPmDjNzz+YXWWo
CrfrxKpP6gePH29nQlTQZNcAdwDPEVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3
zsw7CAAAAYxnnUjlAAAEAwBIMEYCIQDphYF8UNy6akzD8Qu5FceO+rIRucskotye
wbr+MQKopwIhAMi5L7ARIKrC49kGsCHH7Y0XibIPdPF3nDt/tjyhSCLuAHYAfVke
EuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGMZ51fJgAABAMARzBFAiBZ
xLRbVvKqDVERk2HR6e94CSAHAnNqaqE80vCnQLrW4QIhAL6EIGribCG+ui37c8VO
hLtmJJ6Kwbv6YN91KyyJ6/A3AHUAzPsPaoVxCWX+lZtTzumyfCLphVwNl422qX5U
wP5MDbAAAAGMZ51yZgAABAMARjBEAiBfIqKWWDJo7kQzJqczHEqTkGYHhiFXj5xY
9zCNh4DbNQIgTxLR6A/Fp8zhkiwmgVD20sxZhFsewwJxoDT57zjY7wEwDQYJKoZI
hvcNAQELBQADggEBAKL7SW5B8LKjycdtznmu+YhzI8pVLkNAgscsdQguTR0+Swlf
zCVsEB2I2Uu29RNXa9RObSSqLgotjPYZ02OaWYX30XHG6Kq5aEO1qMZ+T5FjV8K5
m5M+37mf5sy0BWPIzxOxxWiImMI28lnJWFcx9g6cXmlMqHiMB544MopSaWUgvaQb
2m6ez01igGi9zA2Bmc5FCcbVuZme8lf8fn+11qHzxyNLcf/isih6I9lHkGWTReXn
fTQuBD/dzUrpUTIOoDQiOk+bjXDcJ7IvL0Zz/+10pDfvwtmfmVlIaCecU1tj/9M3
878blwWmqNmbq0QiSX6LXlb9ZZBxt/SPO2FP128=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbgjsdiVuObGbUZTgCRX
4Y1UCocsfUcE1WRDGGgeYAjbCgEyfCIupGzp52NPsmL6KtjSIR8GbWuclhZhu7w5
O7F6+rGMfgdKvXVRtea33eMAS2OJaAWLgTNoCatBJtu7H68QnGYlN5rNSOV/mks+
2FDUV/+wtjifKavbSS2ZqTF2ioZn1nqMdnCWnw49InZFTRJhURBegWp5nH9lwqnm
TTDX8yAuiANbD9fpgZe1cyNSDuWJkVtyLi9lAblB1hS+imgtPkh/xDvX2hJUh0OA
KIrLflvKGbXcbESz7AODSYMLlhWwNcij91oYvx20dzu3JY6EMocGOgqSTIi4iijF
7wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 61930821660420103596754736826329766127
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Trust Systems CO.,LTD.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Passport for Web SR 3.0 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-14 09:06:38 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-10 14:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tokyo-to'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chiyoda-ku'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Ministry of Foreign Affairs'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.contact.nextweb.mofa.go.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23949842176990586217076613918862071382977576474244410502983739850647329777292352381152355302775596734393365641691664327157301934719570224095215259338218490047217732216125804218150422192813814733123363796023293468749535785517922414782355371085864239375788376003554279666053574778279755613533875336670788768317630150511992831660075057098642731958707857106632341161975769478247797346421531617409403261205195724705589505460702914583413509932756328321129848779273335972987660210190213324585038108441663411809904011760822533766053792815327620138066507314491702227312596637504438475973682818827199767119163347893433343198703
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName cbef3def8374a1a842f03b4036fa6d8294a92736
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/ca2-der.cer'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://sr30.ocsp.secomtrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.contact.nextweb.mofa.go.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.392.200091.100.751.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0b4b45e3ce6960591bc759c7f8853ce6ad44e61d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (486 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (482 bytes)
							01e00076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018c679d2785000004030047304502204a5cfcfc8dacb0501126f2d48ac39b5dd5b3bafbdd348205140070941234a745022100f356085e918f9838cdcf3f985d65a80ab7ebc4aa4fea078f1f6f674254d064d7007700cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018c679d48e50000040300483046022100e985817c50dcba6a4cc3f10bb915c78efab211b9cb24a2dc9ec1bafe3102a8a7022100c8b92fb01120aac2e3d906b021c7ed8d1789b20f74f1779c3b7fb63ca14822ee0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018c679d5f260000040300473045022059c4b45b56f2aa0d51119361d1e9ef7809200702736a6aa13cd2f0a740bad6e1022100be84206ae26c21beba2dfb73c54e84bb66249e8ac1bbfa60df752b2c89ebf037007500ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018c679d7266000004030046304402205f22a296583268ee443326a7331c4a939066078621578f9c58f7308d8780db3502204f12d1e80fc5a7cce1922c268150f6d2cc59845b1ec30271a034f9ef38d8ef01
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a2fb496e41f0b2a3c9c76dce79aef9887323ca552e434082c72c75082e4d1d3e4b095fcc256c101d88d94bb6f513576bd44e6d24aa2e0a2d8cf619d3639a5985f7d171c6e8aab96843b5a8c67e4f916357c2b99b933edfb99fe6ccb40563c8cf13b1c5688898c236f259c9585731f60e9c5e694ca8788c079e38328a52696520bda41bda6e9ecf4d628068bdcc0d8199ce4509c6d5b9999ef257fc7e7fb5d6a1f3c7234b71ffe2b2287a23d94790659345e5e77d342e043fddcd4ae951320ea034223a4f9b8d70dc27b22f2f4673ffed74a437efc2d99f99594868279c535b63ffd337f3bf1b9705a6a8d99bab4422497e8b5e56fd659071b7f48f3b614fd76f