queens.boe.nyc.ny.us
- Board of Elections -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number fd:0f:81:e4:ca:e8:99:42:00:00:00:00:50:eb:46:9f was issued on by Entrust, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Board of Elections
Organization:
Board of Elections
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): fd:0f:81:e4:ca:e8:99:42:00:00:00:00:50:eb:46:9fSerial Number (int): 336375201944118829090464089992145356447
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 98:66:fa:89:78:ff:64:0c:dc:6e:9c:66:11:ad:4a:4b:16:7d:c9:20
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 76:37:df:06:dd:72:ef:05:9d:40:6a:d6:f9:1e:99:f4:9c:02:c9:73
Fingerprint (sha256): ae:b9:f0:f9:c4:f3:55:55:55:4f:91:80:e7:49:30:bb:ea:aa:e3:90:df:a7:34:e5:49:c8:50:e3:d1:cf:38:75
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate queens.boe.nyc.ny.us
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for queens.boe.nyc.ny.us
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
queens.boe.nyc.ny.us
Other certificates including the domain name nyc.ny.us
(limited to 100 certificates)
iboremote2.ibo.nyc.ny.us
iboremote2.ibo.nyc.ny.us
www.tac.nyc.ny.us
42fw.boe.nyc.ny.us
*.ibo.nyc.ny.us
owa.trs.nyc.ny.us
ibo.nyc.ny.us
*.trs.nyc.ny.us
ctxdr.council.nyc.ny.us
qns.boe.nyc.ny.us
42fw.boe.nyc.ny.us
ctx.council.nyc.ny.us
hope.nyc.ny.us
*.trs.nyc.ny.us
*.trs.nyc.ny.us
*.ibo.nyc.ny.us
mail.trinityschoolnyc.org
mail.council.nyc.gov
*.ibo.nyc.ny.us
vote.nyc.ny.us
wm.ibo.nyc.ny.us
*.hope.nyc.ny.us
iboremote.ibo.nyc.ny.us
*.trs.nyc.ny.us
*.ibo.nyc.ny.us
ctx.council.nyc.ny.us
home.nyc.ny.us
ibo.nyc.ny.us
owa.trs.nyc.ny.us
*.council.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.gov
wm.ibo.nyc.ny.us
*.trs.nyc.ny.us
hope.nyc.ny.us
42fw.boe.nyc.ny.us
*.ibo.nyc.ny.us
ibo.nyc.ny.us
ibomail.ibo.nyc.ny.us
*.vote.nyc
vote.nyc.ny.us
*.trs.nyc.ny.us
www.trs.nyc.ny.us
owa.trs.nyc.ny.us
*.ibo.nyc.ny.us
*.hope.nyc.ny.us
owa.trs.nyc.ny.us
mail.council.nyc.gov
owa.boe.nyc
www.trs.nyc.ny.us
www.tac.nyc.ny.us
owa.trs.nyc.ny.us
ibomail.ibo.nyc.ny.us
hope.nyc.ny.us
42fw.boe.nyc.ny.us
www.hope.nyc.ny.us
hope.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
vote.nyc.ny.us
queens.boe.nyc.ny.us
ibo.nyc.ny.us
hope.nyc.ny.us
*.ibo.nyc.ny.us
vote.nyc.ny.us
ctx.council.nyc.ny.us
pullrequest.hope.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
hope.nyc.ny.us
*.council.nyc.ny.us
webmail.ibo.nyc.ny.us
queens.boe.nyc.ny.us
ibomail.ibo.nyc.ny.us
*.ibo.nyc.ny.us
iboremote2.ibo.nyc.ny.us
ibo.nyc.ny.us
*.ibo.nyc.ny.us
ibo.nyc.ny.us
vote.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
hope.nyc.ny.us
ibo.nyc.ny.us
www.trs.nyc.ny.us
42fw.boe.nyc.ny.us
*.ibo.nyc.ny.us
www.tac.nyc.ny.us
mail.council.nyc.gov
owa.trs.nyc.ny.us
*.hope.nyc.ny.us
*.ibo.nyc.ny.us
ctxdr.council.nyc.ny.us
webmail.ibo.nyc.ny.us
42fw.boe.nyc.ny.us
www.tac.nyc.ny.us
vote.nyc.ny.us
tailor.home.nyc.ny.us
iboremote2.ibo.nyc.ny.us
www.tac.nyc.ny.us
42fw.boe.nyc.ny.us
*.ibo.nyc.ny.us
owa.trs.nyc.ny.us
ibo.nyc.ny.us
*.trs.nyc.ny.us
ctxdr.council.nyc.ny.us
qns.boe.nyc.ny.us
42fw.boe.nyc.ny.us
ctx.council.nyc.ny.us
hope.nyc.ny.us
*.trs.nyc.ny.us
*.trs.nyc.ny.us
*.ibo.nyc.ny.us
mail.trinityschoolnyc.org
mail.council.nyc.gov
*.ibo.nyc.ny.us
vote.nyc.ny.us
wm.ibo.nyc.ny.us
*.hope.nyc.ny.us
iboremote.ibo.nyc.ny.us
*.trs.nyc.ny.us
*.ibo.nyc.ny.us
ctx.council.nyc.ny.us
home.nyc.ny.us
ibo.nyc.ny.us
owa.trs.nyc.ny.us
*.council.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.gov
wm.ibo.nyc.ny.us
*.trs.nyc.ny.us
hope.nyc.ny.us
42fw.boe.nyc.ny.us
*.ibo.nyc.ny.us
ibo.nyc.ny.us
ibomail.ibo.nyc.ny.us
*.vote.nyc
vote.nyc.ny.us
*.trs.nyc.ny.us
www.trs.nyc.ny.us
owa.trs.nyc.ny.us
*.ibo.nyc.ny.us
*.hope.nyc.ny.us
owa.trs.nyc.ny.us
mail.council.nyc.gov
owa.boe.nyc
www.trs.nyc.ny.us
www.tac.nyc.ny.us
owa.trs.nyc.ny.us
ibomail.ibo.nyc.ny.us
hope.nyc.ny.us
42fw.boe.nyc.ny.us
www.hope.nyc.ny.us
hope.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
vote.nyc.ny.us
queens.boe.nyc.ny.us
ibo.nyc.ny.us
hope.nyc.ny.us
*.ibo.nyc.ny.us
vote.nyc.ny.us
ctx.council.nyc.ny.us
pullrequest.hope.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
hope.nyc.ny.us
*.council.nyc.ny.us
webmail.ibo.nyc.ny.us
queens.boe.nyc.ny.us
ibomail.ibo.nyc.ny.us
*.ibo.nyc.ny.us
iboremote2.ibo.nyc.ny.us
ibo.nyc.ny.us
*.ibo.nyc.ny.us
ibo.nyc.ny.us
vote.nyc.ny.us
ibo.nyc.ny.us
ibo.nyc.ny.us
hope.nyc.ny.us
ibo.nyc.ny.us
www.trs.nyc.ny.us
42fw.boe.nyc.ny.us
*.ibo.nyc.ny.us
www.tac.nyc.ny.us
mail.council.nyc.gov
owa.trs.nyc.ny.us
*.hope.nyc.ny.us
*.ibo.nyc.ny.us
ctxdr.council.nyc.ny.us
webmail.ibo.nyc.ny.us
42fw.boe.nyc.ny.us
www.tac.nyc.ny.us
vote.nyc.ny.us
tailor.home.nyc.ny.us
Certificate
The complete raw certificate details for queens.boe.nyc.ny.us in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGuTCCBaGgAwIBAgIRAP0PgeTK6JlCAAAAAFDrRp8wDQYJKoZIhvcNAQELBQAw gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg MjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcN MTgxMjE0MTgzNTM3WhcNMTkxMjE0MTkwNTM2WjBvMQswCQYDVQQGEwJVUzERMA8G A1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRswGQYDVQQKExJCb2Fy ZCBvZiBFbGVjdGlvbnMxHTAbBgNVBAMTFHF1ZWVucy5ib2UubnljLm55LnVzMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TWMsxPJjaNPZnlUGEHMEtxG hPK5npX4OAMVe3bxzDLn1EEZto2ecfElMnlnpm7igP821LZu65B+GHcYvPJXV0XD 69lXoV4wFpHTRE/3Xe67WzlUN5DzWi52NB9auXdSJLWzAzw+0ANjHKjC71nP83sh tDMnZ+5Hqtpekbm1lJrLnzA4vYx/Qh0RaXM1bKatP5YkkZ6NWePSUVn6OV/I+V7d vqK0OWjknY1F2umDg6vITeWgCuGUst9UvygvT9IfC1FMWmV60z10ye0A4b2g3NyM kvYK6ncH/f8g1R9F/MBD8tWTxt5j6B3wDadRDB0k2jTiP1R1y7XWYwd/g9N/SwID AQABo4IDAjCCAv4wHwYDVR0RBBgwFoIUcXVlZW5zLmJvZS5ueWMubnkudXMwggF9 BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUI Fy+jqh0HE9MMAAABZ64cIk8AAAQDAEcwRQIhAP8pzGXWgIuTH8icOuOR1UKiO7TA 6nXIm7a5uFbyFTp3AiAAiT5gl0oR76FjlieCDJG40/7VKvQR/D7HdKx02FK3wQB1 AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABZ64cIlsAAAQDAEYw RAIgUotlmbBsLTROZAJfGczuQyFMQOeJBjtcvA3kxFLLfSACIGGYeVTmRglubgTm 8tVJJm42yUYsVuxD8+poEiLVYiqxAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+4 43fNDsgN3BAAAAFnrhwiNQAABAMARzBFAiAdU0p2sukO+wnHk4/TRnNiA6WKasdC XXzLdvFdkTOunQIhANxav9IMQvmfamMcrt9qfPtRdws4RYIRhnXF1eJkXto2MA4G A1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAzBgNVHR8ELDAqMCig JqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L2xldmVsMWsuY3JsMEsGA1UdIARE MEIwNgYKYIZIAYb6bAoBBTAoMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1 c3QubmV0L3JwYTAIBgZngQwBAgIwaAYIKwYBBQUHAQEEXDBaMCMGCCsGAQUFBzAB hhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAzBggrBgEFBQcwAoYnaHR0cDovL2Fp YS5lbnRydXN0Lm5ldC9sMWstY2hhaW4yNTYuY2VyMB8GA1UdIwQYMBaAFIKicHTd vFM/z3vU981/p2DGCky/MB0GA1UdDgQWBBSYZvqJeP9kDNxunGYRrUpLFn3JIDAJ BgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCEBMROxc5J3zbQ9IqFzSyxFI/D aTbbBGX7jQ+a3z/uSAuv6csP+hbwSUabAch6mEAZz4Q7hwoHEWecmhXV6wh8m0kp ne2N/kH4S/L0t/vZ57ry0GqDd+gxeypFkmcKHfYBLrQs4QwOXeaJJ07IhrGsRxny ndbJ8f5UnW6Uf4dq21dWao4MWpZta8RdDFVlF99PJ+OxtTwVYALbFx62JKVXVayC Dg3MvX68iQIndFNNKivJq5+ZgzOsJl86Lr0bittcM6wfxnkaeyTaRXKzeK7er56O hApKhD2ChdV/ijejUIHiyaj4YmzgS72IpMUowXPnxnId2V65IHwib/TIpvsw -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TWMsxPJjaNPZnlUGEHM EtxGhPK5npX4OAMVe3bxzDLn1EEZto2ecfElMnlnpm7igP821LZu65B+GHcYvPJX V0XD69lXoV4wFpHTRE/3Xe67WzlUN5DzWi52NB9auXdSJLWzAzw+0ANjHKjC71nP 83shtDMnZ+5Hqtpekbm1lJrLnzA4vYx/Qh0RaXM1bKatP5YkkZ6NWePSUVn6OV/I +V7dvqK0OWjknY1F2umDg6vITeWgCuGUst9UvygvT9IfC1FMWmV60z10ye0A4b2g 3NyMkvYK6ncH/f8g1R9F/MBD8tWTxt5j6B3wDadRDB0k2jTiP1R1y7XWYwd/g9N/ SwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 336375201944118829090464089992145356447 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-14 18:35:37 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-14 19:05:36 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Board of Elections' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'queens.boe.nyc.ny.us' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27925071693134632508806506584708301870934759040677703381169802749721358392600440650794643071431572203323020942145162125117243636768935298965228338375909875888118131480779586519462749241779168994647065785779190502604086662072197612246365433370350565697127080804899936409255491816293429648866487857300512414119769253212389165526104607925235236643423657918949129215576623940575507939426023378283430068518894051482712380892217979977370110740679985122685138709309132565483295063167430527415732702711839633143347861249648031541145551725254897030589529117985110449573207038406885721607468654746339851154998908650260945665867 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queens.boe.nyc.ny.us' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 01670076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000167ae1c224f0000040300473045022100ff29cc65d6808b931fc89c3ae391d542a23bb4c0ea75c89bb6b9b856f2153a77022000893e60974a11efa1639627820c91b8d3fed52af411fc3ec774ac74d852b7c10075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f00000167ae1c225b00000403004630440220528b6599b06c2d344e64025f19ccee43214c40e789063b5cbc0de4c452cb7d20022061987954e646096e6e04e6f2d549266e36c9462c56ec43f3ea681222d5622ab1007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000167ae1c2235000004030047304502201d534a76b2e90efb09c7938fd346736203a58a6ac7425d7ccb76f15d9133ae9d022100dc5abfd20c42f99f6a631caedf6a7cfb51770b384582118675c5d5e2645eda36 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9866fa8978ff640cdc6e9c6611ad4a4b167dc920 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008404c44ec5ce49df36d0f48a85cd2cb1148fc36936db0465fb8d0f9adf3fee480bafe9cb0ffa16f049469b01c87a984019cf843b870a0711679c9a15d5eb087c9b49299ded8dfe41f84bf2f4b7fbd9e7baf2d06a8377e8317b2a4592670a1df6012eb42ce10c0e5de689274ec886b1ac4719f29dd6c9f1fe549d6e947f876adb57566a8e0c5a966d6bc45d0c556517df4f27e3b1b53c156002db171eb624a55755ac820e0dccbd7ebc89022774534d2a2bc9ab9f998333ac265f3a2ebd1b8adb5c33ac1fc6791a7b24da4572b378aedeaf9e8e840a4a843d8285d57f8a37a35081e2c9a8f8626ce04bbd88a4c528c173e7c6721dd95eb9207c226ff4c8a6fb30