traveller-form.phac-aspc.gc.ca

- Health Canada (Department of Health) -

Issued by Entrust Certification Authority - L1J

About this certificate

This digital certificate with serial number b0:a3:96:e8:6e:83:f4:07:00:00:00:00:56:a0:a4:17 was issued on by Entrust, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Encoding of signature algorithm does not match signing key on P-384 curve. Got the unsupported 300a06082a8648ce3d040302 The encoded algorithm identifiers for ECDSA signatures MUST match specific hex-encoded bytes (Mozilla Root Store Policy / Section 5.1.2)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Health Canada (Department of Health)

Company registration number: 1996-05-29
Organization: Health Canada (Department of Health)
State / Province: Ontario
Locality: Ottawa
Country: CA

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2016 Entrust, Inc. - for authorized use only
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): b0:a3:96:e8:6e:83:f4:07:00:00:00:00:56:a0:a4:17
Serial Number (int): 234793532422663494343676929993357698071
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 56:cc:7c:c6:18:06:c1:05:00:95:06:6b:bc:36:99:4f:f7:a8:3c:f1
AuthorityKeyId: c3:f9:45:03:be:c8:f9:0b:3c:45:35:f3:eb:72:ec:e7:e8:eb:94:9b

Fingerprint (sha1): f2:a7:90:95:7a:60:25:51:89:db:a4:7e:18:7a:c0:4a:b0:7d:66:5c
Fingerprint (sha256): 92:19:3b:f3:57:7a:01:a6:5e:76:8c:3f:a4:73:69:b6:05:cf:37:ee:82:40:dd:92:9d:bf:69:9e:79:59:64:88

Issuing Certificate URL: http://aia.entrust.net/l1j-ec1.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1j.crl

Check the revocation status for certificate traveller-form.phac-aspc.gc.ca

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for traveller-form.phac-aspc.gc.ca

Public Key Algorithm

ECDSA

Key Size

256

Signature Algorithm

ECDSA with SHA256

Key Usage

Digital Signature

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

traveller-form.phac-aspc.gc.ca
formulaire-voyageur.phac-aspc.gc.ca

Other certificates including the domain name phac-aspc.gc.ca

(limited to 100 certificates)
health-infobase.canada.ca
phac-aspc.gc.ca
www.cypc-ccjc.phac-aspc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
health-infobase.canada.ca
infobase.phac-aspc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
php-psp.phac-aspc.gc.ca
health-infobase.canada.ca
php-psp.phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
dev.mg-dsol.mapgears.com
phac-aspc.gc.ca
www.contracts-contrats.phac-aspc.gc.ca
aero-oitc.phac-aspc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
form-formulaire.phac-aspc.gc.ca
php-psp.phac-aspc.gc.ca
aids.gc.ca
infobase.phac-aspc.gc.ca
www.contracts-contrats.phac-aspc.gc.ca
dev.mg-dsol.mapgears.com
dev.mg-dsol.mapgears.com
lap-dmz-p01.hc-sc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
www.gcdisclosure-divulgationsc.phac-aspc.gc.ca
connect.nml-lmn.phac-aspc.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
tmate-devdbp1.phac-aspc.gc.ca
skills.phac-aspc.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
was855-ihs-prod.hc-sc.gc.ca
www.thexpenses-fraisva.phac-aspc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
aids.gc.ca
www.reclassification.phac-aspc.gc.ca
chnintranetrcs.phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
spupprxweb1.hc-sc.gc.ca
aids.gc.ca
infobase.phac-aspc.gc.ca
www.cypc-ccjc.phac-aspc.gc.ca
connect.nml-lmn.phac-aspc.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
vids-siv.phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
cpnp-pcnp.phac-aspc.gc.ca
cpnp-pcnp.phac-aspc.gc.ca
thosss-sssosv.phac-aspc.gc.ca
ttiss-ssit.phac-aspc.gc.ca
phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
popsl15.phac-aspc.gc.ca
phac-aspc.gc.ca
lap-dmz-p01.hc-sc.gc.ca
popsl15.phac-aspc.gc.ca
popsl15.phac-aspc.gc.ca
cphs-sspc.phac-aspc.gc.ca
thcd-dcsv.phac-aspc.gc.ca
phac-aspc.gc.ca
aids.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
cphs-sspc.phac-aspc.gc.ca
php-psp.phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
www.thexpenses-fraisva.phac-aspc.gc.ca
training-formation.phac-aspc.gc.ca
dexa-exad.phac-aspc.gc.ca
www.contracts-contrats.phac-aspc.gc.ca
tmate-devdbp1.phac-aspc.gc.ca
health-infobase.canada.ca
chnintranetrcs.phac-aspc.gc.ca
dev.mg-dsol.mapgears.com
traveller-form.phac-aspc.gc.ca
aids.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
aids.gc.ca
ccdr-rmtc.phac-aspc.gc.ca
aids.gc.ca
training-formation.phac-aspc.gc.ca
infobase.phac-aspc.gc.ca
capc-pace.phac-aspc.gc.ca
vids-siv.phac-aspc.gc.ca
cbpp-pcpe.phac-aspc.gc.ca
www.reclassification.phac-aspc.gc.ca
aids.gc.ca
form-formulaire.phac-aspc.gc.ca
dev.mg-dsol.mapgears.com
dev.mg-dsol.mapgears.com
dev.mg-dsol.mapgears.com
dev.mg-dsol.mapgears.com
training-formation.phac-aspc.gc.ca
www.cypc-ccjc.phac-aspc.gc.ca

Certificate

The complete raw certificate details for traveller-form.phac-aspc.gc.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGWTCCBd6gAwIBAgIRALCjluhug/QHAAAAAFagpBcwCgYIKoZIzj0EAwIwgbox
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9T
ZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAx
NiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAsBgNV
BAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUowHhcNMjAw
MzE4MTExNTIwWhcNMjIwNjE3MTE0NTEyWjCBzjELMAkGA1UEBhMCQ0ExEDAOBgNV
BAgTB09udGFyaW8xDzANBgNVBAcTBk90dGF3YTETMBEGCysGAQQBgjc8AgEDEwJD
QTEtMCsGA1UEChMkSGVhbHRoIENhbmFkYSAoRGVwYXJ0bWVudCBvZiBIZWFsdGgp
MRowGAYDVQQPExFHb3Zlcm5tZW50IEVudGl0eTETMBEGA1UEBRMKMTk5Ni0wNS0y
OTEnMCUGA1UEAxMedHJhdmVsbGVyLWZvcm0ucGhhYy1hc3BjLmdjLmNhMFkwEwYH
KoZIzj0CAQYIKoZIzj0DAQcDQgAE4sK0gej+ujKGktgSy+wQGBDAe3yt7+vusKb5
c6LAXeTjlgyVf5DX1GeV8jSR/k0jY9CDKXqGOZrwCuq3rtLGQqOCA60wggOpME4G
A1UdEQRHMEWCHnRyYXZlbGxlci1mb3JtLnBoYWMtYXNwYy5nYy5jYYIjZm9ybXVs
YWlyZS12b3lhZ2V1ci5waGFjLWFzcGMuZ2MuY2EwggH1BgorBgEEAdZ5AgQCBIIB
5QSCAeEB3wB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABcO12
X+IAAAQDAEcwRQIhAN/+Mp8sc8McF64fahkwGhlrmtgrjrLtsCRHAcUIzLyWAiAn
tTsSuxJUQAcy3la9Tq5XQOK7hC0ePhlye0pnvwYplAB2AId1v+dZfPiMQ5lfvfNu
/1aNR1Y2/0q1YMG06v9eoIMPAAABcO12YB8AAAQDAEcwRQIhAKun8AhgLZa5y5PM
7Tj237DgOnjpevsjMuo+gemQcoLWAiAQNWwxDbuRE08zboeofsg5QZS0YawBzN0/
hnkcabeV3AB1AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAABcO12
YDgAAAQDAEYwRAIgHVNWZJodgJO7HrV1RDza7wRlR/TzeSaiusPQuGSwpcACIHxf
PNPcQuR/XRfylcGv0hwMtUcKVv+W6IaeCOpHni1gAHYApLkJkLQYWBSHuxOizGdw
Cjw1mAT5G9+443fNDsgN3BAAAAFw7XZf4AAABAMARzBFAiEAs8Fvr6DoQEst724a
40XKrlAozuJqE3hzlidrC70Sf10CICnPactm4TQBkJhTbeQo0ONvoarZPyegFDhA
NJ1pBxk1MA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwYwYIKwYBBQUHAQEEVzBVMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5l
bnRydXN0Lm5ldDAuBggrBgEFBQcwAoYiaHR0cDovL2FpYS5lbnRydXN0Lm5ldC9s
MWotZWMxLmNlcjAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3Qu
bmV0L2xldmVsMWouY3JsMEoGA1UdIARDMEEwNgYKYIZIAYb6bAoBAjAoMCYGCCsG
AQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0L3JwYTAHBgVngQwBATAfBgNV
HSMEGDAWgBTD+UUDvsj5CzxFNfPrcuzn6OuUmzAdBgNVHQ4EFgQUVsx8xhgGwQUA
lQZrvDaZT/eoPPEwCQYDVR0TBAIwADAKBggqhkjOPQQDAgNpADBmAjEAuRtl0A7a
if/ofDRLzpTMy6JeFFVsXWjfiFlTICacL1DuWOLn8HyvaFdLOQDKKpWyAjEAt0/u
4zBMFHkjj7bm1HjxE3Q+AuuxDrV7oG7kag/ZfrI9ku8RUdtByb8cj3j5eudy
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4sK0gej+ujKGktgSy+wQGBDAe3yt
7+vusKb5c6LAXeTjlgyVf5DX1GeV8jSR/k0jY9CDKXqGOZrwCuq3rtLGQg==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 234793532422663494343676929993357698071
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.2 (ecdsaWithSHA256)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2016 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1J'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-18 11:15:20 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-06-17 11:45:12 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ottawa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Health Canada (Department of Health)'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1996-05-29'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'traveller-form.phac-aspc.gc.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits)
				0004e2c2b481e8feba328692d812cbec101810c07b7cadefebeeb0a6f973a2c05de4e3960c957f90d7d46795f23491fe4d2363d083297a86399af00aeab7aed2c642
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (71 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'traveller-form.phac-aspc.gc.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'formulaire-voyageur.phac-aspc.gc.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (481 bytes)
							01df0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000170ed765fe20000040300473045022100dffe329f2c73c31c17ae1f6a19301a196b9ad82b8eb2edb0244701c508ccbc96022027b53b12bb1254400732de56bd4eae5740e2bb842d1e3e19727b4a67bf0629940076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f00000170ed76601f0000040300473045022100aba7f008602d96b9cb93cced38f6dfb0e03a78e97afb2332ea3e81e9907282d6022010356c310dbb91134f336e87a87ec8394194b461ac01ccdd3f86791c69b795dc0075005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd00000170ed766038000004030046304402201d5356649a1d8093bb1eb575443cdaef046547f4f37926a2bac3d0b864b0a5c002207c5f3cd3dc42e47f5d17f295c1afd21c0cb5470a56ff96e8869e08ea479e2d60007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000170ed765fe00000040300473045022100b3c16fafa0e8404b2def6e1ae345caae5028cee26a13787396276b0bbd127f5d022029cf69cb66e134019098536de428d0e36fa1aad93f27a0143840349d69071935
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits)
							0780
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1j-ec1.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1j.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.2 (Entrust EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c3f94503bec8f90b3c4535f3eb72ece7e8eb949b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							56cc7cc61806c1050095066bbc36994ff7a83cf1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.2 (ecdsaWithSHA256)
 . . . . [c:0|t:3|false] BIT STRING (832 bits)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28490578278219334068729016752269727084924911249987410629386485704666767846505977065100222823918479400436574955673010
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28214335829510101438419269133344422120021536765810084014606617974312276760743188212924549224232695217972521050236786