s17.kclient.kpmg.com
- KPMG International -
Issued by Entrust Certification Authority - L1C
About this certificate
This digital certificate with serial number 4c:21:b3:05 was issued on by Entrust, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
KPMG International
Organization:
KPMG International
State / Province:
Amsterdam
Locality: Amstelveen
Country: NL
Locality: Amstelveen
Country: NL
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 4c:21:b3:05Serial Number (int): 1277276933
Serial Number lenght: 31 bits, 4 octets
SubjectKeyId: f8:b6:9b:af:00:9e:b1:d1:9c:3c:4c:57:9f:31:23:0c:52:6d:7c:a1
AuthorityKeyId: 1e:f1:ab:89:06:f8:49:0f:01:33:77:ee:14:7a:ee:19:7c:93:28:4d
Fingerprint (sha1): a4:80:19:f7:04:31:76:41:c3:e7:cd:9d:6d:7c:21:6a:85:35:b0:4a
Fingerprint (sha256): 8e:ec:5c:9f:3d:aa:ca:92:9c:02:dc:d5:19:fd:32:e7:15:24:97:34:5b:16:83:8a:a4:33:21:dd:04:12:83:07
Issuing Certificate URL: http://aia.entrust.net/2048-l1c.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1c.crl
Check the revocation status for certificate s17.kclient.kpmg.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for s17.kclient.kpmg.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
s17.kclient.kpmg.com
Other certificates including the domain name kpmg.com
(limited to 100 certificates)
accounts.amr.kpmg.com
mdm.cee.kpmg.com
cds4.cvent.com
tess10.us.kworld.kpmg.com
wp.linkes.kpmg.com
Maillab.kpmg.ca
kpmgclaraonazure.ema.kpmg.com
www.highq.com
auditchatbot2.kpmg.com
ngsclient.ext.dev.kpmg.com
www.highq.com
lbvpn.us.kpmg.com
akamaisecure3.qualtrics.com
staging.kpmg.com
vhstg.aspac.kpmg.com
origin-azureapps.ema.kworld.kpmg.com
portals.ema.kpmg.com
portalqa.kpmg.com
sslras1dr.us.kpmg.com
cert00092-azurecdn.akamaized.net
cert00088-azurecdn.akamaized.net
www.highq.com
www.highq.com
origin-azureapps.stg.amr.kpmg.com
portaluat.us.kpmg.com
kriterionmobile-qa.us.kworld.kpmg.com
solutions-analyticsuat.us.kpmg.com
cert00068-azurecdn.akamaized.net
cert00100-azurecdn.akamaized.net
lmscontent.us.kpmg.com
www.ptlinke.kpmg.com
selfserviceqa.kpmg.com
workspacesstg.ema.kpmg.com
www.highq.com
devkpmglinkworkforce.us.kworld.kpmg.com
cds4.cvent.com
lakehouseapi.us.kpmg.com
artifactory.us.kworld.kpmg.com
cds4.cvent.com
lab-uat-*.unify.us.kpmg.com
www.highq.com
WebSealIntSAMLFed.us.kworld.kpmg.com
accreditationdev01.kpmgdevcloud.kpmg.com
origin-azureapps.ema.kpmg.com
gfs-stg-2fa-ema.kworld.kpmg.com
mdm.ema.kpmg.com
workplace.us.kpmg.com
*.us.kpmg.com
oos.qa.us.kpmg.com
www.highq.com
apps.ng.kpmg.com
simp.us.kworld.kpmg.com
drmsmanager.us.kworld.kpmg.com
cert00031-azurecdn.akamaized.net
lab-eailogin-stg.us.kpmg.com
cert00088-azurecdn.akamaized.net
cert00031-azurecdn.akamaized.net
ngsclient.ext.dev.kpmg.com
godzilla.kpmg.com
kcentralintuat.us.kpmg.com
www.highq.com
www.highq.com
cert00059-azurecdn.akamaized.net
www.highq.com
cert00077-azurecdn.akamaized.net
www.highq.com
cert00092-azurecdn.akamaized.net
apps.ema.kpmg.com
kdox-service-uat.us.kpmg.com
www.highq.com
eccsandn1.godevazure1.kpmg.com
emersslvpn.us.kpmg.com
cert00077-azurecdn.akamaized.net
imi-uatreporting.kdev.services
cert00068-azurecdn.akamaized.net
www.mslinkeu.kpmg.com
cert00077-azurecdn.akamaized.net
kcentralint.us.kpmg.com
UPExchanges.us.kworld.kpmg.com
origin-azureapps.stg.ema.kpmg.com
*.bio.kpmg.com
pivot.kpmg.com
www.highq.com
cert00068-azurecdn.akamaized.net
Kcfcapi.stg.ema.kpmg.com
www.highq.com
goazr1app266d.godevazure1.kpmg.com
cert00077-azurecdn.akamaized.net
mobileeas.ema.kpmg.com
akamaisecure4.qualtrics.com
lmclinkes.us.kworld.kpmg.com
author-kpmg-dev.us.kworld.kpmg.com
test_poc-ext.qa.kpmg.com
kpmglinkqa.amr.kpmg.com
sslraa3.us.kpmg.com
vhstg.amr.kpmg.com
vpn.us.kpmg.com
cert00077-azurecdn.akamaized.net
eauditonlinec.ema.kpmg.com
cert00088-azurecdn.akamaized.net
mdm.cee.kpmg.com
cds4.cvent.com
tess10.us.kworld.kpmg.com
wp.linkes.kpmg.com
Maillab.kpmg.ca
kpmgclaraonazure.ema.kpmg.com
www.highq.com
auditchatbot2.kpmg.com
ngsclient.ext.dev.kpmg.com
www.highq.com
lbvpn.us.kpmg.com
akamaisecure3.qualtrics.com
staging.kpmg.com
vhstg.aspac.kpmg.com
origin-azureapps.ema.kworld.kpmg.com
portals.ema.kpmg.com
portalqa.kpmg.com
sslras1dr.us.kpmg.com
cert00092-azurecdn.akamaized.net
cert00088-azurecdn.akamaized.net
www.highq.com
www.highq.com
origin-azureapps.stg.amr.kpmg.com
portaluat.us.kpmg.com
kriterionmobile-qa.us.kworld.kpmg.com
solutions-analyticsuat.us.kpmg.com
cert00068-azurecdn.akamaized.net
cert00100-azurecdn.akamaized.net
lmscontent.us.kpmg.com
www.ptlinke.kpmg.com
selfserviceqa.kpmg.com
workspacesstg.ema.kpmg.com
www.highq.com
devkpmglinkworkforce.us.kworld.kpmg.com
cds4.cvent.com
lakehouseapi.us.kpmg.com
artifactory.us.kworld.kpmg.com
cds4.cvent.com
lab-uat-*.unify.us.kpmg.com
www.highq.com
WebSealIntSAMLFed.us.kworld.kpmg.com
accreditationdev01.kpmgdevcloud.kpmg.com
origin-azureapps.ema.kpmg.com
gfs-stg-2fa-ema.kworld.kpmg.com
mdm.ema.kpmg.com
workplace.us.kpmg.com
*.us.kpmg.com
oos.qa.us.kpmg.com
www.highq.com
apps.ng.kpmg.com
simp.us.kworld.kpmg.com
drmsmanager.us.kworld.kpmg.com
cert00031-azurecdn.akamaized.net
lab-eailogin-stg.us.kpmg.com
cert00088-azurecdn.akamaized.net
cert00031-azurecdn.akamaized.net
ngsclient.ext.dev.kpmg.com
godzilla.kpmg.com
kcentralintuat.us.kpmg.com
www.highq.com
www.highq.com
cert00059-azurecdn.akamaized.net
www.highq.com
cert00077-azurecdn.akamaized.net
www.highq.com
cert00092-azurecdn.akamaized.net
apps.ema.kpmg.com
kdox-service-uat.us.kpmg.com
www.highq.com
eccsandn1.godevazure1.kpmg.com
emersslvpn.us.kpmg.com
cert00077-azurecdn.akamaized.net
imi-uatreporting.kdev.services
cert00068-azurecdn.akamaized.net
www.mslinkeu.kpmg.com
cert00077-azurecdn.akamaized.net
kcentralint.us.kpmg.com
UPExchanges.us.kworld.kpmg.com
origin-azureapps.stg.ema.kpmg.com
*.bio.kpmg.com
pivot.kpmg.com
www.highq.com
cert00068-azurecdn.akamaized.net
Kcfcapi.stg.ema.kpmg.com
www.highq.com
goazr1app266d.godevazure1.kpmg.com
cert00077-azurecdn.akamaized.net
mobileeas.ema.kpmg.com
akamaisecure4.qualtrics.com
lmclinkes.us.kworld.kpmg.com
author-kpmg-dev.us.kworld.kpmg.com
test_poc-ext.qa.kpmg.com
kpmglinkqa.amr.kpmg.com
sslraa3.us.kpmg.com
vhstg.amr.kpmg.com
vpn.us.kpmg.com
cert00077-azurecdn.akamaized.net
eauditonlinec.ema.kpmg.com
cert00088-azurecdn.akamaized.net
Certificate
The complete raw certificate details for s17.kclient.kpmg.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgIETCGzBTANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMC VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 Lm5ldC9ycGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW KGMpIDIwMDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZp Y2F0aW9uIEF1dGhvcml0eSAtIEwxQzAeFw0xMzEyMzAxMDEzMjNaFw0xNTEyMzAy MTExNDZaMHIxCzAJBgNVBAYTAk5MMRIwEAYDVQQIEwlBbXN0ZXJkYW0xEzARBgNV BAcTCkFtc3RlbHZlZW4xGzAZBgNVBAoTEktQTUcgSW50ZXJuYXRpb25hbDEdMBsG A1UEAxMUczE3LmtjbGllbnQua3BtZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5C+Q7qvAsfZKYDOVZXYm+zJJGLfBfXJDUk1WY/TRI21U32ZWX gcpFiiRzmot0JIThgUuIKNkh2UoCOWS1jQcSHZdouAi4Oi7QyTZ7lZrmS7iou945 0unjZ5G5RryK3UvBoAIgK7D5xZomBjSrQab1fwl2COGHitnQ7R+0pR0icz0LnjJL U21Yn03F8r/9d53gcisI/uISGqklr7E61bUmMgSo+kId3xj8s4o7nwpDJlfkye+2 eGU7An24FahFMBy4m7f1Frrsia7ByWqriQvwXRIO4Vrti56yb9FEp1ZfN2I/DSOK 57jlcwAnv9HU6P2IN1YS4AVMQp/lsChIU4QpAgMBAAGjggF5MIIBdTALBgNVHQ8E BAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwMwYDVR0fBCwwKjAooCagJIYiaHR0 cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFjLmNybDBkBggrBgEFBQcBAQRYMFYw IwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MC8GCCsGAQUFBzAC hiNodHRwOi8vYWlhLmVudHJ1c3QubmV0LzIwNDgtbDFjLmNlcjBKBgNVHSAEQzBB MDUGCSqGSIb2fQdLAjAoMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1c3Qu bmV0L3JwYTAIBgZngQwBAgIwHwYDVR0RBBgwFoIUczE3LmtjbGllbnQua3BtZy5j b20wHwYDVR0jBBgwFoAUHvGriQb4SQ8BM3fuFHruGXyTKE0wHQYDVR0OBBYEFPi2 m68AnrHRnDxMV58xIwxSbXyhMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEB AItcwwEUaigaW4q5hCdWQhs+RWLYbfwl7e5lFdlDFLpgZZa7fqydgO7yZFOFmpYD DeccOdwwrpRxnRBSY2PZ1ixRLTTTmhM0YiwI/vX/Vj97AitjopT1darkILgVTCQe qMe2xii2SfDQKUfEQ6AusJ421Kndltbdp17YHZputOL2stmlAR2QMPtBgZXNuGm8 RRiicx1zT/gnKIIQyqWa929JdqSUi93ozptRqXOEy+/ooKPFSagrdgDwNad1qCiy R98csm5LUWGFV5h7OgsyDQM4dBCSd3kfsK13pt0zVnW1Fnq0Tnt934klZMbgYyT6 C9pXDMf2VFQRN/X+SeHs1bo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQvkO6rwLH2SmAzlWV2J vsySRi3wX1yQ1JNVmP00SNtVN9mVl4HKRYokc5qLdCSE4YFLiCjZIdlKAjlktY0H Eh2XaLgIuDou0Mk2e5Wa5ku4qLveOdLp42eRuUa8it1LwaACICuw+cWaJgY0q0Gm 9X8Jdgjhh4rZ0O0ftKUdInM9C54yS1NtWJ9NxfK//Xed4HIrCP7iEhqpJa+xOtW1 JjIEqPpCHd8Y/LOKO58KQyZX5MnvtnhlOwJ9uBWoRTAcuJu39Ra67Imuwclqq4kL 8F0SDuFa7Yuesm/RRKdWXzdiPw0jiue45XMAJ7/R1Oj9iDdWEuAFTEKf5bAoSFOE KQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1277276933 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.entrust.net/rpa is incorporated by reference' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2009 Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1C' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-12-30 10:13:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-12-30 21:11:46 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amsterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amstelveen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'KPMG International' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 's17.kclient.kpmg.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23359950353406660772223495931338037747254191524289975741423570805366712687524836471002438822035169687608802812698651483340655622740313055900671368279269791651215562496013029023628578899996730213543869132124888067245159920781256318406979768710252635871322287885043134372057604393419342421743739141205553351363509692515714099864840332781118496367636396274742358758417288682777055026377664098758582597657486782823490572148695131641590356336111060211422815627482107209162648728882214116475197598981087705808600666156453550771433597217859012017106166652822309108647898588949675531674982762415826508067388711153278282597417 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1c.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/2048-l1c.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113533.7.75.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 's17.kclient.kpmg.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1ef1ab8906f8490f013377ee147aee197c93284d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f8b69baf009eb1d19c3c4c579f31230c526d7ca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008b5cc301146a281a5b8ab9842756421b3e4562d86dfc25edee6515d94314ba606596bb7eac9d80eef26453859a96030de71c39dc30ae94719d10526363d9d62c512d34d39a1334622c08fef5ff563f7b022b63a294f575aae420b8154c241ea8c7b6c628b649f0d02947c443a02eb09e36d4a9dd96d6dda75ed81d9a6eb4e2f6b2d9a5011d9030fb418195cdb869bc4518a2731d734ff827288210caa59af76f4976a4948bdde8ce9b51a97384cbefe8a0a3c549a82b7600f035a775a828b247df1cb26e4b51618557987b3a0b320d033874109277791fb0ad77a6dd335675b5167ab44e7b7ddf892564c6e06324fa0bda570cc7f654541137f5fe49e1ecd5ba