tms.data.hsbc.com

- HSBC Group Management Services Limited -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 29:4f:36:41:78:fa:53:42:f9:ed:2e:0e:bc:0a:61:1d was issued on by Entrust, Inc..

With 58 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

HSBC Group Management Services Limited

Organization: HSBC Group Management Services Limited
Locality: London
Country: GB

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 29:4f:36:41:78:fa:53:42:f9:ed:2e:0e:bc:0a:61:1d
Serial Number (int): 54909639716395788614472189125205844253
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 4d:74:e5:96:b9:52:0c:4c:55:c4:d7:5b:d7:d9:b1:0c:17:84:79:25
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): 6f:ab:f4:13:d5:33:8a:41:20:af:05:c1:0f:da:44:ed:90:15:6d:f9
Fingerprint (sha256): fb:b8:ef:e4:de:6a:66:8d:bb:ec:5f:88:92:86:78:9e:ce:b6:2b:34:3f:1b:40:33:41:b7:62:8e:91:a4:4d:ae

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate tms.data.hsbc.com

58

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for tms.data.hsbc.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

tms.data.hsbc.com
tms.data.firstdirect.com
tms.data.hangseng.com
tms.data.hsbc.ae
tms.data.hsbc.am
tms.data.hsbc.be
tms.data.hsbc.bm
tms.data.hsbc.ca
tms.data.hsbc.ch
tms.data.hsbc.cl
tms.data.hsbc.co.id
tms.data.hsbc.co.il
tms.data.hsbc.co.in
tms.data.hsbc.co.jp
tms.data.hsbc.co.kr
tms.data.hsbc.co.mu
tms.data.hsbc.co.nz
tms.data.hsbc.co.om
tms.data.hsbc.co.th
tms.data.hsbc.co.uk
tms.data.hsbc.co.za
tms.data.hsbc.com.ar
tms.data.hsbc.com.au
tms.data.hsbc.com.bd
tms.data.hsbc.com.bh
tms.data.hsbc.com.br
tms.data.hsbc.com.cn
tms.data.hsbc.com.eg
tms.data.hsbc.com.hk
tms.data.hsbc.com.kw
tms.data.hsbc.com.mo
tms.data.hsbc.com.mt
tms.data.hsbc.com.mx
tms.data.hsbc.com.my
tms.data.hsbc.com.ph
tms.data.hsbc.com.qa
tms.data.hsbc.com.sg
tms.data.hsbc.com.tr
tms.data.hsbc.com.tw
tms.data.hsbc.com.uy
tms.data.hsbc.com.vn
tms.data.hsbc.cz
tms.data.hsbc.de
tms.data.hsbc.es
tms.data.hsbc.fr
tms.data.hsbc.gr
tms.data.hsbc.ie
tms.data.hsbc.it
tms.data.hsbc.lk
tms.data.hsbc.lu
tms.data.hsbc.nl
tms.data.hsbc.pl
tms.data.hsbc.ru
tms.data.hsbc.se
tms.data.hsbc.uk
tms.data.hsbcamanah.com.my
tms.data.hsbcnet.com
tms.data.hsbcqh.com.cn

Other certificates including the domain name hsbc.com

(limited to 100 certificates)
www2.prodlike-site2.security.p2g.netd2.hsbc.com.hk
www.us.hsbc.com
tx.fguk-dev.hsbc.com
ist.hsbcusa.netd.us.hsbc.com
demolp.hsbc.com
www.fxclientui2.gfx.gbm.hsbc.com
rdcweb.us.hsbc.com
www.hsbc.co.uk
HSBC.COM
www.security.online-banking.ciiom.hsbc.com
www.fundsinfo.hsbc.com.sg
mortgageapply-uat.us.hsbc.com
www.qatar.hsbc.com
www.business.hsbc.co.uk
DEV-EXT-mqipt1-usl00001177.mq.hsbc.com
www-origin.prod.eu.dynp.hsbc.com
www2.plte.file.online-banking.uk.hsbc.com
hsbc.com
demolp.hsbc.com
qa.hsbcnetna.netd.us.hsbc.com
www.connectionshub-staging.business.hsbc.com
www.hsbc.com.kw
bahrainservice.hsbc.com
payments.jo.personal-banking.hsbc.com
investments.ae.personal-banking.hsbc.com
PROD-EXT-MQIPT05-gbl12676.mq.hsbc.com
investments3.sg.personal-banking.hsbc.com
lp-gsde.plte.services.online-banking.uk.hsbc.com
investments.hk.personal-banking.hsbc.com
OV-PLC-Renew-Hongkong.hsbc.com
gtff.hsbc.com
www.pib.pa.hsbc.com
priipskids.gbm.hsbc.com
uaemail.hsbc.com
www.business.hsbc.co.uk
admin.apply.us.hsbc.com
HSBC.COM
confidentialreport-icm.hsbc.com
PROD_EXT_MQIPT01_HKP1Vl0340.mq.hsbc.com
customerservice.expat.hsbc.com
pelp.hsbc.com
www.assetmanagement.hsbc.com
ist.hsbcmortgageservices.netd.us.hsbc.com
payments.lb.personal-banking.hsbc.com
www.hsbc.com.lb
mraedge1.mra-emea.hsbc.com
ssl1.remote.us.hsbc.com
FTP-MAINFRAME.SYSTEMS.UK.HSBC.COM
www.us.hsbc.com
recognition.staff.hsbc.com
apply-dev.personal.hsbc.com
DFRLO2PCL.mq.hsbc.com
incidentboard.asiapacific.hsbc.com
www.apps.asiapacific.hsbc.com
cards.uk.personal-banking.hsbc.com
www.fundsinfo.hsbc.com.sg
skm.m.security.online-banking.expat.hsbc.com
preprod.connectedmoney.api.hsbc.com
wordingcollaboration.business.hsbc.com
www.hsbc.com.eg
ca-aem-vh-lp.us.hsbc.com
www.banking.us.hsbc.com
www.hsbc.co.om
www.file.online-banking.ciiom.hsbc.com
apply-test.personal.hsbc.com
static.lp.services.online-banking.us.hsbc.com
www.fileupload.asiapacific.hsbc.com
identify-uat.expat.hsbc.com
us-aem-vh-lp.us.hsbc.com
gtff2.hsbc.com
usl00000677.us.hsbc.com
wdc.lp.m.ciiom.hsbc.com
payments.gr.personal-banking.hsbc.com
tradetracker.business.hsbc.com
www.tech.hsbc
aoins.us.hsbc.com
uatlp.hsbc.com
EV-PLC-Reissue-blabla.hsbc.com
www.content.online-banking.ciiom.hsbc.com
ecom-as2encsign.fguk-dev.hsbc.com
qa1.hfc.netd.us.hsbc.com
upivodaprod.hsbc.com
www.crs.hsbc.com
PLFISHK02.mq.hsbc.com
ist.hsbcnet.netd.us.hsbc.com
www.expat.hsbc.com
cards.ciiom.personal-banking.hsbc.com
FXTRADING.US.HSBC.COM
www.hsbc.com.ph
tx.fguk.hsbc.com
www.security.online-banking.hsbc.com.mx
FTP-MAINFRAME.SYSTEMS.UK.HSBC.COM
HBUSPROD.MAINFRAME.HSBC.COM
investments.sg.personal-banking.hsbc.com
pfo.us.hsbc.com
FTP-MAINFRAME.SYSTEMS.UK.HSBC.COM
ciiom.hsbc.com
www.ist5.usbib.netd.hsbc.com
www.dddc.us.hsbc.com
www.ukgib-its.hsbc.com

Certificate

The complete raw certificate details for tms.data.hsbc.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJtDCCCJygAwIBAgIQKU82QXj6U0L57S4OvAphHTANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y
NDAxMjQxMDU0MzBaFw0yNTAyMTYxMDU0MjlaMGsxCzAJBgNVBAYTAkdCMQ8wDQYD
VQQHEwZMb25kb24xLzAtBgNVBAoTJkhTQkMgR3JvdXAgTWFuYWdlbWVudCBTZXJ2
aWNlcyBMaW1pdGVkMRowGAYDVQQDExF0bXMuZGF0YS5oc2JjLmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAM/mCm8FUuJ/9rKpIcfOzqai/byBnrUZ
Pd2RfbIZJa1DSxSaERrfgvp3a0K0hTX98v/IGROkSFm7hI1os7Ro3mPNZ6ZcxJVP
8ZwmFTZ9Lpj6FDtC4LQdn8AcA1ypmxNryy1RPSMJ6JroiSq/33y3PZSH4nDZ+/l3
hNbJ9XnCzTet6/BiTMRvXAM9HMAWyGPkV/m7+2nuGclgfTuiH5zDPTGLHKBZYPFi
DHvxppI5HAy+xEuSPs+sL/98lPcgGDF2tSuCmc9fO6iUxJHg7RiY8LLqPC31G/SU
GYetGfpOxidQKObelpsbq9J74DrU38dN6dthFsgmMFnGKLyuois4ep0CAwEAAaOC
BgIwggX+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFE105Za5UgxMVcTXW9fZsQwX
hHklMB8GA1UdIwQYMBaAFIKicHTdvFM/z3vU981/p2DGCky/MGgGCCsGAQUFBwEB
BFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYIKwYB
BQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFrLWNoYWluMjU2LmNlcjAz
BgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L2xldmVsMWsu
Y3JsMIIEtAYDVR0RBIIEqzCCBKeCEXRtcy5kYXRhLmhzYmMuY29tghh0bXMuZGF0
YS5maXJzdGRpcmVjdC5jb22CFXRtcy5kYXRhLmhhbmdzZW5nLmNvbYIQdG1zLmRh
dGEuaHNiYy5hZYIQdG1zLmRhdGEuaHNiYy5hbYIQdG1zLmRhdGEuaHNiYy5iZYIQ
dG1zLmRhdGEuaHNiYy5ibYIQdG1zLmRhdGEuaHNiYy5jYYIQdG1zLmRhdGEuaHNi
Yy5jaIIQdG1zLmRhdGEuaHNiYy5jbIITdG1zLmRhdGEuaHNiYy5jby5pZIITdG1z
LmRhdGEuaHNiYy5jby5pbIITdG1zLmRhdGEuaHNiYy5jby5pboITdG1zLmRhdGEu
aHNiYy5jby5qcIITdG1zLmRhdGEuaHNiYy5jby5rcoITdG1zLmRhdGEuaHNiYy5j
by5tdYITdG1zLmRhdGEuaHNiYy5jby5ueoITdG1zLmRhdGEuaHNiYy5jby5vbYIT
dG1zLmRhdGEuaHNiYy5jby50aIITdG1zLmRhdGEuaHNiYy5jby51a4ITdG1zLmRh
dGEuaHNiYy5jby56YYIUdG1zLmRhdGEuaHNiYy5jb20uYXKCFHRtcy5kYXRhLmhz
YmMuY29tLmF1ghR0bXMuZGF0YS5oc2JjLmNvbS5iZIIUdG1zLmRhdGEuaHNiYy5j
b20uYmiCFHRtcy5kYXRhLmhzYmMuY29tLmJyghR0bXMuZGF0YS5oc2JjLmNvbS5j
boIUdG1zLmRhdGEuaHNiYy5jb20uZWeCFHRtcy5kYXRhLmhzYmMuY29tLmhrghR0
bXMuZGF0YS5oc2JjLmNvbS5rd4IUdG1zLmRhdGEuaHNiYy5jb20ubW+CFHRtcy5k
YXRhLmhzYmMuY29tLm10ghR0bXMuZGF0YS5oc2JjLmNvbS5teIIUdG1zLmRhdGEu
aHNiYy5jb20ubXmCFHRtcy5kYXRhLmhzYmMuY29tLnBoghR0bXMuZGF0YS5oc2Jj
LmNvbS5xYYIUdG1zLmRhdGEuaHNiYy5jb20uc2eCFHRtcy5kYXRhLmhzYmMuY29t
LnRyghR0bXMuZGF0YS5oc2JjLmNvbS50d4IUdG1zLmRhdGEuaHNiYy5jb20udXmC
FHRtcy5kYXRhLmhzYmMuY29tLnZughB0bXMuZGF0YS5oc2JjLmN6ghB0bXMuZGF0
YS5oc2JjLmRlghB0bXMuZGF0YS5oc2JjLmVzghB0bXMuZGF0YS5oc2JjLmZyghB0
bXMuZGF0YS5oc2JjLmdyghB0bXMuZGF0YS5oc2JjLmllghB0bXMuZGF0YS5oc2Jj
Lml0ghB0bXMuZGF0YS5oc2JjLmxrghB0bXMuZGF0YS5oc2JjLmx1ghB0bXMuZGF0
YS5oc2JjLm5sghB0bXMuZGF0YS5oc2JjLnBsghB0bXMuZGF0YS5oc2JjLnJ1ghB0
bXMuZGF0YS5oc2JjLnNlghB0bXMuZGF0YS5oc2JjLnVrghp0bXMuZGF0YS5oc2Jj
YW1hbmFoLmNvbS5teYIUdG1zLmRhdGEuaHNiY25ldC5jb22CFnRtcy5kYXRhLmhz
YmNxaC5jb20uY24wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjATBgNVHSAEDDAKMAgGBmeBDAECAjATBgorBgEEAdZ5AgQDAQH/
BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWZgJOAaD/GvS2h1QniJtW+Wpgd7BBPX3
AXPHsQhxA5rRSnFnIAknIW7fF5T8nhMxbz3WqqoRFSbN22nJKVPP/4fyGMwh3Zfu
RUXVnt4PhaItGX5P5onLvVnYfTrZU8JY51dFX5/aUUkDJzVp/lO4KWOtnqpyPHXk
xod5SG1GfKjbL5BneZqnmk7onKVsXImFGAY5sgGuDpEZXVpeDu0sbtkA4BxYvqDR
OE7CDJcNjWqW/aNIHY5F+NnAnYCqwrFVR0IjKYUMLRxz2r9OMDM2WjoeY2TseNF4
P1eDHaGxZhrYKAsz7+DuAH9wTe3hZry2DCivru5McLTPN8ou1l6CHw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+YKbwVS4n/2sqkhx87O
pqL9vIGetRk93ZF9shklrUNLFJoRGt+C+ndrQrSFNf3y/8gZE6RIWbuEjWiztGje
Y81nplzElU/xnCYVNn0umPoUO0LgtB2fwBwDXKmbE2vLLVE9IwnomuiJKr/ffLc9
lIficNn7+XeE1sn1ecLNN63r8GJMxG9cAz0cwBbIY+RX+bv7ae4ZyWB9O6IfnMM9
MYscoFlg8WIMe/GmkjkcDL7ES5I+z6wv/3yU9yAYMXa1K4KZz187qJTEkeDtGJjw
suo8LfUb9JQZh60Z+k7GJ1Ao5t6Wmxur0nvgOtTfx03p22EWyCYwWcYovK6iKzh6
nQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 54909639716395788614472189125205844253
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-24 10:54:30 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-16 10:54:29 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HSBC Group Management Services Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tms.data.hsbc.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26244766452892440957622351243576760103012554904101128831518438175442229194364636740901142702980786997858751621511530484431951844661338281022434831009374192925282860885429050284637762108600833814532604688130683450772279474902202467397316643476887022726600451481050517742430208098463365282868237736925162843914896393381571122840762247085464297685317307543843674788547065963584094442750112756909985883803808556303272284218717225951211097266860897381235532452037483208111159206150589895427043856362725793197377542718881875154977305004117073227990938814371617931062319116737993062411241712671985584963940845542950454196893
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4d74e596b9520c4c55c4d75bd7d9b10c17847925
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1195 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.firstdirect.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hangseng.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.ae'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.am'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.bm'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.cl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.co.id'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.co.il'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.co.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.co.kr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.co.mu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.co.om'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.co.th'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.co.za'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.ar'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.bd'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.bh'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.eg'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.hk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.kw'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.mo'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.mt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.mx'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.my'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.ph'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.qa'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.sg'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.tr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.tw'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.uy'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.com.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.gr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.lk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.lu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.ru'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.se'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbc.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbcamanah.com.my'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbcnet.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tms.data.hsbcqh.com.cn'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00599809380683fc6bd2da1d509e226d5be5a981dec104f5f70173c7b10871039ad14a7167200927216edf1794fc9e13316f3dd6aaaa111526cddb69c92953cfff87f218cc21dd97ee4545d59ede0f85a22d197e4fe689cbbd59d87d3ad953c258e757455f9fda514903273569fe53b82963ad9eaa723c75e4c68779486d467ca8db2f9067799aa79a4ee89ca56c5c8985180639b201ae0e91195d5a5e0eed2c6ed900e01c58bea0d1384ec20c970d8d6a96fda3481d8e45f8d9c09d80aac2b15547422329850c2d1c73dabf4e3033365a3a1e6364ec78d1783f57831da1b1661ad8280b33efe0ee007f704dede166bcb60c28afaeee4c70b4cf37ca2ed65e821f