ci.onvio.us

- Thomson Reuters Inc -

Issued by COMODO RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number bd:c9:d0:1d:3f:0f:dc:ab:81:f3:d7:03:57:dc:53:8f was issued on by COMODO CA Limited.

With 24 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Thomson Reuters Inc

Organization: Thomson Reuters Inc
Address: 3 Times Square
Postal code: 10036
State / Province: NY
Locality: New York
Country: US

COMODO CA Limited

Organization: COMODO CA Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): bd:c9:d0:1d:3f:0f:dc:ab:81:f3:d7:03:57:dc:53:8f
Serial Number (int): 252271963930245604383690626549354877839
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: fe:21:ed:7f:e8:73:2e:14:2e:ed:39:3a:f1:27:a6:f0:9d:30:58:da
AuthorityKeyId: 9a:f3:2b:da:cf:ad:4f:b6:2f:bb:2a:48:48:2a:12:b7:1b:42:c1:24

Fingerprint (sha1): 71:cc:63:5c:1d:9c:48:25:1f:e1:c5:25:f8:1a:75:7b:da:b7:aa:b2
Fingerprint (sha256): bf:e3:06:0e:28:88:27:31:7e:25:e0:10:2c:0f:e4:db:29:ea:13:db:08:7c:18:ff:2c:08:e4:6c:a2:15:f3:8b

Issuing Certificate URL: http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.comodoca.com
CRL Distribution Point: http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate ci.onvio.us

24

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ci.onvio.us

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ci.onvio.us
ci.auth.onvio.us
ci.bankfeeds.thomsonreuters.com
ci.cs-user.thomsonreuters.com
ci.identity.tax.thomsonreuters.com
ci.mfa.onvio.us
ci.onbalance.thomsonreuters.ca
ci.onbalance.thomsonreuters.co.uk
ci.onbalance.thomsonreuters.com.au
ci.onbalance.thomsonreuters.nl
ci.onboard.tax.thomsonreuters.com
ci.onboarding.mypaysolutions.com
ci.onvio.ca
ci.onvio.co.uk
ci.onvio.com.ar
ci.onvio.com.au
ci.onvio.com.br
ci.onvio.thomsonreuters.nl
ci.recibos.onvio.com.ar
ci.renew.tax.thomsonreuters.com
ci.samba.onvio.com.ar
ci.samba.onvio.com.br
ci.samba.onvio.us
ci.samba.thomsonreuters.com

Other certificates including the domain name onvio.us

(limited to 100 certificates)
coreservices.int.demo.onvio.us
qed.onvio.us
qed.onvio.us
ci.onvio.us

demo.onvio.us
onvio.us
demo.onvio.us
ci.int.onvio.us
qed.api.onvio.us
taxcenter.int.demo.onvio.us
demo.int.onvio.us
qed.onvio.us
demo.int.onvio.us
onvio.us
internaloperations.int.onvio.us
www.onvio.us
es.ci.int.onvio.us
demo.api.onvio.us
tools.int.demo.onvio.us
onvio.us
onvio.us
qed.onvio.us
qed.onvio.us
es.demo.int.onvio.us
onvio.us
ci.api.onvio.us
ci.onvio.us
ci.int.onvio.us
qed.onvio.us
demo.onvio.us
onvio.us
qed.onvio.us
demo.onvio.us
internaloperations.int.demo.onvio.us
onvio.us
onvio.us
onvio.us
demo.onvio.us
ci.onvio.us
qed.onvio.us
onvio.us
*.onvio.us
demo.int.onvio.us
demo.onvio.us
onvio.us
api.onvio.us
uds.int.demo.onvio.us
internaloperations.int.onvio.us
*.platform.int.onvio.us
es.ci.int.onvio.us
ci.onvio.us
ci.onvio.us
es.demo.int.onvio.us
onvio.us
int.onviosamba.xyz

ci.int.onvio.us
onvio.us
demo.int.onvio.us
ci.int.onvio.us
ci.int.onvio.us
ci.onvio.us
demo.onvio.us
ci.int.onvio.us
ci.onvio.us
ci.onvio.us
onvio.us
ci.int.onvio.us
es.int.onvio.us
*.platform.int.onvio.us
demo.onvio.us
demo.onvio.us
onvio.us
ci.int.onvio.us
demo.int.onvio.us
ci.onvio.us
int.onviosamba.xyz
qed.onvio.us
ci.onvio.us
demo.onvio.us
qed.onvio.us

Certificate

The complete raw certificate details for ci.onvio.us in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJZDCCCEygAwIBAgIRAL3J0B0/D9yrgfPXA1fcU48wDQYJKoZIhvcNAQELBQAw
gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYD
VQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBT
ZXJ2ZXIgQ0EwHhcNMTgxMDMwMDAwMDAwWhcNMjAxMDI5MjM1OTU5WjCBijELMAkG
A1UEBhMCVVMxDjAMBgNVBBETBTEwMDM2MQswCQYDVQQIEwJOWTERMA8GA1UEBxMI
TmV3IFlvcmsxFzAVBgNVBAkTDjMgVGltZXMgU3F1YXJlMRwwGgYDVQQKExNUaG9t
c29uIFJldXRlcnMgSW5jMRQwEgYDVQQDEwtjaS5vbnZpby51czCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBANO3wpgWx4U98lsj9NQ4mOgnFYXqwmYUHnI5
ccwSIyFhq4tzLCXmDo4buIgtIBFOjzlyRnumlV2elQCOi7ZrwVZsftZE4QYsCg45
sE0MLkCFCu2Ob9Z4etf4nXkiskzYSrWsZ7co5/H9HhIen15qrZigk5xz8udz51kI
Bn8JVzl3jsFsS9tEcFv6jEJPFaUz0ATYOwZECYNbaTf0859asHBkJEA4aKU/Xm6Y
3juiTNGYLyUxbv53Gz8No+r6fBa1evzMVOJb4wL5ceqXDx0AT13gNhTP20lc9yq3
elnf0KgyFAc+LGGgLLQigrMYrlhmreKGW8uc4yEzmKoTp5/JK2ECAwEAAaOCBbUw
ggWxMB8GA1UdIwQYMBaAFJrzK9rPrU+2L7sqSEgqErcbQsEkMB0GA1UdDgQWBBT+
Ie1/6HMuFC7tOTrxJ6bwnTBY2jAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwUAYDVR0gBEkwRzA7Bgwr
BgEEAbIxAQIBAwQwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2Rv
LmNvbS9DUFMwCAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwu
Y29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1
cmVTZXJ2ZXJDQS5jcmwwgYsGCCsGAQUFBwEBBH8wfTBVBggrBgEFBQcwAoZJaHR0
cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBT3JnYW5pemF0aW9uVmFsaWRh
dGlvblNlY3VyZVNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au
Y29tb2RvY2EuY29tMIICcQYDVR0RBIICaDCCAmSCC2NpLm9udmlvLnVzghBjaS5h
dXRoLm9udmlvLnVzgh9jaS5iYW5rZmVlZHMudGhvbXNvbnJldXRlcnMuY29tgh1j
aS5jcy11c2VyLnRob21zb25yZXV0ZXJzLmNvbYIiY2kuaWRlbnRpdHkudGF4LnRo
b21zb25yZXV0ZXJzLmNvbYIPY2kubWZhLm9udmlvLnVzgh5jaS5vbmJhbGFuY2Uu
dGhvbXNvbnJldXRlcnMuY2GCIWNpLm9uYmFsYW5jZS50aG9tc29ucmV1dGVycy5j
by51a4IiY2kub25iYWxhbmNlLnRob21zb25yZXV0ZXJzLmNvbS5hdYIeY2kub25i
YWxhbmNlLnRob21zb25yZXV0ZXJzLm5sgiFjaS5vbmJvYXJkLnRheC50aG9tc29u
cmV1dGVycy5jb22CIGNpLm9uYm9hcmRpbmcubXlwYXlzb2x1dGlvbnMuY29tggtj
aS5vbnZpby5jYYIOY2kub252aW8uY28udWuCD2NpLm9udmlvLmNvbS5hcoIPY2ku
b252aW8uY29tLmF1gg9jaS5vbnZpby5jb20uYnKCGmNpLm9udmlvLnRob21zb25y
ZXV0ZXJzLm5sghdjaS5yZWNpYm9zLm9udmlvLmNvbS5hcoIfY2kucmVuZXcudGF4
LnRob21zb25yZXV0ZXJzLmNvbYIVY2kuc2FtYmEub252aW8uY29tLmFyghVjaS5z
YW1iYS5vbnZpby5jb20uYnKCEWNpLnNhbWJhLm9udmlvLnVzghtjaS5zYW1iYS50
aG9tc29ucmV1dGVycy5jb20wggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AO5L
vbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABZsVHWuQAAAQDAEcwRQIg
bomStRSPz8Af6rpoJtvGiklX+xmMTPnE84Xty4cpwsMCIQD6i+6zamsg0CCFs5m8
VC9olWT6CIOMBFpLU0fcTtdRswB3AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQY
dZaBcUVYAAABZsVHWxcAAAQDAEgwRgIhAIZu/D/KPGE83tDUGWEvxaWu5BVW+1LH
svrv2SmX9Q+zAiEA/RCu93/eysxTvW8Niyz8+tdIOGNuKnsPzLbozOXhy80AdgDw
laRZ8gDRgkAQLS+TiI6tS/4dR+OZ4dA0prCoqo6ycwAAAWbFR1uYAAAEAwBHMEUC
IQDZ+M3NTcObEMX2IIBmBCmTjQEkV8q24s3KCbktEG9ElgIgdS0C/UwS5aA0SuoF
zWut5H9YSY4BroSgqOAiGkJtoY0wDQYJKoZIhvcNAQELBQADggEBAFpQwbUqGVpx
Q7zr9tEyVHT5w87yU9NUu1yoEmbNeAJZb73cnVSc0EStLGMrw+gHsOdhMgv5vXxX
TT28j/Zg5v30UfkWPTRl+SJcBHxwJ19OP8L6a/lUYGOx2uN6aBjt9/v1Qvi8BJkL
7rpX3BbFswZ6pwK9HO2SH2ZlF1m5hiiV0jDx2U2GewFJrvuVH6ecVIP/JEV6t9IW
MhYA9NOSbrpkboaI6da+XSOi4GSV8OWVBBkwxWJFVrSA/oCtI5TR59CD18CoDPT9
Zep1EI0l/+x8KGNYYQa/ZDFYwAAt3l+J/kjknWzHVtFZpxJBlp+NFs8d1Qz1ehr8
lMsCT3Qazk4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07fCmBbHhT3yWyP01DiY
6CcVherCZhQecjlxzBIjIWGri3MsJeYOjhu4iC0gEU6POXJGe6aVXZ6VAI6LtmvB
Vmx+1kThBiwKDjmwTQwuQIUK7Y5v1nh61/ideSKyTNhKtaxntyjn8f0eEh6fXmqt
mKCTnHPy53PnWQgGfwlXOXeOwWxL20RwW/qMQk8VpTPQBNg7BkQJg1tpN/Tzn1qw
cGQkQDhopT9ebpjeO6JM0ZgvJTFu/ncbPw2j6vp8FrV6/MxU4lvjAvlx6pcPHQBP
XeA2FM/bSVz3Krd6Wd/QqDIUBz4sYaAstCKCsxiuWGat4oZby5zjITOYqhOnn8kr
YQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 252271963930245604383690626549354877839
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-30 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-10-29 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '10036'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NY'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '3 Times Square'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thomson Reuters Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ci.onvio.us'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26726897846802076783456456646481072425179400613216489868900053138150204383476655813755973340185086352216336712131375780853669010397176337645937527464780337026987142235884623924278531630307189101153838239391016574291706970173335490696944081394756762786205735812248678616369885936847148374496930225133289554579054824908047374828618371555459309486692152777119697488145390658368906396946922889183039691948869878106738926176904523244731308482633807799246411310835260251595214833927622884570028336875238884866658061930656400334955122938899530061113069341329247804428565571179692585042103822093094465621252575030484945939297
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9af32bdacfad4fb62fbb2a48482a12b71b42c124
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							fe21ed7fe8732e142eed393af127a6f09d3058da
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (127 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (616 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onvio.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.auth.onvio.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.bankfeeds.thomsonreuters.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.cs-user.thomsonreuters.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.identity.tax.thomsonreuters.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.mfa.onvio.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onbalance.thomsonreuters.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onbalance.thomsonreuters.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onbalance.thomsonreuters.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onbalance.thomsonreuters.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onboard.tax.thomsonreuters.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onboarding.mypaysolutions.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onvio.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onvio.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onvio.com.ar'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onvio.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onvio.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.onvio.thomsonreuters.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.recibos.onvio.com.ar'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.renew.tax.thomsonreuters.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.samba.onvio.com.ar'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.samba.onvio.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.samba.onvio.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.samba.thomsonreuters.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000166c5475ae4000004030047304502206e8992b5148fcfc01feaba6826dbc68a4957fb198c4cf9c4f385edcb8729c2c3022100fa8beeb36a6b20d02085b399bc542f689564fa08838c045a4b5347dc4ed751b30077005ea773f9df56c0e7b536487dd049e0327a919a0c84a11212841875968171455800000166c5475b170000040300483046022100866efc3fca3c613cded0d419612fc5a5aee41556fb52c7b2faefd92997f50fb3022100fd10aef77fdecacc53bd6f0d8b2cfcfad74838636e2a7b0fccb6e8cce5e1cbcd007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb27300000166c5475b980000040300473045022100d9f8cdcd4dc39b10c5f62080660429938d012457cab6e2cdca09b92d106f44960220752d02fd4c12e5a0344aea05cd6bade47f58498e01ae84a0a8e0221a426da18d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005a50c1b52a195a7143bcebf6d1325474f9c3cef253d354bb5ca81266cd7802596fbddc9d549cd044ad2c632bc3e807b0e761320bf9bd7c574d3dbc8ff660e6fdf451f9163d3465f9225c047c70275f4e3fc2fa6bf9546063b1dae37a6818edf7fbf542f8bc04990beeba57dc16c5b3067aa702bd1ced921f66651759b9862895d230f1d94d867b0149aefb951fa79c5483ff24457ab7d216321600f4d3926eba646e8688e9d6be5d23a2e06495f0e595041930c5624556b480fe80ad2394d1e7d083d7c0a80cf4fd65ea75108d25ffec7c2863586106bf643158c0002dde5f89fe48e49d6cc756d159a71241969f8d16cf1dd50cf57a1afc94cb024f741ace4e