www.dfait-maeci.gc.ca
- Dept. of Foreign Affairs and International Trade -
Issued by Entrust Certification Authority - L1C
About this certificate
This digital certificate with serial number 4c:19:38:69 was issued on by Entrust, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Dept. of Foreign Affairs and International Trade
Organization:
Dept. of Foreign Affairs and International Trade
Organization unit: FAC
Organization unit: FAC
State / Province:
Ontario
Locality: Ottawa
Country: CA
Locality: Ottawa
Country: CA
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 4c:19:38:69Serial Number (int): 1276721257
Serial Number lenght: 31 bits, 4 octets
SubjectKeyId: d4:8b:55:ee:56:e1:8f:4d:27:fd:24:08:b2:bd:a0:0e:19:70:08:f6
AuthorityKeyId: 1e:f1:ab:89:06:f8:49:0f:01:33:77:ee:14:7a:ee:19:7c:93:28:4d
Fingerprint (sha1): 61:34:86:90:79:90:34:e1:7f:ac:0a:43:c1:54:3e:de:b3:4f:92:b5
Fingerprint (sha256): d3:33:22:5c:5c:b2:e7:c1:ac:5e:1f:6e:ce:f1:70:74:2e:7b:e7:38:6c:05:67:d7:50:b4:8a:99:c4:19:c8:01
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1c.crl
Check the revocation status for certificate www.dfait-maeci.gc.ca
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.dfait-maeci.gc.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.dfait-maeci.gc.ca
www.international.gc.ca
www.international.gc.ca
Other certificates including the domain name dfait-maeci.gc.ca
(limited to 100 certificates)
mailgateway.dev.international.gc.ca
EICSII-LAB.eics-scei.gc.ca
www.listserv.international.gc.ca
WS-EICSII-SYSTEST1.eics-scei.gc.ca
pubx.dfait-maeci.gc.ca
pilotasa01.international.gc.ca
EICSII-TRAINING.eics-scei.gc.ca
rm2dg.international.gc.ca
WS-EICSII-STAGING.eics-scei.gc.ca
EICSII-SYSTEST1.eics-scei.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
ws-eicsii.eics-scei.gc.ca
EICSII-DEV1.eics-scei.gc.ca
WS-EICSII-SYSTEST2.eics-scei.gc.ca
rm2dg.international.gc.ca
ws-eicsii-lab.eics-scei.gc.ca
CNGNYVPN01H.international.gc.ca
wifiauth1.d.r.dfait-maeci.gc.ca
GCCFProdEXCOL4Verification.dfait-maeci.gc.ca
mailgateway.international.gc.ca
www.listserv.dfait-maeci.gc.ca
iam-systest.d.r.dfait-maeci.gc.ca
cart.d.r.dfait-maeci.gc.ca
WS-EICSII-LAB1.eics-scei.gc.ca
mailgateway.dev.international.gc.ca
mailgateway.dev.international.gc.ca
HQL-PMKWC02.p.dfait-maeci.gc.ca
ExchangeServer-QA.d.r.dfait-maeci.gc.ca
rm2dg.international.gc.ca
EICSII-STAGING.eics-scei.gc.ca
GCCFProdEXCOL4Encryption.dfait-maeci.gc.ca
ws-eicsii-dev1.eics-scei.gc.ca
eicsii.eics-scei.gc.ca
ws-eicsii-lab.eics-scei.gc.ca
iam.d.r.dfait-maeci.gc.ca
ds.d.r.dfait-maeci.gc.ca
HQL-PMKWC01.p.dfait-maeci.gc.ca
hqs-pmkwc02.p.dfait-maeci.gc.ca
mailgateway.international.gc.ca
rm2dg.international.gc.ca
pilotasa01.international.gc.ca
rm2dg.international.gc.ca
hql-pmkwc01.p.dfait-maeci.gc.ca
HQL-PMKWC01.p.dfait-maeci.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
www.listserv.international.gc.ca
hqs-pmkwc02.p.dfait-maeci.gc.ca
rm2dg.international.gc.ca
mailgateway.international.gc.ca
wifiauth1.d.r.dfait-maeci.gc.ca
SIMCENVPN01H.international.gc.ca
rm2dg.international.gc.ca
GAC-HQ-MBX-DEV.D.R.DFAIT-MAECI.GC.CA
iam-dev.d.r.dfait-maeci.gc.ca
ds-systest.d.r.dfait-maeci.gc.ca
hql-pmkwb62.p.dfait-maeci.gc.ca
GAC-HQ-MBX.D.R.DFAIT-MAECI.GC.CA
ROMEVPN01H.international.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
iam.d.r.dfait-maeci.gc.ca
mailgateway.international.gc.ca
WS-EICSII-TRAINING.eics-scei.gc.ca
HQL-DMMIG01.d.r.dfait-maeci.gc.ca
www.listserv.international.gc.ca
iam-dev.d.r.dfait-maeci.gc.ca
ws-eicsii-dev2.eics-scei.gc.ca
DALASVPN01H.international.gc.ca
EICSII-DEV2.eics-scei.gc.ca
WS.eics-scei.gc.ca
EICSII-SYSTEST2.eics-scei.gc.ca
GAC-HQ-MBX2.D.R.DFAIT-MAECI.GC.CA
wifiauth2.d.r.dfait-maeci.gc.ca
BEJINGVPN01R.international.gc.ca
WS-EICSII-SYSTEST1.eics-scei.gc.ca
www.dfait-maeci.gc.ca
hql-pmkwc01.p.dfait-maeci.gc.ca
wifiauth2.d.r.dfait-maeci.gc.ca
www.eics-scei.gc.ca
rm2dg.international.gc.ca
www.listserv.international.gc.ca
rm2dg.international.gc.ca
WS-EICSII-SYSTEST2.eics-scei.gc.ca
rm2dg.international.gc.ca
EICSII-LAB.eics-scei.gc.ca
www.listserv.international.gc.ca
WS-EICSII-SYSTEST1.eics-scei.gc.ca
pubx.dfait-maeci.gc.ca
pilotasa01.international.gc.ca
EICSII-TRAINING.eics-scei.gc.ca
rm2dg.international.gc.ca
WS-EICSII-STAGING.eics-scei.gc.ca
EICSII-SYSTEST1.eics-scei.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
ws-eicsii.eics-scei.gc.ca
EICSII-DEV1.eics-scei.gc.ca
WS-EICSII-SYSTEST2.eics-scei.gc.ca
rm2dg.international.gc.ca
ws-eicsii-lab.eics-scei.gc.ca
CNGNYVPN01H.international.gc.ca
wifiauth1.d.r.dfait-maeci.gc.ca
GCCFProdEXCOL4Verification.dfait-maeci.gc.ca
mailgateway.international.gc.ca
www.listserv.dfait-maeci.gc.ca
iam-systest.d.r.dfait-maeci.gc.ca
cart.d.r.dfait-maeci.gc.ca
WS-EICSII-LAB1.eics-scei.gc.ca
mailgateway.dev.international.gc.ca
mailgateway.dev.international.gc.ca
HQL-PMKWC02.p.dfait-maeci.gc.ca
ExchangeServer-QA.d.r.dfait-maeci.gc.ca
rm2dg.international.gc.ca
EICSII-STAGING.eics-scei.gc.ca
GCCFProdEXCOL4Encryption.dfait-maeci.gc.ca
ws-eicsii-dev1.eics-scei.gc.ca
eicsii.eics-scei.gc.ca
ws-eicsii-lab.eics-scei.gc.ca
iam.d.r.dfait-maeci.gc.ca
ds.d.r.dfait-maeci.gc.ca
HQL-PMKWC01.p.dfait-maeci.gc.ca
hqs-pmkwc02.p.dfait-maeci.gc.ca
mailgateway.international.gc.ca
rm2dg.international.gc.ca
pilotasa01.international.gc.ca
rm2dg.international.gc.ca
hql-pmkwc01.p.dfait-maeci.gc.ca
HQL-PMKWC01.p.dfait-maeci.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
www.listserv.international.gc.ca
hqs-pmkwc02.p.dfait-maeci.gc.ca
rm2dg.international.gc.ca
mailgateway.international.gc.ca
wifiauth1.d.r.dfait-maeci.gc.ca
SIMCENVPN01H.international.gc.ca
rm2dg.international.gc.ca
GAC-HQ-MBX-DEV.D.R.DFAIT-MAECI.GC.CA
iam-dev.d.r.dfait-maeci.gc.ca
ds-systest.d.r.dfait-maeci.gc.ca
hql-pmkwb62.p.dfait-maeci.gc.ca
GAC-HQ-MBX.D.R.DFAIT-MAECI.GC.CA
ROMEVPN01H.international.gc.ca
ds-dev.d.r.dfait-maeci.gc.ca
iam.d.r.dfait-maeci.gc.ca
mailgateway.international.gc.ca
WS-EICSII-TRAINING.eics-scei.gc.ca
HQL-DMMIG01.d.r.dfait-maeci.gc.ca
www.listserv.international.gc.ca
iam-dev.d.r.dfait-maeci.gc.ca
ws-eicsii-dev2.eics-scei.gc.ca
DALASVPN01H.international.gc.ca
EICSII-DEV2.eics-scei.gc.ca
WS.eics-scei.gc.ca
EICSII-SYSTEST2.eics-scei.gc.ca
GAC-HQ-MBX2.D.R.DFAIT-MAECI.GC.CA
wifiauth2.d.r.dfait-maeci.gc.ca
BEJINGVPN01R.international.gc.ca
WS-EICSII-SYSTEST1.eics-scei.gc.ca
www.dfait-maeci.gc.ca
hql-pmkwc01.p.dfait-maeci.gc.ca
wifiauth2.d.r.dfait-maeci.gc.ca
www.eics-scei.gc.ca
rm2dg.international.gc.ca
www.listserv.international.gc.ca
rm2dg.international.gc.ca
WS-EICSII-SYSTEST2.eics-scei.gc.ca
rm2dg.international.gc.ca
Certificate
The complete raw certificate details for www.dfait-maeci.gc.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFLjCCBBagAwIBAgIETBk4aTANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMC VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 Lm5ldC9ycGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW KGMpIDIwMDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZp Y2F0aW9uIEF1dGhvcml0eSAtIEwxQzAeFw0xMDExMTgxODAwNDVaFw0xMTExMzAy MjQ0MTlaMIGZMQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEPMA0GA1UE BxMGT3R0YXdhMTkwNwYDVQQKEzBEZXB0LiBvZiBGb3JlaWduIEFmZmFpcnMgYW5k IEludGVybmF0aW9uYWwgVHJhZGUxDDAKBgNVBAsTA0ZBQzEeMBwGA1UEAxMVd3d3 LmRmYWl0LW1hZWNpLmdjLmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqYksYd1zJP3yqpOOzkeZFOfQEoGJAW4er5RbU8iQ/xxatSO7jJbyrA4Ibie+ J+MqQ5amCoRUKtkJBXRpoRLuHRqbSIqMcPETt0YVIn7pI4/gYWmniTJYPifPnm6I /FKAbCN9SL96DJLVgc3kKNJXWKcXA25M2dXrTNiYrZS/leWBZq72sQHf01bvvggs foUeN27YyPb7FvpantjUUqpNYLHCDzo1MwNw1SV1jL7O0jmrDjqRLonKSUJRVMjb WFgiUIwoNavbsisdVNLQXxMjaaMw5HfzkvIk+lVcd9XVXyF4dBpkaarq/iEKQpiM CjM77W3VMcVfLR7Z72gI+C9ZAQIDAQABo4IBYjCCAV4wCwYDVR0PBAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAzBgNVHR8ELDAqMCigJqAkhiJo dHRwOi8vY3JsLmVudHJ1c3QubmV0L2xldmVsMWMuY3JsMDMGCCsGAQUFBwEBBCcw JTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwQAYDVR0gBDkw NzA1BgkqhkiG9n0HSwIwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0 Lm5ldC9ycGEwOQYDVR0RBDIwMIIVd3d3LmRmYWl0LW1hZWNpLmdjLmNhghd3d3cu aW50ZXJuYXRpb25hbC5nYy5jYTAfBgNVHSMEGDAWgBQe8auJBvhJDwEzd+4Ueu4Z fJMoTTAdBgNVHQ4EFgQU1ItV7lbhj00n/SQIsr2gDhlwCPYwCQYDVR0TBAIwADAN BgkqhkiG9w0BAQUFAAOCAQEAD/jK8akTImeaPCC14Y563vUX5bcRR/6wuad+rcZK WwVw0nBBz8H5EkVQe7IrrOUHxAYJoH31+nu4f76WFC3r94kdG54ZMrlnJ7VO5HAj /hZR8jFdYdb6sMvfQ+ok1IW77XSMcxJ15NqznLQoP9KeFK5iDW1zSHJ1S1XrBC+u DmRxzi1XdFan1IO7X4PLQE9TrjELzR821LwtI+gg8RWe8vQlFdMbT6pwIZSHPC6V icZBxUmQ04nbgGA9ylk+G/PjBlYbZmnGWKazS7S4f6jwbIPG+1Al8/OUDzrQLjrj oTyvz/mBP5gVm/qwUZeTRwWslw8FmjVkrzMxJSakWrE1AA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYksYd1zJP3yqpOOzkeZ FOfQEoGJAW4er5RbU8iQ/xxatSO7jJbyrA4Ibie+J+MqQ5amCoRUKtkJBXRpoRLu HRqbSIqMcPETt0YVIn7pI4/gYWmniTJYPifPnm6I/FKAbCN9SL96DJLVgc3kKNJX WKcXA25M2dXrTNiYrZS/leWBZq72sQHf01bvvggsfoUeN27YyPb7FvpantjUUqpN YLHCDzo1MwNw1SV1jL7O0jmrDjqRLonKSUJRVMjbWFgiUIwoNavbsisdVNLQXxMj aaMw5HfzkvIk+lVcd9XVXyF4dBpkaarq/iEKQpiMCjM77W3VMcVfLR7Z72gI+C9Z AQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1276721257 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.entrust.net/rpa is incorporated by reference' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2009 Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1C' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2010-11-18 18:00:45 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2011-11-30 22:44:19 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ottawa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Dept. of Foreign Affairs and International Trade' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FAC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.dfait-maeci.gc.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21401916248251899993212461696741057109672522684801325405911831850390707461761003549069369690448330489820431495656531179038545820867380979437704233683219891981983227095687449861773669800547436678701600080040664106939096975760961159727167677841932154698337568927303253986827646336153668572805064029009632708153277528639568430187675017941576489935597244873895774686353802217939006833464270072160252985172059084118914892290970206923322834921529812545161543927195871555831029533707790112819239522748992212464222500083176708434294774736213603001272260568009666911701982450786462650004327396616640873649929105533621840599297 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1c.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113533.7.75.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dfait-maeci.gc.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.international.gc.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1ef1ab8906f8490f013377ee147aee197c93284d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d48b55ee56e18f4d27fd2408b2bda00e197008f6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000ff8caf1a91322679a3c20b5e18e7adef517e5b71147feb0b9a77eadc64a5b0570d27041cfc1f91245507bb22bace507c40609a07df5fa7bb87fbe96142debf7891d1b9e1932b96727b54ee47023fe1651f2315d61d6fab0cbdf43ea24d485bbed748c731275e4dab39cb4283fd29e14ae620d6d734872754b55eb042fae0e6471ce2d577456a7d483bb5f83cb404f53ae310bcd1f36d4bc2d23e820f1159ef2f42515d31b4faa702194873c2e9589c641c54990d389db80603dca593e1bf3e306561b6669c658a6b34bb4b87fa8f06c83c6fb5025f3f3940f3ad02e3ae3a13cafcff9813f98159bfab05197934705ac970f059a3564af33312526a45ab13500