ds.d.r.dfait-maeci.gc.ca
- Global Affairs Canada -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number 98:24:d9:be:48:a9:2f:5d:00:00:00:00:50:e7:22:cc was issued on by Entrust, Inc..
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Global Affairs Canada
Organization:
Global Affairs Canada
State / Province:
Ontario
Locality: Ottawa
Country: CA
Locality: Ottawa
Country: CA
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 98:24:d9:be:48:a9:2f:5d:00:00:00:00:50:e7:22:ccSerial Number (int): 202233994404936789436135521365724177100
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 16:c1:b6:8b:56:a9:2d:e0:e3:c1:dc:cd:cc:77:de:58:1f:09:7c:62
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): b9:74:55:aa:aa:01:89:24:45:2e:57:1d:4d:77:dd:d5:cd:cf:97:1a
Fingerprint (sha256): 5f:b5:a1:24:11:47:4a:bc:ad:dd:8c:23:90:be:29:81:48:f9:e8:31:f2:e9:af:43:75:24:7b:7e:42:9f:31:ea
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate ds.d.r.dfait-maeci.gc.ca
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ds.d.r.dfait-maeci.gc.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ds.d.r.dfait-maeci.gc.ca
eam-ds10.d.r.dfait-maeci.gc.ca
eam-ds20.d.r.dfait-maeci.gc.ca
eam-cs10.d.r.dfait-maeci.gc.ca
eam-cs20.d.r.dfait-maeci.gc.ca
eam-ds10.d.r.dfait-maeci.gc.ca
eam-ds20.d.r.dfait-maeci.gc.ca
eam-cs10.d.r.dfait-maeci.gc.ca
eam-cs20.d.r.dfait-maeci.gc.ca
Other certificates including the domain name dfait-maeci.gc.ca
(limited to 100 certificates)
mailgateway.dev.international.gc.ca
EICSII-LAB.eics-scei.gc.ca
www.listserv.international.gc.ca
WS-EICSII-SYSTEST1.eics-scei.gc.ca
pubx.dfait-maeci.gc.ca
pilotasa01.international.gc.ca
EICSII-TRAINING.eics-scei.gc.ca
rm2dg.international.gc.ca
WS-EICSII-STAGING.eics-scei.gc.ca
EICSII-SYSTEST1.eics-scei.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
ws-eicsii.eics-scei.gc.ca
EICSII-DEV1.eics-scei.gc.ca
WS-EICSII-SYSTEST2.eics-scei.gc.ca
rm2dg.international.gc.ca
ws-eicsii-lab.eics-scei.gc.ca
CNGNYVPN01H.international.gc.ca
wifiauth1.d.r.dfait-maeci.gc.ca
GCCFProdEXCOL4Verification.dfait-maeci.gc.ca
mailgateway.international.gc.ca
www.listserv.dfait-maeci.gc.ca
iam-systest.d.r.dfait-maeci.gc.ca
cart.d.r.dfait-maeci.gc.ca
WS-EICSII-LAB1.eics-scei.gc.ca
mailgateway.dev.international.gc.ca
mailgateway.dev.international.gc.ca
HQL-PMKWC02.p.dfait-maeci.gc.ca
ExchangeServer-QA.d.r.dfait-maeci.gc.ca
rm2dg.international.gc.ca
EICSII-STAGING.eics-scei.gc.ca
GCCFProdEXCOL4Encryption.dfait-maeci.gc.ca
ws-eicsii-dev1.eics-scei.gc.ca
eicsii.eics-scei.gc.ca
ws-eicsii-lab.eics-scei.gc.ca
iam.d.r.dfait-maeci.gc.ca
ds.d.r.dfait-maeci.gc.ca
HQL-PMKWC01.p.dfait-maeci.gc.ca
hqs-pmkwc02.p.dfait-maeci.gc.ca
mailgateway.international.gc.ca
rm2dg.international.gc.ca
pilotasa01.international.gc.ca
rm2dg.international.gc.ca
hql-pmkwc01.p.dfait-maeci.gc.ca
HQL-PMKWC01.p.dfait-maeci.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
www.listserv.international.gc.ca
hqs-pmkwc02.p.dfait-maeci.gc.ca
rm2dg.international.gc.ca
mailgateway.international.gc.ca
wifiauth1.d.r.dfait-maeci.gc.ca
SIMCENVPN01H.international.gc.ca
rm2dg.international.gc.ca
GAC-HQ-MBX-DEV.D.R.DFAIT-MAECI.GC.CA
iam-dev.d.r.dfait-maeci.gc.ca
ds-systest.d.r.dfait-maeci.gc.ca
hql-pmkwb62.p.dfait-maeci.gc.ca
GAC-HQ-MBX.D.R.DFAIT-MAECI.GC.CA
ROMEVPN01H.international.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
iam.d.r.dfait-maeci.gc.ca
mailgateway.international.gc.ca
WS-EICSII-TRAINING.eics-scei.gc.ca
HQL-DMMIG01.d.r.dfait-maeci.gc.ca
www.listserv.international.gc.ca
iam-dev.d.r.dfait-maeci.gc.ca
ws-eicsii-dev2.eics-scei.gc.ca
DALASVPN01H.international.gc.ca
EICSII-DEV2.eics-scei.gc.ca
WS.eics-scei.gc.ca
EICSII-SYSTEST2.eics-scei.gc.ca
GAC-HQ-MBX2.D.R.DFAIT-MAECI.GC.CA
wifiauth2.d.r.dfait-maeci.gc.ca
BEJINGVPN01R.international.gc.ca
WS-EICSII-SYSTEST1.eics-scei.gc.ca
www.dfait-maeci.gc.ca
hql-pmkwc01.p.dfait-maeci.gc.ca
wifiauth2.d.r.dfait-maeci.gc.ca
www.eics-scei.gc.ca
rm2dg.international.gc.ca
www.listserv.international.gc.ca
rm2dg.international.gc.ca
WS-EICSII-SYSTEST2.eics-scei.gc.ca
rm2dg.international.gc.ca
EICSII-LAB.eics-scei.gc.ca
www.listserv.international.gc.ca
WS-EICSII-SYSTEST1.eics-scei.gc.ca
pubx.dfait-maeci.gc.ca
pilotasa01.international.gc.ca
EICSII-TRAINING.eics-scei.gc.ca
rm2dg.international.gc.ca
WS-EICSII-STAGING.eics-scei.gc.ca
EICSII-SYSTEST1.eics-scei.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
ws-eicsii.eics-scei.gc.ca
EICSII-DEV1.eics-scei.gc.ca
WS-EICSII-SYSTEST2.eics-scei.gc.ca
rm2dg.international.gc.ca
ws-eicsii-lab.eics-scei.gc.ca
CNGNYVPN01H.international.gc.ca
wifiauth1.d.r.dfait-maeci.gc.ca
GCCFProdEXCOL4Verification.dfait-maeci.gc.ca
mailgateway.international.gc.ca
www.listserv.dfait-maeci.gc.ca
iam-systest.d.r.dfait-maeci.gc.ca
cart.d.r.dfait-maeci.gc.ca
WS-EICSII-LAB1.eics-scei.gc.ca
mailgateway.dev.international.gc.ca
mailgateway.dev.international.gc.ca
HQL-PMKWC02.p.dfait-maeci.gc.ca
ExchangeServer-QA.d.r.dfait-maeci.gc.ca
rm2dg.international.gc.ca
EICSII-STAGING.eics-scei.gc.ca
GCCFProdEXCOL4Encryption.dfait-maeci.gc.ca
ws-eicsii-dev1.eics-scei.gc.ca
eicsii.eics-scei.gc.ca
ws-eicsii-lab.eics-scei.gc.ca
iam.d.r.dfait-maeci.gc.ca
ds.d.r.dfait-maeci.gc.ca
HQL-PMKWC01.p.dfait-maeci.gc.ca
hqs-pmkwc02.p.dfait-maeci.gc.ca
mailgateway.international.gc.ca
rm2dg.international.gc.ca
pilotasa01.international.gc.ca
rm2dg.international.gc.ca
hql-pmkwc01.p.dfait-maeci.gc.ca
HQL-PMKWC01.p.dfait-maeci.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
www.listserv.international.gc.ca
hqs-pmkwc02.p.dfait-maeci.gc.ca
rm2dg.international.gc.ca
mailgateway.international.gc.ca
wifiauth1.d.r.dfait-maeci.gc.ca
SIMCENVPN01H.international.gc.ca
rm2dg.international.gc.ca
GAC-HQ-MBX-DEV.D.R.DFAIT-MAECI.GC.CA
iam-dev.d.r.dfait-maeci.gc.ca
ds-systest.d.r.dfait-maeci.gc.ca
hql-pmkwb62.p.dfait-maeci.gc.ca
GAC-HQ-MBX.D.R.DFAIT-MAECI.GC.CA
ROMEVPN01H.international.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
iam.d.r.dfait-maeci.gc.ca
mailgateway.international.gc.ca
WS-EICSII-TRAINING.eics-scei.gc.ca
HQL-DMMIG01.d.r.dfait-maeci.gc.ca
www.listserv.international.gc.ca
iam-dev.d.r.dfait-maeci.gc.ca
ws-eicsii-dev2.eics-scei.gc.ca
DALASVPN01H.international.gc.ca
EICSII-DEV2.eics-scei.gc.ca
WS.eics-scei.gc.ca
EICSII-SYSTEST2.eics-scei.gc.ca
GAC-HQ-MBX2.D.R.DFAIT-MAECI.GC.CA
wifiauth2.d.r.dfait-maeci.gc.ca
BEJINGVPN01R.international.gc.ca
WS-EICSII-SYSTEST1.eics-scei.gc.ca
www.dfait-maeci.gc.ca
hql-pmkwc01.p.dfait-maeci.gc.ca
wifiauth2.d.r.dfait-maeci.gc.ca
www.eics-scei.gc.ca
rm2dg.international.gc.ca
www.listserv.international.gc.ca
rm2dg.international.gc.ca
WS-EICSII-SYSTEST2.eics-scei.gc.ca
rm2dg.international.gc.ca
Certificate
The complete raw certificate details for ds.d.r.dfait-maeci.gc.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF4jCCBMqgAwIBAgIRAJgk2b5IqS9dAAAAAFDnIswwDQYJKoZIhvcNAQELBQAw gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg MjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcN MTgwOTA1MTYwMDM3WhcNMjAxMjA0MTYzMDM2WjBzMQswCQYDVQQGEwJDQTEQMA4G A1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMR4wHAYDVQQKExVHbG9iYWwg QWZmYWlycyBDYW5hZGExITAfBgNVBAMTGGRzLmQuci5kZmFpdC1tYWVjaS5nYy5j YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIZStVxYq8KqEFjl54Vz xu9GuRwDcTqfaOhobA9KGiafq8FBUXPsr67CcGpzuCRE0FdFfjYReWH2Kc92neF4 g/zM8FL0pBsrczYzcEwM+YH+ywIHW19NSlmuBfSbYE1AHQRgoTWQoPLhD5pC0CtY X4gOsraZ5GfIEO5n7aQAR4FQm4ukrtIlqR4Vnn3xVPQi1FFfmUkreJroygz+0u5e GHjtndKLMweh5LA/WOYLiyBVtFYGKJdNn/G7G55KmRUZjdmSZ9+omeSnxMaLiQgC xFReE4l1Yg8TFDG/r+yIuOW2WCnVaFY4fRHzbaDO825WiBc8bQt7ADzsALA6ygbL cysCAwEAAaOCAicwggIjMBMGCisGAQQB1nkCBAMBAf8EAgUAMIGlBgNVHREEgZ0w gZqCGGRzLmQuci5kZmFpdC1tYWVjaS5nYy5jYYIeZWFtLWRzMTAuZC5yLmRmYWl0 LW1hZWNpLmdjLmNhgh5lYW0tZHMyMC5kLnIuZGZhaXQtbWFlY2kuZ2MuY2GCHmVh bS1jczEwLmQuci5kZmFpdC1tYWVjaS5nYy5jYYIeZWFtLWNzMjAuZC5yLmRmYWl0 LW1hZWNpLmdjLmNhMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0 Lm5ldC9sZXZlbDFrLmNybDBLBgNVHSAERDBCMDYGCmCGSAGG+mwKAQUwKDAmBggr BgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwCAYGZ4EMAQICMGgG CCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5u ZXQwMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFrLWNoYWlu MjU2LmNlcjAfBgNVHSMEGDAWgBSConB03bxTP8971PfNf6dgxgpMvzAdBgNVHQ4E FgQUFsG2i1apLeDjwdzNzHfeWB8JfGIwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsF AAOCAQEABTW5lWJXUY+KuREje+r36fY6eYsXiN9il5UBqVeeatmelVmAtpns83Vp YVvxVheboJo8LfHEdsYLKffrW1P3OkcZoNUDSH5GHYeiO2RiCCxNJT8Q0oZT/REc tAYOoXOjqvyLzIXinzz8tVdd1wt8VJDuwtihj+IpXLsLxHQm4ri20AF7DnWuz6aL 7ZlEk+pECCMgpU7zCwj+4sxOt7P0/fwALxJEIOgTdOoADqI2ztZ5O1IRdF7mXrC4 +J53yE3ApZo69sTcowbsXS7pBoqGag1/ew/NWM2yjLuBW7islDlQdUIofcd8CHOL nnRJMLKL9whTU6wx8EnpfkPRO1utkg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlK1XFirwqoQWOXnhXPG 70a5HANxOp9o6GhsD0oaJp+rwUFRc+yvrsJwanO4JETQV0V+NhF5YfYpz3ad4XiD /MzwUvSkGytzNjNwTAz5gf7LAgdbX01KWa4F9JtgTUAdBGChNZCg8uEPmkLQK1hf iA6ytpnkZ8gQ7mftpABHgVCbi6Su0iWpHhWeffFU9CLUUV+ZSSt4mujKDP7S7l4Y eO2d0oszB6HksD9Y5guLIFW0VgYol02f8bsbnkqZFRmN2ZJn36iZ5KfExouJCALE VF4TiXViDxMUMb+v7Ii45bZYKdVoVjh9EfNtoM7zblaIFzxtC3sAPOwAsDrKBstz KwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 202233994404936789436135521365724177100 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-05 16:00:37 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-04 16:30:36 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ottawa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Global Affairs Canada' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ds.d.r.dfait-maeci.gc.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16956717917465085383760282830604151833437696547351312132330118838295251427301210296990597088744123453041484793545593080437966494144078862500197679666162090660615793044981821688572235272781699588383075474005106784299089337301885501904100001515149695259145265469769529265069519734363554190273058846866864585051714790423717310287854873617172837022152761189258710791538965235763558278269451982087394318276101789447109417545283402275925568290352557672092750911876014223196197873865052070090710093510734646351755212698713826868408117350148089944745154941549264322245068545211161349359060560396496287802757186663833964081963 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (157 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ds.d.r.dfait-maeci.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eam-ds10.d.r.dfait-maeci.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eam-ds20.d.r.dfait-maeci.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eam-cs10.d.r.dfait-maeci.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eam-cs20.d.r.dfait-maeci.gc.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 16c1b68b56a92de0e3c1dccdcc77de581f097c62 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000535b9956257518f8ab911237beaf7e9f63a798b1788df62979501a9579e6ad99e955980b699ecf37569615bf156179ba09a3c2df1c476c60b29f7eb5b53f73a4719a0d503487e461d87a23b6462082c4d253f10d28653fd111cb4060ea173a3aafc8bcc85e29f3cfcb5575dd70b7c5490eec2d8a18fe2295cbb0bc47426e2b8b6d0017b0e75aecfa68bed994493ea44082320a54ef30b08fee2cc4eb7b3f4fdfc002f124420e81374ea000ea236ced6793b5211745ee65eb0b8f89e77c84dc0a59a3af6c4dca306ec5d2ee9068a866a0d7f7b0fcd58cdb28cbb815bb8ac9439507542287dc77c08738b9e744930b28bf7085353ac31f049e97e43d13b5bad92