ebid.keiyaku.city.hiroshima.lg.jp

- Hiroshima City -

Issued by SECOM Passport for Web SR 3.0 CA

About this certificate

This digital certificate with serial number 25:db:97:2c:b9:c4:ac:3d was issued on by SECOM Trust Systems CO.,LTD..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

Hiroshima City

Organization: Hiroshima City
Organization unit: Hiroshima City Zaiseikyoku Keiyakubu13
State / Province: Hiroshima
Locality: Hiroshima City
Country: JP

SECOM Trust Systems CO.,LTD.

Organization: SECOM Trust Systems CO.,LTD.
Country: JP

This certificate has expire since

Certificate Details

Serial Number (hex): 25:db:97:2c:b9:c4:ac:3d
Serial Number (int): 2727940217653996605
Serial Number lenght: 62 bits, 8 octets

SubjectKeyId: 8f:b3:14:f8:5a:3e:c7:2b:01:0f:6d:5e:25:32:87:d3:56:83:88:e3
AuthorityKeyId: cb:ef:3d:ef:83:74:a1:a8:42:f0:3b:40:36:fa:6d:82:94:a9:27:36

Fingerprint (sha1): 17:e8:07:26:c2:ee:f3:ac:50:d6:2d:75:66:9a:b4:91:3f:d2:32:c3
Fingerprint (sha256): 65:bc:80:85:49:39:98:5c:ed:67:53:2a:a3:a1:ed:6b:d3:30:9f:dc:cf:22:24:82:ff:35:d6:e4:15:33:33:e6


Revocation information

OCSP Server: http://sr30.ocsp.secomtrust.net
CRL Distribution Point: http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl

Check the revocation status for certificate ebid.keiyaku.city.hiroshima.lg.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ebid.keiyaku.city.hiroshima.lg.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ebid.keiyaku.city.hiroshima.lg.jp

Other certificates including the domain name hiroshima.lg.jp

(limited to 100 certificates)
ebid.keiyaku.city.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
www.sabo-map.pref.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
*.pref.hiroshima.lg.jp
www.city.hiroshima.lg.jp
sts.city.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
gyosei.bousai.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
www.iju-cms.pref.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
*.saiyou.pref.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
lw-dcn12athsv00.pref.hiroshima.lg.jp
*.sabo-map.pref.hiroshima.lg.jp
www.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
nourin.pref.hiroshima.lg.jp
*.dogis.pref.hiroshima.lg.jp
lw-dcn12vpnsv00.pref.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
chotatsu2.pref.hiroshima.lg.jp
eas.city.hiroshima.lg.jp
gyosei.bousai.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
hirodsv007.keiyaku.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
prefalb.dogis.pref.hiroshima.lg.jp
yo-ke.pref.hiroshima.lg.jp
saiyou.pref.hiroshima.lg.jp
gyosei.bousai.city.hiroshima.lg.jp
www.sabo-map.pref.hiroshima.lg.jp
chotatsu2.pref.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
*.city.hiroshima.lg.jp
map.bousai.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
www.sabo.pref.hiroshima.lg.jp
vm.pref.hiroshima.lg.jp
www.manabi.pref.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
gc-dcn14exesv02.pref.hiroshima.lg.jp
dennyu.pref.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
saiyou.pref.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
chotatsu.pref.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
*.pref.hiroshima.lg.jp
*.pref.hiroshima.lg.jp
chotatsu.pref.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
extgw.pref.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
www.sabo.pref.hiroshima.lg.jp
hozen.pref.hiroshima.lg.jp
www.city.hiroshima.lg.jp
yo-ke.pref.hiroshima.lg.jp
www.city.hiroshima.lg.jp
www.iju.pref.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
chotatsu2.pref.hiroshima.lg.jp
lw-dcn12athsv00.pref.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
chotatsu.pref.hiroshima.lg.jp
chotatsu.pref.hiroshima.lg.jp
hiroshima-brand.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
gc-dcn14exesv01.pref.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
saiyou.pref.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
*.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
lw-dcn12vpnsv00.pref.hiroshima.lg.jp
shokuin.bousai.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
extgw.pref.hiroshima.lg.jp

Certificate

The complete raw certificate details for ebid.keiyaku.city.hiroshima.lg.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGmzCCBYOgAwIBAgIIJduXLLnErD0wDQYJKoZIhvcNAQELBQAwXzELMAkGA1UE
BhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKTAn
BgNVBAMTIFNFQ09NIFBhc3Nwb3J0IGZvciBXZWIgU1IgMy4wIENBMB4XDTE4MTIy
ODA3MjQyOFoXDTIwMTIyODE0NTk1OVowgbAxCzAJBgNVBAYTAkpQMRIwEAYDVQQI
EwlIaXJvc2hpbWExFzAVBgNVBAcTDkhpcm9zaGltYSBDaXR5MRcwFQYDVQQKEw5I
aXJvc2hpbWEgQ2l0eTEvMC0GA1UECxMmSGlyb3NoaW1hIENpdHkgWmFpc2Vpa3lv
a3UgS2VpeWFrdWJ1MTMxKjAoBgNVBAMTIWViaWQua2VpeWFrdS5jaXR5Lmhpcm9z
aGltYS5sZy5qcDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMJsJRtA
wmxsxTn6HJuykzysjnlN5ghce8j2Y8gTkUPpd4OKA/ilzoMx5E7NZQc/NltHUtW3
QLVg3moAGO99AQPyGngVyvf8o9dFyAHb1AJA+Q2nS9I0QIETc4wltFO+lgdAJKen
sTm4HSfXBLCh5gi5iH851kavspPwP4cOHD3llRWkKcAKhChxMmOPj58JWWugSivQ
tYSPBbKh5GSLS1tPdBhAcsPlGPVWXJdEfx3dVz0WLkXhj5lDQLDkD0hVDrqNOZFh
c+85XZOAx2lCF1/OhSlYOaGMVAqj7YsE258OzI8ZbUHVW8+XJDrMsWuZ9AjcqZcy
tdce3F+BsCTFo78CAwEAAaOCAwcwggMDMB8GA1UdIwQYMBaAFMvvPe+DdKGoQvA7
QDb6bYKUqSc2MDsGCCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL3Ny
MzAub2NzcC5zZWNvbXRydXN0Lm5ldDAsBgNVHREEJTAjgiFlYmlkLmtlaXlha3Uu
Y2l0eS5oaXJvc2hpbWEubGcuanAwYQYDVR0gBFowWDBMBgoqgwiMmxtkhW8BMD4w
PAYIKwYBBQUHAgEWMGh0dHBzOi8vcmVwbzEuc2Vjb210cnVzdC5uZXQvc3BjcHAv
cGZ3L3Bmd3NyM2NhLzAIBgZngQwBAgIwEwYDVR0lBAwwCgYIKwYBBQUHAwEwTAYD
VR0fBEUwQzBBoD+gPYY7aHR0cDovL3JlcG8xLnNlY29tdHJ1c3QubmV0L3NwY3Bw
L3Bmdy9wZndzcjNjYS9mdWxsY3JsMi5jcmwwHQYDVR0OBBYEFI+zFPhaPscrAQ9t
XiUyh9NWg4jjMA4GA1UdDwEB/wQEAwIFoDCCAX4GCisGAQQB1nkCBAIEggFuBIIB
agFoAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFn87xkYAAA
BAMARzBFAiAIAfM0ESifr6xwPXgiETX7wdxKInEhxMyDFEliHsY1NQIhAKsM5JaZ
WI5OYRrZLl6Ko4vRgEHe5/yJgZEbT1L6sXo+AHYA7ku9t3XOYLrhQmkfq+GeZqMP
fl+wctiDAMR7iXqo/csAAAFn87xq5wAABAMARzBFAiEAk6Baj6Zb3hAjdXvXVWLP
o5voTFKnq0Ws2iFLXc5U05ACIDRBJNOKr/lr6bNld9EfV1ZvI88KUY8JVLItypvt
Faw2AHYAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFn87xyxwAA
BAMARzBFAiEA1K43lLBHNaRruR5pAz1g13eZZkZFMaxMHBAnVOioE5kCIBrhkDOd
NhqzJjuHCGjrIPq+bQSCciShfu0WAYk5KW6aMA0GCSqGSIb3DQEBCwUAA4IBAQA1
NeXDmR59cJ5/3FgAqveTUT3/aV7J5IHl1kFmFVVJitLqAHPp00pEbHki8d2CvOVb
zsL0tLTlournE+z+HprFI4ji6K+qsuU0stoKR6vmgLHeGLdIICupTwC/vrjwbEIJ
om0iI4GqGYe5PE61Qzy2d0FOfpEDHUu67nHsay+X3jpIvRsAFsuc1WVmEAImkAVn
UOUq0lwXZmLgAJ50UxrhFAS4MjtvZKe/Fc5C8X1k8iYo8kHRUPL9EfDc9gG8RMp5
dsQ6lDABW91b1035PNGsyBfTJY/DUU5w/fSWlVcpzuPzpZHtdDnkdMh8EqTjuSxD
rZEexqVkfXHJS2l1FeSK
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmwlG0DCbGzFOfocm7KT
PKyOeU3mCFx7yPZjyBORQ+l3g4oD+KXOgzHkTs1lBz82W0dS1bdAtWDeagAY730B
A/IaeBXK9/yj10XIAdvUAkD5DadL0jRAgRNzjCW0U76WB0Akp6exObgdJ9cEsKHm
CLmIfznWRq+yk/A/hw4cPeWVFaQpwAqEKHEyY4+PnwlZa6BKK9C1hI8FsqHkZItL
W090GEByw+UY9VZcl0R/Hd1XPRYuReGPmUNAsOQPSFUOuo05kWFz7zldk4DHaUIX
X86FKVg5oYxUCqPtiwTbnw7MjxltQdVbz5ckOsyxa5n0CNyplzK11x7cX4GwJMWj
vwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 2727940217653996605
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Trust Systems CO.,LTD.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Passport for Web SR 3.0 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-28 07:24:28 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-28 14:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hiroshima'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hiroshima City'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hiroshima City'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hiroshima City Zaiseikyoku Keiyakubu13'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ebid.keiyaku.city.hiroshima.lg.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24543559424400542289605574157146470251328284532315186627239938916029755173225163421571629797879893997103926970715047032624524970638469542346428579053519641506887431651433305036835721350169063766966863068406046244762183944443559617828166117696472471081451939922819700256591576444068663153337675266363229981562303573463872158326290742868750243261793192577295104239711774987381688962352126260570678390953473999861630439381726955922450713869663525520059954641318828319753249116839938113638759141158362100637019975726811189135950342598902447546884424169145951300221762632241952174008962791462862038657077456637855718024127
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName cbef3def8374a1a842f03b4036fa6d8294a92736
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://sr30.ocsp.secomtrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (37 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ebid.keiyaku.city.hiroshima.lg.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.392.200091.100.751.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8fb314f85a3ec72b010f6d5e253287d3568388e3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000167f3bc6460000004030047304502200801f33411289fafac703d78221135fbc1dc4a227121c4cc831449621ec63535022100ab0ce49699588e4e611ad92e5e8aa38bd18041dee7fc8981911b4f52fab17a3e007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000167f3bc6ae7000004030047304502210093a05a8fa65bde1023757bd75562cfa39be84c52a7ab45acda214b5dce54d3900220344124d38aaff96be9b36577d11f57566f23cf0a518f0954b22dca9bed15ac360076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000167f3bc72c70000040300473045022100d4ae3794b04735a46bb91e69033d60d7779966464531ac4c1c102754e8a8139902201ae190339d361ab3263b870868eb20fabe6d04827224a17eed16018939296e9a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003535e5c3991e7d709e7fdc5800aaf793513dff695ec9e481e5d641661555498ad2ea0073e9d34a446c7922f1dd82bce55bcec2f4b4b4e5a2eae713ecfe1e9ac52388e2e8afaab2e534b2da0a47abe680b1de18b748202ba94f00bfbeb8f06c4209a26d222381aa1987b93c4eb5433cb677414e7e91031d4bbaee71ec6b2f97de3a48bd1b0016cb9cd5656610022690056750e52ad25c176662e0009e74531ae11404b8323b6f64a7bf15ce42f17d64f22628f241d150f2fd11f0dcf601bc44ca7976c43a9430015bdd5bd74df93cd1acc817d3258fc3514e70fdf496955729cee3f3a591ed7439e474c87c12a4e3b92c43ad911ec6a5647d71c94b697515e48a