paa-pac.acdi-cida.gc.ca
- Dept. of Foreign Affairs and International Trade -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number da:3b:d6:54:00:00:00:00:50:d5:e4:07 was issued on by Entrust, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Dept. of Foreign Affairs and International Trade
Organization:
Dept. of Foreign Affairs and International Trade
Locality:
Ottawa
Country: CA
Country: CA
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): da:3b:d6:54:00:00:00:00:50:d5:e4:07Serial Number (int): 67540070900364324400344196103
Serial Number lenght: 96 bits, 12 octets
SubjectKeyId: 6c:d7:7f:1c:83:55:9e:70:93:b7:23:7a:c0:90:a3:82:2f:b2:e4:8e
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 4b:e0:85:7e:35:24:36:d0:06:96:b1:43:2b:d1:f8:b9:8a:aa:81:01
Fingerprint (sha256): 9b:06:ef:cf:12:80:f6:b4:5e:4d:80:e2:cc:3d:47:20:fd:83:4b:55:3d:d6:ff:b7:a7:6a:f0:00:67:fd:d4:7c
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate paa-pac.acdi-cida.gc.ca
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for paa-pac.acdi-cida.gc.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
paa-pac.acdi-cida.gc.ca
Other certificates including the domain name acdi-cida.gc.ca
(limited to 100 certificates)
paa-pac.acdi-cida.gc.ca
travel-smart.international.gc.ca
paa-pac.acdi-cida.gc.ca
travel-smart.international.gc.ca
pi.international.gc.ca
ecollaboration.acdi-cida.gc.ca
ext.acdi-cida.gc.ca
ext.acdi-cida.gc.ca
am.acdi-cida.gc.ca
ads-sra.acdi-cida.gc.ca
acwcx324.acdi-cida.gc.ca
gateway.acdi-cida.gc.ca
paa-pac.acdi-cida.gc.ca
ads-sra.preprod.acdi-cida.gc.ca
gdc-as.acdi-cida.gc.ca
paa-pac.acdi-cida.gc.ca
ads-sra.acdi-cida.gc.ca
gdc-as.acdi-cida.gc.ca
pi.international.gc.ca
paa-pac.acdi-cida.gc.ca
gateway.preprod.acdi-cida.gc.ca
paa-pac.acdi-cida.gc.ca
collaboration.acdi-cida.gc.ca
apprentissage-learning.acdi-cida.gc.ca
travel-smart.international.gc.ca
smt.acdi-cida.gc.ca
bdca-ccdb.acdi-cida.gc.ca
am.acdi-cida.gc.ca
gateway.acdi-cida.gc.ca
travel-smart.international.gc.ca
paa-pac.acdi-cida.gc.ca
travel-smart.international.gc.ca
pi.international.gc.ca
ecollaboration.acdi-cida.gc.ca
ext.acdi-cida.gc.ca
ext.acdi-cida.gc.ca
am.acdi-cida.gc.ca
ads-sra.acdi-cida.gc.ca
acwcx324.acdi-cida.gc.ca
gateway.acdi-cida.gc.ca
paa-pac.acdi-cida.gc.ca
ads-sra.preprod.acdi-cida.gc.ca
gdc-as.acdi-cida.gc.ca
paa-pac.acdi-cida.gc.ca
ads-sra.acdi-cida.gc.ca
gdc-as.acdi-cida.gc.ca
pi.international.gc.ca
paa-pac.acdi-cida.gc.ca
gateway.preprod.acdi-cida.gc.ca
paa-pac.acdi-cida.gc.ca
collaboration.acdi-cida.gc.ca
apprentissage-learning.acdi-cida.gc.ca
travel-smart.international.gc.ca
smt.acdi-cida.gc.ca
bdca-ccdb.acdi-cida.gc.ca
am.acdi-cida.gc.ca
gateway.acdi-cida.gc.ca
Certificate
The complete raw certificate details for paa-pac.acdi-cida.gc.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFQDCCBCigAwIBAgINANo71lQAAAAAUNXkBzANBgkqhkiG9w0BAQsFADCBujEL MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1Nl ZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEy IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwGA1UE AxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0xNTEw MzAxMjI4MzNaFw0xNzEwMzAxMjU4MzJaMHsxCzAJBgNVBAYTAkNBMQ8wDQYDVQQH EwZPdHRhd2ExOTA3BgNVBAoTMERlcHQuIG9mIEZvcmVpZ24gQWZmYWlycyBhbmQg SW50ZXJuYXRpb25hbCBUcmFkZTEgMB4GA1UEAxMXcGFhLXBhYy5hY2RpLWNpZGEu Z2MuY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfAGReeNkwaq6a QMy6NlGxlX7uS7CU4rLJCfEgYBNVzUraLwOSSenWolxAKizpKJCBgwfeeYYKATMV jg67YwrL8rvu1+TdRuBrO2Fp+TVVsqTTSMIA64ewXwhprPIUiUetRb3e0V5mTqcw oxc/0/yRU8mCM0GdvotstGJdr44B27/1YlpjLYTJv5TZU4KTvdVB0huWc9gXzDi4 EOowfs6LAU7MNjmziyeIzYSNFxyo/uUMFkh5KLI/p+heWfnbDd2k2jgG/eyRS1ff h+7vMhcB7wBkrG9mqTHa7iOM4uk2pKfgpd/oLsF2Y9L8Ba1UPda0ty/91/Xo6a0p m+QpyzVpAgMBAAGjggGBMIIBfTALBgNVHQ8EBAMCBaAwEwYDVR0lBAwwCgYIKwYB BQUHAwEwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9s ZXZlbDFrLmNybDBLBgNVHSAERDBCMDYGCmCGSAGG+mwKAQUwKDAmBggrBgEFBQcC ARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwCAYGZ4EMAQICMGgGCCsGAQUF BwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYI KwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFrLWNoYWluMjU2LmNl cjAiBgNVHREEGzAZghdwYWEtcGFjLmFjZGktY2lkYS5nYy5jYTAfBgNVHSMEGDAW gBSConB03bxTP8971PfNf6dgxgpMvzAdBgNVHQ4EFgQUbNd/HINVnnCTtyN6wJCj gi+y5I4wCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEABGLtrKmrSwaaWu2S uVwaTpf1BA4DSFqdqcT6swQTiqGux2pwzAh3izmi+dvDmjz2GH9GTusZjKHbK5Y9 HyA7NzdkeQUhDOsH9G93J2pU2LV3XPWRWinh5Rhb/mNiLMg2z1gIl6jd0bWFgie1 Jp/Ej/fY3fkqd7FrOAI0R2tTWiNw1Y6oLPpUdLVU+GWk4jTFfxCMyl6K+UfIGaJw Oysb3nacm0/qjymZZh/V0rpiS6xfljs8QKjT6S82ADvKpolzzRZ7e8Sr8zSapmyF +2SO5TT5pYhWncs7OVHY2gyyxNBbyrf/uGY21B2/z5k4bKZ4OHeyB2axlWbU0WDy sl4QwA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwBkXnjZMGqumkDMujZR sZV+7kuwlOKyyQnxIGATVc1K2i8Dkknp1qJcQCos6SiQgYMH3nmGCgEzFY4Ou2MK y/K77tfk3Ubgazthafk1VbKk00jCAOuHsF8IaazyFIlHrUW93tFeZk6nMKMXP9P8 kVPJgjNBnb6LbLRiXa+OAdu/9WJaYy2Eyb+U2VOCk73VQdIblnPYF8w4uBDqMH7O iwFOzDY5s4sniM2EjRccqP7lDBZIeSiyP6foXln52w3dpNo4Bv3skUtX34fu7zIX Ae8AZKxvZqkx2u4jjOLpNqSn4KXf6C7BdmPS/AWtVD3WtLcv/df16OmtKZvkKcs1 aQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 67540070900364324400344196103 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-10-30 12:28:33 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-30 12:58:32 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ottawa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Dept. of Foreign Affairs and International Trade' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'paa-pac.acdi-cida.gc.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20072083824814619558109281825856443605510332738110381808827400781672969995540144940691408668469685042104037210041307430586967757146195147496238863200816604634322269058489713995601286133754239441336132722086818835872514508775067573126406211196969951873156819566911822984229486268885082141728604096813824114844914432736435878312866146286692007429938697928397267691377179820589507901070406880792257921740293967644782331278364745772488896482319944899936028716811856270982932594062524990990381242793265902013277411282878176712955256429806122853816257148339357653714518105558488100224545671157895050163201169799303804958057 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paa-pac.acdi-cida.gc.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6cd77f1c83559e7093b7237ac090a3822fb2e48e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000462edaca9ab4b069a5aed92b95c1a4e97f5040e03485a9da9c4fab304138aa1aec76a70cc08778b39a2f9dbc39a3cf6187f464eeb198ca1db2b963d1f203b3737647905210ceb07f46f77276a54d8b5775cf5915a29e1e5185bfe63622cc836cf580897a8ddd1b5858227b5269fc48ff7d8ddf92a77b16b380234476b535a2370d58ea82cfa5474b554f865a4e234c57f108cca5e8af947c819a2703b2b1bde769c9b4fea8f2999661fd5d2ba624bac5f963b3c40a8d3e92f36003bcaa68973cd167b7bc4abf3349aa66c85fb648ee534f9a588569dcb3b3951d8da0cb2c4d05bcab7ffb86636d41dbfcf99386ca6783877b20766b19566d4d160f2b25e10c0