intermediariosdev.libertycolombia.com

- Liberty Mutual Group -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 46:a4:d4:14:68:0a:78:e7:6b:09:34:1b:e7:16:cc:d3 was issued on by Entrust, Inc..

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Liberty Mutual Group

Organization: Liberty Mutual Group
State / Province: New Hampshire
Locality: Portsmouth
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 46:a4:d4:14:68:0a:78:e7:6b:09:34:1b:e7:16:cc:d3
Serial Number (int): 93901797877342148506266736260518694099
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 54:09:0e:02:55:c3:6e:25:4f:64:d1:d8:23:12:49:64:21:ae:fa:cb
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): b9:55:ef:d9:a0:81:c0:9a:51:c7:dd:8f:1c:80:b1:5d:8c:fb:40:83
Fingerprint (sha256): ed:12:c8:77:18:90:2c:2c:8a:af:45:cd:92:86:55:b8:b5:ab:2d:1e:89:aa:50:f5:0d:ba:72:df:96:64:e1:14

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate intermediariosdev.libertycolombia.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for intermediariosdev.libertycolombia.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

intermediariosdev.libertycolombia.com

Other certificates including the domain name libertycolombia.com

(limited to 100 certificates)
libertycolombia.com
cobognicesmb.libertycolombia.com
ews.libertycolombia.com
sip.libertycolombia.com
oficinaenlineaadm.libertycolombia.com
sas.libertyseguros.co
sip-kdc-03.libertymutual.com
soanonprod.libertycolombia.com
sip-pdc-03.libertymutual.com
bpm-uat.libertycolombia.com
co-reportes-dwh.libertycolombia.com
conferencia.libertyseguros.co
portaldev.libertycolombia.com
awsuat.libertycolombia.com
mailcol.libertycolombia.com
bpmuat.libertycolombia.com
bpmuat.libertycolombia.com
cero.libertycolombia.com
cobogavacrm01.libertycolombia.com
co-reportes-dwh.libertycolombia.com
oficinaenlineatrv.libertyseguros.co
soauat.libertycolombia.com
conferencia.libertyseguros.co
oficinaenlineadev.libertycolombia.com
cobogpldap2012.libertycolombia.com
ews.libertycolombia.com
soatest.libertycolombia.com
coawsprodsql04.libertycolombia.com
aru.libertycolombia.com
ews.libertycolombia.com
aplicaciones.libertyseguros.co
mailcol.libertycolombia.com
mailcol.libertycolombia.com.co
mailcol.libertycolombia.com
AplicacionesQA.libertycolombia.com
oficinaenlineaadm.libertyseguros.co
webmail.libertycolombia.com.co
conferencia.libertyseguros.co
aru.libertycolombia.com
cs-pool-03k.lm.lmig.com
cobogniceair01.libertycolombia.com
instaladores.libertycolombia.com
ews.libertycolombia.com
mailcol.libertycolombia.com
cobognicesent01.libertycolombia.com
sip.libertycolombia.com
evault11.libertycolombia.com
webmail.libertycolombia.com.co
sip.libertycolombia.com
cobogserv11.libertycolombia.com
sip.libertycolombia.com
aru.libertycolombia.com
ews.libertycolombia.com
cobogvcms.cms.libertycolombia.com
experianauthnoprod.libertycolombia.com
ews.libertycolombia.com
oficinaenlineauat.libertycolombia.com
colnxappresoag1.libertycolombia.com
COBOGNICEUS01.libertycolombia.com
sip.libertycolombia.com
cs-pool-03p.lm.lmig.com
awsnonprodci.libertycolombia.com
wsqa.libertycolombia.com
coboguscech.libertycolombia.com
soadev.libertycolombia.com
sip.libertycolombia.com
dynamic-pricing.libertycolombia.com
gitlab.libertycolombia.com
hybrid.libertycolombia.com
aru.libertycolombia.com
cobogexpresswayc.libertycolombia.com
ews.libertycolombia.com
wsqa.libertycolombia.com
soauat.libertycolombia.com
mailcol.libertycolombia.com
awsdev.libertycolombia.com
hybrid.libertycolombia.com
libertycolombia.com
webmail.libertycolombia.com.co
coawsprodsql04.libertycolombia.com
cobogniceair02.libertycolombia.com
soauat.libertycolombia.com
sas.libertyseguros.co
co-dev-reportes-dwh.libertycolombia.com
experianauthprod.libertycolombia.com
conferencia.libertyseguros.co
cobognicesear01.libertycolombia.com
core.libertycolombia.com
mailcol.libertycolombia.com
aru.libertycolombia.com
ews.libertycolombia.com
intermediariosdev.libertycolombia.com
cobognpldap01.libertycolombia.com
sip-kdc-03.libertymutual.com
awsnonprod.libertycolombia.com
sip.libertycolombia.com
soa1dev.libertycolombia.com
sas.libertyseguros.co
soa.libertycolombia.com

Certificate

The complete raw certificate details for intermediariosdev.libertycolombia.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIQRqTUFGgKeOdrCTQb5xbM0zANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y
NDAxMzExNzI2MDdaFw0yNTAyMjgxNzI2MDZaMIGJMQswCQYDVQQGEwJVUzEWMBQG
A1UECBMNTmV3IEhhbXBzaGlyZTETMBEGA1UEBxMKUG9ydHNtb3V0aDEdMBsGA1UE
ChMUTGliZXJ0eSBNdXR1YWwgR3JvdXAxLjAsBgNVBAMTJWludGVybWVkaWFyaW9z
ZGV2LmxpYmVydHljb2xvbWJpYS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQDdV6n/owFTT0gSnx0QVX6OfuFIulQ+VG5bphq4MCtpmxIXjZ9S1F/S
G/ubB6spbukDY+883GmLDd+ekg9WpBSd7p8XNCDS1dodmmsgTbuemmSiYogCydhZ
Rx7iOweUhoPNnrN2K44hhASGMS/nyihO4rmEc3qP0SYD+67V9nFWKn1UMBszVk1X
yVkdX49rNE669OwpBfnhTafejs9Vk25qYA7DX7fHcJS2SYQtRp0m9LH7Tqnxg/H0
a1O17SLbAhVCEoubjnwJT7fRp/4pEOqTKCAJTWpLcpaeP0Mfu4vAJBF9QCrlKYRi
2QKylg7LgHUJukhcDEvapXiZ2stFmQh5AgMBAAGjggF8MIIBeDAMBgNVHRMBAf8E
AjAAMB0GA1UdDgQWBBRUCQ4CVcNuJU9k0dgjEklkIa76yzAfBgNVHSMEGDAWgBSC
onB03bxTP8971PfNf6dgxgpMvzBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGG
F2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlh
LmVudHJ1c3QubmV0L2wxay1jaGFpbjI1Ni5jZXIwMwYDVR0fBCwwKjAooCagJIYi
aHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNybDAwBgNVHREEKTAngiVp
bnRlcm1lZGlhcmlvc2Rldi5saWJlcnR5Y29sb21iaWEuY29tMA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEwYDVR0gBAwwCjAI
BgZngQwBAgIwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEB
AEVZri7k1Gsv0j/X23geChOiaMf+I7BTLtcgdQyGoJZv63am3RZ89TyxdMoWSfdT
A6PJjQxvEbaQw/VuwwHZ71RRj6LeLLPostkY4P8AtHPH03x0ubzp3Zy1klbW/3kP
6Ew9lyFBikew4TaYOAI+b9eWD4hnwd9XyHpCyoh69U90Tde/KfDARGlM8pN5obwL
CFTYu+wJxmRKKcuKpaC3CfSYRkPyTnxhetAncoopR8BVVBSHkV3sQpsyHqqZe+iw
a+pfGME951i7Fd2Yn5KAfT5Zj7RZLchYmGzJRrMSbaxlyzv6M466b5pbMpRvOPon
C/3xSISK87Ii8cPJ7cyqYeY=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Vep/6MBU09IEp8dEFV+
jn7hSLpUPlRuW6YauDAraZsSF42fUtRf0hv7mwerKW7pA2PvPNxpiw3fnpIPVqQU
ne6fFzQg0tXaHZprIE27nppkomKIAsnYWUce4jsHlIaDzZ6zdiuOIYQEhjEv58oo
TuK5hHN6j9EmA/uu1fZxVip9VDAbM1ZNV8lZHV+PazROuvTsKQX54U2n3o7PVZNu
amAOw1+3x3CUtkmELUadJvSx+06p8YPx9GtTte0i2wIVQhKLm458CU+30af+KRDq
kyggCU1qS3KWnj9DH7uLwCQRfUAq5SmEYtkCspYOy4B1CbpIXAxL2qV4mdrLRZkI
eQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 93901797877342148506266736260518694099
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-31 17:26:07 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-28 17:26:06 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Hampshire'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Portsmouth'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Liberty Mutual Group'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'intermediariosdev.libertycolombia.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27941894155142351511341916165563127556516872434721414668241518428274542407851251921200939170865128994489446540192190563356523041962409738066298041146932433056328707118782206965536031850549893827462308080056454582525708779583164162549681325679523326683762329821352545015911486538903378518946471195829696628200914834795122837436633441543239753243038517310427853705454477743333781586445565370199770073166423644010873846792482719190621237238655482752939956726868055445553376677277829170755231781812486362012267411764390550500027825578058090322374489336508494438151551716144563013079853573225253582303338850140072223246457
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							54090e0255c36e254f64d1d82312496421aefacb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (41 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'intermediariosdev.libertycolombia.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004559ae2ee4d46b2fd23fd7db781e0a13a268c7fe23b0532ed720750c86a0966feb76a6dd167cf53cb174ca1649f75303a3c98d0c6f11b690c3f56ec301d9ef54518fa2de2cb3e8b2d918e0ff00b473c7d37c74b9bce9dd9cb59256d6ff790fe84c3d9721418a47b0e1369838023e6fd7960f8867c1df57c87a42ca887af54f744dd7bf29f0c044694cf29379a1bc0b0854d8bbec09c6644a29cb8aa5a0b709f4984643f24e7c617ad027728a2947c055541487915dec429b321eaa997be8b06bea5f18c13de758bb15dd989f92807d3e598fb4592dc858986cc946b3126dac65cb3bfa338eba6f9a5b32946f38fa270bfdf148848af3b222f1c3c9edccaa61e6