clubcard.cz
- Tesco Stores CR a.s. -
Issued by Entrust Certification Authority - L1M
About this certificate
This digital certificate with serial number 35:35:2f:a7:bf:04:b7:df:bc:fb:bb:0c:b1:92:01:d7 was issued on by Entrust, Inc..
With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Tesco Stores CR a.s.
Company registration number:
45308314
Organization: Tesco Stores CR a.s.
Organization: Tesco Stores CR a.s.
Locality:
Praha 10
Country: CZ
Country: CZ
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 35:35:2f:a7:bf:04:b7:df:bc:fb:bb:0c:b1:92:01:d7Serial Number (int): 70725242073574739538331537929871163863
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: f0:f9:17:64:e0:f4:19:4b:6e:7d:64:6d:65:b9:e1:60:7a:e0:56:f5
AuthorityKeyId: c3:f7:d0:b5:2a:30:ad:af:0d:91:21:70:39:54:dd:bc:89:70:c7:3a
Fingerprint (sha1): 28:c6:3c:4a:7d:03:fe:15:b8:7c:a6:7e:53:fa:67:18:ea:04:73:25
Fingerprint (sha256): ef:de:5a:31:fd:4c:fc:0e:7d:f9:a2:78:ab:c5:bc:6a:52:df:49:99:8c:3c:b6:29:fa:e9:68:3e:07:bf:86:fa
Issuing Certificate URL: http://aia.entrust.net/l1m-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1m.crl
Check the revocation status for certificate clubcard.cz
8
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for clubcard.cz
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
clubcard.cz
www.clubcard.cz
vyhody.clubcard.cz
tescorecepty.cz
www.tescorecepty.cz
tescodocuments.com
www.tescodocuments.com
nlimg.itesco.cz
www.clubcard.cz
vyhody.clubcard.cz
tescorecepty.cz
www.tescorecepty.cz
tescodocuments.com
www.tescodocuments.com
nlimg.itesco.cz
Other certificates including the domain name clubcard.cz
(limited to 100 certificates)
Certificate
The complete raw certificate details for clubcard.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHeDCCBmCgAwIBAgIQNTUvp78Et9+8+7sMsZIB1zANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDE0IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxTTAeFw0y MjAyMTEwOTUxNTNaFw0yMzAyMTEwOTUxNTNaMIGcMQswCQYDVQQGEwJDWjERMA8G A1UEBxMIUHJhaGEgMTAxEzARBgsrBgEEAYI3PAIBAxMCQ1oxHTAbBgNVBAoTFFRl c2NvIFN0b3JlcyBDUiBhLnMuMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlv bjERMA8GA1UEBRMINDUzMDgzMTQxFDASBgNVBAMTC2NsdWJjYXJkLmN6MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0Z+S66R2aTWrQaOss0epuRo1epM mlul7Peq4EfWlYmI+JP6N29rgCeJXxGv4ZsRzcr2nEeR+nnm9W9hSWMrTtBSfx0O tFFqNrQulRTYXyazUmQoJPnPsnmgxK4Mv9qR3bhMXke131oQTCzoKWyxtoYMzwcY bRWAhekTZjI1QIcQHdWbnNvCBc/0aa9L80c4gRm4OUmwSzUS0wbMC3SZYghCSp6Q lleL8BlKi1t8vCLzLMcx5eAmmi8X3cpZvs/cI743C+q41/6cQ/DANu6dzjKz5FNQ HzXv4Z9gR10pwn0ZIEAllrDF4sFFWZI36z31Lfy6qTHgzvXloHkwnG88QwIDAQAB o4IDlDCCA5AwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU8PkXZOD0GUtufWRtZbnh YHrgVvUwHwYDVR0jBBgwFoAUw/fQtSowra8NkSFwOVTdvIlwxzowaAYIKwYBBQUH AQEEXDBaMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAzBggr BgEFBQcwAoYnaHR0cDovL2FpYS5lbnRydXN0Lm5ldC9sMW0tY2hhaW4yNTYuY2Vy MDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwx bS5jcmwwgaAGA1UdEQSBmDCBlYILY2x1YmNhcmQuY3qCD3d3dy5jbHViY2FyZC5j eoISdnlob2R5LmNsdWJjYXJkLmN6gg90ZXNjb3JlY2VwdHkuY3qCE3d3dy50ZXNj b3JlY2VwdHkuY3qCEnRlc2NvZG9jdW1lbnRzLmNvbYIWd3d3LnRlc2NvZG9jdW1l bnRzLmNvbYIPbmxpbWcuaXRlc2NvLmN6MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSwYDVR0gBEQwQjA3BgpghkgBhvpsCgEC MCkwJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LmVudHJ1c3QubmV0L3JwYTAHBgVn gQwBATCCAYAGCisGAQQB1nkCBAIEggFwBIIBbAFqAHYAtz77JN+cTbp18jnFulj0 bF38Qs96nzXEnh0JgSXttJkAAAF+6DI/vAAABAMARzBFAiEAt6N/fiZmlcfbG79v YWJR7MKlJbdlIQc3vWYu/G+mRoECIGClGnsIb6XVsFFL5CU/FlQZdBVGbZnG57Td bs5aSGiYAHcAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PADDnk2pZoAAAF+6DI/ 2gAABAMASDBGAiEAtXem3tsigrU+fUflIbVJOrhhEyGJ0T5+3XuuuvggRk0CIQDO DPah67hiJUj2iIfwEmdCQE9LEHxfxFFa84qh00lV9AB3AK33vvp8/xDIi509nB4+ GGq0Zyldz7EMJMqFhjTr3IKKAAABfugyP6sAAAQDAEgwRgIhAOpmqAR7Ee8ZPRN4 47xWRQiXha6XsJo0JCYazXUvn4lpAiEA8A+sCRraY8yze1t+1YvjhJKll6uRMHCm 54nnkBI8olkwDQYJKoZIhvcNAQELBQADggEBAHGgCpLy62gEygkxbWFtuZPKQtq6 Cecm4JdaPGi8OBPxA2oaaZBivXGu1nD49t3ZNBNlwkXf18IapsooBqYXSlBjImYL MUjREfwen9osyddC0BnZfLgbWMtAaqySIw9qkN2juteGnB5P+e0Wrex5o0j7H1Dl ahg9PSpUVk872OLeMsiFpUGhN61lRvZYK4eLJrbsgzprLXibSj6rRumdRgnjePjj EdnYhQVAsbgLZpeUAjHDby1f9dZOd8kkM6cFk3bX2RqXzbUuJgrVgK+Qbe5GOA87 Sep8FuT0Xd5LQ+nr8+mVimwRxOCdKRPNkGbCAQJpeJBAtm9kOBqc5tl1Rfs= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0Z+S66R2aTWrQaOss0e puRo1epMmlul7Peq4EfWlYmI+JP6N29rgCeJXxGv4ZsRzcr2nEeR+nnm9W9hSWMr TtBSfx0OtFFqNrQulRTYXyazUmQoJPnPsnmgxK4Mv9qR3bhMXke131oQTCzoKWyx toYMzwcYbRWAhekTZjI1QIcQHdWbnNvCBc/0aa9L80c4gRm4OUmwSzUS0wbMC3SZ YghCSp6QlleL8BlKi1t8vCLzLMcx5eAmmi8X3cpZvs/cI743C+q41/6cQ/DANu6d zjKz5FNQHzXv4Z9gR10pwn0ZIEAllrDF4sFFWZI36z31Lfy6qTHgzvXloHkwnG88 QwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 70725242073574739538331537929871163863 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2014 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1M' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-02-11 09:51:53 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-11 09:51:53 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Praha 10' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tesco Stores CR a.s.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '45308314' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'clubcard.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25156184250922053366029496751260709652028208849437869929649309800316235847496895565412572516522988200182494711168242930696741584916786042784829075542828250747338538197987972436054022623614984942756911100230713145279042146614954411717816988490655967068778796639375555795209050834278799472783608070620749585320870519414663585343992737378656761712889675034183582793860962681899133283512050295266160169325111165997325104849077274922036378496430146046387461846074254183537173572970907019054932693548931173618170011064293904694112161397934937032248805355696523051821734190786253898206803964418853780698424587621715699252291 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f0f91764e0f4194b6e7d646d65b9e1607ae056f5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c3f7d0b52a30adaf0d9121703954ddbc8970c73a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1m-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1m.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (152 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clubcard.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.clubcard.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vyhody.clubcard.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tescorecepty.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tescorecepty.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tescodocuments.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tescodocuments.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nlimg.itesco.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.2 (Entrust EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000017ee8323fbc0000040300473045022100b7a37f7e266695c7db1bbf6f616251ecc2a525b765210737bd662efc6fa64681022060a51a7b086fa5d5b0514be4253f1654197415466d99c6e7b4dd6ece5a486898007700b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017ee8323fda0000040300483046022100b577a6dedb2282b53e7d47e521b5493ab861132189d13e7edd7baebaf820464d022100ce0cf6a1ebb8622548f68887f0126742404f4b107c5fc4515af38aa1d34955f4007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017ee8323fab0000040300483046022100ea66a8047b11ef193d1378e3bc5645089785ae97b09a3424261acd752f9f8969022100f00fac091ada63ccb37b5b7ed58be38492a597ab913070a6e789e790123ca259 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0071a00a92f2eb6804ca09316d616db993ca42daba09e726e0975a3c68bc3813f1036a1a699062bd71aed670f8f6ddd9341365c245dfd7c21aa6ca2806a6174a506322660b3148d111fc1e9fda2cc9d742d019d97cb81b58cb406aac92230f6a90dda3bad7869c1e4ff9ed16adec79a348fb1f50e56a183d3d2a54564f3bd8e2de32c885a541a137ad6546f6582b878b26b6ec833a6b2d789b4a3eab46e99d4609e378f8e311d9d8850540b1b80b6697940231c36f2d5ff5d64e77c92433a7059376d7d91a97cdb52e260ad580af906dee46380f3b49ea7c16e4f45dde4b43e9ebf3e9958a6c11c4e09d2913cd9066c2010269789040b66f64381a9ce6d97545fb