www.firstniagara.com
- First Niagara Bank, N.A. -
Issued by Entrust Certification Authority - L1M
About this certificate
This digital certificate with serial number 17:8b:51:95:07:64:89:45:00:00:00:00:54:cc:a5:de was issued on by Entrust, Inc..
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
First Niagara Bank, N.A.
Company registration number:
16004
Organization: First Niagara Bank, N.A.
Organization: First Niagara Bank, N.A.
State / Province:
New York
Locality: Buffalo
Country: US
Locality: Buffalo
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 17:8b:51:95:07:64:89:45:00:00:00:00:54:cc:a5:deSerial Number (int): 31295627848851452415588315168932406750
Serial Number lenght: 125 bits, 16 octets
SubjectKeyId: 45:6a:f8:68:0e:36:cb:e5:8b:d8:ab:86:a6:43:4d:8f:af:52:8e:e1
AuthorityKeyId: c3:f7:d0:b5:2a:30:ad:af:0d:91:21:70:39:54:dd:bc:89:70:c7:3a
Fingerprint (sha1): d7:bf:ac:09:6f:09:79:86:dc:f1:dc:f2:b0:37:2e:de:66:a6:ed:68
Fingerprint (sha256): 92:03:e6:5b:50:6c:a2:a6:b5:a1:b7:22:d7:36:29:15:fa:6c:32:8e:42:20:d8:8d:3a:69:c9:0b:ae:73:da:6a
Issuing Certificate URL: http://aia.entrust.net/l1m-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1m.crl
Check the revocation status for certificate www.firstniagara.com
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.firstniagara.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.firstniagara.com
firstniagara.com
www.temp.firstniagara.com
temp.firstniagara.com
www.fnfg.com
fnfg.com
firstniagara.com
www.temp.firstniagara.com
temp.firstniagara.com
www.fnfg.com
fnfg.com
Other certificates including the domain name firstniagara.com
(limited to 100 certificates)
Onlinebanking.FirstNiagara.com
cmm.firstniagara.com
firstniagara.com
qa-bolbwpl.fnfg.com
ebenefitsbilling.firstniagara.com
www.firstniagara.com
ebenefitsbilling.firstniagara.com
firstniagara.com
firstniagara.com
firstniagara.com
mft.firstniagara.com
fundstransfer.firstniagara.com
myfilegateway.firstniagara.com
firstniagara.keybank.com
firstniagara.com
firstniagara.com
firstniagara.com
apply.firstniagara.com
stage2.firstniagara.com
firstniagara.com
ebenefitsbilling.firstniagara.com
abl.firstniagara.com
stage2.firstniagara.com
www.firstniagara.com
mobile.firstniagara.com
www.firstniagara.com
firstniagara.com
firstniagara.com
mobile.firstniagara.com
richchannel02.firstniagara.com
dmyfilegateway.firstniagara.com
onlineservices.firstniagara.com
firstniagara.com
myfilegateway.firstniagara.com
abl.firstniagara.com
mobile.firstniagara.com
test-fundstransfer.firstniagara.com
abl.firstniagara.com
apply.firstniagara.com
richchannel02.firstniagara.com
richchannel02.firstniagara.com
firstniagara.com
abl.firstniagara.com
abl.firstniagara.com
qmyfilegateway.firstniagara.com
cmm.firstniagara.com
firstniagara.com
qa-bolbwpl.fnfg.com
ebenefitsbilling.firstniagara.com
www.firstniagara.com
ebenefitsbilling.firstniagara.com
firstniagara.com
firstniagara.com
firstniagara.com
mft.firstniagara.com
fundstransfer.firstniagara.com
myfilegateway.firstniagara.com
firstniagara.keybank.com
firstniagara.com
firstniagara.com
firstniagara.com
apply.firstniagara.com
stage2.firstniagara.com
firstniagara.com
ebenefitsbilling.firstniagara.com
abl.firstniagara.com
stage2.firstniagara.com
www.firstniagara.com
mobile.firstniagara.com
www.firstniagara.com
firstniagara.com
firstniagara.com
mobile.firstniagara.com
richchannel02.firstniagara.com
dmyfilegateway.firstniagara.com
onlineservices.firstniagara.com
firstniagara.com
myfilegateway.firstniagara.com
abl.firstniagara.com
mobile.firstniagara.com
test-fundstransfer.firstniagara.com
abl.firstniagara.com
apply.firstniagara.com
richchannel02.firstniagara.com
richchannel02.firstniagara.com
firstniagara.com
abl.firstniagara.com
abl.firstniagara.com
qmyfilegateway.firstniagara.com
Certificate
The complete raw certificate details for www.firstniagara.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIH2jCCBsKgAwIBAgIQF4tRlQdkiUUAAAAAVMyl3jANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDE0IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxTTAeFw0x NjA0MTUxMDQyNTdaFw0xODA0MTUxMTEyNTVaMIG4MQswCQYDVQQGEwJVUzERMA8G A1UECBMITmV3IFlvcmsxEDAOBgNVBAcTB0J1ZmZhbG8xEzARBgsrBgEEAYI3PAIB AxMCVVMxITAfBgNVBAoTGEZpcnN0IE5pYWdhcmEgQmFuaywgTi5BLjEdMBsGA1UE DxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xDjAMBgNVBAUTBTE2MDA0MR0wGwYDVQQD ExR3d3cuZmlyc3RuaWFnYXJhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBANIDg6Aw2b8UF2i41ADC9dWcU0CGzks13oOy/AYveI0Tn5w5XG6oqmoB BZy9OLOUscZSlpIl0DXrwkyXqaLaO4dTfqaGTYE0fdjFbAH/m9G5HbBZBZfnHXK1 bgFcMn+ACsLn3EMJnSkxLXkIajrxmbgyL4MqKV1OJMV0GZAbQ/14fuPh6t6/2Mg9 9GrpiHFRGTOEv2P2bpXossOgIXg421MelKvmZyNnOBUTThgm7YnYBobclguBeNsF Ssb6ZY38apYmuVpjZ+Hl3Pz6osSKQa0cewQ5Hd++W0mvFqiVQIAFM9cpWZMAqvZ8 YB6BrrnR++noIB18jXBKXNccqCw+AY0CAwEAAaOCA9owggPWMHsGA1UdEQR0MHKC FHd3dy5maXJzdG5pYWdhcmEuY29tghBmaXJzdG5pYWdhcmEuY29tghl3d3cudGVt cC5maXJzdG5pYWdhcmEuY29tghV0ZW1wLmZpcnN0bmlhZ2FyYS5jb22CDHd3dy5m bmZnLmNvbYIIZm5mZy5jb20wggHzBgorBgEEAdZ5AgQCBIIB4wSCAd8B3QB1AGj2 mPgfZIK+OozuuSgdTPxxUV1nk9RE0QpnrLtPT/vEAAABVBmftsMAAAQDAEYwRAIg KK8GYK2fBcJYzQY5pmidBPtxbL9PNylPGVBhUtPM2hoCIGRJXQNTyrK6r2FSq7WZ 43SlJ2d7sb4s7xyeTPJW9M+tAHYAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SY VdaJ0N0AAAFUGZ+6swAABAMARzBFAiBrwLnazhY1mr3nLh/v2JjFYJSbe7WMOJOu PsP5V3juqwIhAPrdszmSk4mbpJULIdFXvSCARuE3fEDHc2w1tXYFbYGqAHUAdGG0 oJz7PUHXUVlXWy52SaRFqNJ3CbDMVkpkgrfrQaMAAAFUGZ+9HAAABAMARjBEAiAY HRuHxsahJNMBAjpysbvrECK1hn2eUlMLHfPmDOqAawIgY2g4NkeJIw6v9J+MLG7N jzZKvAKq0i6POVdI8M9902UAdQCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80O yA3cEAAAAVQZn74OAAAEAwBGMEQCIHP5qn7Dw8rmeyRefhf/V/uPaRBDNCOFKHRa kxUVq4rkAiBvYeU7MW0a/0WlgfEAx0H9jjPm/VcOIvWWnuwGYJHw2TALBgNVHQ8E BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGgGCCsGAQUFBwEB BFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYIKwYB BQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFtLWNoYWluMjU2LmNlcjAz BgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L2xldmVsMW0u Y3JsMEoGA1UdIARDMEEwNgYKYIZIAYb6bAoBAjAoMCYGCCsGAQUFBwIBFhpodHRw Oi8vd3d3LmVudHJ1c3QubmV0L3JwYTAHBgVngQwBATAfBgNVHSMEGDAWgBTD99C1 KjCtrw2RIXA5VN28iXDHOjAdBgNVHQ4EFgQURWr4aA42y+WL2KuGpkNNj69SjuEw CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA0BHYUsxSVRY1Fhei4/V85Sqm jwjbCG2x3tCHf4hDnrsKGeP3kE9/MKl0DMuntV5m00Zv1yGz0HU6UJH95EAtprGa C2ty0zKJ96nKTnjLHI6Rd+6PRI0Q8tTCWp91v5cMVqXt4HJwgsnuZlkvw6UG2Gfv mZypZFlxm+f9lst0rPOJDTUrrSllH8PivhWYp2qJVcNgt8bvSc2xExhXLb5i2NO1 CuiiugXH+8B2FuGOlWU3HYCxCSLBKdzi/83K9lHiQyubIL0M8JvCWwRkTWCh3I5T Rfw98lzLcDs43nW4023wT6IcoLoC7x5T7UsTqmI/HD1r3U//L1uxhodlbxdJfQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gODoDDZvxQXaLjUAML1 1ZxTQIbOSzXeg7L8Bi94jROfnDlcbqiqagEFnL04s5SxxlKWkiXQNevCTJepoto7 h1N+poZNgTR92MVsAf+b0bkdsFkFl+cdcrVuAVwyf4AKwufcQwmdKTEteQhqOvGZ uDIvgyopXU4kxXQZkBtD/Xh+4+Hq3r/YyD30aumIcVEZM4S/Y/Zuleiyw6AheDjb Ux6Uq+ZnI2c4FRNOGCbtidgGhtyWC4F42wVKxvpljfxqlia5WmNn4eXc/PqixIpB rRx7BDkd375bSa8WqJVAgAUz1ylZkwCq9nxgHoGuudH76eggHXyNcEpc1xyoLD4B jQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 31295627848851452415588315168932406750 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2014 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1M' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-04-15 10:42:57 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-15 11:12:55 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Buffalo' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'First Niagara Bank, N.A.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '16004' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.firstniagara.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26511776941267134821847341565657220839456096522012168505822023461841126986849632287523853308659685435074938525871885314661837245191746849109606783627496596599946117462781291750333409600789684769842730897969148046187181880065260264951840718264839738975658407512155107633210433824497428827459132195721797669615288433595485249112138304129948611330993001129821853734763524257064546969847550836328706783332022583856421982498950142803404896731041280081602134000301915233699010818284515734727780714128614733536486118062194738061817404917432726637349220323008682954179619059299046734567148259661349171490815593833594697417101 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.firstniagara.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'firstniagara.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.temp.firstniagara.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'temp.firstniagara.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fnfg.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fnfg.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (479 bytes) 01dd00750068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc400000154199fb6c30000040300463044022028af0660ad9f05c258cd0639a6689d04fb716cbf4f37294f19506152d3ccda1a022064495d0353cab2baaf6152abb599e374a527677bb1be2cef1c9e4cf256f4cfad0076005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd00000154199fbab3000004030047304502206bc0b9dace16359abde72e1fefd898c560949b7bb58c3893ae3ec3f95778eeab022100faddb3399293899ba4950b21d157bd208046e1377c40c7736c35b576056d81aa0075007461b4a09cfb3d41d75159575b2e7649a445a8d27709b0cc564a6482b7eb41a300000154199fbd1c00000403004630440220181d1b87c6c6a124d301023a72b1bbeb1022b5867d9e52530b1df3e60cea806b0220636838364789230eaff49f8c2c6ecd8f364abc02aad22e8f395748f0cf7dd365007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000154199fbe0e0000040300463044022073f9aa7ec3c3cae67b245e7e17ff57fb8f69104334238528745a931515ab8ae402206f61e53b316d1aff45a581f100c741fd8e33e6fd570e22f5969eec066091f0d9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1m-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1m.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.2 (Entrust EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c3f7d0b52a30adaf0d9121703954ddbc8970c73a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 456af8680e36cbe58bd8ab86a6434d8faf528ee1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00d011d852cc525516351617a2e3f57ce52aa68f08db086db1ded0877f88439ebb0a19e3f7904f7f30a9740ccba7b55e66d3466fd721b3d0753a5091fde4402da6b19a0b6b72d33289f7a9ca4e78cb1c8e9177ee8f448d10f2d4c25a9f75bf970c56a5ede0727082c9ee66592fc3a506d867ef999ca96459719be7fd96cb74acf3890d352bad29651fc3e2be1598a76a8955c360b7c6ef49cdb11318572dbe62d8d3b50ae8a2ba05c7fbc07616e18e9565371d80b10922c129dce2ffcdcaf651e2432b9b20bd0cf09bc25b04644d60a1dc8e5345fc3df25ccb703b38de75b8d36df04fa21ca0ba02ef1e53ed4b13aa623f1c3d6bdd4fff2f5bb18687656f17497d