www.eif.org
- European Investment Bank -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number 60:39:e9:7b:72:c2:ef:10:c5:a3:ce:8c:81:1d:35:28 was issued on by Entrust, Inc..
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
European Investment Bank
Organization:
European Investment Bank
Locality:
Luxembourg
Country: LU
Country: LU
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 60:39:e9:7b:72:c2:ef:10:c5:a3:ce:8c:81:1d:35:28Serial Number (int): 127906584098307000750931360261743654184
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: b2:98:b8:a8:8f:b4:30:26:4d:f9:40:67:e5:b5:f0:59:83:33:c9:9b
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 1d:3c:bf:a9:8e:c9:24:9c:0e:94:1c:0c:99:dc:7a:25:91:5e:90:d1
Fingerprint (sha256): 7b:42:f5:32:bc:72:91:21:c8:8b:cf:af:37:a9:34:b9:45:a7:5c:fa:17:f7:00:f8:bd:3a:42:c4:97:09:6d:d2
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate www.eif.org
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.eif.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.eif.org
eif.org
www.eib.org
30years.eif.org
blog.eif.org
eif.org
www.eib.org
30years.eif.org
blog.eif.org
Other certificates including the domain name eif.org
(limited to 100 certificates)
sip.eib.org
sip.eib.org
staging.sustainabilityguarantee.eif.org
engage.eif.org
sip2.eib.org
board.eif.org
sip2.eib.org
www.eif.org
sip.eib.org
sts.eib.org
www.eif.org
sts.eib.org
www.eif.org
*.eif.org
lsweb-ext2.eib.org
lsweb-ext.eib.org
data.thebench.eif.org
sip.eib.org
*.eif.org
thebench.eif.org
www.eif.org
www.eif.org
*.data.thebench.eif.org
*.eif.org
sustainabilityguarantee.eif.org
data.thebench.eif.org
*.data.thebench.eif.org
sip2.eib.org
thebench.eif.org
www.eif.org
sip.eib.org
lsweb-ext2.eib.org
data.thebench.eif.org
*.eif.org
sts.eib.org
sts.eib.org
*.data.thebench.eif.org
*.eif.org
sip.eib.org
sts.test.eib.org
sts.eib.org
filecloud.test.tech.eif.org
filecloud.tech.eif.org
www.eif.org
www.eif.org
www.eif.org
*.eif.org
*.eif.org
sip2.eib.org
lsweb-ext2.eib.org
lsweb-ext2.eib.org
www.eif.org
api-onelogin.tech.eif.org
lsweb-ext2.eib.org
sip.eib.org
thebench.eif.org
sts-dev.eib.org
thebench.eif.org
sts.eib.org
lsweb-ext2.eib.org
sts.test.eib.org
sip.eib.org
staging.sustainabilityguarantee.eif.org
engage.eif.org
sip2.eib.org
board.eif.org
sip2.eib.org
www.eif.org
sip.eib.org
sts.eib.org
www.eif.org
sts.eib.org
www.eif.org
*.eif.org
lsweb-ext2.eib.org
lsweb-ext.eib.org
data.thebench.eif.org
sip.eib.org
*.eif.org
thebench.eif.org
www.eif.org
www.eif.org
*.data.thebench.eif.org
*.eif.org
sustainabilityguarantee.eif.org
data.thebench.eif.org
*.data.thebench.eif.org
sip2.eib.org
thebench.eif.org
www.eif.org
sip.eib.org
lsweb-ext2.eib.org
data.thebench.eif.org
*.eif.org
sts.eib.org
sts.eib.org
*.data.thebench.eif.org
*.eif.org
sip.eib.org
sts.test.eib.org
sts.eib.org
filecloud.test.tech.eif.org
filecloud.tech.eif.org
www.eif.org
www.eif.org
www.eif.org
*.eif.org
*.eif.org
sip2.eib.org
lsweb-ext2.eib.org
lsweb-ext2.eib.org
www.eif.org
api-onelogin.tech.eif.org
lsweb-ext2.eib.org
sip.eib.org
thebench.eif.org
sts-dev.eib.org
thebench.eif.org
sts.eib.org
lsweb-ext2.eib.org
sts.test.eib.org
Certificate
The complete raw certificate details for www.eif.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFOTCCBCGgAwIBAgIQYDnpe3LC7xDFo86MgR01KDANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y NDAxMTcxMzU5MzNaFw0yNTAyMTYxMzU5MzJaMFsxCzAJBgNVBAYTAkxVMRMwEQYD VQQHEwpMdXhlbWJvdXJnMSEwHwYDVQQKExhFdXJvcGVhbiBJbnZlc3RtZW50IEJh bmsxFDASBgNVBAMTC3d3dy5laWYub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAs41VzviD4mupJIk9SCJVBp9Xdprw7cwMkxIlNNXPoT4XVnlxGdoj 2bGtIP7PhG+hj9wgTPu2ANyL8mlb6cA/K+T9Qef5fSkUOm7XNEo8tYdmISvUe8a3 jpg2elonGcY6hLR4wy++4iyQGjcxL8aiZs4BgwX5rVlmzw8YGzLaKCNj3Dsf1OaW CbwEHVntl7udBoTwSDH2iXs027J4fGHOzIJ+NtR36icCuna322A9rStLl0yooRiw 0uX8WW8LT/07KFhzfDD9rop7k36WGj9yNyPi87x52T48DBiV9bpDTSq0yZRyDwJ7 bAtZC55OfBrmP815hdXoJipbDoRl6JJ1bQIDAQABo4IBlzCCAZMwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQUspi4qI+0MCZN+UBn5bXwWYMzyZswHwYDVR0jBBgwFoAU gqJwdN28Uz/Pe9T3zX+nYMYKTL8waAYIKwYBBQUHAQEEXDBaMCMGCCsGAQUFBzAB hhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAzBggrBgEFBQcwAoYnaHR0cDovL2Fp YS5lbnRydXN0Lm5ldC9sMWstY2hhaW4yNTYuY2VyMDMGA1UdHwQsMCowKKAmoCSG Imh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwxay5jcmwwSwYDVR0RBEQwQoIL d3d3LmVpZi5vcmeCB2VpZi5vcmeCC3d3dy5laWIub3Jngg8zMHllYXJzLmVpZi5v cmeCDGJsb2cuZWlmLm9yZzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMBMGA1UdIAQMMAowCAYGZ4EMAQICMBMGCisGAQQB1nkC BAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCtzUdrcv1hDBxG1LzX5gs0WLqh QBSFgN+xWfkdvdcNZ/OvuE3yyPjxEc7Tydk1USU8KaLpkDwLWECgVnobFWOgwkIf I8e1tQdg5n/OpCQB7h2FL08ekQ3iJWgxYMk2uP2GMfqPb8UcmEHCuTczyZMwMqmj V4M/cbCfERRpHegO1wBg3xqAoDwnDzB9uIv6cvvR7zOC234Giupa41qWI+9KESTQ TteX4+cZBazPKsNRyctxdiaMw/NuaDABPxm5Nfg9oiTNKayPPUcO0+vCW2AM185F c2Z8mpYTlKTEAqs7behlnou+sJKAqWtQa690P1c6hcDThWuRrBrK8NdSq8ct -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs41VzviD4mupJIk9SCJV Bp9Xdprw7cwMkxIlNNXPoT4XVnlxGdoj2bGtIP7PhG+hj9wgTPu2ANyL8mlb6cA/ K+T9Qef5fSkUOm7XNEo8tYdmISvUe8a3jpg2elonGcY6hLR4wy++4iyQGjcxL8ai Zs4BgwX5rVlmzw8YGzLaKCNj3Dsf1OaWCbwEHVntl7udBoTwSDH2iXs027J4fGHO zIJ+NtR36icCuna322A9rStLl0yooRiw0uX8WW8LT/07KFhzfDD9rop7k36WGj9y NyPi87x52T48DBiV9bpDTSq0yZRyDwJ7bAtZC55OfBrmP815hdXoJipbDoRl6JJ1 bQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 127906584098307000750931360261743654184 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-17 13:59:33 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-16 13:59:32 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'LU' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Luxembourg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'European Investment Bank' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.eif.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22666351568371877630002787801071465577223805117047422349167282753975453196258082101626694839865549838356677494758010518201842647287707023333934892291080981585451721335557229326019236576216389423087650481048376401203759413839718775696177815219719119915627924041006444077730410552356430253497081923776266935877651286222657811147554705850883950475274600090110515656533944867557831874104535286595846799098709866578386339976036099269552034050284481887154192853290436546631375997099457400079636259940962182373524436515992907397806030167098913116750789282062389077725185045034894710555132998208864974757917207974868283454829 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b298b8a88fb430264df94067e5b5f0598333c99b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.eif.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eif.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.eib.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '30years.eif.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.eif.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00adcd476b72fd610c1c46d4bcd7e60b3458baa140148580dfb159f91dbdd70d67f3afb84df2c8f8f111ced3c9d93551253c29a2e9903c0b5840a0567a1b1563a0c2421f23c7b5b50760e67fcea42401ee1d852f4f1e910de225683160c936b8fd8631fa8f6fc51c9841c2b93733c9933032a9a357833f71b09f1114691de80ed70060df1a80a03c270f307db88bfa72fbd1ef3382db7e068aea5ae35a9623ef4a1124d04ed797e3e71905accf2ac351c9cb7176268cc3f36e6830013f19b935f83da224cd29ac8f3d470ed3ebc25b600cd7ce4573667c9a961394a4c402ab3b6de8659e8bbeb09280a96b506baf743f573a85c0d3856b91ac1acaf0d752abc72d