ds-systest.d.r.dfait-maeci.gc.ca
- Global Affairs Canada -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number f2:ad:f7:c4:48:c5:4f:8e:00:00:00:00:50:f0:2b:31 was issued on by Entrust, Inc..
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Global Affairs Canada
Organization:
Global Affairs Canada
State / Province:
Ontario
Locality: Ottawa
Country: CA
Locality: Ottawa
Country: CA
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): f2:ad:f7:c4:48:c5:4f:8e:00:00:00:00:50:f0:2b:31Serial Number (int): 322576467642889575960852699824167856945
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: c2:2e:41:e0:8e:e8:b0:a0:45:c5:74:c0:7c:04:26:7e:b8:a3:fa:5c
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 9c:4e:dc:ad:b7:01:de:74:fe:04:40:06:d3:1b:fe:ac:9b:29:d3:d0
Fingerprint (sha256): 97:d6:14:2c:18:01:60:97:5a:64:2f:06:5f:06:95:97:0f:36:03:a1:17:4f:dd:ad:a0:ca:15:00:88:7d:86:e1
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate ds-systest.d.r.dfait-maeci.gc.ca
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ds-systest.d.r.dfait-maeci.gc.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ds-systest.d.r.dfait-maeci.gc.ca
eam-ds10t.d.r.dfait-maeci.gc.ca
eam-ds20t.d.r.dfait-maeci.gc.ca
eam-cs10t.d.r.dfait-maeci.gc.ca
eam-cs20t.d.r.dfait-maeci.gc.ca
eam-ds10t.d.r.dfait-maeci.gc.ca
eam-ds20t.d.r.dfait-maeci.gc.ca
eam-cs10t.d.r.dfait-maeci.gc.ca
eam-cs20t.d.r.dfait-maeci.gc.ca
Other certificates including the domain name dfait-maeci.gc.ca
(limited to 100 certificates)
mailgateway.dev.international.gc.ca
EICSII-LAB.eics-scei.gc.ca
www.listserv.international.gc.ca
WS-EICSII-SYSTEST1.eics-scei.gc.ca
pubx.dfait-maeci.gc.ca
pilotasa01.international.gc.ca
EICSII-TRAINING.eics-scei.gc.ca
rm2dg.international.gc.ca
WS-EICSII-STAGING.eics-scei.gc.ca
EICSII-SYSTEST1.eics-scei.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
ws-eicsii.eics-scei.gc.ca
EICSII-DEV1.eics-scei.gc.ca
WS-EICSII-SYSTEST2.eics-scei.gc.ca
rm2dg.international.gc.ca
ws-eicsii-lab.eics-scei.gc.ca
CNGNYVPN01H.international.gc.ca
wifiauth1.d.r.dfait-maeci.gc.ca
GCCFProdEXCOL4Verification.dfait-maeci.gc.ca
mailgateway.international.gc.ca
www.listserv.dfait-maeci.gc.ca
iam-systest.d.r.dfait-maeci.gc.ca
cart.d.r.dfait-maeci.gc.ca
WS-EICSII-LAB1.eics-scei.gc.ca
mailgateway.dev.international.gc.ca
mailgateway.dev.international.gc.ca
HQL-PMKWC02.p.dfait-maeci.gc.ca
ExchangeServer-QA.d.r.dfait-maeci.gc.ca
rm2dg.international.gc.ca
EICSII-STAGING.eics-scei.gc.ca
GCCFProdEXCOL4Encryption.dfait-maeci.gc.ca
ws-eicsii-dev1.eics-scei.gc.ca
eicsii.eics-scei.gc.ca
ws-eicsii-lab.eics-scei.gc.ca
iam.d.r.dfait-maeci.gc.ca
ds.d.r.dfait-maeci.gc.ca
HQL-PMKWC01.p.dfait-maeci.gc.ca
hqs-pmkwc02.p.dfait-maeci.gc.ca
mailgateway.international.gc.ca
rm2dg.international.gc.ca
pilotasa01.international.gc.ca
rm2dg.international.gc.ca
hql-pmkwc01.p.dfait-maeci.gc.ca
HQL-PMKWC01.p.dfait-maeci.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
www.listserv.international.gc.ca
hqs-pmkwc02.p.dfait-maeci.gc.ca
rm2dg.international.gc.ca
mailgateway.international.gc.ca
wifiauth1.d.r.dfait-maeci.gc.ca
SIMCENVPN01H.international.gc.ca
rm2dg.international.gc.ca
GAC-HQ-MBX-DEV.D.R.DFAIT-MAECI.GC.CA
iam-dev.d.r.dfait-maeci.gc.ca
ds-systest.d.r.dfait-maeci.gc.ca
hql-pmkwb62.p.dfait-maeci.gc.ca
GAC-HQ-MBX.D.R.DFAIT-MAECI.GC.CA
ROMEVPN01H.international.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
iam.d.r.dfait-maeci.gc.ca
mailgateway.international.gc.ca
WS-EICSII-TRAINING.eics-scei.gc.ca
HQL-DMMIG01.d.r.dfait-maeci.gc.ca
www.listserv.international.gc.ca
iam-dev.d.r.dfait-maeci.gc.ca
ws-eicsii-dev2.eics-scei.gc.ca
DALASVPN01H.international.gc.ca
EICSII-DEV2.eics-scei.gc.ca
WS.eics-scei.gc.ca
EICSII-SYSTEST2.eics-scei.gc.ca
GAC-HQ-MBX2.D.R.DFAIT-MAECI.GC.CA
wifiauth2.d.r.dfait-maeci.gc.ca
BEJINGVPN01R.international.gc.ca
WS-EICSII-SYSTEST1.eics-scei.gc.ca
www.dfait-maeci.gc.ca
hql-pmkwc01.p.dfait-maeci.gc.ca
wifiauth2.d.r.dfait-maeci.gc.ca
www.eics-scei.gc.ca
rm2dg.international.gc.ca
www.listserv.international.gc.ca
rm2dg.international.gc.ca
WS-EICSII-SYSTEST2.eics-scei.gc.ca
rm2dg.international.gc.ca
EICSII-LAB.eics-scei.gc.ca
www.listserv.international.gc.ca
WS-EICSII-SYSTEST1.eics-scei.gc.ca
pubx.dfait-maeci.gc.ca
pilotasa01.international.gc.ca
EICSII-TRAINING.eics-scei.gc.ca
rm2dg.international.gc.ca
WS-EICSII-STAGING.eics-scei.gc.ca
EICSII-SYSTEST1.eics-scei.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
ws-eicsii.eics-scei.gc.ca
EICSII-DEV1.eics-scei.gc.ca
WS-EICSII-SYSTEST2.eics-scei.gc.ca
rm2dg.international.gc.ca
ws-eicsii-lab.eics-scei.gc.ca
CNGNYVPN01H.international.gc.ca
wifiauth1.d.r.dfait-maeci.gc.ca
GCCFProdEXCOL4Verification.dfait-maeci.gc.ca
mailgateway.international.gc.ca
www.listserv.dfait-maeci.gc.ca
iam-systest.d.r.dfait-maeci.gc.ca
cart.d.r.dfait-maeci.gc.ca
WS-EICSII-LAB1.eics-scei.gc.ca
mailgateway.dev.international.gc.ca
mailgateway.dev.international.gc.ca
HQL-PMKWC02.p.dfait-maeci.gc.ca
ExchangeServer-QA.d.r.dfait-maeci.gc.ca
rm2dg.international.gc.ca
EICSII-STAGING.eics-scei.gc.ca
GCCFProdEXCOL4Encryption.dfait-maeci.gc.ca
ws-eicsii-dev1.eics-scei.gc.ca
eicsii.eics-scei.gc.ca
ws-eicsii-lab.eics-scei.gc.ca
iam.d.r.dfait-maeci.gc.ca
ds.d.r.dfait-maeci.gc.ca
HQL-PMKWC01.p.dfait-maeci.gc.ca
hqs-pmkwc02.p.dfait-maeci.gc.ca
mailgateway.international.gc.ca
rm2dg.international.gc.ca
pilotasa01.international.gc.ca
rm2dg.international.gc.ca
hql-pmkwc01.p.dfait-maeci.gc.ca
HQL-PMKWC01.p.dfait-maeci.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
www.listserv.international.gc.ca
hqs-pmkwc02.p.dfait-maeci.gc.ca
rm2dg.international.gc.ca
mailgateway.international.gc.ca
wifiauth1.d.r.dfait-maeci.gc.ca
SIMCENVPN01H.international.gc.ca
rm2dg.international.gc.ca
GAC-HQ-MBX-DEV.D.R.DFAIT-MAECI.GC.CA
iam-dev.d.r.dfait-maeci.gc.ca
ds-systest.d.r.dfait-maeci.gc.ca
hql-pmkwb62.p.dfait-maeci.gc.ca
GAC-HQ-MBX.D.R.DFAIT-MAECI.GC.CA
ROMEVPN01H.international.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
iam.d.r.dfait-maeci.gc.ca
mailgateway.international.gc.ca
WS-EICSII-TRAINING.eics-scei.gc.ca
HQL-DMMIG01.d.r.dfait-maeci.gc.ca
www.listserv.international.gc.ca
iam-dev.d.r.dfait-maeci.gc.ca
ws-eicsii-dev2.eics-scei.gc.ca
DALASVPN01H.international.gc.ca
EICSII-DEV2.eics-scei.gc.ca
WS.eics-scei.gc.ca
EICSII-SYSTEST2.eics-scei.gc.ca
GAC-HQ-MBX2.D.R.DFAIT-MAECI.GC.CA
wifiauth2.d.r.dfait-maeci.gc.ca
BEJINGVPN01R.international.gc.ca
WS-EICSII-SYSTEST1.eics-scei.gc.ca
www.dfait-maeci.gc.ca
hql-pmkwc01.p.dfait-maeci.gc.ca
wifiauth2.d.r.dfait-maeci.gc.ca
www.eics-scei.gc.ca
rm2dg.international.gc.ca
www.listserv.international.gc.ca
rm2dg.international.gc.ca
WS-EICSII-SYSTEST2.eics-scei.gc.ca
rm2dg.international.gc.ca
Certificate
The complete raw certificate details for ds-systest.d.r.dfait-maeci.gc.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF9jCCBN6gAwIBAgIRAPKt98RIxU+OAAAAAFDwKzEwDQYJKoZIhvcNAQELBQAw gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg MjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcN MTkwNDExMTI1MzI1WhcNMjEwNzEwMTMyMzI1WjB7MQswCQYDVQQGEwJDQTEQMA4G A1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMR4wHAYDVQQKExVHbG9iYWwg QWZmYWlycyBDYW5hZGExKTAnBgNVBAMTIGRzLXN5c3Rlc3QuZC5yLmRmYWl0LW1h ZWNpLmdjLmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPmNiCz0 uaV7krCGiU2/a6/uI1Og6ACJO2AKzyN7OV5eAirV4y/VmnT3IQ7nc5OiDzy5AcJM uCbNffYiS9/3HRfXTKPazZoPib2OEbcVR9O371PzuwkWd4GY1LAaIVKGUYztLJ4W Rq3nRj1SuL0IOmPqG9pefa1berDCTzZ+NZxPa34GEcSj8CBMybiL/N+iSaM7DEuh bCjVAO1urklGsVwohWCagc+FIcGkUjnb+tqmmO/sJRYxR+Bf8pzS7VJ5m9gHh7+P dwCQlwmi1cK+UP2ScaUtNir2Oa/ZQuD96E3z3XxupRiQR/9lESU3M9aoGs3Gajrp hXqNLByj/BUAgwIDAQABo4ICMzCCAi8wEwYKKwYBBAHWeQIEAwEB/wQCBQAwgbEG A1UdEQSBqTCBpoIgZHMtc3lzdGVzdC5kLnIuZGZhaXQtbWFlY2kuZ2MuY2GCH2Vh bS1kczEwdC5kLnIuZGZhaXQtbWFlY2kuZ2MuY2GCH2VhbS1kczIwdC5kLnIuZGZh aXQtbWFlY2kuZ2MuY2GCH2VhbS1jczEwdC5kLnIuZGZhaXQtbWFlY2kuZ2MuY2GC H2VhbS1jczIwdC5kLnIuZGZhaXQtbWFlY2kuZ2MuY2EwDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAzBgNVHR8ELDAqMCigJqAk hiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L2xldmVsMWsuY3JsMEsGA1UdIAREMEIw NgYKYIZIAYb6bAoBBTAoMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1c3Qu bmV0L3JwYTAIBgZngQwBAgIwaAYIKwYBBQUHAQEEXDBaMCMGCCsGAQUFBzABhhdo dHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAzBggrBgEFBQcwAoYnaHR0cDovL2FpYS5l bnRydXN0Lm5ldC9sMWstY2hhaW4yNTYuY2VyMB8GA1UdIwQYMBaAFIKicHTdvFM/ z3vU981/p2DGCky/MB0GA1UdDgQWBBTCLkHgjuiwoEXFdMB8BCZ+uKP6XDAJBgNV HRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQA7aVHXWb1+x2vz5F9y0HFwCd/QnDsd 3JRimC9WDzFabffGxowAWm5UIFIn2vzUa6hPzUbf/GidTckKss0HBMYIvmay+cce LdAO1gYzojIHzBIQhPO7hXjNIMyVXjq5OwNIIm2X8iIhgn6Y1gFo97Y383A35hzB GyntUQWxRPw4bw8QjcdGifzQbHzM4zOdhMrAMoT1WxjzAxdZMMxxHGeu79z7twc8 6U9JF+POnVg86vc6W62EGXlm+kXLTEQNpdbgz92IbG8Yz4/r8aB5MjrlQNDb/G+C w4ITQQTj6o4Q5L6tU0UeFmylKL9kj2Yr+lMr3DgRJ+yAoX2jYInB4Kep -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPmNiCz0uaV7krCGiU2/ a6/uI1Og6ACJO2AKzyN7OV5eAirV4y/VmnT3IQ7nc5OiDzy5AcJMuCbNffYiS9/3 HRfXTKPazZoPib2OEbcVR9O371PzuwkWd4GY1LAaIVKGUYztLJ4WRq3nRj1SuL0I OmPqG9pefa1berDCTzZ+NZxPa34GEcSj8CBMybiL/N+iSaM7DEuhbCjVAO1urklG sVwohWCagc+FIcGkUjnb+tqmmO/sJRYxR+Bf8pzS7VJ5m9gHh7+PdwCQlwmi1cK+ UP2ScaUtNir2Oa/ZQuD96E3z3XxupRiQR/9lESU3M9aoGs3GajrphXqNLByj/BUA gwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 322576467642889575960852699824167856945 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-11 12:53:25 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-07-10 13:23:25 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ottawa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Global Affairs Canada' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ds-systest.d.r.dfait-maeci.gc.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19816234676015147167313760181622175955334184719634240873198811235281484539385596472573510474761808441740706187284682361647652686728614576487597640465680661520971838103446641633871770299799914829455998856947964584282352896767215512854349533512180091021266757065111987497646374812850362433328925411488918472601868353471018556580944260682978648675046769512516546947554503142479668245625348609967742060336909358724093110726140508100116274816646731485846523410086707524265100308730007790446838983727693717736874022478294258165587847564299653539739696855173556794554042539097824701299140294562678828562688668214515398410371 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ds-systest.d.r.dfait-maeci.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eam-ds10t.d.r.dfait-maeci.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eam-ds20t.d.r.dfait-maeci.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eam-cs10t.d.r.dfait-maeci.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eam-cs20t.d.r.dfait-maeci.gc.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c22e41e08ee8b0a045c574c07c04267eb8a3fa5c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003b6951d759bd7ec76bf3e45f72d0717009dfd09c3b1ddc9462982f560f315a6df7c6c68c005a6e54205227dafcd46ba84fcd46dffc689d4dc90ab2cd0704c608be66b2f9c71e2dd00ed60633a23207cc121084f3bb8578cd20cc955e3ab93b0348226d97f22221827e98d60168f7b637f37037e61cc11b29ed5105b144fc386f0f108dc74689fcd06c7ccce3339d84cac03284f55b18f303175930cc711c67aeefdcfbb7073ce94f4917e3ce9d583ceaf73a5bad84197966fa45cb4c440da5d6e0cfdd886c6f18cf8febf1a079323ae540d0dbfc6f82c382134104e3ea8e10e4bead53451e166ca528bf648f662bfa532bdc381127ec80a17da36089c1e0a7a9