catalogue.servicecanada.gc.ca

- Human Resources and Skills Development Canada -

Issued by Entrust Certification Authority - L1E

About this certificate

This digital certificate with serial number 4c:20:3a:6a was issued on by Entrust, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Certificates typically do not have multiple attributes in a single RDN (subject). This may be an error. (lint.AWSLabs certlint)
  • The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)

Human Resources and Skills Development Canada

Company registration number: 07 20 2005
Organization: Human Resources and Skills Development Canada
Organization unit: HRSDC-RHDCC
State / Province: Quebec
Locality: Gatineau
Country: CA

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 4c:20:3a:6a
Serial Number (int): 1277180522
Serial Number lenght: 31 bits, 4 octets

SubjectKeyId: 5d:80:d6:1f:1b:2c:d2:ee:8f:d4:62:3a:25:04:45:91:9f:58:a5:0f
AuthorityKeyId: 5b:41:8a:b2:c4:43:c1:bd:bf:c8:54:41:55:9d:e0:96:ad:ff:b9:a1

Fingerprint (sha1): 2a:70:40:1f:ef:37:4c:6c:1a:da:ef:f2:8b:dc:9b:1b:f0:bb:2e:e8
Fingerprint (sha256): 58:c3:77:f8:21:81:75:fe:92:c1:08:2e:ac:03:c1:8b:bd:4f:42:7e:40:38:1b:05:dd:63:08:fe:3f:97:1d:96


Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1e.crl

Check the revocation status for certificate catalogue.servicecanada.gc.ca

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for catalogue.servicecanada.gc.ca

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

catalogue.servicecanada.gc.ca

Other certificates including the domain name servicecanada.gc.ca

(limited to 100 certificates)
srv404s.services.gc.ca
video2.servicecanada.gc.ca
catalogue.servicecanada.gc.ca
college.servicecanada.gc.ca
*.hrdc-drhc.net
srv404s.services.gc.ca
video2.servicecanada.gc.ca
catalogue.servicecanada.gc.ca
catalogue.servicecanada.gc.ca
srv404s.services.gc.ca
catalogue-drm.servicecanada.gc.ca
multi-benefits.servicecanada.gc.ca
video1.servicecanada.gc.ca
catalogue.servicecanada.gc.ca
video2.servicecanada.gc.ca
catalogue.servicecanada.gc.ca
video2.servicecanada.gc.ca
catalogue.servicecanada.gc.ca
video1.servicecanada.gc.ca
video2.servicecanada.gc.ca
video1.servicecanada.gc.ca
catalogue.servicecanada.gc.ca
catalogue.servicecanada.gc.ca
disclosure.servicecanada.gc.ca
catalogue-drm.servicecanada.gc.ca
catalogue-drm.servicecanada.gc.ca
catalogue-drm.servicecanada.gc.ca
*.hrdc-drhc.net
srv404s.services.gc.ca
video1.servicecanada.gc.ca
college.servicecanada.gc.ca
video2.servicecanada.gc.ca
catalogue.servicecanada.gc.ca
*.HRDC-DRHC.NET
catalogue.servicecanada.gc.ca
srv404s.services.gc.ca
*.hrdc-drhc.net
video2.servicecanada.gc.ca
catalogue-drm.servicecanada.gc.ca
video2.servicecanada.gc.ca
video2.servicecanada.gc.ca
multi-benefits.servicecanada.gc.ca

Certificate

The complete raw certificate details for catalogue.servicecanada.gc.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIETCA6ajANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMC
VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
Lm5ldC9ycGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW
KGMpIDIwMDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eSAtIEwxRTAeFw0xMTA0MTExODAzNTFaFw0xMjA2MTUw
ODM2MjBaMIHrMQswCQYDVQQGEwJDQTEPMA0GA1UECBMGUXVlYmVjMREwDwYDVQQH
EwhHYXRpbmVhdTETMBEGCysGAQQBgjc8AgEDEwJDQTE2MDQGA1UEChMtSHVtYW4g
UmVzb3VyY2VzIGFuZCBTa2lsbHMgRGV2ZWxvcG1lbnQgQ2FuYWRhMRowGAYDVQQP
ExFHb3Zlcm5tZW50IEVudGl0eTEUMBIGA1UECxMLSFJTREMtUkhEQ0MxOTARBgNV
BAUTCjA3IDIwIDIwMDUwJAYDVQQDEx1jYXRhbG9ndWUuc2VydmljZWNhbmFkYS5n
Yy5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIoTTZLZ2cvYyuyU
cCQL70l9U7eXIL3msrK7Cv+agwsL0kCV800493F7n1S/6nA/XJvYBHaPw3j0rarZ
2rtVoIS+xy+D9wiYhca9/AyA1Ye+Mf8A+8oyUkF1kZWf/hHRKlHiandKsICIntDA
WlXRFDfGDLoX6FpVpX1N4jeJc1B4OoLZh3SFVPcanqQPoTg1OFza0f4Ufmgu0JGn
EAcHXOMqsXzjMFKN8583BZyI/wzdvZ9IwkwG5lYCFET6DBtb1zDbDmwngc/d4eGM
e6mDR/Gs2YrWxK7z/scumT7mHhnUifxOUtopKH2NZlmpxhbYW5BtRpF2t7VszetQ
hS8tjqcCAwEAAaOCAVIwggFOMAsGA1UdDwQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRw
Oi8vb2NzcC5lbnRydXN0Lm5ldDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3Js
LmVudHJ1c3QubmV0L2xldmVsMWUuY3JsMEEGA1UdIAQ6MDgwNgYKYIZIAYb6bAoB
AjAoMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0L3JwYTAoBgNV
HREEITAfgh1jYXRhbG9ndWUuc2VydmljZWNhbmFkYS5nYy5jYTAfBgNVHSMEGDAW
gBRbQYqyxEPBvb/IVEFVneCWrf+5oTAdBgNVHQ4EFgQUXYDWHxss0u6P1GI6JQRF
kZ9YpQ8wCQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAJieBq9gCdRCAF1O8
20E9dfgCP/JKyU9sWB1rvQn7Extggk1tMENgt5bAgGFyhGwYibI5rNY8Ph8sAAmq
QzYBVPT+29o9m/fOmymBWYv9iXF1wa7Ym3f80AHRIaj/Lt2XJmwEdMLVqPAE81ZP
fcwul+jF9Z/RvGmGA5ZiPExtE732vElQVU0Tf4h/MUuKsZLMUF3SIxEj9R2wXoWb
5+OWJcixauTdVoQdnNIb9hK52fhe8EOYVZZhRP+dQJRqKzY1u4WM9eHaWNfbTc/1
YdyGz2rIaiYnCrez7wt2TJccTJFyAG6+82YGRVGMKrG2ko81J5q5Jn2rsy7SCqDe
Fr+XDw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihNNktnZy9jK7JRwJAvv
SX1Tt5cgveaysrsK/5qDCwvSQJXzTTj3cXufVL/qcD9cm9gEdo/DePStqtnau1Wg
hL7HL4P3CJiFxr38DIDVh74x/wD7yjJSQXWRlZ/+EdEqUeJqd0qwgIie0MBaVdEU
N8YMuhfoWlWlfU3iN4lzUHg6gtmHdIVU9xqepA+hODU4XNrR/hR+aC7QkacQBwdc
4yqxfOMwUo3znzcFnIj/DN29n0jCTAbmVgIURPoMG1vXMNsObCeBz93h4Yx7qYNH
8azZitbErvP+xy6ZPuYeGdSJ/E5S2ikofY1mWanGFthbkG1GkXa3tWzN61CFLy2O
pwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1277180522
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.entrust.net/rpa is incorporated by reference'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2009 Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1E'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2011-04-11 18:03:51 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-06-15 08:36:20 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Quebec'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gatineau'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Human Resources and Skills Development Canada'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HRSDC-RHDCC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '07 20 2005'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'catalogue.servicecanada.gc.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17430404760239097934945888493175448582634284749284220884777164545338266460134398521924168547092506442431051564814058517142825965866619098396009284351988486659884415894655128960890382381145484081530994852140299869459434068192789662806856070808009122857090137656499528220684312740090586727929949431911753526184318769220241084027436324369562027951404400080514496224341533706308167225129897478134547810346842762053422407967236319046907991281447105990645654690031897467656023520957757825656516977807428063563509988578919077102588304407166728494784770701175103234828263639445031232755160256277041264597263114422591427546791
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1e.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.2 (Entrust EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'catalogue.servicecanada.gc.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5b418ab2c443c1bdbfc85441559de096adffb9a1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5d80d61f1b2cd2ee8fd4623a250445919f58a50f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00262781abd8027510801753bcdb413d75f8023ff24ac94f6c581d6bbd09fb131b60824d6d304360b796c0806172846c1889b239acd63c3e1f2c0009aa43360154f4fedbda3d9bf7ce9b2981598bfd897175c1aed89b77fcd001d121a8ff2edd97266c0474c2d5a8f004f3564f7dcc2e97e8c5f59fd1bc69860396623c4c6d13bdf6bc4950554d137f887f314b8ab192cc505dd2231123f51db05e859be7e39625c8b16ae4dd56841d9cd21bf612b9d9f85ef0439855966144ff9d40946a2b3635bb858cf5e1da58d7db4dcff561dc86cf6ac86a26270ab7b3ef0b764c971c4c9172006ebef3660645518c2ab1b6928f35279ab9267dabb32ed20aa0de16bf970f