*.illinoiscomptroller.gov
- Illinois Office of Comptroller -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number 59:1d:d5:29:9b:b4:19:73:17:4c:4b:19:d3:9d:d1:e7 was issued on by Entrust, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Illinois Office of Comptroller
Organization:
Illinois Office of Comptroller
State / Province:
Illinois
Locality: Springfield
Country: US
Locality: Springfield
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 59:1d:d5:29:9b:b4:19:73:17:4c:4b:19:d3:9d:d1:e7Serial Number (int): 118456191683543166932359913315239842279
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: fd:39:46:0a:a3:a8:b5:b2:af:48:f2:18:ef:99:f4:a8:4c:7b:b4:c2
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 91:a8:f8:6e:38:b3:49:d0:0a:c3:7e:b3:22:1a:6d:d2:a7:93:3a:51
Fingerprint (sha256): a9:be:50:fc:df:6f:97:c9:bd:75:93:6f:5a:a1:97:85:1e:8d:84:16:fd:ae:d4:c4:e0:6b:02:7f:c8:85:d2:10
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate *.illinoiscomptroller.gov
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.illinoiscomptroller.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.illinoiscomptroller.gov
illinoiscomptroller.gov
illinoiscomptroller.gov
Other certificates including the domain name illinoiscomptroller.gov
(limited to 100 certificates)
analytics.illinoiscomptroller.gov
*.illinoiscomptroller.gov
*.illinoiscomptroller.gov
analyticsv20.illinoiscomptroller.gov
IllinoisComptroller.gov
sslvpn.illinoiscomptroller.gov
IllinoisComptroller.gov
IOC-ISE1.illinoiscomptroller.gov
IOC-ISE1.illinoiscomptroller.gov
ioc-fmc-ca.illinoiscomptroller.gov
IllinoisComptroller.gov
*.illinoiscomptroller.gov
analyticsv20.illinoiscomptroller.gov
*.IllinoisComptroller.gov
IllinoisComptroller.gov
analytics.illinoiscomptroller.gov
IOC-ISE2.illinoiscomptroller.gov
gateway.iconstituent.com
*.IllinoisComptroller.gov
*.illinoiscomptroller.gov
training.illinoiscomptroller.gov
analyticsv20.illinoiscomptroller.gov
illinoiscomptroller.gov
gateway.iconstituent.com
*.illinoiscomptroller.gov
*.illinoiscomptroller.gov
*.illinoiscomptroller.gov
analyticsv20.illinoiscomptroller.gov
IllinoisComptroller.gov
sslvpn.illinoiscomptroller.gov
IllinoisComptroller.gov
IOC-ISE1.illinoiscomptroller.gov
IOC-ISE1.illinoiscomptroller.gov
ioc-fmc-ca.illinoiscomptroller.gov
IllinoisComptroller.gov
*.illinoiscomptroller.gov
analyticsv20.illinoiscomptroller.gov
*.IllinoisComptroller.gov
IllinoisComptroller.gov
analytics.illinoiscomptroller.gov
IOC-ISE2.illinoiscomptroller.gov
gateway.iconstituent.com
*.IllinoisComptroller.gov
*.illinoiscomptroller.gov
training.illinoiscomptroller.gov
analyticsv20.illinoiscomptroller.gov
illinoiscomptroller.gov
gateway.iconstituent.com
*.illinoiscomptroller.gov
Certificate
The complete raw certificate details for *.illinoiscomptroller.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG+jCCBeKgAwIBAgIQWR3VKZu0GXMXTEsZ053R5zANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y MjA3MjkxMjM5MjdaFw0yMzA4MjgxMjM5MjdaMIGDMQswCQYDVQQGEwJVUzERMA8G A1UECBMISWxsaW5vaXMxFDASBgNVBAcTC1NwcmluZ2ZpZWxkMScwJQYDVQQKEx5J bGxpbm9pcyBPZmZpY2Ugb2YgQ29tcHRyb2xsZXIxIjAgBgNVBAMMGSouaWxsaW5v aXNjb21wdHJvbGxlci5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCciDgATF+ORaRmAwpZJbZFhAhjlYR3MNbwitfl4nZfs9p1dvTR8hlzVK++pfUX ULW1JAXz7nYIhvTHEor6/FiEBE3CbBfGP5GUmdIvFVVD0IvwzCjQHeQSmXgLiRtQ X21SuJZL+9OdiVJm+NPQqR98nGWljGjGbXowwaFhKHK0iz5fFmat/wuRft6valME x1w+at9L/i0ToA5LKkB75E0oEVJQBu2hQR+0hWYeADmV7e7aUxuOaDVKx9aYyy4X 2yhkXnHAPdad930bY/MOhM9qWiaBzD73HpYv+7PE9DV0RFc3jmqc28YQVpkXwXHB cK52M72wIi0yF3qAbSPudubNAgMBAAGjggMvMIIDKzAMBgNVHRMBAf8EAjAAMB0G A1UdDgQWBBT9OUYKo6i1sq9I8hjvmfSoTHu0wjAfBgNVHSMEGDAWgBSConB03bxT P8971PfNf6dgxgpMvzBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6 Ly9vY3NwLmVudHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1 c3QubmV0L2wxay1jaGFpbjI1Ni5jZXIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDov L2NybC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNybDA9BgNVHREENjA0ghkqLmlsbGlu b2lzY29tcHRyb2xsZXIuZ292ghdpbGxpbm9pc2NvbXB0cm9sbGVyLmdvdjAOBgNV HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEwGA1Ud IARFMEMwNwYKYIZIAYb6bAoBBTApMCcGCCsGAQUFBwIBFhtodHRwczovL3d3dy5l bnRydXN0Lm5ldC9ycGEwCAYGZ4EMAQICMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFq AWgAdgBVgdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcvo6odBxPTDAAAAYJJ+AhkAAAE AwBHMEUCIQDvADnpcTl2hSKPl9eLV7ZEHJHQkta5a66Ny4DfU29FAQIgSzI1j7vc Ok9RDwU4TGu7FP5ETK3EfofcyXu6B7Ihz0cAdgCzc3cH4YRQ+GOG1gWp3BEJSnkt sWcMC4fc8AMOeTalmgAAAYJJ+AhiAAAEAwBHMEUCIEl8zsgVdWqcMHLmNj0muULI ni0A+ZpCJHrJF0kpUIZwAiEA8lS3YgZVzteL9Raz3/aMMS+t+VNcZHK4AT6iy1ZU aGAAdgDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAYJJ+AinAAAE AwBHMEUCIQDK2UmcrPluIqSIkom2n4Iv6cEXFGmsO4IoZdU17u6TtgIgbLPqalNj UElHzPv3T3ytcKvSKxVrtCLS9A+mlVxK9CQwDQYJKoZIhvcNAQELBQADggEBAGuT nEwd+M/ECDOlebOCKc00IAIHyGldc8KcmtTgeLqjyUctciKbXXMBdkIQB5kMCSNw aHVBtTUdahV/SwLapa3rLeBvsZYOk16qCR7NAc3yLvD40Do7sNCdPTfVWNE0FAwl uy+rtQUfB5DpmDc2DXk20MZHtCuJONWXLtBHD/fHvDRTAZjsZAgO1HGQEN8DGyX6 ZuOppdwQKOpPKkNh2+vH1RPfM4vJAI/Tym+Lj1hcCTDcDJPBkVoOMR3wxohcXj16 u9YB1jGO876m9jIoF9lUG1rjPYGXC4ipoSORpAnHjjkbpeaSN9EvBCv5LiFT/xt9 /7HrOTM567mKHnVjJes= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIg4AExfjkWkZgMKWSW2 RYQIY5WEdzDW8IrX5eJ2X7PadXb00fIZc1SvvqX1F1C1tSQF8+52CIb0xxKK+vxY hARNwmwXxj+RlJnSLxVVQ9CL8Mwo0B3kEpl4C4kbUF9tUriWS/vTnYlSZvjT0Kkf fJxlpYxoxm16MMGhYShytIs+XxZmrf8LkX7er2pTBMdcPmrfS/4tE6AOSypAe+RN KBFSUAbtoUEftIVmHgA5le3u2lMbjmg1SsfWmMsuF9soZF5xwD3Wnfd9G2PzDoTP alomgcw+9x6WL/uzxPQ1dERXN45qnNvGEFaZF8FxwXCudjO9sCItMhd6gG0j7nbm zQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 118456191683543166932359913315239842279 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-29 12:39:27 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-28 12:39:27 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Illinois' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Springfield' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Illinois Office of Comptroller' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.illinoiscomptroller.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19760347546108494586210542227063543598152758063083909450068584388278139407492688552030397673785755714949208197726791722986526204022444436635852646331105726278715345780211516145111206437917997779419861188312173251681851910611839474257413843192925782497509641706223704453514674638861181731686148060281766236753416365532096948183716732537564489042101467314273529745838693088656373753177411922062004676780334808249022608416350879086862973163112703918330762623762401167220185752121920250082115955740016039446517706444448982607280925999389268955292117347250720911608130661467704314291584050852404578467831647915598432102093 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fd39460aa3a8b5b2af48f218ef99f4a84c7bb4c2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.illinoiscomptroller.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'illinoiscomptroller.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 01680076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018249f808640000040300473045022100ef0039e971397685228f97d78b57b6441c91d092d6b96bae8dcb80df536f450102204b32358fbbdc3a4f510f05384c6bbb14fe444cadc47e87dcc97bba07b221cf47007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000018249f8086200000403004730450220497ccec815756a9c3072e6363d26b942c89e2d00f99a42247ac9174929508670022100f254b7620655ced78bf516b3dff68c312fadf9535c6472b8013ea2cb56546860007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018249f808a70000040300473045022100cad9499cacf96e22a4889289b69f822fe9c1171469ac3b822865d535eeee93b602206cb3ea6a5363504947ccfbf74f7cad70abd22b156bb422d2f40fa6955c4af424 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006b939c4c1df8cfc40833a579b38229cd34200207c8695d73c29c9ad4e078baa3c9472d72229b5d730176421007990c092370687541b5351d6a157f4b02daa5adeb2de06fb1960e935eaa091ecd01cdf22ef0f8d03a3bb0d09d3d37d558d134140c25bb2fabb5051f0790e99837360d7936d0c647b42b8938d5972ed0470ff7c7bc34530198ec64080ed4719010df031b25fa66e3a9a5dc1028ea4f2a4361dbebc7d513df338bc9008fd3ca6f8b8f585c0930dc0c93c1915a0e311df0c6885c5e3d7abbd601d6318ef3bea6f6322817d9541b5ae33d81970b88a9a12391a409c78e391ba5e69237d12f042bf92e2153ff1b7dffb1eb393339ebb98a1e756325eb