marshactive.marsh-afrs.com
- Marsh & McLennan Companies, Inc. -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number 50:d2:9b:35 was issued on by Entrust, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Marsh & McLennan Companies, Inc.
Organization:
Marsh & McLennan Companies, Inc.
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 50:d2:9b:35Serial Number (int): 1355979573
Serial Number lenght: 31 bits, 4 octets
SubjectKeyId: 49:09:11:36:0d:e3:4d:6a:c5:ff:10:f8:8b:41:c0:d4:c5:b7:6d:10
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 7f:2e:60:8c:7d:11:3d:81:45:3f:a3:0f:61:a5:f7:81:dc:70:68:5e
Fingerprint (sha256): 62:89:cd:fe:72:16:07:54:49:5d:da:11:63:e9:d3:a2:3e:61:46:82:ca:f0:53:21:21:6a:b5:64:e2:76:23:b2
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate marshactive.marsh-afrs.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for marshactive.marsh-afrs.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
marshactive.marsh-afrs.com
Other certificates including the domain name marsh-afrs.com
(limited to 100 certificates)
citrixdr.marsh-afrs.com
marshactive.marsh-afrs.com
staging.marshactive.marsh-afrs.com
extranet.marsh-afrs.com
client.marsh-afrs.com
extranet.marsh-afrs.com
client.marsh-afrs.com
staging.marshactive.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
citrix.marsh-afrs.com
staging.marshactive.marsh-afrs.com
extranet.marsh-afrs.com
extranet.marsh-afrs.com
extranet.marsh-afrs.com
marshactive.marsh-afrs.com
stg.client.marsh-afrs.com
extranet.marsh-afrs.com
staging.marshactive.marsh-afrs.com
citrixdr.marsh-afrs.com
qa.client.marsh-afrs.com
client.marsh-afrs.com
marshactive.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
client.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
client.marsh-afrs.com
staging.marshactive.marsh-afrs.com
marshactive.marsh-afrs.com
staging.marshactive.marsh-afrs.com
extranet.marsh-afrs.com
client.marsh-afrs.com
extranet.marsh-afrs.com
client.marsh-afrs.com
staging.marshactive.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
citrix.marsh-afrs.com
staging.marshactive.marsh-afrs.com
extranet.marsh-afrs.com
extranet.marsh-afrs.com
extranet.marsh-afrs.com
marshactive.marsh-afrs.com
stg.client.marsh-afrs.com
extranet.marsh-afrs.com
staging.marshactive.marsh-afrs.com
citrixdr.marsh-afrs.com
qa.client.marsh-afrs.com
client.marsh-afrs.com
marshactive.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
client.marsh-afrs.com
marshactive.marsh-afrs.com
client.marsh-afrs.com
client.marsh-afrs.com
staging.marshactive.marsh-afrs.com
Certificate
The complete raw certificate details for marshactive.marsh-afrs.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgIEUNKbNTANBgkqhkiG9w0BAQsFADCBujELMAkGA1UEBhMC VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50 cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVudHJ1c3Qs IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwGA1UEAxMlRW50cnVz dCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0xNDEyMDExMjQ0NTFa Fw0xNTEyMDMwNTEzNThaMIGDMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlv cmsxETAPBgNVBAcTCE5ldyBZb3JrMSkwJwYDVQQKFCBNYXJzaCAmIE1jTGVubmFu IENvbXBhbmllcywgSW5jLjEjMCEGA1UEAxMabWFyc2hhY3RpdmUubWFyc2gtYWZy cy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO1ySfEb0sPTyB 7A2iiSi0aMxCCTc8W8HiRGNn/EO09/95mLrTd8/ez0CMIXMwJajU9sVqLaXY+qdu fYIvDijV45NNgZLi5SEhkpT/HAUFWnk0RcJrtk8qY9h5xv3Xk1h+3snQwme38r+t ZFB48Ga5p2oZmGkhBH5kxAfQR9y7A+SruTuji+UwYdKN3uNqWFvAwScdFyRWAYKi /iurjr+m8MjttDZUQ5rw86mFlHTC9jeyl/mwaByd0v59/vihgNXtq59mUQeoT0B8 33ra7AyXL/n0Sao4Wi0BahS7a/7cwZC0cMjn+JxmhxyZ6yFuHaPmsEspRw1GT8BZ 8ie6PZjRAgMBAAGjggGOMIIBijALBgNVHQ8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50 cnVzdC5uZXQvbGV2ZWwxay5jcmwwSwYDVR0gBEQwQjA2BgpghkgBhvpsCgEFMCgw JgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuZW50cnVzdC5uZXQvcnBhMAgGBmeBDAEC AjBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1 c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0L2wxay1j aGFpbjI1Ni5jZXIwJQYDVR0RBB4wHIIabWFyc2hhY3RpdmUubWFyc2gtYWZycy5j b20wHwYDVR0jBBgwFoAUgqJwdN28Uz/Pe9T3zX+nYMYKTL8wHQYDVR0OBBYEFEkJ ETYN401qxf8Q+ItBwNTFt20QMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEB AHyKt5DNXbkMqFYUYwxYbOplrsGPJpgLs2NG1rc4QhD67tEVrkSqFf9JCLlggbRr GaUB7nmtL4uv/X85s8Ke4aNg9zd312UYxIfusUYLx5yKF2rq7/9RTHt3TmZny1qV +tzhdfpGtFkgV767eyglAj/ZXPySzTzlqJHZHtv6fSFIz5rAD+9YJHArZubNozQl NnYa7ZvrAnhgLIXwA27iU25pEDW/PRRwjOROtHRQvASy3wew2E4Q9L6QRAC3VWOg tj3ezRN/B1pVLaWIJdMVOkVMyk3/Vq2UA+WAEOaui1deWG8LgqgicYhueFrh8Q0W B8ieDiEVFIxLL1n4jaG8Kzg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztcknxG9LD08gewNooko tGjMQgk3PFvB4kRjZ/xDtPf/eZi603fP3s9AjCFzMCWo1PbFai2l2Pqnbn2CLw4o 1eOTTYGS4uUhIZKU/xwFBVp5NEXCa7ZPKmPYecb915NYft7J0MJnt/K/rWRQePBm uadqGZhpIQR+ZMQH0EfcuwPkq7k7o4vlMGHSjd7jalhbwMEnHRckVgGCov4rq46/ pvDI7bQ2VEOa8POphZR0wvY3spf5sGgcndL+ff74oYDV7aufZlEHqE9AfN962uwM ly/59EmqOFotAWoUu2v+3MGQtHDI5/icZoccmeshbh2j5rBLKUcNRk/AWfInuj2Y 0QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1355979573 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-12-01 12:44:51 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-12-03 05:13:58 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Marsh & McLennan Companies, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'marshactive.marsh-afrs.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26111181816115718123038566047780595102658824149618836896206454350440158626621371496263051161044874802537271802874111012878048569231210752854878334415807966097944686867308813710993744908484106912880159492127597430644000560108751803582604796337794182931078361943223891723685128567958490512694984629493684661566232551768925106062668142198484680063307199713666640957739782655176998186714696417394536345128376693960761080025000019238066802456487376112201594545316822109626931144771748341601639683017289578248792285045036020495626099745208805226205994911495894926411593252198218082454573271999892536315194884749805662083281 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marshactive.marsh-afrs.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 490911360de34d6ac5ff10f88b41c0d4c5b76d10 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007c8ab790cd5db90ca85614630c586cea65aec18f26980bb36346d6b7384210faeed115ae44aa15ff4908b96081b46b19a501ee79ad2f8baffd7f39b3c29ee1a360f73777d76518c487eeb1460bc79c8a176aeaefff514c7b774e6667cb5a95fadce175fa46b4592057bebb7b2825023fd95cfc92cd3ce5a891d91edbfa7d2148cf9ac00fef5824702b66e6cda3342536761aed9beb0278602c85f0036ee2536e691035bf3d14708ce44eb47450bc04b2df07b0d84e10f4be904400b75563a0b63ddecd137f075a552da58825d3153a454cca4dff56ad9403e58010e6ae8b575e586f0b82a82271886e785ae1f10d1607c89e0e2115148c4b2f59f88da1bc2b38