cic.gc.ca
- Immigration, Refugees and Citizenship Canada -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number 37:c9:50:d5:bd:79:cf:5c:00:00:00:00:50:fb:a4:07 was issued on by Entrust, Inc..
With 24 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Immigration, Refugees and Citizenship Canada
Organization:
Immigration, Refugees and Citizenship Canada
State / Province:
Ontario
Locality: Ottawa
Country: CA
Locality: Ottawa
Country: CA
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 37:c9:50:d5:bd:79:cf:5c:00:00:00:00:50:fb:a4:07Serial Number (int): 74152830963742707142351838200876213255
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: ad:dc:fc:d5:5f:b3:bf:86:3e:92:2d:d7:ae:46:d1:18:86:c7:80:0a
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): ee:2f:f5:69:24:88:36:86:56:f0:5f:03:75:47:3f:b5:53:bf:e2:a3
Fingerprint (sha256): 71:db:b9:64:10:9a:75:43:85:2f:86:bb:cd:60:2d:13:53:6d:8f:ca:01:1a:03:e9:78:4b:13:1b:58:42:45:31
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate cic.gc.ca
24
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cic.gc.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cic.gc.ca
www.cic.gc.ca
multiculturalism.gc.ca
immigration.gc.ca
citizenship.gc.ca
citoyennete.gc.ca
multiculturalisme.gc.ca
servicesfornewcomers.cic.gc.ca
servicespourlesnouveauxarrivants.cic.gc.ca
ci.gc.ca
serendreaucanada.gc.ca
goingtocanada.gc.ca
cic.gslb.global.gc.ca
www.multiculturalism.gc.ca
www.immigration.gc.ca
www.citizenship.gc.ca
www.citoyennete.gc.ca
www.multiculturalisme.gc.ca
www.servicesfornewcomers.cic.gc.ca
www.servicespourlesnouveauxarrivants.cic.gc.ca
www.ci.gc.ca
www.serendreaucanada.gc.ca
www.goingtocanada.gc.ca
www.cic.gslb.global.gc.ca
www.cic.gc.ca
multiculturalism.gc.ca
immigration.gc.ca
citizenship.gc.ca
citoyennete.gc.ca
multiculturalisme.gc.ca
servicesfornewcomers.cic.gc.ca
servicespourlesnouveauxarrivants.cic.gc.ca
ci.gc.ca
serendreaucanada.gc.ca
goingtocanada.gc.ca
cic.gslb.global.gc.ca
www.multiculturalism.gc.ca
www.immigration.gc.ca
www.citizenship.gc.ca
www.citoyennete.gc.ca
www.multiculturalisme.gc.ca
www.servicesfornewcomers.cic.gc.ca
www.servicespourlesnouveauxarrivants.cic.gc.ca
www.ci.gc.ca
www.serendreaucanada.gc.ca
www.goingtocanada.gc.ca
www.cic.gslb.global.gc.ca
Other certificates including the domain name cic.gc.ca
(limited to 100 certificates)
Secure.cic.gc.ca
remote.cic.gc.ca
refugee-refugie-development.apps.cic.gc.ca
newgcs-nouveaussc.cic.gc.ca
cic.gc.ca
icare-iedec.cic.gc.ca
portal-portail.apps.cic.gc.ca
prson-srpel-emergency-fix.apps.cic.gc.ca
gcmsjobbank-SYSTESTMEL.cic.gc.ca
eservices.cic.gc.ca
extern.cic.gc.ca
*.cic.gc.ca
mobile.cic.gc.ca
services3.cic.gc.ca
ct-tc-pef.apps.cic.gc.ca
gcmsjobbank-PRD.cic.gc.ca
frs-stg.cic.gc.ca
gccic-psoft-gchrms-ig.cic.gc.ca
cicgatewaysigning-aus.cic.gc.ca
refugee-refugie-sandbox.apps.cic.gc.ca
frs-prd.cic.gc.ca
gccic-psoft-ig-gc89cert.cic.gc.ca
prt-srp.apps.cic.gc.ca
gcs-ssc.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
extern.cic.gc.ca
citapply-citdemande.apps.cic.gc.ca
mobile.cic.gc.ca
pgp-development.apps.cic.gc.ca
ccps-stcc-trn.cic.gc.ca
sra-ads.cic.gc.ca
pgp-sandbox.apps.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
eservices.cic.gc.ca
extern.cic.gc.ca
refugee-refugie.apps.cic.gc.ca
portal-portail.apps.cic.gc.ca
gcmscasestatus-PRD.cic.gc.ca
*.ra.apps.cic.gc.ca
extern.cic.gc.ca
api.a2sc-csa2-dev.apps.cic.gc.ca
tempo-pef.cic.gc.ca
gcmsjobbank-STG.cic.gc.ca
esubmission-soumissionenligne.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
extern.cic.gc.ca
gcs-ssc.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
CICPRCard.cic.gc.ca
extern.cic.gc.ca
pgp.cic.gc.ca
citapply-citdemande.apps.cic.gc.ca
services3.cic.gc.ca
gcs-ssc-sys.cic.gc.ca
frs-ste.cic.gc.ca
api.pgp-vt-ov-sandbox.apps.cic.gc.ca
tempo-trn.cic.gc.ca
MAIL.cic.gc.ca
icare-iedec-train.canada.ca
gcmsjobbank-PRD.cic.gc.ca
tempo-pte.cic.gc.ca
b.sra-ads.cic.gc.ca
specialmeasures-mesuresspeciales-emergency-fix.apps.cic.gc.ca
extern.cic.gc.ca
gcmsjobbank-PRD.cic.gc.ca
icare-iedec.cic.gc.ca
tempo-ste.cic.gc.ca
ra.apps.cic.gc.ca
a.sra-ads.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
thingate.cic.gc.ca
*.cic.gc.ca
gcs-ssc.cic.gc.ca
cicgateway-dev.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
icare-iedec.cic.gc.ca
NJES1S1106.CI.GC.CA
gcmsPIL005-SYSTESTMEL.cic.gc.ca
frs-ste.cic.gc.ca
cic.gc.ca
gcs-ssc.cic.gc.ca
icare-iedec.cic.gc.ca
dmp-portal.cic.gc.ca
gcs-ssc.cic.gc.ca
frs-dev.cic.gc.ca
prson-srpel-dev.apps.cic.gc.ca
thingate.cic.gc.ca
gcmsPIL005-PRD.cic.gc.ca
mobile.cic.gc.ca
ct-tc-stg.apps.cic.gc.ca
prson-srpel-emergency-fix.apps.cic.gc.ca
thingate.cic.gc.ca
extern.cic.gc.ca
secure.cic.gc.ca
gcmscasestatus-PRD.cic.gc.ca
tracker-suivi.apps.cic.gc.ca
onlineservices-dev.ci.gc.ca
icare-iedec.cic.gc.ca
pgp-sandbox.apps.cic.gc.ca
cic.gc.ca
remote.cic.gc.ca
refugee-refugie-development.apps.cic.gc.ca
newgcs-nouveaussc.cic.gc.ca
cic.gc.ca
icare-iedec.cic.gc.ca
portal-portail.apps.cic.gc.ca
prson-srpel-emergency-fix.apps.cic.gc.ca
gcmsjobbank-SYSTESTMEL.cic.gc.ca
eservices.cic.gc.ca
extern.cic.gc.ca
*.cic.gc.ca
mobile.cic.gc.ca
services3.cic.gc.ca
ct-tc-pef.apps.cic.gc.ca
gcmsjobbank-PRD.cic.gc.ca
frs-stg.cic.gc.ca
gccic-psoft-gchrms-ig.cic.gc.ca
cicgatewaysigning-aus.cic.gc.ca
refugee-refugie-sandbox.apps.cic.gc.ca
frs-prd.cic.gc.ca
gccic-psoft-ig-gc89cert.cic.gc.ca
prt-srp.apps.cic.gc.ca
gcs-ssc.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
extern.cic.gc.ca
citapply-citdemande.apps.cic.gc.ca
mobile.cic.gc.ca
pgp-development.apps.cic.gc.ca
ccps-stcc-trn.cic.gc.ca
sra-ads.cic.gc.ca
pgp-sandbox.apps.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
eservices.cic.gc.ca
extern.cic.gc.ca
refugee-refugie.apps.cic.gc.ca
portal-portail.apps.cic.gc.ca
gcmscasestatus-PRD.cic.gc.ca
*.ra.apps.cic.gc.ca
extern.cic.gc.ca
api.a2sc-csa2-dev.apps.cic.gc.ca
tempo-pef.cic.gc.ca
gcmsjobbank-STG.cic.gc.ca
esubmission-soumissionenligne.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
extern.cic.gc.ca
gcs-ssc.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
CICPRCard.cic.gc.ca
extern.cic.gc.ca
pgp.cic.gc.ca
citapply-citdemande.apps.cic.gc.ca
services3.cic.gc.ca
gcs-ssc-sys.cic.gc.ca
frs-ste.cic.gc.ca
api.pgp-vt-ov-sandbox.apps.cic.gc.ca
tempo-trn.cic.gc.ca
MAIL.cic.gc.ca
icare-iedec-train.canada.ca
gcmsjobbank-PRD.cic.gc.ca
tempo-pte.cic.gc.ca
b.sra-ads.cic.gc.ca
specialmeasures-mesuresspeciales-emergency-fix.apps.cic.gc.ca
extern.cic.gc.ca
gcmsjobbank-PRD.cic.gc.ca
icare-iedec.cic.gc.ca
tempo-ste.cic.gc.ca
ra.apps.cic.gc.ca
a.sra-ads.cic.gc.ca
onlineservices-servicesenligne.cic.gc.ca
thingate.cic.gc.ca
*.cic.gc.ca
gcs-ssc.cic.gc.ca
cicgateway-dev.cic.gc.ca
gcs-ssc-stg.cic.gc.ca
icare-iedec.cic.gc.ca
NJES1S1106.CI.GC.CA
gcmsPIL005-SYSTESTMEL.cic.gc.ca
frs-ste.cic.gc.ca
cic.gc.ca
gcs-ssc.cic.gc.ca
icare-iedec.cic.gc.ca
dmp-portal.cic.gc.ca
gcs-ssc.cic.gc.ca
frs-dev.cic.gc.ca
prson-srpel-dev.apps.cic.gc.ca
thingate.cic.gc.ca
gcmsPIL005-PRD.cic.gc.ca
mobile.cic.gc.ca
ct-tc-stg.apps.cic.gc.ca
prson-srpel-emergency-fix.apps.cic.gc.ca
thingate.cic.gc.ca
extern.cic.gc.ca
secure.cic.gc.ca
gcmscasestatus-PRD.cic.gc.ca
tracker-suivi.apps.cic.gc.ca
onlineservices-dev.ci.gc.ca
icare-iedec.cic.gc.ca
pgp-sandbox.apps.cic.gc.ca
cic.gc.ca
Certificate
The complete raw certificate details for cic.gc.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJhDCCCGygAwIBAgIQN8lQ1b15z1wAAAAAUPukBzANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0x OTEyMTExOTEwMzNaFw0yMjAzMTAxOTQwMzNaMHsxCzAJBgNVBAYTAkNBMRAwDgYD VQQIEwdPbnRhcmlvMQ8wDQYDVQQHEwZPdHRhd2ExNTAzBgNVBAoTLEltbWlncmF0 aW9uLCBSZWZ1Z2VlcyBhbmQgQ2l0aXplbnNoaXAgQ2FuYWRhMRIwEAYDVQQDEwlj aWMuZ2MuY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAzgaZ4ojM 6VOcACu3FeODsF9uoiC/tmFq58vMt8daE/snKtezL1L2S3d94BcliCkhH5JaBBQO hrNrfeVMSiWh67oSRxRE1/lkYpEHSV8MuRUzV/vJ/Y06FUTqgI42v7XHW/9/RIBD yBP0gP4VdnWWsXt45X+4ru16VRt4PlX73qT5bJcx2rrV35F+sZVKUQKEat6da2d6 N/kMySEIQRaWkfNzt2EeL4QDiGLi97zJ4FEvw83hfxm8Tu5IWS0jTNXy+tv9dHdk 4I+lFvp5wXNUfkEyKdEP4YxK6kyHcrC+GVtLc3l/Vi0vt+I4EWUXgeKXfIL3sLNV JTvOFOWuzBTpAgMBAAGjggXCMIIFvjCCAlsGA1UdEQSCAlIwggJOggljaWMuZ2Mu Y2GCDXd3dy5jaWMuZ2MuY2GCFm11bHRpY3VsdHVyYWxpc20uZ2MuY2GCEWltbWln cmF0aW9uLmdjLmNhghFjaXRpemVuc2hpcC5nYy5jYYIRY2l0b3llbm5ldGUuZ2Mu Y2GCF211bHRpY3VsdHVyYWxpc21lLmdjLmNhgh5zZXJ2aWNlc2Zvcm5ld2NvbWVy cy5jaWMuZ2MuY2GCKnNlcnZpY2VzcG91cmxlc25vdXZlYXV4YXJyaXZhbnRzLmNp Yy5nYy5jYYIIY2kuZ2MuY2GCFnNlcmVuZHJlYXVjYW5hZGEuZ2MuY2GCE2dvaW5n dG9jYW5hZGEuZ2MuY2GCFWNpYy5nc2xiLmdsb2JhbC5nYy5jYYIad3d3Lm11bHRp Y3VsdHVyYWxpc20uZ2MuY2GCFXd3dy5pbW1pZ3JhdGlvbi5nYy5jYYIVd3d3LmNp dGl6ZW5zaGlwLmdjLmNhghV3d3cuY2l0b3llbm5ldGUuZ2MuY2GCG3d3dy5tdWx0 aWN1bHR1cmFsaXNtZS5nYy5jYYIid3d3LnNlcnZpY2VzZm9ybmV3Y29tZXJzLmNp Yy5nYy5jYYIud3d3LnNlcnZpY2VzcG91cmxlc25vdXZlYXV4YXJyaXZhbnRzLmNp Yy5nYy5jYYIMd3d3LmNpLmdjLmNhghp3d3cuc2VyZW5kcmVhdWNhbmFkYS5nYy5j YYIXd3d3LmdvaW5ndG9jYW5hZGEuZ2MuY2GCGXd3dy5jaWMuZ3NsYi5nbG9iYWwu Z2MuY2EwggH1BgorBgEEAdZ5AgQCBIIB5QSCAeEB3wB1AFYUBpov18Ls0/XhvUSy PsdGdrm8mRFcwO+UmFXWidDdAAABbvZ6ODwAAAQDAEYwRAIgJNMFuhl4HjSFZDHp uZZ1u1iamaaOWCcK2Bh37huQjhUCIGY6SsK5dtgfuWEMbtbGD2UC32128qkvlLlp o6RBzCV0AHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFu9no4 RQAABAMARzBFAiA0YVEmKbDSVigq/++baA8/0FodtaK7zS6IQlT3Y+z5MQIhANk7 xzfgD5Ad1hVRkCvxN1jgiR7RQpzWaIPrAWl3ahjhAHYAVYHUwhaQNgFK6gubVzxT 8MDkOHhwJQgXL6OqHQcT0wwAAAFu9no4XwAABAMARzBFAiAoHsMcWYdVjJNof3ue n4CmnKf2sqm4qx6ZE7yXHzRYnwIhAJh2ATczG7Puv+kCR/D/NFFUEXABYQW0VSWb nMxjgzUjAHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFu9no4 OwAABAMARzBFAiB8sfVNxU7eY1dzopCFmFA2n+JVJxbNrk9Chi82BfnzsQIhAMe1 IwjmM5hYHQ119eBbggkeUVv9jsGmR8KwpLq7L8oFMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwMwYDVR0fBCwwKjAooCagJIYi aHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNybDBLBgNVHSAERDBCMDYG CmCGSAGG+mwKAQUwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0Lm5l dC9ycGEwCAYGZ4EMAQICMGgGCCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0 cDovL29jc3AuZW50cnVzdC5uZXQwMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50 cnVzdC5uZXQvbDFrLWNoYWluMjU2LmNlcjAfBgNVHSMEGDAWgBSConB03bxTP897 1PfNf6dgxgpMvzAdBgNVHQ4EFgQUrdz81V+zv4Y+ki3XrkbRGIbHgAowCQYDVR0T BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAEi2k8sEFzpyXF6naEgDp8GO8RkFS0LFE i/dmsiAGN1EigDt6+x6IcDyxidr/a9dXHNu99L74zuIQuHdmsaJt2youNuFW7XMn sj27/Wh8mDvJchlF/s/5m86qq4KtTsanJ7Gc9z0Yz2r9EwhB9qSI+IAG2w9Fz7a5 cSjlXNAqfNK5QxAADvzx9Cx0iPTj5CsJPydwLZ/DtNIaZVMXSv7F/Xx4g4Q6Dx2a h8cKhCNA84kzoU/Mak+myV87BZ2w8Olx6cwzeyWztp+1mI7w/kA2l86Gsmbkq1M6 vXCLAN6AXS7Z/yk8CMGPRiy0Ihu2vM+3jVD525MiMY/86Gp3mgXrTQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM4GmeKIzOlTnAArtxXj g7BfbqIgv7ZhaufLzLfHWhP7JyrXsy9S9kt3feAXJYgpIR+SWgQUDoaza33lTEol oeu6EkcURNf5ZGKRB0lfDLkVM1f7yf2NOhVE6oCONr+1x1v/f0SAQ8gT9ID+FXZ1 lrF7eOV/uK7telUbeD5V+96k+WyXMdq61d+RfrGVSlEChGrenWtnejf5DMkhCEEW lpHzc7dhHi+EA4hi4ve8yeBRL8PN4X8ZvE7uSFktI0zV8vrb/XR3ZOCPpRb6ecFz VH5BMinRD+GMSupMh3KwvhlbS3N5f1YtL7fiOBFlF4Hil3yC97CzVSU7zhTlrswU 6QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 74152830963742707142351838200876213255 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-11 19:10:33 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-03-10 19:40:33 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ottawa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Immigration, Refugees and Citizenship Canada' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cic.gc.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24339349654862531365468508474755560075822873555541193637343995842427162508374210684386845915036383152157536716623227679282053792402506696310271061314837339819411590691488154753452133164200336827306016948740768570238354835246045052826035701979927580350327506216699336203291085840133268300989235342446915465293743247319294218447206413456508616655326343167487692460568513695195301988973983723524819374410524925328425591901228326749651024917817835147574594452798155113508329665897594367681205816125944907292504533510199572730712277919580166253062341250071650193755728084201380866551677312223726657457876040329298782721257 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (594 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cic.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cic.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'multiculturalism.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'immigration.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citizenship.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citoyennete.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'multiculturalisme.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'servicesfornewcomers.cic.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'servicespourlesnouveauxarrivants.cic.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'serendreaucanada.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'goingtocanada.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cic.gslb.global.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.multiculturalism.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.immigration.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citizenship.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citoyennete.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.multiculturalisme.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.servicesfornewcomers.cic.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.servicespourlesnouveauxarrivants.cic.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ci.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.serendreaucanada.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.goingtocanada.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cic.gslb.global.gc.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (481 bytes) 01df0075005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd0000016ef67a383c0000040300463044022024d305ba19781e34856431e9b99675bb589a99a68e58270ad81877ee1b908e150220663a4ac2b976d81fb9610c6ed6c60f6502df6d76f2a92f94b969a3a441cc25740076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016ef67a3845000004030047304502203461512629b0d256282affef9b680f3fd05a1db5a2bbcd2e884254f763ecf931022100d93bc737e00f901dd61551902bf13758e0891ed1429cd66883eb0169776a18e10076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016ef67a385f00000403004730450220281ec31c5987558c93687f7b9e9f80a69ca7f6b2a9b8ab1e9913bc971f34589f02210098760137331bb3eebfe90247f0ff3451541170016105b455259b9ccc63833523007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016ef67a383b000004030047304502207cb1f54dc54ede635773a290859850369fe2552716cdae4f42862f3605f9f3b1022100c7b52308e63398581d0d75f5e05b82091e515bfd8ec1a647c2b0a4babb2fca05 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) addcfcd55fb3bf863e922dd7ae46d11886c7800a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00122da4f2c105ce9c9717a9da1200e9f063bc464152d0b1448bf766b22006375122803b7afb1e88703cb189daff6bd7571cdbbdf4bef8cee210b87766b1a26ddb2a2e36e156ed7327b23dbbfd687c983bc9721945fecff99bceaaab82ad4ec6a727b19cf73d18cf6afd130841f6a488f88006db0f45cfb6b97128e55cd02a7cd2b94310000efcf1f42c7488f4e3e42b093f27702d9fc3b4d21a6553174afec5fd7c7883843a0f1d9a87c70a842340f38933a14fcc6a4fa6c95f3b059db0f0e971e9cc337b25b3b69fb5988ef0fe403697ce86b266e4ab533abd708b00de805d2ed9ff293c08c18f462cb4221bb6bccfb78d50f9db9322318ffce86a779a05eb4d