paa-pac.acdi-cida.gc.ca
- Canadian International Development Agency -
Issued by Entrust Certification Authority - L1C
About this certificate
This digital certificate with serial number 4c:1c:4a:7b was issued on by Entrust, Inc..
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Canadian International Development Agency
Organization:
Canadian International Development Agency
State / Province:
Quebec
Locality: Gatineau
Country: CA
Locality: Gatineau
Country: CA
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 4c:1c:4a:7bSerial Number (int): 1276922491
Serial Number lenght: 31 bits, 4 octets
SubjectKeyId: 26:60:d1:55:40:eb:a9:33:31:38:b5:47:a7:21:36:1f:e8:02:a9:57
AuthorityKeyId: 1e:f1:ab:89:06:f8:49:0f:01:33:77:ee:14:7a:ee:19:7c:93:28:4d
Fingerprint (sha1): 9e:a6:79:c4:f1:82:ad:bb:76:21:01:5c:c9:7c:39:a8:b4:4b:b3:1c
Fingerprint (sha256): c1:30:16:24:e3:aa:51:76:b0:92:9b:5e:4d:52:09:52:8b:69:a9:90:44:44:87:b7:de:87:9e:31:80:c2:21:1e
Issuing Certificate URL: http://aia.entrust.net/l1c-chain.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1c.crl
Check the revocation status for certificate paa-pac.acdi-cida.gc.ca
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for paa-pac.acdi-cida.gc.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
paa-pac.acdi-cida.gc.ca
mw-wm.acdi-cida.gc.ca
gdc-as.acdi-cida.gc.ca
mwm.acdi-cida.gc.ca
am.acdi-cida.gc.ca
wm-mw.acdi-cida.gc.ca
mw-wm.acdi-cida.gc.ca
gdc-as.acdi-cida.gc.ca
mwm.acdi-cida.gc.ca
am.acdi-cida.gc.ca
wm-mw.acdi-cida.gc.ca
Other certificates including the domain name acdi-cida.gc.ca
(limited to 100 certificates)
paa-pac.acdi-cida.gc.ca
travel-smart.international.gc.ca
paa-pac.acdi-cida.gc.ca
travel-smart.international.gc.ca
pi.international.gc.ca
ecollaboration.acdi-cida.gc.ca
ext.acdi-cida.gc.ca
ext.acdi-cida.gc.ca
am.acdi-cida.gc.ca
ads-sra.acdi-cida.gc.ca
acwcx324.acdi-cida.gc.ca
gateway.acdi-cida.gc.ca
paa-pac.acdi-cida.gc.ca
ads-sra.preprod.acdi-cida.gc.ca
gdc-as.acdi-cida.gc.ca
paa-pac.acdi-cida.gc.ca
ads-sra.acdi-cida.gc.ca
gdc-as.acdi-cida.gc.ca
pi.international.gc.ca
paa-pac.acdi-cida.gc.ca
gateway.preprod.acdi-cida.gc.ca
paa-pac.acdi-cida.gc.ca
collaboration.acdi-cida.gc.ca
apprentissage-learning.acdi-cida.gc.ca
travel-smart.international.gc.ca
smt.acdi-cida.gc.ca
bdca-ccdb.acdi-cida.gc.ca
am.acdi-cida.gc.ca
gateway.acdi-cida.gc.ca
travel-smart.international.gc.ca
paa-pac.acdi-cida.gc.ca
travel-smart.international.gc.ca
pi.international.gc.ca
ecollaboration.acdi-cida.gc.ca
ext.acdi-cida.gc.ca
ext.acdi-cida.gc.ca
am.acdi-cida.gc.ca
ads-sra.acdi-cida.gc.ca
acwcx324.acdi-cida.gc.ca
gateway.acdi-cida.gc.ca
paa-pac.acdi-cida.gc.ca
ads-sra.preprod.acdi-cida.gc.ca
gdc-as.acdi-cida.gc.ca
paa-pac.acdi-cida.gc.ca
ads-sra.acdi-cida.gc.ca
gdc-as.acdi-cida.gc.ca
pi.international.gc.ca
paa-pac.acdi-cida.gc.ca
gateway.preprod.acdi-cida.gc.ca
paa-pac.acdi-cida.gc.ca
collaboration.acdi-cida.gc.ca
apprentissage-learning.acdi-cida.gc.ca
travel-smart.international.gc.ca
smt.acdi-cida.gc.ca
bdca-ccdb.acdi-cida.gc.ca
am.acdi-cida.gc.ca
gateway.acdi-cida.gc.ca
Certificate
The complete raw certificate details for paa-pac.acdi-cida.gc.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgIETBxKezANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMC VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 Lm5ldC9ycGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW KGMpIDIwMDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZp Y2F0aW9uIEF1dGhvcml0eSAtIEwxQzAeFw0xMjAyMjUwMTQ3NTNaFw0xNjAzMTAy MDA5NTJaMIGHMQswCQYDVQQGEwJDQTEPMA0GA1UECBMGUXVlYmVjMREwDwYDVQQH EwhHYXRpbmVhdTEyMDAGA1UEChMpQ2FuYWRpYW4gSW50ZXJuYXRpb25hbCBEZXZl bG9wbWVudCBBZ2VuY3kxIDAeBgNVBAMTF3BhYS1wYWMuYWNkaS1jaWRhLmdjLmNh MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS0RkY4xqbJugooFHqzr EDInF3YL9yEP+FYVYLhTcQYhoSrvrlxB3KLGi2gojAQ6b9ecQefsEpULMX+zdFGV xqiMXMZLW/VZ8CACXsZu073Uy56pe88+88jFvoMzKKk08SqyShkLS1bFhAz3/84M gtBjBiGN6MKf3O3mzOEcN7GzHINCZ88ZUa+hTV2pw0dtPcV5DKGmYqnjOVMyEBS+ F1vL5lPlVIy9BwMo4NJfAeD2RAbr2OlJQFoEOKdcx9P3fbRIjDtHySuEkEx7Kn0c tGHToIYnTvMRjLTcasH1hMwYAe9HLCr1ggTUZfn4CuhAzBbOY2n25zl+CSOLZeSP ywIDAQABo4IB7zCCAeswCwYDVR0PBAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3Qu bmV0L2xldmVsMWMuY3JsMGUGCCsGAQUFBwEBBFkwVzAjBggrBgEFBQcwAYYXaHR0 cDovL29jc3AuZW50cnVzdC5uZXQwMAYIKwYBBQUHMAKGJGh0dHA6Ly9haWEuZW50 cnVzdC5uZXQvbDFjLWNoYWluLmNlcjBABgNVHSAEOTA3MDUGCSqGSIb2fQdLAjAo MCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0L3JwYTCBkwYDVR0R BIGLMIGIghdwYWEtcGFjLmFjZGktY2lkYS5nYy5jYYIVbXctd20uYWNkaS1jaWRh LmdjLmNhghZnZGMtYXMuYWNkaS1jaWRhLmdjLmNhghNtd20uYWNkaS1jaWRhLmdj LmNhghJhbS5hY2RpLWNpZGEuZ2MuY2GCFXdtLW13LmFjZGktY2lkYS5nYy5jYTAf BgNVHSMEGDAWgBQe8auJBvhJDwEzd+4Ueu4ZfJMoTTAdBgNVHQ4EFgQUJmDRVUDr qTMxOLVHpyE2H+gCqVcwCQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAeeh4 GRuVoYL5fmjDiXq8sfqUbwU2PXsnHWHo+aDAzwCmtnRidIC4JOQ7xinokPYZ7/U7 90VhsoJCZ5hh7MAEa32tVB/jbbLUQqir3ytFL+5tR9MqWydLh+orsseaZh0C/by5 bV2p7rzFcxMdSeSJHfE4sK+qHX90g3k/lfWYzpQf0AMqh2CClb6pWBE5OrZSt2Xv EtTcFxVudcpTlTU45FfB3G0AbDzt62HDSdJ9CVW2OTGKUr8soCEo9JBNWiHwlgKf gNRBIis4SqYW/t/BLCmVk96XedEJVXQC8rdU/XYIs7OgC3vuE7OZMV+qnL5ATf/+ f45G3PuxutIjbhukaA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS0RkY4xqbJugooFHqzr EDInF3YL9yEP+FYVYLhTcQYhoSrvrlxB3KLGi2gojAQ6b9ecQefsEpULMX+zdFGV xqiMXMZLW/VZ8CACXsZu073Uy56pe88+88jFvoMzKKk08SqyShkLS1bFhAz3/84M gtBjBiGN6MKf3O3mzOEcN7GzHINCZ88ZUa+hTV2pw0dtPcV5DKGmYqnjOVMyEBS+ F1vL5lPlVIy9BwMo4NJfAeD2RAbr2OlJQFoEOKdcx9P3fbRIjDtHySuEkEx7Kn0c tGHToIYnTvMRjLTcasH1hMwYAe9HLCr1ggTUZfn4CuhAzBbOY2n25zl+CSOLZeSP ywIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1276922491 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.entrust.net/rpa is incorporated by reference' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2009 Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1C' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-02-25 01:47:53 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-03-10 20:09:52 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Quebec' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gatineau' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Canadian International Development Agency' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'paa-pac.acdi-cida.gc.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24891170246716542728550030641392714888891574908531517817206033816458269352631471596549299947638405286607987166423497782037756008568569704404382072859407249961306993309321609051217056948611983022067278634813128242092187791887492963050777333705360633531786005855247845018890727377085250946978656579652184153961501096334641478039749436990840171260170047625072396419892756347456989322401367133947702016697396942509207320793200665382056547472147150456761605967030886164745330040713892172407203127073902700841031312291256748481207419522521216249220053418141477110750334696019571445959554026626220134214158103064456898842571 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1c.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1c-chain.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113533.7.75.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (139 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paa-pac.acdi-cida.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mw-wm.acdi-cida.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gdc-as.acdi-cida.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mwm.acdi-cida.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'am.acdi-cida.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wm-mw.acdi-cida.gc.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1ef1ab8906f8490f013377ee147aee197c93284d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2660d15540eba9333138b547a721361fe802a957 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0079e878191b95a182f97e68c3897abcb1fa946f05363d7b271d61e8f9a0c0cf00a6b674627480b824e43bc629e890f619eff53bf74561b28242679861ecc0046b7dad541fe36db2d442a8abdf2b452fee6d47d32a5b274b87ea2bb2c79a661d02fdbcb96d5da9eebcc573131d49e4891df138b0afaa1d7f7483793f95f598ce941fd0032a87608295bea95811393ab652b765ef12d4dc17156e75ca53953538e457c1dc6d006c3cedeb61c349d27d0955b639318a52bf2ca02128f4904d5a21f096029f80d441222b384aa616fedfc12c299593de9779d109557402f2b754fd7608b3b3a00b7bee13b399315faa9cbe404dfffe7f8e46dcfbb1bad2236e1ba468