Download as txt, pdf, or txt
Download as txt, pdf, or txt
You are on page 1of 183

Signature algorithm name: SHA384withECDSA

Subject Public Key Algorithm: 384-bit EC key


Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: B3 DB 48 A4 F9 A1 C5 D8 AE 36 41 CC 11 63 69 62 ..H......6A..cib
0010: 29 BC 4B C6 ).K.
]
]

*******************************************
*******************************************

Alias name: deutschetelekomrootca2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche Telekom


AG, C=DE
Issuer: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche
Telekom AG, C=DE
Serial number: 26
Valid from: Fri Jul 09 14:11:00 CEST 1999 until: Wed Jul 10 01:59:00 CEST 2019
Certificate fingerprints:
MD5: 74:01:4A:91:B1:08:C4:58:CE:47:CD:F0:DD:11:53:08
SHA1: 85:A4:08:C0:9C:19:3E:5D:51:58:7D:CD:D6:13:30:FD:8C:DE:37:BF
SHA256:
B6:19:1A:50:D0:C3:97:7F:7D:A9:9B:CD:AA:C8:6A:22:7D:AE:B9:67:9E:C7:0B:A3:B0:C9:D9:22
:71:C1:70:D3
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:true
PathLen:5
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 31 C3 79 1B BA F5 53 D7 17 E0 89 7A 2D 17 6C 0A 1.y...S....z-.l.
0010: B3 2B 9D 33 .+.3
]
]

*******************************************
*******************************************

Alias name: entrustrootcaec1 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Entrust Root Certification Authority - EC1, OU="(c) 2012 Entrust, Inc. -
for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.",
C=US
Issuer: CN=Entrust Root Certification Authority - EC1, OU="(c) 2012 Entrust, Inc. -
for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.",
C=US
Serial number: a68b79290000000050d091f9
Valid from: Tue Dec 18 16:25:36 CET 2012 until: Fri Dec 18 16:55:36 CET 2037
Certificate fingerprints:
MD5: B6:7E:1D:F0:58:C5:49:6C:24:3B:3D:ED:98:18:ED:BC
SHA1: 20:D8:06:40:DF:9B:25:F5:12:25:3A:11:EA:F7:59:8A:EB:14:B5:47
SHA256:
02:ED:0E:B2:8C:14:DA:45:16:5C:56:67:91:70:0D:64:51:D7:FB:56:F0:B2:AB:1D:3B:8E:B0:70
:E5:6E:DF:F5
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: B7 63 E7 1A DD 8D E9 08 A6 55 83 A4 E0 6A 50 41 .c.......U...jPA
0010: 65 11 42 49 e.BI
]
]

*******************************************
*******************************************

Alias name: osnoraclecom


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=osn.oracle.com, OU=Oracle OMCS (Oracle Owned) ADC, O=Oracle Corporation,


L=Redwood City, ST=California, C=US
Issuer: CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
Serial number: 55af0d47513a12c7b3d50752675e620
Valid from: Mon Oct 01 02:00:00 CEST 2018 until: Tue Oct 01 14:00:00 CEST 2019
Certificate fingerprints:
MD5: DF:F7:4E:C2:98:50:60:71:72:89:E2:12:4F:9F:68:AE
SHA1: 83:FC:66:31:12:15:BB:21:51:1B:56:8F:E0:A2:49:0F:B4:59:75:0A
SHA256:
47:4B:59:45:28:28:39:34:55:35:8A:A1:B0:D1:75:C9:95:47:22:84:A7:BF:AD:C1:AB:CD:29:9F
:36:C4:58:5C
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false


0000: 04 81 F3 00 F1 00 77 00 A4 B9 09 90 B4 18 58 14 ......w.......X.
0010: 87 BB 13 A2 CC 67 70 0A 3C 35 98 04 F9 1B DF B8 .....gp.<5......
0020: E3 77 CD 0E C8 0D DC 10 00 00 01 66 2E F2 6D D5 .w.........f..m.
0030: 00 00 04 03 00 48 30 46 02 21 00 C2 91 7D C3 C7 .....H0F.!......
0040: 67 73 A0 D7 4E 75 FD D5 99 BA 56 A1 4C 2E 2F DC gs..Nu....V.L./.
0050: 4B A3 44 64 CB CD E8 CF 17 C6 5C 02 21 00 F9 64 K.Dd......\.!..d
0060: 13 82 1C F7 05 5E 48 09 5F 3A 9A 4A F1 68 25 85 .....^H._:.J.h%.
0070: 03 E9 29 04 2A 08 C1 97 01 F3 65 56 96 35 00 76 ..).*.....eV.5.v
0080: 00 87 75 BF E7 59 7C F8 8C 43 99 5F BD F3 6E FF ..u..Y...C._..n.
0090: 56 8D 47 56 36 FF 4A B5 60 C1 B4 EA FF 5E A0 83 V.GV6.J.`....^..
00A0: 0F 00 00 01 66 2E F2 6E 9E 00 00 04 03 00 47 30 ....f..n......G0
00B0: 45 02 20 62 37 80 3E 5F 57 D1 EA 03 30 EF 3A 0A E. b7.>_W...0.:.
00C0: 66 EA E9 C8 DB 16 18 73 A9 11 AE 2F F5 9F 44 97 f......s.../..D.
00D0: 6E 83 78 02 21 00 84 E7 7F 67 B8 ED 55 A5 55 AC n.x.!....g..U.U.
00E0: 20 D2 FF 39 2D BF DF 91 8E EA 0A 41 32 41 A6 83 ..9-......A2A..
00F0: 03 1E AF 8D F3 AB ......

#2: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false


AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://ocsp.digicert.com
,
accessMethod: caIssuers
accessLocation: URIName:
http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt
]
]

#3: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 0F 80 61 1C 82 31 61 D5 2F 28 E7 8D 46 38 B4 2C ..a..1a./(..F8.,
0010: E1 C6 D9 E2 ....
]
]

#4: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:false
PathLen: undefined
]

#5: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl3.digicert.com/ssca-sha2-g6.crl]
, DistributionPoint:
[URIName: http://crl4.digicert.com/ssca-sha2-g6.crl]
]]

#6: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.114412.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 64 69
..https://www.di
0010: 67 69 63 65 72 74 2E 63 6F 6D 2F 43 50 53 gicert.com/CPS

]] ]
[CertificatePolicyId: [2.23.140.1.2.2]
[] ]
]

#7: ObjectId: 2.5.29.37 Criticality=false


ExtendedKeyUsages [
serverAuth
clientAuth
]

#8: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_Encipherment
]

#9: ObjectId: 2.5.29.17 Criticality=false


SubjectAlternativeName [
DNSName: osn.oracle.com
]
#10: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: AD 55 F1 EC AC F8 14 54 FC 9B A1 E9 A2 EC 10 AD .U.....T........
0010: 97 B8 83 DD ....
]
]

*******************************************
*******************************************

Alias name: secomscrootca1 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP


Issuer: OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP
Serial number: 0
Valid from: Tue Sep 30 06:20:49 CEST 2003 until: Sat Sep 30 06:20:49 CEST 2023
Certificate fingerprints:
MD5: F1:BC:63:6A:54:E0:B5:27:F5:CD:E7:1A:E3:4D:6E:4A
SHA1: 36:B1:2B:49:F9:81:9E:D7:4C:9E:BC:38:0F:C6:56:8F:5D:AC:B2:F7
SHA256:
E7:5E:72:ED:9F:56:0E:EC:6E:B4:80:00:73:A4:3F:C3:AD:19:19:5A:39:22:82:01:78:95:97:4A
:99:02:6B:6C
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: A0 73 49 99 68 DC 85 5B 65 E3 9B 28 2F 57 9F BD .sI.h..[e..(/W..
0010: 33 BC 07 48 3..H
]
]

*******************************************
*******************************************
Alias name: globalsignr2ca [jdk]
Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2


Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Serial number: 400000000010f8626e60d
Valid from: Fri Dec 15 09:00:00 CET 2006 until: Wed Dec 15 09:00:00 CET 2021
Certificate fingerprints:
MD5: 94:14:77:7E:3E:5E:FD:8F:30:BD:41:B0:CF:E7:D0:30
SHA1: 75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE
SHA256:
CA:42:DD:41:74:5F:D0:B8:1E:B9:02:36:2C:F9:D8:BF:71:9D:A1:BD:1B:1E:FC:94:6F:5B:4C:99
:F4:2C:1B:9E
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 9B E2 07 57 67 1C 1E C0 6A 06 DE 59 B4 9A 2D DF ...Wg...j..Y..-.
0010: DC 19 86 2E ....
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.globalsign.net/root-r2.crl]
]]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 9B E2 07 57 67 1C 1E C0 6A 06 DE 59 B4 9A 2D DF ...Wg...j..Y..-.
0010: DC 19 86 2E ....
]
]

*******************************************
*******************************************
Alias name: identrustdstx3 [jdk]
Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=DST Root CA X3, O=Digital Signature Trust Co.


Issuer: CN=DST Root CA X3, O=Digital Signature Trust Co.
Serial number: 44afb080d6a327ba893039862ef8406b
Valid from: Sat Sep 30 23:12:19 CEST 2000 until: Thu Sep 30 16:01:15 CEST 2021
Certificate fingerprints:
MD5: 41:03:52:DC:0F:F7:50:1B:16:F0:02:8E:BA:6F:45:C5
SHA1: DA:C9:02:4F:54:D8:F6:DF:94:93:5F:B1:73:26:38:CA:6A:D7:7C:13
SHA256:
06:87:26:03:31:A7:24:03:D9:09:F1:05:E6:9B:CF:0D:32:E1:BD:24:93:FF:C6:D9:20:6D:11:BC
:D6:77:07:39
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: C4 A7 B1 A4 7B 2C 71 FA DB E1 4B 90 75 FF C4 15 .....,q...K.u...
0010: 60 85 89 10 `...
]
]

*******************************************
*******************************************

Alias name: comodoeccca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford,


ST=Greater Manchester, C=GB
Issuer: CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford,
ST=Greater Manchester, C=GB
Serial number: 1f47afaa62007050544c019e9b63992a
Valid from: Thu Mar 06 01:00:00 CET 2008 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
MD5: 7C:62:FF:74:9D:31:53:5E:68:4A:D5:78:AA:1E:BF:23
SHA1: 9F:74:4E:9F:2B:4D:BA:EC:0F:31:2C:50:B6:56:3B:8E:2D:93:C3:11
SHA256:
17:93:92:7A:06:14:54:97:89:AD:CE:2F:8F:34:F7:F0:B6:6D:0F:3A:E3:A3:B8:4D:21:EC:15:DB
:BA:4F:AD:C7
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 75 71 A7 19 48 19 BC 9D 9D EA 41 47 DF 94 C4 48 uq..H.....AG...H
0010: 77 99 D3 79 w..y
]
]

*******************************************
*******************************************

Alias name: globalsignrootcar6 [jdk]


Creation date: Jan 30, 2019
Entry type: trustedCertEntry

Owner: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R6


Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R6
Serial number: 45e6bb038333c3856548e6ff4551
Valid from: Wed Dec 10 01:00:00 CET 2014 until: Sun Dec 10 01:00:00 CET 2034
Certificate fingerprints:
MD5: 4F:DD:07:E4:D4:22:64:39:1E:0C:37:42:EA:D1:C6:AE
SHA1: 80:94:64:0E:B5:A7:A1:CA:11:9C:1F:DD:D5:9F:81:02:63:A7:FB:D1
SHA256:
2C:AB:EA:FE:37:D0:6C:A2:2A:BA:73:91:C0:03:3D:25:98:29:52:C4:53:64:73:49:76:3A:3A:B5
:AD:6C:CF:69
Signature algorithm name: SHA384withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: AE 6C 05 A3 93 13 E2 A2 E7 E2 D7 1C D6 C7 F0 7F .l..............
0010: C8 67 53 A0 .gS.
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: AE 6C 05 A3 93 13 E2 A2 E7 E2 D7 1C D6 C7 F0 7F .l..............
0010: C8 67 53 A0 .gS.
]
]

*******************************************
*******************************************

Alias name: entrust2048ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net


Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net
Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Serial number: 3863def8
Valid from: Fri Dec 24 18:50:51 CET 1999 until: Tue Jul 24 16:15:12 CEST 2029
Certificate fingerprints:
MD5: EE:29:31:BC:32:7E:9A:E6:E8:B5:F7:51:B4:34:71:90
SHA1: 50:30:06:09:1D:97:D4:F5:AE:39:F7:CB:E7:92:7D:7D:65:2D:34:31
SHA256:
6D:C4:71:72:E0:1C:BC:B0:BF:62:58:0D:89:5F:E2:B8:AC:9A:D4:F8:73:80:1E:0C:10:B9:C8:37
:D2:1E:B1:77
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]
#2: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 55 E4 81 D1 11 80 BE D8 89 B9 08 A3 31 F9 A1 24 U...........1..$
0010: 09 16 B9 70 ...p
]
]

*******************************************
*******************************************

Alias name: addtrustexternalca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust


AB, C=SE
Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust
AB, C=SE
Serial number: 1
Valid from: Tue May 30 12:48:38 CEST 2000 until: Sat May 30 12:48:38 CEST 2020
Certificate fingerprints:
MD5: 1D:35:54:04:85:78:B0:3F:42:42:4D:BF:20:73:0A:3F
SHA1: 02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
SHA256:
68:7F:A4:51:38:22:78:FF:F0:C8:B1:1F:8D:43:D5:76:67:1C:6E:B2:BC:EA:B4:13:FB:83:D9:65
:D0:6D:2F:F2
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: AD BD 98 7A 34 B4 26 F7 FA C4 26 54 EF 03 BD E0 ...z4.&...&T....
0010: 24 CB 54 1A $.T.
]
[CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB,
C=SE]
SerialNumber: [ 01]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]
#3: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: AD BD 98 7A 34 B4 26 F7 FA C4 26 54 EF 03 BD E0 ...z4.&...&T....
0010: 24 CB 54 1A $.T.
]
]

*******************************************
*******************************************

Alias name: globalsigneccrootcar4 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R4


Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R4
Serial number: 2a38a41c960a04de42b228a50be8349802
Valid from: Tue Nov 13 01:00:00 CET 2012 until: Tue Jan 19 04:14:07 CET 2038
Certificate fingerprints:
MD5: 20:F0:27:68:D1:7E:A0:9D:0E:E6:2A:CA:DF:5C:89:8E
SHA1: 69:69:56:2E:40:80:F4:24:A1:E7:19:9F:14:BA:F3:EE:58:AB:6A:BB
SHA256:
BE:C9:49:11:C2:95:56:76:DB:6C:0A:55:09:86:D7:6E:3B:A0:05:66:7C:44:2C:97:62:B4:FB:B7
:73:DE:22:8C
Signature algorithm name: SHA256withECDSA
Subject Public Key Algorithm: 256-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 54 B0 7B AD 45 B8 E2 40 7F FB 0A 6E FB BE 33 C9 T...E..@...n..3.
0010: 3C A3 84 D5 <...
]
]

*******************************************
*******************************************

Alias name: usertrustrsaca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey


City, ST=New Jersey, C=US
Issuer: CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey
City, ST=New Jersey, C=US
Serial number: 1fd6d30fca3ca51a81bbc640e35032d
Valid from: Mon Feb 01 01:00:00 CET 2010 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
MD5: 1B:FE:69:D1:91:B7:19:33:A3:72:A8:0F:E1:55:E5:B5
SHA1: 2B:8F:1B:57:33:0D:BB:A2:D0:7A:6C:51:F7:0E:E9:0D:DA:B9:AD:8E
SHA256:
E7:93:C9:B0:2F:D8:AA:13:E2:1C:31:22:8A:CC:B0:81:19:64:3B:74:9C:89:89:64:B1:74:6D:46
:C3:D4:CB:D2
Signature algorithm name: SHA384withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 53 79 BF 5A AA 2B 4A CF 54 80 E1 D8 9B C0 9D F2 Sy.Z.+J.T.......
0010: B2 03 66 CB ..f.
]
]

*******************************************
*******************************************

Alias name: digicertassuredidrootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry
Owner: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Serial number: ce7e0e517d846fe8fe560fc1bf03039
Valid from: Fri Nov 10 01:00:00 CET 2006 until: Mon Nov 10 01:00:00 CET 2031
Certificate fingerprints:
MD5: 87:CE:0B:7B:2A:0E:49:00:E1:58:71:9B:37:A8:93:72
SHA1: 05:63:B8:63:0D:62:D7:5A:BB:C8:AB:1E:4B:DF:B5:A8:99:B2:4D:43
SHA256:
3E:90:99:B5:01:5E:8F:48:6C:00:BC:EA:9D:11:1E:E7:21:FA:BA:35:5A:89:BC:F1:DF:69:56:1E
:3D:C6:32:5C
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 45 EB A2 AF F4 92 CB 82 31 2D 51 8B A7 A7 21 9D E.......1-Q...!.
0010: F3 6D C8 0F .m..
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 45 EB A2 AF F4 92 CB 82 31 2D 51 8B A7 A7 21 9D E.......1-Q...!.
0010: F3 6D C8 0F .m..
]
]

*******************************************
*******************************************

Alias name: digicertglobalrootg2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US


Issuer: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
Serial number: 33af1e6a711a9a0bb2864b11d09fae5
Valid from: Thu Aug 01 14:00:00 CEST 2013 until: Fri Jan 15 13:00:00 CET 2038
Certificate fingerprints:
MD5: E4:A6:8A:C8:54:AC:52:42:46:0A:FD:72:48:1B:2A:44
SHA1: DF:3C:24:F9:BF:D6:66:76:1B:26:80:73:FE:06:D1:CC:8D:4F:82:A4
SHA256:
CB:3C:CB:B7:60:31:E5:E0:13:8F:8D:D3:9A:23:F9:DE:47:FF:C3:5E:43:C1:14:4C:EA:27:D4:6A
:5A:B1:CB:5F
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 4E 22 54 20 18 95 E6 E3 6E E6 0F FA FA B9 12 ED N"T ....n.......
0010: 06 17 8F 39 ...9
]
]

*******************************************
*******************************************

Alias name: actalisauthenticationrootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Actalis Authentication Root CA, O=Actalis S.p.A./03358520967, L=Milan,


C=IT
Issuer: CN=Actalis Authentication Root CA, O=Actalis S.p.A./03358520967, L=Milan,
C=IT
Serial number: 570a119742c4e3cc
Valid from: Thu Sep 22 13:22:02 CEST 2011 until: Sun Sep 22 13:22:02 CEST 2030
Certificate fingerprints:
MD5: 69:C1:0D:4F:07:A3:1B:C3:FE:56:3D:04:BC:11:F6:A6
SHA1: F3:73:B3:87:06:5A:28:84:8A:F2:F3:4A:CE:19:2B:DD:C7:8E:9C:AC
SHA256:
55:92:60:84:EC:96:3A:64:B9:6E:2A:BE:01:CE:0B:A8:6A:64:FB:FE:BC:C7:AA:B5:AF:C1:55:B3
:7F:D7:60:66
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3
Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 52 D8 88 3A C8 9F 78 66 ED 89 F3 7B 38 70 94 C9 R..:..xf....8p..
0010: 02 02 36 D0 ..6.
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 52 D8 88 3A C8 9F 78 66 ED 89 F3 7B 38 70 94 C9 R..:..xf....8p..
0010: 02 02 36 D0 ..6.
]
]

*******************************************
*******************************************

Alias name: digicertassuredidg2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=DigiCert Assured ID Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US


Issuer: CN=DigiCert Assured ID Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
Serial number: b931c3ad63967ea6723bfc3af9af44b
Valid from: Thu Aug 01 14:00:00 CEST 2013 until: Fri Jan 15 13:00:00 CET 2038
Certificate fingerprints:
MD5: 92:38:B9:F8:63:24:82:65:2C:57:33:E6:FE:81:8F:9D
SHA1: A1:4B:48:D9:43:EE:0A:0E:40:90:4F:3C:E0:A4:C0:91:93:51:5D:3F
SHA256:
7D:05:EB:B6:82:33:9F:8C:94:51:EE:09:4E:EB:FE:FA:79:53:A1:14:ED:B2:F4:49:49:45:2F:AB
:7D:2F:C1:85
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: CE C3 4A B9 99 55 F2 B8 DB 60 BF A9 7E BD 56 B5 ..J..U...`....V.
0010: 97 36 A7 D6 .6..
]
]

*******************************************
*******************************************

Alias name: swisssigngoldg2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH


Issuer: CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH
Serial number: bb401c43f55e4fb0
Valid from: Wed Oct 25 10:30:35 CEST 2006 until: Sat Oct 25 10:30:35 CEST 2036
Certificate fingerprints:
MD5: 24:77:D9:A8:91:D1:3B:FA:88:2D:C2:FF:F8:CD:33:93
SHA1: D8:C5:38:8A:B7:30:1B:1B:6E:D4:7A:E6:45:25:3A:6F:9F:1A:27:61
SHA256:
62:DD:0B:E9:B9:F5:0A:16:3E:A0:F8:E7:5C:05:3B:1E:CA:57:EA:55:C8:68:8F:64:7C:68:81:F2
:C8:35:7B:95
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 5B 25 7B 96 A4 65 51 7E B8 39 F3 C0 78 66 5E E8 [%...eQ..9..xf^.
0010: 3A E7 F0 EE :...
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]
#3: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.756.1.89.1.2.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 20 68 74 74 70 3A 2F 2F 72 65 70 6F 73 69 74 .
http://reposit
0010: 6F 72 79 2E 73 77 69 73 73 73 69 67 6E 2E 63 6F ory.swisssign.co
0020: 6D 2F m/

]] ]
]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 5B 25 7B 96 A4 65 51 7E B8 39 F3 C0 78 66 5E E8 [%...eQ..9..xf^.
0010: 3A E7 F0 EE :...
]
]

*******************************************
*******************************************

Alias name: entrustrootcag2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. -
for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.",
C=US
Issuer: CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. -
for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.",
C=US
Serial number: 4a538c28
Valid from: Tue Jul 07 19:25:54 CEST 2009 until: Sat Dec 07 18:55:54 CET 2030
Certificate fingerprints:
MD5: 4B:E2:C9:91:96:65:0C:F4:0E:5A:93:92:A0:0A:FE:B2
SHA1: 8C:F4:27:FD:79:0C:3A:D1:66:06:8D:E8:1E:57:EF:BB:93:22:72:D4
SHA256:
43:DF:57:74:B0:3E:7F:EF:5F:E4:0D:93:1A:7B:ED:F1:BB:2E:6B:42:73:8C:4E:6D:38:41:10:3D
:3A:A7:F3:39
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 6A 72 26 7A D0 1E EF 7D E7 3B 69 51 D4 6C 8D 9F jr&z.....;iQ.l..
0010: 90 12 66 AB ..f.
]
]

*******************************************
*******************************************

Alias name: quovadisrootca2g3 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=QuoVadis Root CA 2 G3, O=QuoVadis Limited, C=BM


Issuer: CN=QuoVadis Root CA 2 G3, O=QuoVadis Limited, C=BM
Serial number: 445734245b81899b35f2ceb82b3b5ba726f07528
Valid from: Thu Jan 12 19:59:32 CET 2012 until: Sun Jan 12 19:59:32 CET 2042
Certificate fingerprints:
MD5: AF:0C:86:6E:BF:40:2D:7F:0B:3E:12:50:BA:12:3D:06
SHA1: 09:3C:61:F3:8B:8B:DC:7D:55:DF:75:38:02:05:00:E1:25:F5:C8:36
SHA256:
8F:E4:FB:0A:F9:3A:4D:0D:67:DB:0B:EB:B2:3E:37:C7:1B:F3:25:DC:BC:DD:24:0E:A0:4D:AF:58
:B4:7E:18:40
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: ED E7 6F 76 5A BF 60 EC 49 5B C6 A5 77 BB 72 16 ..ovZ.`.I[..w.r.
0010: 71 9B C4 3D q..=
]
]

*******************************************
*******************************************

Alias name: utnuserfirstclientauthemailca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=UTN-USERFirst-Client Authentication and Email,


OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Client Authentication and Email,
OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Serial number: 44be0c8b500024b411d336252567c989
Valid from: Fri Jul 09 19:28:50 CEST 1999 until: Tue Jul 09 19:36:58 CEST 2019
Certificate fingerprints:
MD5: D7:34:3D:EF:1D:27:09:28:E1:31:02:5B:13:2B:DD:F7
SHA1: B1:72:B1:A5:6D:95:F9:1F:E5:02:87:E1:4D:37:EA:6A:44:63:76:8A
SHA256:
43:F2:57:41:2D:44:0D:62:74:76:97:4F:87:7D:A8:F1:FC:24:44:56:5A:36:7A:E6:0E:DD:C2:7A
:41:25:31:AE
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.usertrust.com/UTN-USERFirst-
ClientAuthenticationandEmail.crl]
]]

#3: ObjectId: 2.5.29.37 Criticality=false


ExtendedKeyUsages [
clientAuth
emailProtection
]

#4: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
DigitalSignature
Non_repudiation
Key_CertSign
Crl_Sign
]
#5: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 89 82 67 7D C4 9D 26 70 00 4B B4 50 48 7C DE 3D ..g...&p.K.PH..=
0010: AE 04 6E 7D ..n.
]
]

*******************************************
*******************************************

Alias name: securetrustca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=SecureTrust CA, O=SecureTrust Corporation, C=US


Issuer: CN=SecureTrust CA, O=SecureTrust Corporation, C=US
Serial number: cf08e5c0816a5ad427ff0eb271859d0
Valid from: Tue Nov 07 20:31:18 CET 2006 until: Mon Dec 31 20:40:55 CET 2029
Certificate fingerprints:
MD5: DC:32:C3:A7:6D:25:57:C7:68:09:9D:EA:2D:A9:A2:D1
SHA1: 87:82:C6:C3:04:35:3B:CF:D2:96:92:D2:59:3E:7D:44:D9:34:FF:11
SHA256:
F1:C1:B5:0A:E5:A2:0D:D8:03:0E:C9:F6:BC:24:82:3D:D3:67:B5:25:57:59:B4:E7:1B:61:FC:E9
:F7:37:5D:73
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.4.1.311.20.2 Criticality=false


0000: 1E 04 00 43 00 41 ...C.A

#2: ObjectId: 1.3.6.1.4.1.311.21.1 Criticality=false


0000: 02 01 00 ...

#3: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#4: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.securetrust.com/STCA.crl]
]]

#5: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#6: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 42 32 B6 16 FA 04 FD FE 5D 4B 7A C3 FD F7 4C 40 B2......]Kz...L@
0010: 1D 5A 43 AF .ZC.
]
]

*******************************************
*******************************************

Alias name: camerfirmachambersca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A.,


SERIALNUMBER=A82743287, L=Madrid (see current address at
www.camerfirma.com/address), C=EU
Issuer: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A.,
SERIALNUMBER=A82743287, L=Madrid (see current address at
www.camerfirma.com/address), C=EU
Serial number: a3da427ea4b1aeda
Valid from: Fri Aug 01 14:29:50 CEST 2008 until: Sat Jul 31 14:29:50 CEST 2038
Certificate fingerprints:
MD5: 5E:80:9E:84:5A:0E:65:0B:17:02:F3:55:18:2A:3E:D7
SHA1: 78:6A:74:AC:76:AB:14:7F:9C:6A:30:50:BA:9E:A8:7E:FE:9A:CE:3C
SHA256:
06:3E:4A:FA:C4:91:DF:D3:32:F3:08:9B:85:42:E9:46:17:D8:93:D7:FE:94:4E:10:A7:93:7E:E2
:9D:96:93:C0
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: F9 24 AC 0F B2 B5 F8 79 C0 FA 60 88 1B C4 D9 4D .$.....y..`....M
0010: 02 9E 17 19 ....
]
[CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287,
L=Madrid (see current address at www.camerfirma.com/address), C=EU]
SerialNumber: [ a3da427e a4b1aeda]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:12
]

#3: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 3A 2F 2F 70 6F 6C 69 63 79 2E
..http://policy.
0010: 63 61 6D 65 72 66 69 72 6D 61 2E 63 6F 6D camerfirma.com

]] ]
]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: F9 24 AC 0F B2 B5 F8 79 C0 FA 60 88 1B C4 D9 4D .$.....y..`....M
0010: 02 9E 17 19 ....
]
]

*******************************************
*******************************************

Alias name: geotrustprimaryca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US


Issuer: CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US
Serial number: 18acb56afd69b6153a636cafdafac4a1
Valid from: Mon Nov 27 01:00:00 CET 2006 until: Thu Jul 17 01:59:59 CEST 2036
Certificate fingerprints:
MD5: 02:26:C3:01:5E:08:30:37:43:A9:D0:7D:CF:37:E6:BF
SHA1: 32:3C:11:8E:1B:F7:B8:B6:52:54:E2:E2:10:0D:D6:02:90:37:F0:96
SHA256:
37:D5:10:06:C5:12:EA:AB:62:64:21:F1:EC:8C:92:01:3F:C5:F8:2A:E9:8E:E5:33:EB:46:19:B8
:DE:B4:D0:6C
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 2C D5 50 41 97 15 8B F0 8F 36 61 5B 4A FB 6B D9 ,.PA.....6a[J.k.
0010: 99 C9 33 92 ..3.
]
]

*******************************************
*******************************************

Alias name: identrustcommercial [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=IdenTrust Commercial Root CA 1, O=IdenTrust, C=US


Issuer: CN=IdenTrust Commercial Root CA 1, O=IdenTrust, C=US
Serial number: a0142800000014523c844b500000002
Valid from: Thu Jan 16 19:12:23 CET 2014 until: Mon Jan 16 19:12:23 CET 2034
Certificate fingerprints:
MD5: B3:3E:77:73:75:EE:A0:D3:E3:7E:49:63:49:59:BB:C7
SHA1: DF:71:7E:AA:4A:D9:4E:C9:55:84:99:60:2D:48:DE:5F:BC:F0:3A:25
SHA256:
5D:56:49:9B:E4:D2:E0:8B:CF:CA:D0:8A:3E:38:72:3D:50:50:3B:DE:70:69:48:E4:2F:55:60:30
:19:E5:28:AE
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: ED 44 19 C0 D3 F0 06 8B EE A4 7B BE 42 E7 26 54 .D..........B.&T
0010: C8 8E 36 76 ..6v
]
]
*******************************************
*******************************************

Alias name: thawteprimaryrootcag3 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized
use only", OU=Certification Services Division, O="thawte, Inc.", C=US
Issuer: CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized
use only", OU=Certification Services Division, O="thawte, Inc.", C=US
Serial number: 600197b746a7eab4b49ad64b2ff790fb
Valid from: Wed Apr 02 02:00:00 CEST 2008 until: Wed Dec 02 00:59:59 CET 2037
Certificate fingerprints:
MD5: FB:1B:5D:43:8A:94:CD:44:C6:76:F2:43:4B:47:E7:31
SHA1: F1:8B:53:8D:1B:E9:03:B6:A6:F0:56:43:5B:17:15:89:CA:F3:6B:F2
SHA256:
4B:03:F4:58:07:AD:70:F2:1B:FC:2C:AE:71:C9:FD:E4:60:4C:06:4C:F5:FF:B6:86:BA:E5:DB:AA
:D7:FD:D3:4C
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: AD 6C AA 94 60 9C ED E4 FF FA 3E 0A 74 2B 63 03 .l..`.....>.t+c.
0010: F7 B6 59 BF ..Y.
]
]

*******************************************
*******************************************

Alias name: buypassclass3ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Buypass Class 3 Root CA, O=Buypass AS-983163327, C=NO


Issuer: CN=Buypass Class 3 Root CA, O=Buypass AS-983163327, C=NO
Serial number: 2
Valid from: Tue Oct 26 10:28:58 CEST 2010 until: Fri Oct 26 10:28:58 CEST 2040
Certificate fingerprints:
MD5: 3D:3B:18:9E:2C:64:5A:E8:D5:88:CE:0E:F9:37:C2:EC
SHA1: DA:FA:F7:FA:66:84:EC:06:8F:14:50:BD:C7:C2:81:A5:BC:A9:64:57
SHA256:
ED:F7:EB:BC:A2:7A:2A:38:4D:38:7B:7D:40:10:C6:66:E2:ED:B4:84:3E:4C:29:B4:AE:1D:5B:93
:32:E6:B2:4D
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 47 B8 CD FF E5 6F EE F8 B2 EC 2F 4E 0E F9 25 B0 G....o..../N..%.
0010: 8E 3C 6B C3 .<k.
]
]

*******************************************
*******************************************

Alias name: verisigntsaca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville,


ST=Western Cape, C=ZA
Issuer: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte,
L=Durbanville, ST=Western Cape, C=ZA
Serial number: 67c8e1e8e3be1cbdfc913b8ea6238749
Valid from: Wed Jan 01 01:00:00 CET 1997 until: Sat Jan 02 00:59:59 CET 2021
Certificate fingerprints:
MD5: F2:89:95:6E:4D:05:F0:F1:A7:21:55:7D:46:11:BA:47
SHA1: 20:CE:B1:F0:F5:1C:0E:19:A9:F3:8D:B1:AA:8E:03:8C:AA:7A:C7:01
SHA256:
CB:6B:05:D9:E8:E5:7C:D8:82:B1:0B:4D:B7:0D:E4:BB:1D:E4:2B:A4:8A:7B:D0:31:8B:63:5B:F6
:E7:78:1A:9D
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 1024-bit RSA key
Version: 3
Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

*******************************************
*******************************************

Alias name: verisignclass3g4ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=VeriSign Class 3 Public Primary Certification Authority - G4, OU="(c)


2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G4, OU="(c)
2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Serial number: 2f80fe238c0e220f486712289187acb3
Valid from: Mon Nov 05 01:00:00 CET 2007 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
MD5: 3A:52:E1:E7:FD:6F:3A:E3:6F:F3:6F:99:1B:F9:22:41
SHA1: 22:D5:D8:DF:8F:02:31:D1:8D:F7:9D:B7:CF:8A:2D:64:C9:3F:6C:3A
SHA256:
69:DD:D7:EA:90:BB:57:C9:3E:13:5D:C8:5E:A6:FC:D5:48:0B:60:32:39:BD:C4:54:FC:75:8B:2A
:26:CF:7F:79
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.5.5.7.1.12 Criticality=false


0000: 30 5F A1 5D A0 5B 30 59 30 57 30 55 16 09 69 6D 0_.].[0Y0W0U..im
0010: 61 67 65 2F 67 69 66 30 21 30 1F 30 07 06 05 2B age/gif0!0.0...+
0020: 0E 03 02 1A 04 14 8F E5 D3 1A 86 AC 8D 8E 6B C3 ..............k.
0030: CF 80 6A D4 48 18 2C 7B 19 2E 30 25 16 23 68 74 ..j.H.,...0%.#ht
0040: 74 70 3A 2F 2F 6C 6F 67 6F 2E 76 65 72 69 73 69 tp://logo.verisi
0050: 67 6E 2E 63 6F 6D 2F 76 73 6C 6F 67 6F 2E 67 69 gn.com/vslogo.gi
0060: 66 f

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: B3 16 91 FD EE A6 6E E4 B5 2E 49 8F 87 78 81 80 ......n...I..x..
0010: EC E5 B1 B5 ....
]
]

*******************************************
*******************************************

Alias name: baltimorecybertrustca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE


Issuer: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Serial number: 20000b9
Valid from: Fri May 12 20:46:00 CEST 2000 until: Tue May 13 01:59:00 CEST 2025
Certificate fingerprints:
MD5: AC:B6:94:A5:9C:17:E0:D7:91:52:9B:B1:97:06:A6:E4
SHA1: D4:DE:20:D0:5E:66:FC:53:FE:1A:50:88:2C:78:DB:28:52:CA:E4:74
SHA256:
16:AF:57:A9:F6:76:B0:AB:12:60:95:AA:5E:BA:DE:F2:2A:B3:11:19:D6:44:AC:95:CD:4B:93:DB
:F3:F2:6A:EB
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:3
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: E5 9D 59 30 82 47 58 CC AC FA 08 54 36 86 7B 3A ..Y0.GX....T6..:
0010: B5 04 4D F0 ..M.
]
]

*******************************************
*******************************************

Alias name: gtecybertrustglobalca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE
Corporation, C=US
Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE
Corporation, C=US
Serial number: 1a5
Valid from: Thu Aug 13 02:29:00 CEST 1998 until: Tue Aug 14 01:59:00 CEST 2018
Certificate fingerprints:
MD5: CA:3D:D3:68:F1:03:5C:D0:32:FA:B8:2B:59:E8:5A:DB
SHA1: 97:81:79:50:D8:1C:96:70:CC:34:D8:09:CF:79:44:31:36:7E:F4:74
SHA256:
A5:31:25:18:8D:21:10:AA:96:4B:02:C7:B7:C6:DA:32:03:17:08:94:E5:FB:71:FF:FB:66:67:D5
:E6:81:0A:36
Signature algorithm name: MD5withRSA
Subject Public Key Algorithm: 1024-bit RSA key
Version: 1

*******************************************
*******************************************

Alias name: baltimorecodesigningca


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE


Issuer: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
Serial number: 20000bf
Valid from: Wed May 17 16:01:00 CEST 2000 until: Sun May 18 01:59:00 CEST 2025
Certificate fingerprints:
MD5: 90:F5:28:49:56:D1:5D:2C:B0:53:D4:4B:EF:6F:90:22
SHA1: 30:46:D8:C8:88:FF:69:30:C3:4A:FC:CD:49:27:08:7C:60:56:7B:0D
SHA256:
A9:15:45:DB:D2:E1:9C:4C:CD:F9:09:AA:71:90:0D:18:C7:35:1C:89:B3:15:F0:F1:3D:05:C1:3A
:8F:FB:46:87
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:3
]

#2: ObjectId: 2.5.29.37 Criticality=false


ExtendedKeyUsages [
codeSigning
]
#3: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: C8 41 34 5C 15 15 04 E5 40 F2 D1 AB 9A 6F 24 92 .A4\....@....o$.
0010: 7A 87 42 5A z.BZ
]
]

*******************************************
*******************************************

Alias name: verisignclass1ca


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US


Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Serial number: 3f691e819cf09a4af373ffb948a2e4dd
Valid from: Mon Jan 29 01:00:00 CET 1996 until: Thu Aug 03 01:59:59 CEST 2028
Certificate fingerprints:
MD5: 86:AC:DE:2B:C5:6D:C3:D9:8C:28:88:D3:8D:16:13:1E
SHA1: CE:6A:64:A3:09:E4:2F:BB:D9:85:1C:45:3E:64:09:EA:E8:7D:60:F1
SHA256:
51:84:7C:8C:BD:2E:9A:72:C9:1E:29:2D:2A:E2:47:D7:DE:1E:3F:D2:70:54:7A:20:EF:7D:61:0F
:38:B8:84:2C
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 1024-bit RSA key
Version: 1

*******************************************
*******************************************

Alias name: luxtrustglobalrootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=LuxTrust Global Root, O=LuxTrust s.a., C=LU


Issuer: CN=LuxTrust Global Root, O=LuxTrust s.a., C=LU
Serial number: bb8
Valid from: Thu Mar 17 10:51:37 CET 2011 until: Wed Mar 17 10:51:37 CET 2021
Certificate fingerprints:
MD5: 42:A5:21:7A:4C:AF:C7:BF:FD:A7:F5:B2:10:4C:3E:BE
SHA1: C9:3C:34:EA:90:D9:13:0C:0F:03:00:4B:98:BD:8B:35:70:91:56:11
SHA256:
A1:B2:DB:EB:64:E7:06:C6:16:9E:3C:41:18:B2:3B:AA:09:01:8A:84:27:66:6D:8B:F0:E2:88:91
:EC:05:19:50
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 17 15 85 89 09 2F 24 87 6F 3F 1D 1B E4 F2 96 79 ...../$.o?.....y
0010: 83 48 13 CE .H..
]
]

#2: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 17 15 85 89 09 2F 24 87 6F 3F 1D 1B E4 F2 96 79 ...../$.o?.....y
0010: 83 48 13 CE .H..
]
]

*******************************************
*******************************************

Alias name: verisignclass3g2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use
only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.",
C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use
only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.",
C=US
Serial number: 7dd9fe07cfa81eb7107967fba78934c6
Valid from: Mon May 18 02:00:00 CEST 1998 until: Wed Aug 02 01:59:59 CEST 2028
Certificate fingerprints:
MD5: A2:33:9B:4C:74:78:73:D4:6C:E7:C1:F3:8D:CB:5C:E9
SHA1: 85:37:1C:A6:E5:50:14:3D:CE:28:03:47:1B:DE:3A:09:E8:F8:77:0F
SHA256:
83:CE:3C:12:29:68:8A:59:3D:48:5F:81:97:3C:0F:91:95:43:1E:DA:37:CC:5E:36:43:0E:79:C7
:A8:88:63:8B
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 1024-bit RSA key
Version: 1
*******************************************
*******************************************

Alias name: camerfirmachamberscommerceca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma


SA CIF A82743287, C=EU
Issuer: CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC
Camerfirma SA CIF A82743287, C=EU
Serial number: 0
Valid from: Tue Sep 30 18:13:43 CEST 2003 until: Wed Sep 30 18:13:44 CEST 2037
Certificate fingerprints:
MD5: B0:01:EE:14:D9:AF:29:18:94:76:8E:F1:69:33:2A:84
SHA1: 6E:3A:55:A4:19:0C:19:5C:93:84:3C:C0:DB:72:2E:31:30:61:F0:B1
SHA256:
0C:25:8A:12:A5:67:4A:EF:25:F2:8B:A7:DC:FA:EC:EE:A3:48:E5:41:E6:F5:CC:4E:E6:3B:71:B3
:61:60:6A:C3
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:12
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.chambersign.org/chambersroot.crl]
]]

#3: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [1.3.6.1.4.1.17326.10.3.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 30 68 74 74 70 3A 2F 2F 63 70 73 2E 63 68 61 .
0http://cps.cha
0010: 6D 62 65 72 73 69 67 6E 2E 6F 72 67 2F 63 70 73 mbersign.org/cps
0020: 2F 63 68 61 6D 62 65 72 73 72 6F 6F 74 2E 68 74 /chambersroot.ht
0030: 6D 6C ml

]] ]
]

#4: ObjectId: 2.5.29.18 Criticality=false


IssuerAlternativeName [
RFC822Name: chambersroot@chambersign.org
]
#5: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]

#6: ObjectId: 2.16.840.1.113730.1.1 Criticality=false


NetscapeCertType [
SSL CA
S/MIME CA
Object Signing CA]

#7: ObjectId: 2.5.29.17 Criticality=false


SubjectAlternativeName [
RFC822Name: chambersroot@chambersign.org
]

#8: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: E3 94 F5 B1 4D E9 DB A1 29 5B 57 8B 4D 76 06 76 ....M...)[W.Mv.v
0010: E1 D1 A2 8A ....
]
]

*******************************************
*******************************************

Alias name: soneraclass2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Sonera Class2 CA, O=Sonera, C=FI


Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI
Serial number: 1d
Valid from: Fri Apr 06 09:29:40 CEST 2001 until: Tue Apr 06 09:29:40 CEST 2021
Certificate fingerprints:
MD5: A3:EC:75:0F:2E:88:DF:FA:48:01:4E:0B:5C:48:6F:FB
SHA1: 37:F7:6D:E6:07:7C:90:C5:B1:3E:93:1A:B7:41:10:B4:F2:E4:9A:27
SHA256:
79:08:B4:03:14:C1:38:10:0B:51:8D:07:35:80:7F:FB:FC:F8:51:8A:00:95:33:71:05:BA:38:6B
:15:3D:D9:27
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 4A A0 AA 58 84 D3 5E 3C J..X..^<
]
]

*******************************************
*******************************************

Alias name: affirmtrustnetworkingca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AffirmTrust Networking, O=AffirmTrust, C=US


Issuer: CN=AffirmTrust Networking, O=AffirmTrust, C=US
Serial number: 7c4f04391cd4992d
Valid from: Fri Jan 29 15:08:24 CET 2010 until: Tue Dec 31 15:08:24 CET 2030
Certificate fingerprints:
MD5: 42:65:CA:BE:01:9A:9A:4C:A9:8C:41:49:CD:C0:D5:7F
SHA1: 29:36:21:02:8B:20:ED:02:F5:66:C5:32:D1:D6:ED:90:9F:45:00:2F
SHA256:
0A:81:EC:5A:92:97:77:F1:45:90:4A:F3:8D:5D:50:9F:66:B5:E2:C5:8F:CD:B5:31:05:8B:0E:17
:F3:F0:B4:1B
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 07 1F D2 E7 9C DA C2 6E A2 40 B4 B0 7A 50 10 50 .......n.@..zP.P
0010: 74 C4 C8 BD t...
]
]
*******************************************
*******************************************

Alias name: ttelesecglobalrootclass3ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems


Enterprise Services GmbH, C=DE
Issuer: CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems
Enterprise Services GmbH, C=DE
Serial number: 1
Valid from: Wed Oct 01 12:29:56 CEST 2008 until: Sun Oct 02 01:59:59 CEST 2033
Certificate fingerprints:
MD5: CA:FB:40:A8:4E:39:92:8A:1D:FE:8E:2F:C4:27:EA:EF
SHA1: 55:A6:72:3E:CB:F2:EC:CD:C3:23:74:70:19:9D:2A:BE:11:E3:81:D1
SHA256:
FD:73:DA:D3:1C:64:4F:F1:B4:3B:EF:0C:CD:DA:96:71:0B:9C:D9:87:5E:CA:7E:31:70:7A:F3:E9
:6D:52:2B:BD
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: B5 03 F7 76 3B 61 82 6A 12 AA 18 53 EB 03 21 94 ...v;a.j...S..!.
0010: BF FE CE CA ....
]
]

*******************************************
*******************************************

Alias name: xrampglobalca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=XRamp Global Certification Authority, O=XRamp Security Services Inc,


OU=www.xrampsecurity.com, C=US
Issuer: CN=XRamp Global Certification Authority, O=XRamp Security Services Inc,
OU=www.xrampsecurity.com, C=US
Serial number: 50946cec18ead59c4dd597ef758fa0ad
Valid from: Mon Nov 01 18:14:04 CET 2004 until: Mon Jan 01 06:37:19 CET 2035
Certificate fingerprints:
MD5: A1:0B:44:B3:CA:10:D8:00:6E:9D:0F:D8:0F:92:0A:D1
SHA1: B8:01:86:D1:EB:9C:86:A5:41:04:CF:30:54:F3:4C:52:B7:E5:58:C6
SHA256:
CE:CD:DC:90:50:99:D8:DA:DF:C5:B1:D2:09:B7:37:CB:E2:C1:8C:FB:2C:10:C0:FF:0B:CF:0D:32
:86:FC:1A:A2
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.4.1.311.20.2 Criticality=false


0000: 1E 04 00 43 00 41 ...C.A

#2: ObjectId: 1.3.6.1.4.1.311.21.1 Criticality=false


0000: 02 01 01 ...

#3: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#4: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.xrampsecurity.com/XGCA.crl]
]]

#5: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#6: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: C6 4F A2 3D 06 63 84 09 9C CE 62 E4 04 AC 8D 5C .O.=.c....b....\
0010: B5 E9 B6 1B ....
]
]

*******************************************
*******************************************

Alias name: geotrustprimarycag3 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry
Owner: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc.
- For authorized use only, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc.
- For authorized use only, O=GeoTrust Inc., C=US
Serial number: 15ac6e9419b2794b41f627a9c3180f1f
Valid from: Wed Apr 02 02:00:00 CEST 2008 until: Wed Dec 02 00:59:59 CET 2037
Certificate fingerprints:
MD5: B5:E8:34:36:C9:10:44:58:48:70:6D:2E:83:D4:B8:05
SHA1: 03:9E:ED:B8:0B:E7:A0:3C:69:53:89:3B:20:D2:D9:32:3A:4C:2A:FD
SHA256:
B4:78:B8:12:25:0D:F8:78:63:5C:2A:A7:EC:7D:15:5E:AA:62:5E:E8:29:16:E2:CD:29:43:61:88
:6C:D1:FB:D4
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: C4 79 CA 8E A1 4E 03 1D 1C DC 6B DB 31 5B 94 3E .y...N....k.1[.>
0010: 3F 30 7F 2D ?0.-
]
]

*******************************************
*******************************************

Alias name: camerfirmachambersignca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A.,


SERIALNUMBER=A82743287, L=Madrid (see current address at
www.camerfirma.com/address), C=EU
Issuer: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A.,
SERIALNUMBER=A82743287, L=Madrid (see current address at
www.camerfirma.com/address), C=EU
Serial number: c9cdd3e9d57d23ce
Valid from: Fri Aug 01 14:31:40 CEST 2008 until: Sat Jul 31 14:31:40 CEST 2038
Certificate fingerprints:
MD5: 9E:80:FF:78:01:0C:2E:C1:36:BD:FE:96:90:6E:08:F3
SHA1: 4A:BD:EE:EC:95:0D:35:9C:89:AE:C7:52:A1:2C:5B:29:F6:D6:AA:0C
SHA256:
13:63:35:43:93:34:A7:69:80:16:A0:D3:24:DE:72:28:4E:07:9D:7B:52:20:BB:8F:BD:74:78:16
:EE:BE:BA:CA
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: B9 09 CA 9C 1E DB D3 6C 3A 6B AE ED 54 F1 5B 93 .......l:k..T.[.
0010: 06 35 2E 5E .5.^
]
[CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287,
L=Madrid (see current address at www.camerfirma.com/address), C=EU]
SerialNumber: [ c9cdd3e9 d57d23ce]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:12
]

#3: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 3A 2F 2F 70 6F 6C 69 63 79 2E
..http://policy.
0010: 63 61 6D 65 72 66 69 72 6D 61 2E 63 6F 6D camerfirma.com

]] ]
]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: B9 09 CA 9C 1E DB D3 6C 3A 6B AE ED 54 F1 5B 93 .......l:k..T.[.
0010: 06 35 2E 5E .5.^
]
]

*******************************************
*******************************************
Alias name: thawteprimaryrootcag2 [jdk]
Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized
use only", O="thawte, Inc.", C=US
Issuer: CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized
use only", O="thawte, Inc.", C=US
Serial number: 35fc265cd9844fc93d263d579baed756
Valid from: Mon Nov 05 01:00:00 CET 2007 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
MD5: 74:9D:EA:60:24:C4:FD:22:53:3E:CC:3A:72:D9:29:4F
SHA1: AA:DB:BC:22:23:8F:C4:01:A1:27:BB:38:DD:F4:1D:DB:08:9E:F0:12
SHA256:
A4:31:0D:50:AF:18:A6:44:71:90:37:2A:86:AF:AF:8B:95:1F:FB:43:1D:83:7F:1E:56:88:B4:59
:71:ED:15:57
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 9A D8 00 30 00 E7 6B 7F 85 18 EE 8B B6 CE 8A 0C ...0..k.........
0010: F8 11 E1 BB ....
]
]

*******************************************
*******************************************

Alias name: usertrusteccca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey


City, ST=New Jersey, C=US
Issuer: CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey
City, ST=New Jersey, C=US
Serial number: 5c8b99c55a94c5d27156decd8980cc26
Valid from: Mon Feb 01 01:00:00 CET 2010 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
MD5: FA:68:BC:D9:B5:7F:AD:FD:C9:1D:06:83:28:CC:24:C1
SHA1: D1:CB:CA:5D:B2:D5:2A:7F:69:3B:67:4D:E5:F0:5A:1D:0C:95:7D:F0
SHA256:
4F:F4:60:D5:4B:9C:86:DA:BF:BC:FC:57:12:E0:40:0D:2B:ED:3F:BC:4D:4F:BD:AA:86:E0:6A:DC
:D2:A9:AD:7A
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 3A E1 09 86 D4 CF 19 C2 96 76 74 49 76 DC E0 35 :........vtIv..5
0010: C6 63 63 9A .cc.
]
]

*******************************************
*******************************************

Alias name: certplusclass3pprimaryca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Class 3P Primary CA, O=Certplus, C=FR


Issuer: CN=Class 3P Primary CA, O=Certplus, C=FR
Serial number: bf5cdbb6f21c6ec04deb7a023b36e879
Valid from: Wed Jul 07 19:10:00 CEST 1999 until: Sun Jul 07 01:59:59 CEST 2019
Certificate fingerprints:
MD5: E1:4B:52:73:D7:1B:DB:93:30:E5:BD:E4:09:6E:BE:FB
SHA1: 21:6B:2A:29:E6:2A:00:CE:82:01:46:D8:24:41:41:B9:25:11:B2:79
SHA256:
CC:C8:94:89:37:1B:AD:11:1C:90:61:9B:EA:24:0A:2E:6D:AD:D9:9F:9F:6E:1D:4D:41:E5:8E:D6
:DE:3D:02:85
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:true
PathLen:10
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://www.certplus.com/CRL/class3P.crl]
]]

#3: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.16.840.1.113730.1.1 Criticality=false


NetscapeCertType [
Object Signing CA]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 86 E1 E1 81 71 BF 6A 12 F1 0A F2 01 E4 C8 FB 40 ....q.j........@
0010: CE 68 80 89 .h..
]
]

*******************************************
*******************************************

Alias name: swisssignsilverg2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH


Issuer: CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH
Serial number: 4f1bd42f54bb2f4b
Valid from: Wed Oct 25 10:32:46 CEST 2006 until: Sat Oct 25 10:32:46 CEST 2036
Certificate fingerprints:
MD5: E0:06:A1:C9:7D:CF:C9:FC:0D:C0:56:75:96:D8:62:13
SHA1: 9B:AA:E5:9F:56:EE:21:CB:43:5A:BE:25:93:DF:A7:F0:40:D1:1D:CB
SHA256:
BE:6C:4D:A2:BB:B9:BA:59:B6:F3:93:97:68:37:42:46:C3:C0:05:99:3F:A9:8F:02:0D:1D:ED:BE
:D4:8A:81:D5
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 17 A0 CD C1 E4 41 B6 3A 5B 3B CB 45 9D BD 1C C2 .....A.:[;.E....
0010: 98 FA 86 58 ...X
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [2.16.756.1.89.1.3.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 20 68 74 74 70 3A 2F 2F 72 65 70 6F 73 69 74 .
http://reposit
0010: 6F 72 79 2E 73 77 69 73 73 73 69 67 6E 2E 63 6F ory.swisssign.co
0020: 6D 2F m/

]] ]
]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 17 A0 CD C1 E4 41 B6 3A 5B 3B CB 45 9D BD 1C C2 .....A.:[;.E....
0010: 98 FA 86 58 ...X
]
]

*******************************************
*******************************************

Alias name: affirmtrustpremiumca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AffirmTrust Premium, O=AffirmTrust, C=US


Issuer: CN=AffirmTrust Premium, O=AffirmTrust, C=US
Serial number: 6d8c1446b1a60aee
Valid from: Fri Jan 29 15:10:36 CET 2010 until: Mon Dec 31 15:10:36 CET 2040
Certificate fingerprints:
MD5: C4:5D:0E:48:B6:AC:28:30:4E:0A:BC:F9:38:16:87:57
SHA1: D8:A6:33:2C:E0:03:6F:B1:85:F6:63:4F:7D:6A:06:65:26:32:28:27
SHA256:
70:A7:3F:7F:37:6B:60:07:42:48:90:45:34:B1:14:82:D5:BF:0E:69:8E:CC:49:8D:F5:25:77:EB
:F2:E9:3B:9A
Signature algorithm name: SHA384withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3
Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 9D C0 67 A6 0C 22 D9 26 F5 45 AB A6 65 52 11 27 ..g..".&.E..eR.'
0010: D8 45 AC 63 .E.c
]
]

*******************************************
*******************************************

Alias name: globalsignca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE


Issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Serial number: 40000000001154b5ac394
Valid from: Tue Sep 01 14:00:00 CEST 1998 until: Fri Jan 28 13:00:00 CET 2028
Certificate fingerprints:
MD5: 3E:45:52:15:09:51:92:E1:B7:5D:37:9F:B1:87:29:8A
SHA1: B1:BC:96:8B:D4:F4:9D:62:2A:A8:9A:81:F2:15:01:52:A4:1D:82:9C
SHA256:
EB:D4:10:40:E4:BB:3E:C7:42:C9:E3:81:D3:1E:F2:A4:1A:48:B6:68:5C:96:E7:CE:F3:C1:DF:6C
:D4:33:1C:99
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 60 7B 66 1A 45 0D 97 CA 89 50 2F 7D 04 CD 34 A8 `.f.E....P/...4.
0010: FF FC FD 4B ...K
]
]

*******************************************
*******************************************

Alias name: dtrustclass3ca2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=D-TRUST Root Class 3 CA 2 2009, O=D-Trust GmbH, C=DE


Issuer: CN=D-TRUST Root Class 3 CA 2 2009, O=D-Trust GmbH, C=DE
Serial number: 983f3
Valid from: Thu Nov 05 09:35:58 CET 2009 until: Mon Nov 05 09:35:58 CET 2029
Certificate fingerprints:
MD5: CD:E0:25:69:8D:47:AC:9C:89:35:90:F7:FD:51:3D:2F
SHA1: 58:E8:AB:B0:36:15:33:FB:80:F7:9B:1B:6D:29:D3:FF:8D:5F:00:F0
SHA256:
49:E7:A4:42:AC:F0:EA:62:87:05:00:54:B5:25:64:B6:50:E4:F4:9E:42:E3:48:D6:AA:38:E0:39
:E9:57:B1:C1
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: ldap://directory.d-trust.net/CN=D-TRUST%20Root%20Class%203%20CA
%202%202009,O=D-Trust%20GmbH,C=DE?certificaterevocationlist]
, DistributionPoint:
[URIName: http://www.d-trust.net/crl/d-trust_root_class_3_ca_2_2009.crl]
]]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: FD DA 14 C4 9F 30 DE 21 BD 1E 42 39 FC AB 63 23 .....0.!..B9..c#
0010: 49 E0 F1 84 I...
]
]

*******************************************
*******************************************

Alias name: affirmtrustcommercialca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AffirmTrust Commercial, O=AffirmTrust, C=US


Issuer: CN=AffirmTrust Commercial, O=AffirmTrust, C=US
Serial number: 7777062726a9b17c
Valid from: Fri Jan 29 15:06:06 CET 2010 until: Tue Dec 31 15:06:06 CET 2030
Certificate fingerprints:
MD5: 82:92:BA:5B:EF:CD:8A:6F:A6:3D:55:F9:84:F6:D6:B7
SHA1: F9:B5:B6:32:45:5F:9C:BE:EC:57:5F:80:DC:E9:6E:2C:C7:B2:78:B7
SHA256:
03:76:AB:1D:54:C5:F9:80:3C:E4:B2:E2:01:A0:EE:7E:EF:7B:57:B6:36:E8:A9:3C:9B:8D:48:60
:C9:6F:5F:A7
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 9D 93 C6 53 8B 5E CA AF 3F 9F 1E 0F E5 99 95 BC ...S.^..?.......
0010: 24 F6 94 8F $...
]
]

*******************************************
*******************************************

Alias name: letsencryptisrgx1 [jdk]


Creation date: May 19, 2017
Entry type: trustedCertEntry

Owner: CN=ISRG Root X1, O=Internet Security Research Group, C=US


Issuer: CN=ISRG Root X1, O=Internet Security Research Group, C=US
Serial number: 8210cfb0d240e3594463e0bb63828b00
Valid from: Thu Jun 04 13:04:38 CEST 2015 until: Mon Jun 04 13:04:38 CEST 2035
Certificate fingerprints:
MD5: 0C:D2:F9:E0:DA:17:73:E9:ED:86:4D:A5:E3:70:E7:4E
SHA1: CA:BD:2A:79:A1:07:6A:31:F2:1D:25:36:35:CB:03:9D:43:29:A5:E8
SHA256:
96:BC:EC:06:26:49:76:F3:74:60:77:9A:CF:28:C5:A7:CF:E8:A3:C0:AA:E1:1A:8F:FC:EE:05:C0
:BD:DF:08:C6
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 79 B4 59 E6 7B B6 E5 E4 01 73 80 08 88 C8 1A 58 y.Y......s.....X
0010: F6 E9 9B 6E ...n
]
]

*******************************************
*******************************************

Alias name: thawtepremiumserverca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA,


OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western
Cape, C=ZA
Issuer: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western
Cape, C=ZA
Serial number: 36122296c5e338a520a1d25f4cd70954
Valid from: Thu Aug 01 02:00:00 CEST 1996 until: Sat Jan 02 00:59:59 CET 2021
Certificate fingerprints:
MD5: A6:6B:60:90:23:9B:3F:2D:BB:98:6F:D6:A7:19:0D:46
SHA1: E0:AB:05:94:20:72:54:93:05:60:62:02:36:70:F7:CD:2E:FC:66:66
SHA256:
3F:9F:27:D5:83:20:4B:9E:09:C8:A3:D2:06:6C:4B:57:D3:A2:47:9C:36:93:65:08:80:50:56:98
:10:5D:BC:E9
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 1024-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

*******************************************
*******************************************

Alias name: comodoaaaca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater


Manchester, C=GB
Issuer: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater
Manchester, C=GB
Serial number: 1
Valid from: Thu Jan 01 01:00:00 CET 2004 until: Mon Jan 01 00:59:59 CET 2029
Certificate fingerprints:
MD5: 49:79:04:B0:EB:87:19:AC:47:B0:BC:11:51:9B:74:D0
SHA1: D1:EB:23:A4:6D:17:D6:8F:D9:25:64:C2:F1:F1:60:17:64:D8:E3:49
SHA256:
D7:A7:A0:FB:5D:7E:27:31:D7:71:E9:48:4E:BC:DE:F7:1D:5F:0C:3E:0A:29:48:78:2B:C8:3E:E0
:EA:69:9E:F4
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.comodoca.com/AAACertificateServices.crl]
, DistributionPoint:
[URIName: http://crl.comodo.net/AAACertificateServices.crl]
]]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: A0 11 0A 23 3E 96 F1 07 EC E2 AF 29 EF 82 A5 7F ...#>......)....
0010: D0 30 A4 B4 .0..
]
]

*******************************************
*******************************************

Alias name: geotrustprimarycag2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GeoTrust Primary Certification Authority - G2, OU=(c) 2007 GeoTrust Inc.
- For authorized use only, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Primary Certification Authority - G2, OU=(c) 2007 GeoTrust Inc.
- For authorized use only, O=GeoTrust Inc., C=US
Serial number: 3cb2f4480a00e2feeb243b5e603ec36b
Valid from: Mon Nov 05 01:00:00 CET 2007 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
MD5: 01:5E:D8:6B:BD:6F:3D:8E:A1:31:F8:12:E0:98:73:6A
SHA1: 8D:17:84:D5:37:F3:03:7D:EC:70:FE:57:8B:51:9A:99:E6:10:D7:B0
SHA256:
5E:DB:7A:C4:3B:82:A0:6A:87:61:E8:D7:BE:49:79:EB:F2:61:1F:7D:D7:9B:F9:1C:1C:6B:56:6A
:21:9E:D7:66
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 15 5F 35 57 51 55 FB 25 B2 AD 03 69 FC 01 A3 FA ._5WQU.%...i....
0010: BE 11 55 D5 ..U.
]
]

*******************************************
*******************************************

Alias name: symantecg4ca


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network,


O=Symantec Corporation, C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c)
2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Serial number: 513fb9743870b73440418d30930699ff
Valid from: Thu Oct 31 01:00:00 CET 2013 until: Tue Oct 31 00:59:59 CET 2023
Certificate fingerprints:
MD5: 23:D5:85:8E:BC:89:86:10:7C:B7:AC:1E:17:F7:26:C5
SHA1: FF:67:36:7C:5C:D4:DE:4A:E1:8B:CC:E1:D7:0F:DA:BD:7C:86:61:35
SHA256:
EA:E7:2E:B4:54:BF:6C:39:77:EB:D2:89:E9:70:B2:F5:28:29:49:19:00:93:D0:D2:6F:98:D0:F0
:D6:A9:CF:17
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false


AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://s2.symcb.com
]
]

#2: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 7F D3 65 A7 C2 DD EC BB F0 30 09 F3 43 39 FA 02 ..e......0..C9..
0010: AF 33 31 33 .313
]
]

#3: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:0
]

#4: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://s1.symcb.com/pca3-g5.crl]
]]
#5: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.54]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1A 68 74 74 70 3A 2F 2F 77 77 77 2E 73 79 6D
..http://www.sym
0010: 61 75 74 68 2E 63 6F 6D 2F 63 70 73 auth.com/cps

], PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 1C 1A 1A 68 74 74 70 3A 2F 2F 77 77 77 2E 73
0...http://www.s
0010: 79 6D 61 75 74 68 2E 63 6F 6D 2F 72 70 61 ymauth.com/rpa

]] ]
]

#6: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#7: ObjectId: 2.5.29.17 Criticality=false


SubjectAlternativeName [
CN=SymantecPKI-1-534
]

#8: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 5F 60 CF 61 90 55 DF 84 43 14 8A 60 2A B2 F5 7A _`.a.U..C..`*..z
0010: F4 43 18 EF .C..
]
]

*******************************************
*******************************************

Alias name: globalsignr3ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3


Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3
Serial number: 4000000000121585308a2
Valid from: Wed Mar 18 11:00:00 CET 2009 until: Sun Mar 18 11:00:00 CET 2029
Certificate fingerprints:
MD5: C5:DF:B8:49:CA:05:13:55:EE:2D:BA:1A:C3:3E:B0:28
SHA1: D6:9B:56:11:48:F0:1C:77:C5:45:78:C1:09:26:DF:5B:85:69:76:AD
SHA256:
CB:B5:22:D7:B7:F1:27:AD:6A:01:13:86:5B:DF:1C:D4:10:2E:7D:07:59:AF:63:5A:7C:F4:72:0D
:C9:63:C5:3B
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 8F F0 4B 7F A8 2E 45 24 AE 4D 50 FA 63 9A 8B DE ..K...E$.MP.c...
0010: E2 DD 1B BC ....
]
]

*******************************************
*******************************************

Alias name: thawteprimaryrootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use
only", OU=Certification Services Division, O="thawte, Inc.", C=US
Issuer: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use
only", OU=Certification Services Division, O="thawte, Inc.", C=US
Serial number: 344ed55720d5edec49f42fce37db2b6d
Valid from: Fri Nov 17 01:00:00 CET 2006 until: Thu Jul 17 01:59:59 CEST 2036
Certificate fingerprints:
MD5: 8C:CA:DC:0B:22:CE:F5:BE:72:AC:41:1A:11:A8:D8:12
SHA1: 91:C6:D6:EE:3E:8A:C8:63:84:E5:48:C2:99:29:5C:75:6C:81:7B:81
SHA256:
8D:72:2F:81:A9:C1:13:C0:79:1D:F1:36:A2:96:6D:B2:6C:95:0A:97:1D:B4:6B:41:99:F4:EA:54
:B7:8B:FB:9F
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 7B 5B 45 CF AF CE CB 7A FD 31 92 1A 6A B6 F3 46 .[E....z.1..j..F
0010: EB 57 48 50 .WHP
]
]

*******************************************
*******************************************

Alias name: quovadisrootca3 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM


Issuer: CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM
Serial number: 5c6
Valid from: Fri Nov 24 20:11:23 CET 2006 until: Mon Nov 24 20:06:44 CET 2031
Certificate fingerprints:
MD5: 31:85:3C:62:94:97:63:B9:AA:FD:89:4E:AF:6F:E0:CF
SHA1: 1F:49:14:F7:D8:74:95:1D:DD:AE:02:C0:BE:FD:3A:2D:82:75:51:85
SHA256:
18:F1:FC:7F:20:5D:F8:AD:DD:EB:7F:E0:07:DD:57:E3:AF:37:5A:9C:4D:8D:73:54:6B:F4:F1:FE
:D1:E1:8D:35
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: F2 C0 13 E0 82 43 3E FB EE 2F 67 32 96 35 5C DB .....C>../g2.5\.
0010: B8 CB 02 D0 ....
]
[CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM]
SerialNumber: [ 05c6]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [1.3.6.1.4.1.8024.0.3]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 81 86 1A 81 83 41 6E 79 20 75 73 65 20 6F 66 0.....Any use
of
0010: 20 74 68 69 73 20 43 65 72 74 69 66 69 63 61 74 this Certificat
0020: 65 20 63 6F 6E 73 74 69 74 75 74 65 73 20 61 63 e constitutes ac
0030: 63 65 70 74 61 6E 63 65 20 6F 66 20 74 68 65 20 ceptance of the
0040: 51 75 6F 56 61 64 69 73 20 52 6F 6F 74 20 43 41 QuoVadis Root CA
0050: 20 33 20 43 65 72 74 69 66 69 63 61 74 65 20 50 3 Certificate P
0060: 6F 6C 69 63 79 20 2F 20 43 65 72 74 69 66 69 63 olicy / Certific
0070: 61 74 69 6F 6E 20 50 72 61 63 74 69 63 65 20 53 ation Practice S
0080: 74 61 74 65 6D 65 6E 74 2E tatement.

], PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 21 68 74 74 70 3A 2F 2F 77 77 77 2E 71 75 6F .!
http://www.quo
0010: 76 61 64 69 73 67 6C 6F 62 61 6C 2E 63 6F 6D 2F vadisglobal.com/
0020: 63 70 73 cps

]] ]
]

#4: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: F2 C0 13 E0 82 43 3E FB EE 2F 67 32 96 35 5C DB .....C>../g2.5\.
0010: B8 CB 02 D0 ....
]
]

*******************************************
*******************************************

Alias name: starfieldclass2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies,


Inc.", C=US
Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies,
Inc.", C=US
Serial number: 0
Valid from: Tue Jun 29 19:39:16 CEST 2004 until: Thu Jun 29 19:39:16 CEST 2034
Certificate fingerprints:
MD5: 32:4A:4B:BB:C8:63:69:9B:BE:74:9A:C6:DD:1D:46:24
SHA1: AD:7E:1C:28:B0:64:EF:8F:60:03:40:20:14:C3:D0:E3:37:0E:B5:8A
SHA256:
14:65:FA:20:53:97:B8:76:FA:A6:F0:A9:95:8E:55:90:E4:0F:CC:7F:AA:4F:B7:C2:C8:67:75:21
:FB:5F:B6:58
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: BF 5F B7 D1 CE DD 1F 86 F4 5B 55 AC DC D7 10 C2 ._.......[U.....
0010: 0E A9 88 E7 ....
]
[OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.",
C=US]
SerialNumber: [ 00]
]

#2: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: BF 5F B7 D1 CE DD 1F 86 F4 5B 55 AC DC D7 10 C2 ._.......[U.....
0010: 0E A9 88 E7 ....
]
]

*******************************************
*******************************************

Alias name: starfieldrootg2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies,


Inc.", L=Scottsdale, ST=Arizona, C=US
Issuer: CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies,
Inc.", L=Scottsdale, ST=Arizona, C=US
Serial number: 0
Valid from: Tue Sep 01 02:00:00 CEST 2009 until: Fri Jan 01 00:59:59 CET 2038
Certificate fingerprints:
MD5: D6:39:81:C6:52:7E:96:69:FC:FC:CA:66:ED:05:F2:96
SHA1: B5:1C:06:7C:EE:2B:0C:3D:F8:55:AB:2D:92:F4:FE:39:D4:E7:0F:0E
SHA256:
2C:E1:CB:0B:F9:D2:F9:E1:02:99:3F:BE:21:51:52:C3:B2:DD:0C:AB:DE:1C:68:E5:31:9B:83:91
:54:DB:B7:F5
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 7C 0C 32 1F A7 D9 30 7F C4 7D 68 A3 62 A8 A1 CE ..2...0...h.b...
0010: AB 07 5B 27 ..['
]
]

*******************************************
*******************************************

Alias name: verisignclass3ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US


Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Serial number: 3c9131cb1ff6d01b0e9ab8d044bf12be
Valid from: Mon Jan 29 01:00:00 CET 1996 until: Thu Aug 03 01:59:59 CEST 2028
Certificate fingerprints:
MD5: EF:5A:F1:33:EF:F1:CD:BB:51:02:EE:12:14:4B:96:C4
SHA1: A1:DB:63:93:91:6F:17:E4:18:55:09:40:04:15:C7:02:40:B0:AE:6B
SHA256:
A4:B6:B3:99:6F:C2:F3:06:B3:FD:86:81:BD:63:41:3D:8C:50:09:CC:4F:A3:29:C2:CC:F0:E2:FA
:1B:14:03:05
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 1024-bit RSA key
Version: 1

*******************************************
*******************************************

Alias name: affirmtrustpremiumeccca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US


Issuer: CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US
Serial number: 7497258ac73f7a54
Valid from: Fri Jan 29 15:20:24 CET 2010 until: Mon Dec 31 15:20:24 CET 2040
Certificate fingerprints:
MD5: 64:B0:09:55:CF:B1:D5:99:E2:BE:13:AB:A6:5D:EA:4D
SHA1: B8:23:6B:00:2F:1D:16:86:53:01:55:6C:11:A4:37:CA:EB:FF:C3:BB
SHA256:
BD:71:FD:F6:DA:97:E4:CF:62:D1:64:7A:DD:25:81:B0:7D:79:AD:F8:39:7E:B4:EC:BA:9C:5E:84
:88:82:14:23
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 9A AF 29 7A C0 11 35 35 26 51 30 00 C3 6A FE 40 ..)z..55&Q0..j.@
0010: D5 AE D6 3C ...<
]
]

*******************************************
*******************************************

Alias name: digicertsha2secureserverca


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US


Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Serial number: 1fda3eb6eca75c888438b724bcfbc91
Valid from: Fri Mar 08 13:00:00 CET 2013 until: Wed Mar 08 13:00:00 CET 2023
Certificate fingerprints:
MD5: 34:5E:FF:15:B7:A4:9A:DD:45:1B:65:A7:F4:BD:C6:AE
SHA1: 1F:B8:6B:11:68:EC:74:31:54:06:2E:8C:9C:C5:B1:71:A4:B7:CC:B4
SHA256:
15:4C:43:3C:49:19:29:C5:EF:68:6E:83:8E:32:36:64:A0:0E:6A:0D:82:2C:CC:95:8F:B4:DA:B0
:3E:49:A0:8F
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false


AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://ocsp.digicert.com
]
]

#2: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 03 DE 50 35 56 D1 4C BB 66 F0 A3 E2 1B 1B C3 97 ..P5V.L.f.......
0010: B2 3D D1 55 .=.U
]
]

#3: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:0
]

#4: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl3.digicert.com/DigiCertGlobalRootCA.crl]
, DistributionPoint:
[URIName: http://crl4.digicert.com/DigiCertGlobalRootCA.crl]
]]

#5: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 64 69
..https://www.di
0010: 67 69 63 65 72 74 2E 63 6F 6D 2F 43 50 53 gicert.com/CPS

]] ]
]

#6: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#7: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 0F 80 61 1C 82 31 61 D5 2F 28 E7 8D 46 38 B4 2C ..a..1a./(..F8.,
0010: E1 C6 D9 E2 ....
]
]

*******************************************
*******************************************
Alias name: geotrustglobalca [jdk]
Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US


Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Serial number: 23456
Valid from: Tue May 21 06:00:00 CEST 2002 until: Sat May 21 06:00:00 CEST 2022
Certificate fingerprints:
MD5: F7:75:AB:29:FB:51:4E:B7:77:5E:FF:05:3C:99:8E:F5
SHA1: DE:28:F4:A4:FF:E5:B9:2F:A3:C5:03:D1:A3:49:A7:F9:96:2A:82:12
SHA256:
FF:85:6A:2D:25:1D:CD:88:D3:66:56:F4:50:12:67:98:CF:AB:AA:DE:40:79:9C:72:2D:E4:D2:B5
:DB:36:A7:3A
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: C0 7A 98 68 8D 89 FB AB 05 64 0C 11 7D AA 7D 65 .z.h.....d.....e
0010: B8 CA CC 4E ...N
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: C0 7A 98 68 8D 89 FB AB 05 64 0C 11 7D AA 7D 65 .z.h.....d.....e
0010: B8 CA CC 4E ...N
]
]

*******************************************
*******************************************

Alias name: swisscomrootca2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Swisscom Root CA 2, OU=Digital Certificate Services, O=Swisscom, C=ch


Issuer: CN=Swisscom Root CA 2, OU=Digital Certificate Services, O=Swisscom, C=ch
Serial number: 1e9e28e848f2e5efc37c4a1e5a1867b6
Valid from: Fri Jun 24 10:38:14 CEST 2011 until: Wed Jun 25 09:38:14 CEST 2031
Certificate fingerprints:
MD5: 5B:04:69:EC:A5:83:94:63:18:A7:86:D0:E4:F2:6E:19
SHA1: 77:47:4F:C6:30:E4:0F:4C:47:64:3F:84:BA:B8:C6:95:4A:8A:41:EC
SHA256:
F0:9B:12:2C:71:14:F4:A0:9B:D4:EA:4F:4A:99:D5:58:B4:6E:4C:25:CD:81:14:0D:29:C0:56:13
:91:4C:38:41
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 4D 26 20 22 89 4B D3 D5 A4 0A A1 6F DE E2 12 81 M& ".K.....o....
0010: C5 F1 3C 2E ..<.
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:7
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.33 Criticality=false


PolicyMappings [
[CertificatePolicyMap: [
IssuerDomain:CertificatePolicyId: [2.16.756.1.83.2.1]
SubjectDomain:CertificatePolicyId: [2.16.756.1.83.2.1]
]
]]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 4D 26 20 22 89 4B D3 D5 A4 0A A1 6F DE E2 12 81 M& ".K.....o....
0010: C5 F1 3C 2E ..<.
]
]

*******************************************
*******************************************

Alias name: aolrootca2


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=America Online Root Certification Authority 2, O=America Online Inc.,


C=US
Issuer: CN=America Online Root Certification Authority 2, O=America Online Inc.,
C=US
Serial number: 1
Valid from: Tue May 28 08:00:00 CEST 2002 until: Tue Sep 29 16:08:00 CEST 2037
Certificate fingerprints:
MD5: D6:ED:3C:CA:E2:66:0F:AF:10:43:0D:77:9B:04:09:BF
SHA1: 85:B5:FF:67:9B:0C:79:96:1F:C8:6E:44:22:00:46:13:DB:17:92:84
SHA256:
7D:3B:46:5A:60:14:E5:26:C0:AF:FC:EE:21:27:D2:31:17:27:AD:81:1C:26:84:2D:00:6A:F3:73
:06:CC:80:BD
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 4D 45 C1 68 38 BB 73 A9 69 A1 20 E7 ED F5 22 A1 ME.h8.s.i. ...".
0010: 23 14 D7 9E #...
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 4D 45 C1 68 38 BB 73 A9 69 A1 20 E7 ED F5 22 A1 ME.h8.s.i. ...".
0010: 23 14 D7 9E #...
]
]

*******************************************
*******************************************

Alias name: verisignclass2g3ca


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c)


1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c)
1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Serial number: 6170cb498c5f984529e7b0a6d9505b7a
Valid from: Fri Oct 01 02:00:00 CEST 1999 until: Thu Jul 17 01:59:59 CEST 2036
Certificate fingerprints:
MD5: F8:BE:C4:63:22:C9:A8:46:74:8B:B8:1D:1E:4A:2B:F6
SHA1: 61:EF:43:D7:7F:CA:D4:61:51:BC:98:E0:C3:59:12:AF:9F:EB:63:11
SHA256:
92:A9:D9:83:3F:E1:94:4D:B3:66:E8:BF:AE:7A:95:B6:48:0C:2D:6C:6C:2A:1B:E6:5D:42:36:B6
:08:FC:A1:BB
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 1

*******************************************
*******************************************

Alias name: godaddyclass2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.",
C=US
Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.",
C=US
Serial number: 0
Valid from: Tue Jun 29 19:06:20 CEST 2004 until: Thu Jun 29 19:06:20 CEST 2034
Certificate fingerprints:
MD5: 91:DE:06:25:AB:DA:FD:32:17:0C:BB:25:17:2A:84:67
SHA1: 27:96:BA:E6:3F:18:01:E2:77:26:1B:A0:D7:77:70:02:8F:20:EE:E4
SHA256:
C3:84:6B:F2:4B:9E:93:CA:64:27:4C:0E:C6:7C:1E:CC:5E:02:4F:FC:AC:D2:D7:40:19:35:0E:81
:FE:54:6A:E4
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: D2 C4 B0 D2 91 D4 4C 11 71 B3 61 CB 3D A1 FE DD ......L.q.a.=...
0010: A8 6A D4 E3 .j..
]
[OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US]
SerialNumber: [ 00]
]

#2: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: D2 C4 B0 D2 91 D4 4C 11 71 B3 61 CB 3D A1 FE DD ......L.q.a.=...
0010: A8 6A D4 E3 .j..
]
]

*******************************************
*******************************************

Alias name: godaddyrootg2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.",


L=Scottsdale, ST=Arizona, C=US
Issuer: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.",
L=Scottsdale, ST=Arizona, C=US
Serial number: 0
Valid from: Tue Sep 01 02:00:00 CEST 2009 until: Fri Jan 01 00:59:59 CET 2038
Certificate fingerprints:
MD5: 80:3A:BC:22:C1:E6:FB:8D:9B:3B:27:4A:32:1B:9A:01
SHA1: 47:BE:AB:C9:22:EA:E8:0E:78:78:34:62:A7:9F:45:C2:54:FD:E6:8B
SHA256:
45:14:0B:32:47:EB:9C:C8:C5:B4:F0:D7:B5:30:91:F7:32:92:08:9E:6E:5A:63:E2:74:9D:D3:AC
:A9:19:8E:DA
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 3A 9A 85 07 10 67 28 B6 EF F6 BD 05 41 6E 20 C1 :....g(.....An .
0010: 94 DA 0F DE ....
]
]

*******************************************
*******************************************
Alias name: aolrootca1
Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=America Online Root Certification Authority 1, O=America Online Inc.,


C=US
Issuer: CN=America Online Root Certification Authority 1, O=America Online Inc.,
C=US
Serial number: 1
Valid from: Tue May 28 08:00:00 CEST 2002 until: Thu Nov 19 21:43:00 CET 2037
Certificate fingerprints:
MD5: 14:F1:08:AD:9D:FA:64:E2:89:E7:1C:CF:A8:AD:7D:5E
SHA1: 39:21:C1:15:C1:5D:0E:CA:5C:CB:5B:C4:F0:7D:21:D8:05:0B:56:6A
SHA256:
77:40:73:12:C6:3A:15:3D:5B:C0:0B:4E:51:75:9C:DF:DA:C2:37:DC:2A:33:B6:79:46:E9:8E:9B
:FA:68:0A:E3
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 00 AD D9 A3 F6 79 F6 6E 74 A9 7F 33 3D 81 17 D7 .....y.nt..3=...
0010: 4C CF 33 DE L.3.
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 00 AD D9 A3 F6 79 F6 6E 74 A9 7F 33 3D 81 17 D7 .....y.nt..3=...
0010: 4C CF 33 DE L.3.
]
]

*******************************************
*******************************************

Alias name: verisignclass3g5ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c)


2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c)
2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Serial number: 18dad19e267de8bb4a2158cdcc6b3b4a
Valid from: Wed Nov 08 01:00:00 CET 2006 until: Thu Jul 17 01:59:59 CEST 2036
Certificate fingerprints:
MD5: CB:17:E4:31:67:3E:E2:09:FE:45:57:93:F3:0A:FA:1C
SHA1: 4E:B6:D5:78:49:9B:1C:CF:5F:58:1E:AD:56:BE:3D:9B:67:44:A5:E5
SHA256:
9A:CF:AB:7E:43:C8:D8:80:D0:6B:26:2A:94:DE:EE:E4:B4:65:99:89:C3:D0:CA:F1:9B:AF:64:05
:E4:1A:B7:DF
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.5.5.7.1.12 Criticality=false


0000: 30 5F A1 5D A0 5B 30 59 30 57 30 55 16 09 69 6D 0_.].[0Y0W0U..im
0010: 61 67 65 2F 67 69 66 30 21 30 1F 30 07 06 05 2B age/gif0!0.0...+
0020: 0E 03 02 1A 04 14 8F E5 D3 1A 86 AC 8D 8E 6B C3 ..............k.
0030: CF 80 6A D4 48 18 2C 7B 19 2E 30 25 16 23 68 74 ..j.H.,...0%.#ht
0040: 74 70 3A 2F 2F 6C 6F 67 6F 2E 76 65 72 69 73 69 tp://logo.verisi
0050: 67 6E 2E 63 6F 6D 2F 76 73 6C 6F 67 6F 2E 67 69 gn.com/vslogo.gi
0060: 66 f

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 7F D3 65 A7 C2 DD EC BB F0 30 09 F3 43 39 FA 02 ..e......0..C9..
0010: AF 33 31 33 .313
]
]

*******************************************
*******************************************

Alias name: quovadisrootca2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM


Issuer: CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM
Serial number: 509
Valid from: Fri Nov 24 19:27:00 CET 2006 until: Mon Nov 24 19:23:33 CET 2031
Certificate fingerprints:
MD5: 5E:39:7B:DD:F8:BA:EC:82:E9:AC:62:BA:0C:54:00:2B
SHA1: CA:3A:FB:CF:12:40:36:4B:44:B2:16:20:88:80:48:39:19:93:7C:F7
SHA256:
85:A0:DD:7D:D7:20:AD:B7:FF:05:F8:3D:54:2B:20:9D:C7:FF:45:28:F7:D6:77:B1:83:89:FE:A5
:E5:C4:9E:86
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 1A 84 62 BC 48 4C 33 25 04 D4 EE D0 F6 03 C4 19 ..b.HL3%........
0010: 46 D1 94 6B F..k
]
[CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM]
SerialNumber: [ 0509]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 1A 84 62 BC 48 4C 33 25 04 D4 EE D0 F6 03 C4 19 ..b.HL3%........
0010: 46 D1 94 6B F..k
]
]

*******************************************
*******************************************

Alias name: certumca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry
Owner: CN=Certum CA, O=Unizeto Sp. z o.o., C=PL
Issuer: CN=Certum CA, O=Unizeto Sp. z o.o., C=PL
Serial number: 10020
Valid from: Tue Jun 11 12:46:39 CEST 2002 until: Fri Jun 11 12:46:39 CEST 2027
Certificate fingerprints:
MD5: 2C:8F:9F:66:1D:18:90:B1:47:26:9D:8E:86:82:8C:A9
SHA1: 62:52:DC:40:F7:11:43:A2:2F:DE:9E:F7:34:8E:06:42:51:B1:81:18
SHA256:
D8:E0:FE:BC:1D:B2:E3:8D:00:94:0F:37:D2:7D:41:34:4D:99:3E:73:4B:99:D5:65:6D:97:78:D4
:D8:14:36:24
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

*******************************************
*******************************************

Alias name: swisssignplatinumg2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH


Issuer: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
Serial number: 4eb200670c035d4f
Valid from: Wed Oct 25 10:36:00 CEST 2006 until: Sat Oct 25 10:36:00 CEST 2036
Certificate fingerprints:
MD5: C9:98:27:77:28:1E:3D:0E:15:3C:84:00:B8:85:03:E6
SHA1: 56:E0:FA:C0:3B:8F:18:23:55:18:E5:D3:11:CA:E8:C2:43:31:AB:66
SHA256:
3B:22:2E:56:67:11:E9:92:30:0D:C0:B1:5A:B9:47:3D:AF:DE:F8:C8:4D:0C:EF:7D:33:17:B4:C1
:82:1D:14:36
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 50 AF CC 07 87 15 47 6F 38 C5 B4 65 D1 DE 95 AA P.....Go8..e....
0010: E9 DF 9C CC ....
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [2.16.756.1.89.1.1.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 20 68 74 74 70 3A 2F 2F 72 65 70 6F 73 69 74 .
http://reposit
0010: 6F 72 79 2E 73 77 69 73 73 73 69 67 6E 2E 63 6F ory.swisssign.co
0020: 6D 2F m/

]] ]
]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 50 AF CC 07 87 15 47 6F 38 C5 B4 65 D1 DE 95 AA P.....Go8..e....
0010: E9 DF 9C CC ....
]
]

*******************************************
*******************************************

Alias name: chunghwaepkirootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: OU=ePKI Root Certification Authority, O="Chunghwa Telecom Co., Ltd.", C=TW
Issuer: OU=ePKI Root Certification Authority, O="Chunghwa Telecom Co., Ltd.", C=TW
Serial number: 15c8bd65475cafb897005ee406d2bc9d
Valid from: Mon Dec 20 03:31:27 CET 2004 until: Wed Dec 20 03:31:27 CET 2034
Certificate fingerprints:
MD5: 1B:2E:00:CA:26:06:90:3D:AD:FE:6F:15:68:D3:6B:B3
SHA1: 67:65:0D:F1:7E:8E:7E:5B:82:40:A4:F4:56:4B:CF:E2:3D:69:C6:F0
SHA256:
C0:A6:F4:DC:63:A2:4B:FD:CF:54:EF:2A:6A:08:2A:0A:72:DE:35:80:3E:2F:F5:FF:52:7A:E5:D8
:72:06:DF:D5
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.23.42.7.0 Criticality=false


0000: 30 2F 30 2D 02 01 00 30 09 06 05 2B 0E 03 02 1A 0/0-...0...+....
0010: 05 00 30 07 06 05 67 2A 03 00 00 04 14 45 B0 C2 ..0...g*.....E..
0020: C7 0A 56 7C EE 5B 78 0C 95 F9 18 53 C1 A6 1C D8 ..V..[x....S....
0030: 10 .

#2: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 1E 0C F7 B6 67 F2 E1 92 26 09 45 C0 55 39 2E 77 ....g...&.E.U9.w
0010: 3F 42 4A A2 ?BJ.
]
]

*******************************************
*******************************************

Alias name: quovadisrootca3g3 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=QuoVadis Root CA 3 G3, O=QuoVadis Limited, C=BM


Issuer: CN=QuoVadis Root CA 3 G3, O=QuoVadis Limited, C=BM
Serial number: 2ef59b0228a7db7affd5a3a9eebd03a0cf126a1d
Valid from: Thu Jan 12 21:26:32 CET 2012 until: Sun Jan 12 21:26:32 CET 2042
Certificate fingerprints:
MD5: DF:7D:B9:AD:54:6F:68:A1:DF:89:57:03:97:43:B0:D7
SHA1: 48:12:BD:92:3C:A8:C4:39:06:E7:30:6D:27:96:E6:A4:CF:22:2E:7D
SHA256:
88:EF:81:DE:20:2E:B0:18:45:2E:43:F8:64:72:5C:EA:5F:BD:1F:C2:D9:D2:05:73:07:09:C5:D8
:B8:69:0F:46
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: C6 17 D0 BC A8 EA 02 43 F2 1B 06 99 5D 2B 90 20 .......C....]+.
0010: B9 D7 9C E4 ....
]
]

*******************************************
*******************************************

Alias name: addtrustclass1ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Serial number: 1
Valid from: Tue May 30 12:38:31 CEST 2000 until: Sat May 30 12:38:31 CEST 2020
Certificate fingerprints:
MD5: 1E:42:95:02:33:92:6B:B9:5F:C0:7F:DA:D6:B2:4B:FC
SHA1: CC:AB:0E:A0:4C:23:01:D6:69:7B:DD:37:9F:CD:12:EB:24:E3:94:9D
SHA256:
8C:72:09:27:9A:C0:4E:27:5E:16:D0:7F:D3:B7:75:E8:01:54:B5:96:80:46:E3:1F:52:DD:25:76
:63:24:E9:A7
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 95 B1 B4 F0 94 B6 BD C7 DA D1 11 09 21 BE C1 AF ............!...
0010: 49 FD 10 7B I...
]
[CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE]
SerialNumber: [ 01]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 95 B1 B4 F0 94 B6 BD C7 DA D1 11 09 21 BE C1 AF ............!...
0010: 49 FD 10 7B I...
]
]

*******************************************
*******************************************

Alias name: quovadisrootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=QuoVadis Root Certification Authority, OU=Root Certification Authority,


O=QuoVadis Limited, C=BM
Issuer: CN=QuoVadis Root Certification Authority, OU=Root Certification Authority,
O=QuoVadis Limited, C=BM
Serial number: 3ab6508b
Valid from: Mon Mar 19 19:33:33 CET 2001 until: Wed Mar 17 19:33:33 CET 2021
Certificate fingerprints:
MD5: 27:DE:36:FE:72:B7:00:03:00:9D:F4:F0:1E:6C:04:24
SHA1: DE:3F:40:BD:50:93:D3:9B:6C:60:F6:DA:BC:07:62:01:00:89:76:C9
SHA256:
A4:5E:DE:3B:BB:F0:9C:8A:E1:5C:72:EF:C0:72:68:D6:93:A2:1C:99:6F:D5:1E:67:CA:07:94:60
:FD:6D:88:73
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false


AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: https://ocsp.quovadisoffshore.com
]
]

#2: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 8B 4B 6D ED D3 29 B9 06 19 EC 39 39 A9 F0 97 84 .Km..)....99....
0010: 6A CB EF DF j...
]
[CN=QuoVadis Root Certification Authority, OU=Root Certification Authority,
O=QuoVadis Limited, C=BM]
SerialNumber: [ 3ab6508b]
]

#3: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#4: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [1.3.6.1.4.1.8024.0.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 81 C7 1A 81 C4 52 65 6C 69 61 6E 63 65 20 6F
0.....Reliance o
0010: 6E 20 74 68 65 20 51 75 6F 56 61 64 69 73 20 52 n the QuoVadis R
0020: 6F 6F 74 20 43 65 72 74 69 66 69 63 61 74 65 20 oot Certificate
0030: 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 73 by any party ass
0040: 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 20 umes acceptance
0050: 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 6C of the then appl
0060: 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 20 icable standard
0070: 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 74 terms and condit
0080: 69 6F 6E 73 20 6F 66 20 75 73 65 2C 20 63 65 72 ions of use, cer
0090: 74 69 66 69 63 61 74 69 6F 6E 20 70 72 61 63 74 tification pract
00A0: 69 63 65 73 2C 20 61 6E 64 20 74 68 65 20 51 75 ices, and the Qu
00B0: 6F 56 61 64 69 73 20 43 65 72 74 69 66 69 63 61 oVadis Certifica
00C0: 74 65 20 50 6F 6C 69 63 79 2E te Policy.

], PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 16 68 74 74 70 3A 2F 2F 77 77 77 2E 71 75 6F
..http://www.quo
0010: 76 61 64 69 73 2E 62 6D vadis.bm

]] ]
]

#5: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#6: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 8B 4B 6D ED D3 29 B9 06 19 EC 39 39 A9 F0 97 84 .Km..)....99....
0010: 6A CB EF DF j...
]
]

*******************************************
*******************************************

Alias name: digicerthighassuranceevrootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc,


C=US
Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc,
C=US
Serial number: 2ac5c266a0b409b8f0b79f2ae462577
Valid from: Fri Nov 10 01:00:00 CET 2006 until: Mon Nov 10 01:00:00 CET 2031
Certificate fingerprints:
MD5: D4:74:DE:57:5C:39:B2:D3:9C:85:83:C5:C0:65:49:8A
SHA1: 5F:B7:EE:06:33:E2:59:DB:AD:0C:4C:9A:E6:D3:8F:1A:61:C7:DC:25
SHA256:
74:31:E5:F4:C3:C1:CE:46:90:77:4F:0B:61:E0:54:40:88:3B:A9:A0:1E:D0:0B:A6:AB:D7:80:6E
:D3:B1:18:CF
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: B1 3E C3 69 03 F8 BF 47 01 D4 98 26 1A 08 02 EF .>.i...G...&....
0010: 63 64 2B C3 cd+.
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: B1 3E C3 69 03 F8 BF 47 01 D4 98 26 1A 08 02 EF .>.i...G...&....
0010: 63 64 2B C3 cd+.
]
]

*******************************************
*******************************************

Alias name: quovadisrootca1g3 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=QuoVadis Root CA 1 G3, O=QuoVadis Limited, C=BM


Issuer: CN=QuoVadis Root CA 1 G3, O=QuoVadis Limited, C=BM
Serial number: 78585f2ead2c194be3370735341328b596d46593
Valid from: Thu Jan 12 18:27:44 CET 2012 until: Sun Jan 12 18:27:44 CET 2042
Certificate fingerprints:
MD5: A4:BC:5B:3F:FE:37:9A:FA:64:F0:E2:FA:05:3D:0B:AB
SHA1: 1B:8E:EA:57:96:29:1A:C9:39:EA:B8:0A:81:1A:73:73:C0:93:79:67
SHA256:
8A:86:6F:D1:B2:76:B5:7E:57:8E:92:1C:65:82:8A:2B:ED:58:E9:F2:F2:88:05:41:34:B7:F1:F4
:BF:C9:CC:74
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: A3 97 D6 F3 5E A2 10 E1 AB 45 9F 3C 17 64 3C EE ....^....E.<.d<.
0010: 01 70 9C CC .p..
]
]

*******************************************
*******************************************

Alias name: certplusclass2primaryca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Class 2 Primary CA, O=Certplus, C=FR


Issuer: CN=Class 2 Primary CA, O=Certplus, C=FR
Serial number: 85bd4bf3d8dae369f694d75fc3a54423
Valid from: Wed Jul 07 19:05:00 CEST 1999 until: Sun Jul 07 01:59:59 CEST 2019
Certificate fingerprints:
MD5: 88:2C:8C:52:B8:A2:3C:F3:F7:BB:03:EA:AE:AC:42:0B
SHA1: 74:20:74:41:72:9C:DD:92:EC:79:31:D8:23:10:8D:C2:81:92:E2:BB
SHA256:
0F:99:3C:8A:EF:97:BA:AF:56:87:14:0E:D5:9A:D1:82:1B:B4:AF:AC:F0:AA:9A:58:B5:D5:7A:33
:8A:3A:FB:CB
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:true
PathLen:10
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://www.certplus.com/CRL/class2.crl]
]]

#3: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.16.840.1.113730.1.1 Criticality=false


NetscapeCertType [
SSL CA
S/MIME CA
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: E3 73 2D DF CB 0E 28 0C DE DD B3 A4 CA 79 B8 8E .s-...(......y..
0010: BB E8 30 89 ..0.
]
]

*******************************************
*******************************************

Alias name: keynectisrootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR


Issuer: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR
Serial number: 1121bc276c5547af584eefd4ced629b2a285
Valid from: Tue May 26 02:00:00 CEST 2009 until: Tue May 26 02:00:00 CEST 2020
Certificate fingerprints:
MD5: CC:4D:AE:FB:30:6B:D8:38:FE:50:EB:86:61:4B:D2:26
SHA1: 9C:61:5C:4D:4D:85:10:3A:53:26:C2:4D:BA:EA:E4:A2:D2:D5:CC:97
SHA256:
42:10:F1:99:49:9A:9A:C3:3C:8D:E0:2B:A6:DB:AA:14:40:8B:DD:8A:6E:32:46:89:C1:92:2D:06
:97:15:A3:32
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: EF B7 23 97 D0 A8 91 7F A6 CF A6 21 C0 34 9F CC ..#........!.4..
0010: 77 41 E1 D0 wA..
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:4
]

#3: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://trustcenter-
crl.certificat2.com/Keynectis/KEYNECTIS_ROOT_CA.crl]
]]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: EF B7 23 97 D0 A8 91 7F A6 CF A6 21 C0 34 9F CC ..#........!.4..
0010: 77 41 E1 D0 wA..
]
]

*******************************************
*******************************************

Alias name: comodorsaca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford,


ST=Greater Manchester, C=GB
Issuer: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford,
ST=Greater Manchester, C=GB
Serial number: 4caaf9cadb636fe01ff74ed85b03869d
Valid from: Tue Jan 19 01:00:00 CET 2010 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
MD5: 1B:31:B0:71:40:36:CC:14:36:91:AD:C4:3E:FD:EC:18
SHA1: AF:E5:D2:44:A8:D1:19:42:30:FF:47:9F:E2:F8:97:BB:CD:7A:8C:B4
SHA256:
52:F0:E1:C4:E5:8E:C6:29:29:1B:60:31:7F:07:46:71:B8:5D:7E:A8:0D:5B:07:27:34:63:53:4B
:32:B4:02:34
Signature algorithm name: SHA384withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]
#2: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: BB AF 7E 02 3D FA A6 F1 3C 84 8E AD EE 38 98 EC ....=...<....8..
0010: D9 32 32 D4 .22.
]
]

*******************************************
*******************************************

Alias name: buypassclass2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Buypass Class 2 Root CA, O=Buypass AS-983163327, C=NO


Issuer: CN=Buypass Class 2 Root CA, O=Buypass AS-983163327, C=NO
Serial number: 2
Valid from: Tue Oct 26 10:38:03 CEST 2010 until: Fri Oct 26 10:38:03 CEST 2040
Certificate fingerprints:
MD5: 46:A7:D2:FE:45:FB:64:5A:A8:59:90:9B:78:44:9B:29
SHA1: 49:0A:75:74:DE:87:0A:47:FE:58:EE:F6:C7:6B:EB:C6:0B:12:40:99
SHA256:
9A:11:40:25:19:7C:5B:B9:5D:94:E6:3D:55:CD:43:79:08:47:B6:46:B2:3C:DF:11:AD:A4:A0:0E
:FF:15:FB:48
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: C9 80 77 E0 62 92 82 F5 46 9C F3 BA F7 4C C3 DE ..w.b...F....L..
0010: B8 A3 AD 39 ...9
]
]
*******************************************
*******************************************

Alias name: secomscrootca2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: OU=Security Communication RootCA2, O="SECOM Trust Systems CO.,LTD.", C=JP


Issuer: OU=Security Communication RootCA2, O="SECOM Trust Systems CO.,LTD.", C=JP
Serial number: 0
Valid from: Fri May 29 07:00:39 CEST 2009 until: Tue May 29 07:00:39 CEST 2029
Certificate fingerprints:
MD5: 6C:39:7D:A4:0E:55:59:B2:3F:D6:41:B1:12:50:DE:43
SHA1: 5F:3B:8C:F2:F8:10:B3:7D:78:B4:CE:EC:19:19:C3:73:34:B9:C7:74
SHA256:
51:3B:2C:EC:B8:10:D4:CD:E5:DD:85:39:1A:DF:C6:C2:DD:60:D8:7B:B7:36:D2:B5:21:48:4A:A4
:7A:0E:BE:F6
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 0A 85 A9 77 65 05 98 7C 40 81 F8 0F 97 2C 38 F1 ...we...@....,8.
0010: 0A EC 3C CF ..<.
]
]

*******************************************
*******************************************

Alias name: certumtrustednetworkca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto


Technologies S.A., C=PL
Issuer: CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto
Technologies S.A., C=PL
Serial number: 444c0
Valid from: Wed Oct 22 14:07:37 CEST 2008 until: Mon Dec 31 13:07:37 CET 2029
Certificate fingerprints:
MD5: D5:E9:81:40:C5:18:69:FC:46:2C:89:75:62:0F:AA:78
SHA1: 07:E0:32:E0:20:B7:2C:3F:19:2F:06:28:A2:59:3A:19:A7:0F:06:9E
SHA256:
5C:58:46:8D:55:F5:8E:49:7E:74:39:82:D2:B5:00:10:B6:D1:65:37:4A:CF:83:A7:D4:A3:2D:B7
:68:C4:40:8E
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 08 76 CD CB 07 FF 24 F6 C5 CD ED BB 90 BC E2 84 .v....$.........
0010: 37 46 75 F7 7Fu.
]
]

*******************************************
*******************************************

Alias name: verisignclass3g3ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c)


1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c)
1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Serial number: 9b7e0649a33e62b9d5ee90487129ef57
Valid from: Fri Oct 01 02:00:00 CEST 1999 until: Thu Jul 17 01:59:59 CEST 2036
Certificate fingerprints:
MD5: CD:68:B6:A7:C7:C4:CE:75:E0:1D:4F:57:44:61:92:09
SHA1: 13:2D:0D:45:53:4B:69:97:CD:B2:D5:C3:39:E2:55:76:60:9B:5C:C6
SHA256:
EB:04:CF:5E:B1:F3:9A:FA:76:2F:2B:B1:20:F2:96:CB:A5:20:C1:B9:7D:B1:58:95:65:B8:1C:B9
:A1:7B:72:44
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 1

*******************************************
*******************************************

Alias name: entrustevca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.",


OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US
Issuer: CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.",
OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US
Serial number: 456b5054
Valid from: Mon Nov 27 21:23:42 CET 2006 until: Fri Nov 27 21:53:42 CET 2026
Certificate fingerprints:
MD5: D6:A5:C3:ED:5D:DD:3E:00:C1:3D:87:92:1F:1D:3F:E4
SHA1: B3:1E:B1:B7:40:E3:6C:84:02:DA:DC:37:D4:4D:F5:D4:67:49:52:F9
SHA256:
73:C1:76:43:4F:1B:C6:D5:AD:F4:5B:0E:76:E7:27:28:7C:8D:E5:76:16:C1:E6:E6:14:1A:2B:2C
:BC:7D:8E:4C
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.2.840.113533.7.65.0 Criticality=false


0000: 30 0E 1B 08 56 37 2E 31 3A 34 2E 30 03 02 04 90 0...V7.1:4.0....

#2: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 68 90 E4 67 A4 A6 53 80 C7 86 66 A4 F1 F7 4B 43 h..g..S...f...KC
0010: FB 84 BD 6D ...m
]
]

#3: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.16 Criticality=false


PrivateKeyUsage: [
From: Mon Nov 27 21:23:42 CET 2006, To: Fri Nov 27 21:53:42 CET 2026]
#6: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 68 90 E4 67 A4 A6 53 80 C7 86 66 A4 F1 F7 4B 43 h..g..S...f...KC
0010: FB 84 BD 6D ...m
]
]

*******************************************
*******************************************

Alias name: teliasonerarootcav1 [jdk]


Creation date: Nov 20, 2017
Entry type: trustedCertEntry

Owner: CN=TeliaSonera Root CA v1, O=TeliaSonera


Issuer: CN=TeliaSonera Root CA v1, O=TeliaSonera
Serial number: 95be16a0f72e46f17b398272fa8bcd96
Valid from: Thu Oct 18 14:00:50 CEST 2007 until: Mon Oct 18 14:00:50 CEST 2032
Certificate fingerprints:
MD5: 37:41:49:1B:18:56:9A:26:F5:AD:C2:66:FB:40:A5:4C
SHA1: 43:13:BB:96:F1:D5:86:9B:C1:4E:6A:92:F6:CF:F6:34:69:87:82:37
SHA256:
DD:69:36:FE:21:F8:F0:77:C1:23:A1:A5:21:C1:22:24:F7:22:55:B7:3E:03:A7:26:06:93:E8:A2
:4B:0F:A3:89
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: F0 8F 59 38 00 B3 F5 8F 9A 96 0C D5 EB FA 7B AA ..Y8............
0010: 17 E8 13 12 ....
]
]

*******************************************
*******************************************
Alias name: utnuserfirsthardwareca [jdk]
Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST


Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST
Network, L=Salt Lake City, ST=UT, C=US
Serial number: 44be0c8b500024b411d3362afe650afd
Valid from: Fri Jul 09 20:10:42 CEST 1999 until: Tue Jul 09 20:19:22 CEST 2019
Certificate fingerprints:
MD5: 4C:56:41:E5:0D:BB:2B:E8:CA:A3:ED:18:08:AD:43:39
SHA1: 04:83:ED:33:99:AC:36:08:05:87:22:ED:BC:5E:46:00:E3:BE:F9:D7
SHA256:
6E:A5:47:41:D0:04:66:7E:ED:1B:48:16:63:4A:A3:A7:9E:6E:4B:96:95:0F:82:79:DA:FC:8D:9B
:D8:81:21:37
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.usertrust.com/UTN-USERFirst-Hardware.crl]
]]

#3: ObjectId: 2.5.29.37 Criticality=false


ExtendedKeyUsages [
serverAuth
ipsecEndSystem
ipsecTunnel
ipsecUser
]

#4: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
DigitalSignature
Non_repudiation
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: A1 72 5F 26 1B 28 98 43 95 5D 07 37 D5 85 96 9D .r_&.(.C.].7....
0010: 4B D2 C3 45 K..E
]
]
*******************************************
*******************************************

Alias name: verisignclass1g3ca


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c)


1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c)
1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Serial number: 8b5b75568454850b00cfaf3848ceb1a4
Valid from: Fri Oct 01 02:00:00 CEST 1999 until: Thu Jul 17 01:59:59 CEST 2036
Certificate fingerprints:
MD5: B1:47:BC:18:57:D1:18:A0:78:2D:EC:71:E8:2A:95:73
SHA1: 20:42:85:DC:F7:EB:76:41:95:57:8E:13:6B:D4:B7:D1:E9:8E:46:A5
SHA256:
CB:B5:AF:18:5E:94:2A:24:02:F9:EA:CB:C0:ED:5B:B8:76:EE:A3:C1:22:36:23:D0:04:47:E4:F3
:BA:55:4B:65
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 1

*******************************************
*******************************************

Alias name: secomevrootca1


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.", C=JP


Issuer: OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.",
C=JP
Serial number: 0
Valid from: Wed Jun 06 04:12:32 CEST 2007 until: Sat Jun 06 04:12:32 CEST 2037
Certificate fingerprints:
MD5: 22:2D:A6:01:EA:7C:0A:F7:F0:6C:56:43:3F:77:76:D3
SHA1: FE:B8:C4:32:DC:F9:76:9A:CE:AE:3D:D8:90:8F:FD:28:86:65:64:7D
SHA256:
A2:2D:BA:68:1E:97:37:6E:2D:39:7D:72:8A:AE:3A:9B:62:96:B9:FD:BA:60:BC:2E:11:F6:47:F2
:C6:75:FB:37
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 35 4A F5 4D AF 3F D7 82 38 AC AB 71 65 17 75 8C 5J.M.?..8..qe.u.
0010: 9D 55 93 E6 .U..
]
]

*******************************************
*******************************************

Alias name: globalsigneccrootcar5 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R5


Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R5
Serial number: 605949e0262ebb55f90a778a71f94ad86c
Valid from: Tue Nov 13 01:00:00 CET 2012 until: Tue Jan 19 04:14:07 CET 2038
Certificate fingerprints:
MD5: 9F:AD:3B:1C:02:1E:8A:BA:17:74:38:81:0C:A2:BC:08
SHA1: 1F:24:C6:30:CD:A4:18:EF:20:69:FF:AD:4F:DD:5F:46:3A:1B:69:AA
SHA256:
17:9F:BC:14:8A:3D:D0:0F:D2:4E:A1:34:58:CC:43:BF:A7:F5:9C:81:82:D7:83:A5:13:F6:EB:EC
:10:0C:89:24
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 3D E6 29 48 9B EA 07 CA 21 44 4A 26 DE 6E DE D2 =.)H....!DJ&.n..
0010: 83 D0 9F 59 ...Y
]
]

*******************************************
*******************************************

Alias name: dtrustclass3ca2ev [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=D-TRUST Root Class 3 CA 2 EV 2009, O=D-Trust GmbH, C=DE


Issuer: CN=D-TRUST Root Class 3 CA 2 EV 2009, O=D-Trust GmbH, C=DE
Serial number: 983f4
Valid from: Thu Nov 05 09:50:46 CET 2009 until: Mon Nov 05 09:50:46 CET 2029
Certificate fingerprints:
MD5: AA:C6:43:2C:5E:2D:CD:C4:34:C0:50:4F:11:02:4F:B6
SHA1: 96:C9:1B:0B:95:B4:10:98:42:FA:D0:D8:22:79:FE:60:FA:B9:16:83
SHA256:
EE:C5:49:6B:98:8C:E9:86:25:B9:34:09:2E:EC:29:08:BE:D0:B0:F3:16:C2:D4:73:0C:84:EA:F1
:F3:D3:48:81
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: ldap://directory.d-trust.net/CN=D-TRUST%20Root%20Class%203%20CA
%202%20EV%202009,O=D-Trust%20GmbH,C=DE?certificaterevocationlist]
, DistributionPoint:
[URIName: http://www.d-trust.net/crl/d-trust_root_class_3_ca_2_ev_2009.crl]
]]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: D3 94 8A 4C 62 13 2A 19 2E CC AF 72 8A 7D 36 D7 ...Lb.*....r..6.
0010: 9A 1C DC 67 ...g
]
]
*******************************************
*******************************************

Alias name: verisignclass1g2ca


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use
only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.",
C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use
only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.",
C=US
Serial number: 4cc7eaaa983e71d39310f83d3a899192
Valid from: Mon May 18 02:00:00 CEST 1998 until: Wed Aug 02 01:59:59 CEST 2028
Certificate fingerprints:
MD5: DB:23:3D:F9:69:FA:4B:B9:95:80:44:73:5E:7D:41:83
SHA1: 27:3E:E1:24:57:FD:C4:F9:0C:55:E8:2B:56:16:7F:62:F5:32:E5:47
SHA256:
34:1D:E9:8B:13:92:AB:F7:F4:AB:90:A9:60:CF:25:D4:BD:6E:C6:5B:9A:51:CE:6E:D0:67:D0:0E
:C7:CE:9B:7F
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 1024-bit RSA key
Version: 1

*******************************************
*******************************************

Alias name: ttelesecglobalrootclass2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems


Enterprise Services GmbH, C=DE
Issuer: CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems
Enterprise Services GmbH, C=DE
Serial number: 1
Valid from: Wed Oct 01 12:40:14 CEST 2008 until: Sun Oct 02 01:59:59 CEST 2033
Certificate fingerprints:
MD5: 2B:9B:9E:E4:7B:6C:1F:00:72:1A:CC:C1:77:79:DF:6A
SHA1: 59:0D:2D:7D:88:4F:40:2E:61:7E:A5:62:32:17:65:CF:17:D8:94:E9
SHA256:
91:E2:F5:78:8D:58:10:EB:A7:BA:58:73:7D:E1:54:8A:8E:CA:CD:01:45:98:BC:0B:14:3E:04:1B
:17:05:25:52
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]
#2: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: BF 59 20 36 00 79 A0 A0 22 6B 8C D5 F2 61 D2 B8 .Y 6.y.."k...a..
0010: 2C CB 82 4A ,..J
]
]

*******************************************
*******************************************

Alias name: starfieldservicesrootg2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Starfield Services Root Certificate Authority - G2, O="Starfield


Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
Issuer: CN=Starfield Services Root Certificate Authority - G2, O="Starfield
Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
Serial number: 0
Valid from: Tue Sep 01 02:00:00 CEST 2009 until: Fri Jan 01 00:59:59 CET 2038
Certificate fingerprints:
MD5: 17:35:74:AF:7B:61:1C:EB:F4:F9:3C:E2:EE:40:F9:A2
SHA1: 92:5A:8F:8D:2C:6D:04:E0:66:5F:59:6A:FF:22:D8:63:E8:25:6F:3F
SHA256:
56:8D:69:05:A2:C8:87:08:A4:B3:02:51:90:ED:CF:ED:B1:97:4A:60:6A:13:C6:E5:29:0F:CB:2A
:E6:3E:DA:B5
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 9C 5F 00 DF AA 01 D7 30 2B 38 88 A2 B8 6D 4A 9C ._.....0+8...mJ.
0010: F2 11 91 83 ....
]
]

*******************************************
*******************************************

Alias name: digicertglobalrootca [jdk]


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US


Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Serial number: 83be056904246b1a1756ac95991c74a
Valid from: Fri Nov 10 01:00:00 CET 2006 until: Mon Nov 10 01:00:00 CET 2031
Certificate fingerprints:
MD5: 79:E4:A9:84:0D:7D:3A:96:D7:C0:4F:E2:43:4C:89:2E
SHA1: A8:98:5D:3A:65:E5:E5:C4:B2:D7:D6:6D:40:C6:DD:2F:B1:9C:54:36
SHA256:
43:48:A0:E9:44:4C:78:CB:26:5E:05:8D:5E:89:44:B4:D8:4F:96:62:BD:26:DB:25:7F:89:34:A4
:43:C7:01:61
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 03 DE 50 35 56 D1 4C BB 66 F0 A3 E2 1B 1B C3 97 ..P5V.L.f.......
0010: B2 3D D1 55 .=.U
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 03 DE 50 35 56 D1 4C BB 66 F0 A3 E2 1B 1B C3 97 ..P5V.L.f.......
0010: B2 3D D1 55 .=.U
]
]
*******************************************
*******************************************

Alias name: addtrustqualifiedca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Serial number: 1
Valid from: Tue May 30 12:44:50 CEST 2000 until: Sat May 30 12:44:50 CEST 2020
Certificate fingerprints:
MD5: 27:EC:39:47:CD:DA:5A:AF:E2:9A:01:65:21:A9:4C:BB
SHA1: 4D:23:78:EC:91:95:39:B5:00:7F:75:8F:03:3B:21:1E:C5:4D:8B:CF
SHA256:
80:95:21:08:05:DB:4B:BC:35:5E:44:28:D8:FD:6E:C2:CD:E3:AB:5F:B9:7A:99:42:98:8E:B8:F4
:DC:D0:60:16
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 39 95 8B 62 8B 5C C9 D4 80 BA 58 0F 97 3F 15 08 9..b.\....X..?..
0010: 43 CC 98 A7 C...
]
[CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE]
SerialNumber: [ 01]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 39 95 8B 62 8B 5C C9 D4 80 BA 58 0F 97 3F 15 08 9..b.\....X..?..
0010: 43 CC 98 A7 C...
]
]

*******************************************
*******************************************

vmohssera004:/dserai/applmgr/common/java/classes$ vi 2.txt
vmohssera004:/dserai/applmgr/common/java/classes$ cd
/dserai/product/1013/appsutil/jdk/jre/lib/security
vmohssera004:/dserai/product/1013/appsutil/jdk/jre/lib/security$ ls -lrt
total 275
-rw-r--r-- 1 apdserai aadserai 158 Mar 6 09:54 javafx.policy
drwxr-xr-x 4 apdserai aadserai 4 Apr 3 20:53 policy
-rw-r--r-- 1 apdserai aadserai 0 Apr 3 20:54 trusted.libraries
-rw-r--r-- 1 apdserai aadserai 39753 Apr 3 20:54 java.security
-rw-r--r-- 1 apdserai aadserai 2593 Apr 3 20:54 java.policy
-rw------- 1 apdserai aadserai 105894 Apr 3 20:54 cacerts_08_Jun_2019
-rw-r--r-- 1 apdserai aadserai 4054 Apr 3 20:54 blacklist
-rw-r--r-- 1 apdserai aadserai 119822 Jun 8 02:34 cacerts
-rw-r--r-- 1 apdserai aadserai 1501 Sep 2 08:27 %JAVA_HOME%jrelibsecuritycacerts
vmohssera004:/dserai/product/1013/appsutil/jdk/jre/lib/security$ clear
vmohssera004:/dserai/product/1013/appsutil/jdk/jre/lib/security$ keytool -list -v
-keystore /dserai/product/1013/appsutil/jdk/jre/lib/security/cacerts
Enter keystore password:
Keystore type: JKS
Keystore provider: SUN

Your keystore contains 107 entries

Alias name: verisignclass2g2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use
only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.",
C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use
only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.",
C=US
Serial number: b92f60cc889fa17a4609b85b706c8aaf
Valid from: Mon May 18 02:00:00 CEST 1998 until: Wed Aug 02 01:59:59 CEST 2028
Certificate fingerprints:
MD5: 2D:BB:E5:25:D3:D1:65:82:3A:B7:0E:FA:E6:EB:E2:E1
SHA1: B3:EA:C4:47:76:C9:C8:1C:EA:F2:9D:95:B6:CC:A0:08:1B:67:EC:9D
SHA256:
3A:43:E2:20:FE:7F:3E:A9:65:3D:1E:21:74:2E:AC:2B:75:C2:0F:D8:98:03:05:BC:50:2C:AF:8C
:2D:9B:41:A1
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 1024-bit RSA key
Version: 1

*******************************************
*******************************************

Alias name: digicertassuredidg3 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=DigiCert Assured ID Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US


Issuer: CN=DigiCert Assured ID Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US
Serial number: ba15afa1ddfa0b54944afcd24a06cec
Valid from: Thu Aug 01 14:00:00 CEST 2013 until: Fri Jan 15 13:00:00 CET 2038
Certificate fingerprints:
MD5: 7C:7F:65:31:0C:81:DF:8D:BA:3E:99:E2:5C:AD:6E:FB
SHA1: F5:17:A2:4F:9A:48:C6:C9:F8:A2:00:26:9F:DC:0F:48:2C:AB:30:89
SHA256:
7E:37:CB:8B:4C:47:09:0C:AB:36:55:1B:A6:F4:5D:B8:40:68:0F:BA:16:6A:95:2D:B1:00:71:7F
:43:05:3F:C2
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: CB D0 BD A9 E1 98 05 51 A1 4D 37 A2 83 79 CE 8D .......Q.M7..y..
0010: 1D 2A E4 84 .*..
]
]

*******************************************
*******************************************

Alias name: verisignuniversalrootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=VeriSign Universal Root Certification Authority, OU="(c) 2008 VeriSign,


Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.",
C=US
Issuer: CN=VeriSign Universal Root Certification Authority, OU="(c) 2008 VeriSign,
Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.",
C=US
Serial number: 401ac46421b31321030ebbe4121ac51d
Valid from: Wed Apr 02 02:00:00 CEST 2008 until: Wed Dec 02 00:59:59 CET 2037
Certificate fingerprints:
MD5: 8E:AD:B5:01:AA:4D:81:E4:8C:1D:D1:E1:14:00:95:19
SHA1: 36:79:CA:35:66:87:72:30:4D:30:A5:FB:87:3B:0F:A7:7B:B7:0D:54
SHA256:
23:99:56:11:27:A5:71:25:DE:8C:EF:EA:61:0D:DF:2F:A0:78:B5:C8:06:7F:4E:82:82:90:BF:B8
:60:E8:4B:3C
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.5.5.7.1.12 Criticality=false


0000: 30 5F A1 5D A0 5B 30 59 30 57 30 55 16 09 69 6D 0_.].[0Y0W0U..im
0010: 61 67 65 2F 67 69 66 30 21 30 1F 30 07 06 05 2B age/gif0!0.0...+
0020: 0E 03 02 1A 04 14 8F E5 D3 1A 86 AC 8D 8E 6B C3 ..............k.
0030: CF 80 6A D4 48 18 2C 7B 19 2E 30 25 16 23 68 74 ..j.H.,...0%.#ht
0040: 74 70 3A 2F 2F 6C 6F 67 6F 2E 76 65 72 69 73 69 tp://logo.verisi
0050: 67 6E 2E 63 6F 6D 2F 76 73 6C 6F 67 6F 2E 67 69 gn.com/vslogo.gi
0060: 66 f

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: B6 77 FA 69 48 47 9F 53 12 D5 C2 EA 07 32 76 07 .w.iHG.S.....2v.
0010: D1 97 07 19 ....
]
]

*******************************************
*******************************************

Alias name: digicerttrustedrootg4 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=DigiCert Trusted Root G4, OU=www.digicert.com, O=DigiCert Inc, C=US


Issuer: CN=DigiCert Trusted Root G4, OU=www.digicert.com, O=DigiCert Inc, C=US
Serial number: 59b1b579e8e2132e23907bda777755c
Valid from: Thu Aug 01 14:00:00 CEST 2013 until: Fri Jan 15 13:00:00 CET 2038
Certificate fingerprints:
MD5: 78:F2:FC:AA:60:1F:2F:B4:EB:C9:37:BA:53:2E:75:49
SHA1: DD:FB:16:CD:49:31:C9:73:A2:03:7D:3F:C8:3A:4D:7D:77:5D:05:E4
SHA256:
55:2F:7B:DC:F1:A7:AF:9E:6C:E6:72:01:7F:4F:12:AB:F7:72:40:C7:8E:76:1A:C2:03:D1:D9:D2
:0A:C8:99:88
Signature algorithm name: SHA384withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3
Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: EC D7 E3 82 D2 71 5D 64 4C DF 2E 67 3F E7 BA 98 .....q]dL..g?...
0010: AE 1C 0F 4F ...O
]
]

*******************************************
*******************************************

Alias name: osnprodoraclecom


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=osn-prod.oracle.com, OU=Oracle OMCS (Oracle Owned) ADC, O=Oracle


Corporation, L=Redwood City, ST=California, C=US
Issuer: CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
Serial number: cfde339cc8f11fc99390d17b67d968a
Valid from: Mon Oct 01 02:00:00 CEST 2018 until: Tue Oct 01 14:00:00 CEST 2019
Certificate fingerprints:
MD5: B3:69:80:6A:AF:4A:0A:B5:D0:08:49:1C:52:F4:EB:BA
SHA1: 49:A2:D0:0D:CB:D8:99:ED:06:F3:F3:2A:B1:58:21:02:61:0E:D2:92
SHA256:
5B:C4:24:49:F1:69:4E:94:EC:49:54:22:98:7D:1D:28:C9:83:A9:18:23:C3:F1:A0:00:82:36:2D
:EE:ED:D8:06
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false


0000: 04 81 F3 00 F1 00 77 00 BB D9 DF BC 1F 8A 71 B5 ......w.......q.
0010: 93 94 23 97 AA 92 7B 47 38 57 95 0A AB 52 E8 1A ..#....G8W...R..
0020: 90 96 64 36 8E 1E D1 85 00 00 01 66 2E F5 5A D5 ..d6.......f..Z.
0030: 00 00 04 03 00 48 30 46 02 21 00 8F E9 BE 4D 47 .....H0F.!....MG
0040: 13 C3 10 46 91 1A 0A F0 63 01 D1 6F BA 4F CE C6 ...F....c..o.O..
0050: 75 24 DD B4 0D 1D 5F 6E 19 36 66 02 21 00 FD 7D u$...._n.6f.!...
0060: 1B 6C AF A4 1E F9 2A AB 62 7E 04 91 AD 0C 92 0F .l....*.b.......
0070: 5B CB A7 B0 C1 49 44 6D 08 90 F5 41 97 B8 00 76 [....IDm...A...v
0080: 00 87 75 BF E7 59 7C F8 8C 43 99 5F BD F3 6E FF ..u..Y...C._..n.
0090: 56 8D 47 56 36 FF 4A B5 60 C1 B4 EA FF 5E A0 83 V.GV6.J.`....^..
00A0: 0F 00 00 01 66 2E F5 5A CD 00 00 04 03 00 47 30 ....f..Z......G0
00B0: 45 02 21 00 86 36 C8 81 16 89 45 17 82 21 7E CD E.!..6....E..!..
00C0: 67 B7 D2 9F 09 12 0A D2 E4 A9 0B 7F 45 F0 2E 7A g...........E..z
00D0: D7 E7 C8 66 02 20 0A CD 7D 46 28 93 7C EB 6E 28 ...f. ...F(...n(
00E0: 2A DE 7E F8 91 6A 2C E0 79 8B D7 0F 96 B7 65 62 *....j,.y.....eb
00F0: 7D 36 29 FD 67 3E .6).g>

#2: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false


AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://ocsp.digicert.com
,
accessMethod: caIssuers
accessLocation: URIName:
http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt
]
]

#3: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 0F 80 61 1C 82 31 61 D5 2F 28 E7 8D 46 38 B4 2C ..a..1a./(..F8.,
0010: E1 C6 D9 E2 ....
]
]

#4: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:false
PathLen: undefined
]

#5: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl3.digicert.com/ssca-sha2-g6.crl]
, DistributionPoint:
[URIName: http://crl4.digicert.com/ssca-sha2-g6.crl]
]]

#6: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.114412.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 64 69
..https://www.di
0010: 67 69 63 65 72 74 2E 63 6F 6D 2F 43 50 53 gicert.com/CPS

]] ]
[CertificatePolicyId: [2.23.140.1.2.2]
[] ]
]
#7: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]

#8: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_Encipherment
]

#9: ObjectId: 2.5.29.17 Criticality=false


SubjectAlternativeName [
DNSName: osn-prod.oracle.com
]

#10: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: C3 11 25 0A 3E 4C 44 13 80 50 2F 39 FB 3A 6B 07 ..%.>LD..P/9.:k.
0010: F2 6B 93 D1 .k..
]
]

*******************************************
*******************************************

Alias name: identrustpublicca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=IdenTrust Public Sector Root CA 1, O=IdenTrust, C=US


Issuer: CN=IdenTrust Public Sector Root CA 1, O=IdenTrust, C=US
Serial number: a0142800000014523cf467c00000002
Valid from: Thu Jan 16 18:53:32 CET 2014 until: Mon Jan 16 18:53:32 CET 2034
Certificate fingerprints:
MD5: 37:06:A5:B0:FC:89:9D:BA:F4:6B:8C:1A:64:CD:D5:BA
SHA1: BA:29:41:60:77:98:3F:F4:F3:EF:F2:31:05:3B:2E:EA:6D:4D:45:FD
SHA256:
30:D0:89:5A:9A:44:8A:26:20:91:63:55:22:D1:F5:20:10:B5:86:7A:CA:E1:2C:78:EF:95:8F:D4
:F4:38:9F:2F
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: E3 71 E0 9E D8 A7 42 D9 DB 71 91 6B 94 93 EB C3 .q....B..q.k....
0010: A3 D1 14 A3 ....
]
]

*******************************************
*******************************************

Alias name: utnuserfirstobjectca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST


Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST
Network, L=Salt Lake City, ST=UT, C=US
Serial number: 44be0c8b500024b411d3362de0b35f1b
Valid from: Fri Jul 09 20:31:20 CEST 1999 until: Tue Jul 09 20:40:36 CEST 2019
Certificate fingerprints:
MD5: A7:F2:E4:16:06:41:11:50:30:6B:9C:E3:B4:9C:B0:C9
SHA1: E1:2D:FB:4B:41:D7:D9:C3:2B:30:51:4B:AC:1D:81:D8:38:5E:2D:46
SHA256:
6F:FF:78:E4:00:A7:0C:11:01:1C:D8:59:77:C4:59:FB:5A:F9:6A:3D:F0:54:08:20:D0:F4:B8:60
:78:75:E5:8F
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.usertrust.com/UTN-USERFirst-Object.crl]
]]

#3: ObjectId: 2.5.29.37 Criticality=false


ExtendedKeyUsages [
codeSigning
timeStamping
1.3.6.1.4.1.311.10.3.4
]
#4: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Non_repudiation
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: DA ED 64 74 14 9C 14 3C AB DD 99 A9 BD 5B 28 4D ..dt...<.....[(M
0010: 8B 3C C9 D8 .<..
]
]

*******************************************
*******************************************

Alias name: geotrustuniversalca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US


Issuer: CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US
Serial number: 1
Valid from: Thu Mar 04 06:00:00 CET 2004 until: Sun Mar 04 06:00:00 CET 2029
Certificate fingerprints:
MD5: 92:65:58:8B:A2:1A:31:72:73:68:5C:B4:A5:7A:07:48
SHA1: E6:21:F3:35:43:79:05:9A:4B:68:30:9D:8A:2F:74:22:15:87:EC:79
SHA256:
A0:45:9B:9F:63:B2:25:59:F5:FA:5D:4C:6D:B3:F9:F7:2F:F1:93:42:03:35:78:F0:73:BF:1D:1B
:46:CB:B9:12
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: DA BB 2E AA B0 0C B8 88 26 51 74 5C 6D 03 D3 C0 ........&Qt\m...
0010: D8 8F 7A D6 ..z.
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: DA BB 2E AA B0 0C B8 88 26 51 74 5C 6D 03 D3 C0 ........&Qt\m...
0010: D8 8F 7A D6 ..z.
]
]

*******************************************
*******************************************

Alias name: digicertglobalrootg3 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=DigiCert Global Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US


Issuer: CN=DigiCert Global Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US
Serial number: 55556bcf25ea43535c3a40fd5ab4572
Valid from: Thu Aug 01 14:00:00 CEST 2013 until: Fri Jan 15 13:00:00 CET 2038
Certificate fingerprints:
MD5: F5:5D:A4:50:A5:FB:28:7E:1E:0F:0D:CC:96:57:56:CA
SHA1: 7E:04:DE:89:6A:3E:66:6D:00:E6:87:D3:3F:FA:D9:3B:E8:3D:34:9E
SHA256:
31:AD:66:48:F8:10:41:38:C7:38:F3:9E:A4:32:01:33:39:3E:3A:18:CC:02:29:6E:F9:7C:2A:C9
:EF:67:31:D0
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: B3 DB 48 A4 F9 A1 C5 D8 AE 36 41 CC 11 63 69 62 ..H......6A..cib
0010: 29 BC 4B C6 ).K.
]
]
*******************************************
*******************************************

Alias name: deutschetelekomrootca2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche Telekom


AG, C=DE
Issuer: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche
Telekom AG, C=DE
Serial number: 26
Valid from: Fri Jul 09 14:11:00 CEST 1999 until: Wed Jul 10 01:59:00 CEST 2019
Certificate fingerprints:
MD5: 74:01:4A:91:B1:08:C4:58:CE:47:CD:F0:DD:11:53:08
SHA1: 85:A4:08:C0:9C:19:3E:5D:51:58:7D:CD:D6:13:30:FD:8C:DE:37:BF
SHA256:
B6:19:1A:50:D0:C3:97:7F:7D:A9:9B:CD:AA:C8:6A:22:7D:AE:B9:67:9E:C7:0B:A3:B0:C9:D9:22
:71:C1:70:D3
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:true
PathLen:5
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 31 C3 79 1B BA F5 53 D7 17 E0 89 7A 2D 17 6C 0A 1.y...S....z-.l.
0010: B3 2B 9D 33 .+.3
]
]

*******************************************
*******************************************

Alias name: entrustrootcaec1 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Entrust Root Certification Authority - EC1, OU="(c) 2012 Entrust, Inc. -
for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.",
C=US
Issuer: CN=Entrust Root Certification Authority - EC1, OU="(c) 2012 Entrust, Inc. -
for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.",
C=US
Serial number: a68b79290000000050d091f9
Valid from: Tue Dec 18 16:25:36 CET 2012 until: Fri Dec 18 16:55:36 CET 2037
Certificate fingerprints:
MD5: B6:7E:1D:F0:58:C5:49:6C:24:3B:3D:ED:98:18:ED:BC
SHA1: 20:D8:06:40:DF:9B:25:F5:12:25:3A:11:EA:F7:59:8A:EB:14:B5:47
SHA256:
02:ED:0E:B2:8C:14:DA:45:16:5C:56:67:91:70:0D:64:51:D7:FB:56:F0:B2:AB:1D:3B:8E:B0:70
:E5:6E:DF:F5
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: B7 63 E7 1A DD 8D E9 08 A6 55 83 A4 E0 6A 50 41 .c.......U...jPA
0010: 65 11 42 49 e.BI
]
]

*******************************************
*******************************************

Alias name: osnoraclecom


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=osn.oracle.com, OU=Oracle OMCS (Oracle Owned) ADC, O=Oracle Corporation,


L=Redwood City, ST=California, C=US
Issuer: CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
Serial number: 55af0d47513a12c7b3d50752675e620
Valid from: Mon Oct 01 02:00:00 CEST 2018 until: Tue Oct 01 14:00:00 CEST 2019
Certificate fingerprints:
MD5: DF:F7:4E:C2:98:50:60:71:72:89:E2:12:4F:9F:68:AE
SHA1: 83:FC:66:31:12:15:BB:21:51:1B:56:8F:E0:A2:49:0F:B4:59:75:0A
SHA256:
47:4B:59:45:28:28:39:34:55:35:8A:A1:B0:D1:75:C9:95:47:22:84:A7:BF:AD:C1:AB:CD:29:9F
:36:C4:58:5C
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false


0000: 04 81 F3 00 F1 00 77 00 A4 B9 09 90 B4 18 58 14 ......w.......X.
0010: 87 BB 13 A2 CC 67 70 0A 3C 35 98 04 F9 1B DF B8 .....gp.<5......
0020: E3 77 CD 0E C8 0D DC 10 00 00 01 66 2E F2 6D D5 .w.........f..m.
0030: 00 00 04 03 00 48 30 46 02 21 00 C2 91 7D C3 C7 .....H0F.!......
0040: 67 73 A0 D7 4E 75 FD D5 99 BA 56 A1 4C 2E 2F DC gs..Nu....V.L./.
0050: 4B A3 44 64 CB CD E8 CF 17 C6 5C 02 21 00 F9 64 K.Dd......\.!..d
0060: 13 82 1C F7 05 5E 48 09 5F 3A 9A 4A F1 68 25 85 .....^H._:.J.h%.
0070: 03 E9 29 04 2A 08 C1 97 01 F3 65 56 96 35 00 76 ..).*.....eV.5.v
0080: 00 87 75 BF E7 59 7C F8 8C 43 99 5F BD F3 6E FF ..u..Y...C._..n.
0090: 56 8D 47 56 36 FF 4A B5 60 C1 B4 EA FF 5E A0 83 V.GV6.J.`....^..
00A0: 0F 00 00 01 66 2E F2 6E 9E 00 00 04 03 00 47 30 ....f..n......G0
00B0: 45 02 20 62 37 80 3E 5F 57 D1 EA 03 30 EF 3A 0A E. b7.>_W...0.:.
00C0: 66 EA E9 C8 DB 16 18 73 A9 11 AE 2F F5 9F 44 97 f......s.../..D.
00D0: 6E 83 78 02 21 00 84 E7 7F 67 B8 ED 55 A5 55 AC n.x.!....g..U.U.
00E0: 20 D2 FF 39 2D BF DF 91 8E EA 0A 41 32 41 A6 83 ..9-......A2A..
00F0: 03 1E AF 8D F3 AB ......

#2: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false


AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://ocsp.digicert.com
,
accessMethod: caIssuers
accessLocation: URIName:
http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt
]
]

#3: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 0F 80 61 1C 82 31 61 D5 2F 28 E7 8D 46 38 B4 2C ..a..1a./(..F8.,
0010: E1 C6 D9 E2 ....
]
]

#4: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:false
PathLen: undefined
]

#5: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl3.digicert.com/ssca-sha2-g6.crl]
, DistributionPoint:
[URIName: http://crl4.digicert.com/ssca-sha2-g6.crl]
]]
#6: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.114412.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 64 69
..https://www.di
0010: 67 69 63 65 72 74 2E 63 6F 6D 2F 43 50 53 gicert.com/CPS

]] ]
[CertificatePolicyId: [2.23.140.1.2.2]
[] ]
]

#7: ObjectId: 2.5.29.37 Criticality=false


ExtendedKeyUsages [
serverAuth
clientAuth
]

#8: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_Encipherment
]

#9: ObjectId: 2.5.29.17 Criticality=false


SubjectAlternativeName [
DNSName: osn.oracle.com
]

#10: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: AD 55 F1 EC AC F8 14 54 FC 9B A1 E9 A2 EC 10 AD .U.....T........
0010: 97 B8 83 DD ....
]
]

*******************************************
*******************************************

Alias name: secomscrootca1 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP


Issuer: OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP
Serial number: 0
Valid from: Tue Sep 30 06:20:49 CEST 2003 until: Sat Sep 30 06:20:49 CEST 2023
Certificate fingerprints:
MD5: F1:BC:63:6A:54:E0:B5:27:F5:CD:E7:1A:E3:4D:6E:4A
SHA1: 36:B1:2B:49:F9:81:9E:D7:4C:9E:BC:38:0F:C6:56:8F:5D:AC:B2:F7
SHA256:
E7:5E:72:ED:9F:56:0E:EC:6E:B4:80:00:73:A4:3F:C3:AD:19:19:5A:39:22:82:01:78:95:97:4A
:99:02:6B:6C
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: A0 73 49 99 68 DC 85 5B 65 E3 9B 28 2F 57 9F BD .sI.h..[e..(/W..
0010: 33 BC 07 48 3..H
]
]

*******************************************
*******************************************

Alias name: globalsignr2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2


Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Serial number: 400000000010f8626e60d
Valid from: Fri Dec 15 09:00:00 CET 2006 until: Wed Dec 15 09:00:00 CET 2021
Certificate fingerprints:
MD5: 94:14:77:7E:3E:5E:FD:8F:30:BD:41:B0:CF:E7:D0:30
SHA1: 75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE
SHA256:
CA:42:DD:41:74:5F:D0:B8:1E:B9:02:36:2C:F9:D8:BF:71:9D:A1:BD:1B:1E:FC:94:6F:5B:4C:99
:F4:2C:1B:9E
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 9B E2 07 57 67 1C 1E C0 6A 06 DE 59 B4 9A 2D DF ...Wg...j..Y..-.
0010: DC 19 86 2E ....
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.globalsign.net/root-r2.crl]
]]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 9B E2 07 57 67 1C 1E C0 6A 06 DE 59 B4 9A 2D DF ...Wg...j..Y..-.
0010: DC 19 86 2E ....
]
]

*******************************************
*******************************************

Alias name: identrustdstx3 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=DST Root CA X3, O=Digital Signature Trust Co.


Issuer: CN=DST Root CA X3, O=Digital Signature Trust Co.
Serial number: 44afb080d6a327ba893039862ef8406b
Valid from: Sat Sep 30 23:12:19 CEST 2000 until: Thu Sep 30 16:01:15 CEST 2021
Certificate fingerprints:
MD5: 41:03:52:DC:0F:F7:50:1B:16:F0:02:8E:BA:6F:45:C5
SHA1: DA:C9:02:4F:54:D8:F6:DF:94:93:5F:B1:73:26:38:CA:6A:D7:7C:13
SHA256:
06:87:26:03:31:A7:24:03:D9:09:F1:05:E6:9B:CF:0D:32:E1:BD:24:93:FF:C6:D9:20:6D:11:BC
:D6:77:07:39
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]
#2: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: C4 A7 B1 A4 7B 2C 71 FA DB E1 4B 90 75 FF C4 15 .....,q...K.u...
0010: 60 85 89 10 `...
]
]

*******************************************
*******************************************

Alias name: comodoeccca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford,


ST=Greater Manchester, C=GB
Issuer: CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford,
ST=Greater Manchester, C=GB
Serial number: 1f47afaa62007050544c019e9b63992a
Valid from: Thu Mar 06 01:00:00 CET 2008 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
MD5: 7C:62:FF:74:9D:31:53:5E:68:4A:D5:78:AA:1E:BF:23
SHA1: 9F:74:4E:9F:2B:4D:BA:EC:0F:31:2C:50:B6:56:3B:8E:2D:93:C3:11
SHA256:
17:93:92:7A:06:14:54:97:89:AD:CE:2F:8F:34:F7:F0:B6:6D:0F:3A:E3:A3:B8:4D:21:EC:15:DB
:BA:4F:AD:C7
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 75 71 A7 19 48 19 BC 9D 9D EA 41 47 DF 94 C4 48 uq..H.....AG...H
0010: 77 99 D3 79 w..y
]
]

*******************************************
*******************************************

Alias name: globalsignrootcar6 [jdk]


Creation date: Jan 30, 2019
Entry type: trustedCertEntry

Owner: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R6


Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R6
Serial number: 45e6bb038333c3856548e6ff4551
Valid from: Wed Dec 10 01:00:00 CET 2014 until: Sun Dec 10 01:00:00 CET 2034
Certificate fingerprints:
MD5: 4F:DD:07:E4:D4:22:64:39:1E:0C:37:42:EA:D1:C6:AE
SHA1: 80:94:64:0E:B5:A7:A1:CA:11:9C:1F:DD:D5:9F:81:02:63:A7:FB:D1
SHA256:
2C:AB:EA:FE:37:D0:6C:A2:2A:BA:73:91:C0:03:3D:25:98:29:52:C4:53:64:73:49:76:3A:3A:B5
:AD:6C:CF:69
Signature algorithm name: SHA384withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: AE 6C 05 A3 93 13 E2 A2 E7 E2 D7 1C D6 C7 F0 7F .l..............
0010: C8 67 53 A0 .gS.
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: AE 6C 05 A3 93 13 E2 A2 E7 E2 D7 1C D6 C7 F0 7F .l..............
0010: C8 67 53 A0 .gS.
]
]
*******************************************
*******************************************

Alias name: entrust2048ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net


Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net
Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Serial number: 3863def8
Valid from: Fri Dec 24 18:50:51 CET 1999 until: Tue Jul 24 16:15:12 CEST 2029
Certificate fingerprints:
MD5: EE:29:31:BC:32:7E:9A:E6:E8:B5:F7:51:B4:34:71:90
SHA1: 50:30:06:09:1D:97:D4:F5:AE:39:F7:CB:E7:92:7D:7D:65:2D:34:31
SHA256:
6D:C4:71:72:E0:1C:BC:B0:BF:62:58:0D:89:5F:E2:B8:AC:9A:D4:F8:73:80:1E:0C:10:B9:C8:37
:D2:1E:B1:77
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 55 E4 81 D1 11 80 BE D8 89 B9 08 A3 31 F9 A1 24 U...........1..$
0010: 09 16 B9 70 ...p
]
]

*******************************************
*******************************************

Alias name: addtrustexternalca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust


AB, C=SE
Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust
AB, C=SE
Serial number: 1
Valid from: Tue May 30 12:48:38 CEST 2000 until: Sat May 30 12:48:38 CEST 2020
Certificate fingerprints:
MD5: 1D:35:54:04:85:78:B0:3F:42:42:4D:BF:20:73:0A:3F
SHA1: 02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
SHA256:
68:7F:A4:51:38:22:78:FF:F0:C8:B1:1F:8D:43:D5:76:67:1C:6E:B2:BC:EA:B4:13:FB:83:D9:65
:D0:6D:2F:F2
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: AD BD 98 7A 34 B4 26 F7 FA C4 26 54 EF 03 BD E0 ...z4.&...&T....
0010: 24 CB 54 1A $.T.
]
[CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB,
C=SE]
SerialNumber: [ 01]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: AD BD 98 7A 34 B4 26 F7 FA C4 26 54 EF 03 BD E0 ...z4.&...&T....
0010: 24 CB 54 1A $.T.
]
]

*******************************************
*******************************************

Alias name: globalsigneccrootcar4 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R4


Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R4
Serial number: 2a38a41c960a04de42b228a50be8349802
Valid from: Tue Nov 13 01:00:00 CET 2012 until: Tue Jan 19 04:14:07 CET 2038
Certificate fingerprints:
MD5: 20:F0:27:68:D1:7E:A0:9D:0E:E6:2A:CA:DF:5C:89:8E
SHA1: 69:69:56:2E:40:80:F4:24:A1:E7:19:9F:14:BA:F3:EE:58:AB:6A:BB
SHA256:
BE:C9:49:11:C2:95:56:76:DB:6C:0A:55:09:86:D7:6E:3B:A0:05:66:7C:44:2C:97:62:B4:FB:B7
:73:DE:22:8C
Signature algorithm name: SHA256withECDSA
Subject Public Key Algorithm: 256-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 54 B0 7B AD 45 B8 E2 40 7F FB 0A 6E FB BE 33 C9 T...E..@...n..3.
0010: 3C A3 84 D5 <...
]
]

*******************************************
*******************************************

Alias name: usertrustrsaca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey


City, ST=New Jersey, C=US
Issuer: CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey
City, ST=New Jersey, C=US
Serial number: 1fd6d30fca3ca51a81bbc640e35032d
Valid from: Mon Feb 01 01:00:00 CET 2010 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
MD5: 1B:FE:69:D1:91:B7:19:33:A3:72:A8:0F:E1:55:E5:B5
SHA1: 2B:8F:1B:57:33:0D:BB:A2:D0:7A:6C:51:F7:0E:E9:0D:DA:B9:AD:8E
SHA256:
E7:93:C9:B0:2F:D8:AA:13:E2:1C:31:22:8A:CC:B0:81:19:64:3B:74:9C:89:89:64:B1:74:6D:46
:C3:D4:CB:D2
Signature algorithm name: SHA384withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3
Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 53 79 BF 5A AA 2B 4A CF 54 80 E1 D8 9B C0 9D F2 Sy.Z.+J.T.......
0010: B2 03 66 CB ..f.
]
]

*******************************************
*******************************************

Alias name: digicertassuredidrootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US


Issuer: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Serial number: ce7e0e517d846fe8fe560fc1bf03039
Valid from: Fri Nov 10 01:00:00 CET 2006 until: Mon Nov 10 01:00:00 CET 2031
Certificate fingerprints:
MD5: 87:CE:0B:7B:2A:0E:49:00:E1:58:71:9B:37:A8:93:72
SHA1: 05:63:B8:63:0D:62:D7:5A:BB:C8:AB:1E:4B:DF:B5:A8:99:B2:4D:43
SHA256:
3E:90:99:B5:01:5E:8F:48:6C:00:BC:EA:9D:11:1E:E7:21:FA:BA:35:5A:89:BC:F1:DF:69:56:1E
:3D:C6:32:5C
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 45 EB A2 AF F4 92 CB 82 31 2D 51 8B A7 A7 21 9D E.......1-Q...!.
0010: F3 6D C8 0F .m..
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 45 EB A2 AF F4 92 CB 82 31 2D 51 8B A7 A7 21 9D E.......1-Q...!.
0010: F3 6D C8 0F .m..
]
]

*******************************************
*******************************************

Alias name: digicertglobalrootg2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US


Issuer: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
Serial number: 33af1e6a711a9a0bb2864b11d09fae5
Valid from: Thu Aug 01 14:00:00 CEST 2013 until: Fri Jan 15 13:00:00 CET 2038
Certificate fingerprints:
MD5: E4:A6:8A:C8:54:AC:52:42:46:0A:FD:72:48:1B:2A:44
SHA1: DF:3C:24:F9:BF:D6:66:76:1B:26:80:73:FE:06:D1:CC:8D:4F:82:A4
SHA256:
CB:3C:CB:B7:60:31:E5:E0:13:8F:8D:D3:9A:23:F9:DE:47:FF:C3:5E:43:C1:14:4C:EA:27:D4:6A
:5A:B1:CB:5F
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 4E 22 54 20 18 95 E6 E3 6E E6 0F FA FA B9 12 ED N"T ....n.......
0010: 06 17 8F 39 ...9
]
]

*******************************************
*******************************************

Alias name: actalisauthenticationrootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Actalis Authentication Root CA, O=Actalis S.p.A./03358520967, L=Milan,


C=IT
Issuer: CN=Actalis Authentication Root CA, O=Actalis S.p.A./03358520967, L=Milan,
C=IT
Serial number: 570a119742c4e3cc
Valid from: Thu Sep 22 13:22:02 CEST 2011 until: Sun Sep 22 13:22:02 CEST 2030
Certificate fingerprints:
MD5: 69:C1:0D:4F:07:A3:1B:C3:FE:56:3D:04:BC:11:F6:A6
SHA1: F3:73:B3:87:06:5A:28:84:8A:F2:F3:4A:CE:19:2B:DD:C7:8E:9C:AC
SHA256:
55:92:60:84:EC:96:3A:64:B9:6E:2A:BE:01:CE:0B:A8:6A:64:FB:FE:BC:C7:AA:B5:AF:C1:55:B3
:7F:D7:60:66
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 52 D8 88 3A C8 9F 78 66 ED 89 F3 7B 38 70 94 C9 R..:..xf....8p..
0010: 02 02 36 D0 ..6.
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 52 D8 88 3A C8 9F 78 66 ED 89 F3 7B 38 70 94 C9 R..:..xf....8p..
0010: 02 02 36 D0 ..6.
]
]

*******************************************
*******************************************

Alias name: digicertassuredidg2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=DigiCert Assured ID Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US


Issuer: CN=DigiCert Assured ID Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
Serial number: b931c3ad63967ea6723bfc3af9af44b
Valid from: Thu Aug 01 14:00:00 CEST 2013 until: Fri Jan 15 13:00:00 CET 2038
Certificate fingerprints:
MD5: 92:38:B9:F8:63:24:82:65:2C:57:33:E6:FE:81:8F:9D
SHA1: A1:4B:48:D9:43:EE:0A:0E:40:90:4F:3C:E0:A4:C0:91:93:51:5D:3F
SHA256:
7D:05:EB:B6:82:33:9F:8C:94:51:EE:09:4E:EB:FE:FA:79:53:A1:14:ED:B2:F4:49:49:45:2F:AB
:7D:2F:C1:85
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: CE C3 4A B9 99 55 F2 B8 DB 60 BF A9 7E BD 56 B5 ..J..U...`....V.
0010: 97 36 A7 D6 .6..
]
]

*******************************************
*******************************************

Alias name: swisssigngoldg2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH


Issuer: CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH
Serial number: bb401c43f55e4fb0
Valid from: Wed Oct 25 10:30:35 CEST 2006 until: Sat Oct 25 10:30:35 CEST 2036
Certificate fingerprints:
MD5: 24:77:D9:A8:91:D1:3B:FA:88:2D:C2:FF:F8:CD:33:93
SHA1: D8:C5:38:8A:B7:30:1B:1B:6E:D4:7A:E6:45:25:3A:6F:9F:1A:27:61
SHA256:
62:DD:0B:E9:B9:F5:0A:16:3E:A0:F8:E7:5C:05:3B:1E:CA:57:EA:55:C8:68:8F:64:7C:68:81:F2
:C8:35:7B:95
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 5B 25 7B 96 A4 65 51 7E B8 39 F3 C0 78 66 5E E8 [%...eQ..9..xf^.
0010: 3A E7 F0 EE :...
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [2.16.756.1.89.1.2.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 20 68 74 74 70 3A 2F 2F 72 65 70 6F 73 69 74 .
http://reposit
0010: 6F 72 79 2E 73 77 69 73 73 73 69 67 6E 2E 63 6F ory.swisssign.co
0020: 6D 2F m/

]] ]
]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 5B 25 7B 96 A4 65 51 7E B8 39 F3 C0 78 66 5E E8 [%...eQ..9..xf^.
0010: 3A E7 F0 EE :...
]
]
*******************************************
*******************************************

Alias name: entrustrootcag2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. -
for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.",
C=US
Issuer: CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. -
for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.",
C=US
Serial number: 4a538c28
Valid from: Tue Jul 07 19:25:54 CEST 2009 until: Sat Dec 07 18:55:54 CET 2030
Certificate fingerprints:
MD5: 4B:E2:C9:91:96:65:0C:F4:0E:5A:93:92:A0:0A:FE:B2
SHA1: 8C:F4:27:FD:79:0C:3A:D1:66:06:8D:E8:1E:57:EF:BB:93:22:72:D4
SHA256:
43:DF:57:74:B0:3E:7F:EF:5F:E4:0D:93:1A:7B:ED:F1:BB:2E:6B:42:73:8C:4E:6D:38:41:10:3D
:3A:A7:F3:39
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 6A 72 26 7A D0 1E EF 7D E7 3B 69 51 D4 6C 8D 9F jr&z.....;iQ.l..
0010: 90 12 66 AB ..f.
]
]

*******************************************
*******************************************

Alias name: quovadisrootca2g3 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry
Owner: CN=QuoVadis Root CA 2 G3, O=QuoVadis Limited, C=BM
Issuer: CN=QuoVadis Root CA 2 G3, O=QuoVadis Limited, C=BM
Serial number: 445734245b81899b35f2ceb82b3b5ba726f07528
Valid from: Thu Jan 12 19:59:32 CET 2012 until: Sun Jan 12 19:59:32 CET 2042
Certificate fingerprints:
MD5: AF:0C:86:6E:BF:40:2D:7F:0B:3E:12:50:BA:12:3D:06
SHA1: 09:3C:61:F3:8B:8B:DC:7D:55:DF:75:38:02:05:00:E1:25:F5:C8:36
SHA256:
8F:E4:FB:0A:F9:3A:4D:0D:67:DB:0B:EB:B2:3E:37:C7:1B:F3:25:DC:BC:DD:24:0E:A0:4D:AF:58
:B4:7E:18:40
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: ED E7 6F 76 5A BF 60 EC 49 5B C6 A5 77 BB 72 16 ..ovZ.`.I[..w.r.
0010: 71 9B C4 3D q..=
]
]

*******************************************
*******************************************

Alias name: utnuserfirstclientauthemailca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=UTN-USERFirst-Client Authentication and Email,


OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Client Authentication and Email,
OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Serial number: 44be0c8b500024b411d336252567c989
Valid from: Fri Jul 09 19:28:50 CEST 1999 until: Tue Jul 09 19:36:58 CEST 2019
Certificate fingerprints:
MD5: D7:34:3D:EF:1D:27:09:28:E1:31:02:5B:13:2B:DD:F7
SHA1: B1:72:B1:A5:6D:95:F9:1F:E5:02:87:E1:4D:37:EA:6A:44:63:76:8A
SHA256:
43:F2:57:41:2D:44:0D:62:74:76:97:4F:87:7D:A8:F1:FC:24:44:56:5A:36:7A:E6:0E:DD:C2:7A
:41:25:31:AE
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.usertrust.com/UTN-USERFirst-
ClientAuthenticationandEmail.crl]
]]

#3: ObjectId: 2.5.29.37 Criticality=false


ExtendedKeyUsages [
clientAuth
emailProtection
]

#4: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
DigitalSignature
Non_repudiation
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 89 82 67 7D C4 9D 26 70 00 4B B4 50 48 7C DE 3D ..g...&p.K.PH..=
0010: AE 04 6E 7D ..n.
]
]

*******************************************
*******************************************

Alias name: securetrustca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=SecureTrust CA, O=SecureTrust Corporation, C=US


Issuer: CN=SecureTrust CA, O=SecureTrust Corporation, C=US
Serial number: cf08e5c0816a5ad427ff0eb271859d0
Valid from: Tue Nov 07 20:31:18 CET 2006 until: Mon Dec 31 20:40:55 CET 2029
Certificate fingerprints:
MD5: DC:32:C3:A7:6D:25:57:C7:68:09:9D:EA:2D:A9:A2:D1
SHA1: 87:82:C6:C3:04:35:3B:CF:D2:96:92:D2:59:3E:7D:44:D9:34:FF:11
SHA256:
F1:C1:B5:0A:E5:A2:0D:D8:03:0E:C9:F6:BC:24:82:3D:D3:67:B5:25:57:59:B4:E7:1B:61:FC:E9
:F7:37:5D:73
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.4.1.311.20.2 Criticality=false


0000: 1E 04 00 43 00 41 ...C.A

#2: ObjectId: 1.3.6.1.4.1.311.21.1 Criticality=false


0000: 02 01 00 ...

#3: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#4: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.securetrust.com/STCA.crl]
]]

#5: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#6: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 42 32 B6 16 FA 04 FD FE 5D 4B 7A C3 FD F7 4C 40 B2......]Kz...L@
0010: 1D 5A 43 AF .ZC.
]
]

*******************************************
*******************************************

Alias name: camerfirmachambersca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A.,


SERIALNUMBER=A82743287, L=Madrid (see current address at
www.camerfirma.com/address), C=EU
Issuer: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A.,
SERIALNUMBER=A82743287, L=Madrid (see current address at
www.camerfirma.com/address), C=EU
Serial number: a3da427ea4b1aeda
Valid from: Fri Aug 01 14:29:50 CEST 2008 until: Sat Jul 31 14:29:50 CEST 2038
Certificate fingerprints:
MD5: 5E:80:9E:84:5A:0E:65:0B:17:02:F3:55:18:2A:3E:D7
SHA1: 78:6A:74:AC:76:AB:14:7F:9C:6A:30:50:BA:9E:A8:7E:FE:9A:CE:3C
SHA256:
06:3E:4A:FA:C4:91:DF:D3:32:F3:08:9B:85:42:E9:46:17:D8:93:D7:FE:94:4E:10:A7:93:7E:E2
:9D:96:93:C0
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: F9 24 AC 0F B2 B5 F8 79 C0 FA 60 88 1B C4 D9 4D .$.....y..`....M
0010: 02 9E 17 19 ....
]
[CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287,
L=Madrid (see current address at www.camerfirma.com/address), C=EU]
SerialNumber: [ a3da427e a4b1aeda]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:12
]

#3: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 3A 2F 2F 70 6F 6C 69 63 79 2E
..http://policy.
0010: 63 61 6D 65 72 66 69 72 6D 61 2E 63 6F 6D camerfirma.com

]] ]
]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: F9 24 AC 0F B2 B5 F8 79 C0 FA 60 88 1B C4 D9 4D .$.....y..`....M
0010: 02 9E 17 19 ....
]
]
*******************************************
*******************************************

Alias name: geotrustprimaryca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US


Issuer: CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US
Serial number: 18acb56afd69b6153a636cafdafac4a1
Valid from: Mon Nov 27 01:00:00 CET 2006 until: Thu Jul 17 01:59:59 CEST 2036
Certificate fingerprints:
MD5: 02:26:C3:01:5E:08:30:37:43:A9:D0:7D:CF:37:E6:BF
SHA1: 32:3C:11:8E:1B:F7:B8:B6:52:54:E2:E2:10:0D:D6:02:90:37:F0:96
SHA256:
37:D5:10:06:C5:12:EA:AB:62:64:21:F1:EC:8C:92:01:3F:C5:F8:2A:E9:8E:E5:33:EB:46:19:B8
:DE:B4:D0:6C
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 2C D5 50 41 97 15 8B F0 8F 36 61 5B 4A FB 6B D9 ,.PA.....6a[J.k.
0010: 99 C9 33 92 ..3.
]
]

*******************************************
*******************************************

Alias name: identrustcommercial [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=IdenTrust Commercial Root CA 1, O=IdenTrust, C=US


Issuer: CN=IdenTrust Commercial Root CA 1, O=IdenTrust, C=US
Serial number: a0142800000014523c844b500000002
Valid from: Thu Jan 16 19:12:23 CET 2014 until: Mon Jan 16 19:12:23 CET 2034
Certificate fingerprints:
MD5: B3:3E:77:73:75:EE:A0:D3:E3:7E:49:63:49:59:BB:C7
SHA1: DF:71:7E:AA:4A:D9:4E:C9:55:84:99:60:2D:48:DE:5F:BC:F0:3A:25
SHA256:
5D:56:49:9B:E4:D2:E0:8B:CF:CA:D0:8A:3E:38:72:3D:50:50:3B:DE:70:69:48:E4:2F:55:60:30
:19:E5:28:AE
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: ED 44 19 C0 D3 F0 06 8B EE A4 7B BE 42 E7 26 54 .D..........B.&T
0010: C8 8E 36 76 ..6v
]
]

*******************************************
*******************************************

Alias name: thawteprimaryrootcag3 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized
use only", OU=Certification Services Division, O="thawte, Inc.", C=US
Issuer: CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized
use only", OU=Certification Services Division, O="thawte, Inc.", C=US
Serial number: 600197b746a7eab4b49ad64b2ff790fb
Valid from: Wed Apr 02 02:00:00 CEST 2008 until: Wed Dec 02 00:59:59 CET 2037
Certificate fingerprints:
MD5: FB:1B:5D:43:8A:94:CD:44:C6:76:F2:43:4B:47:E7:31
SHA1: F1:8B:53:8D:1B:E9:03:B6:A6:F0:56:43:5B:17:15:89:CA:F3:6B:F2
SHA256:
4B:03:F4:58:07:AD:70:F2:1B:FC:2C:AE:71:C9:FD:E4:60:4C:06:4C:F5:FF:B6:86:BA:E5:DB:AA
:D7:FD:D3:4C
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:
#1: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: AD 6C AA 94 60 9C ED E4 FF FA 3E 0A 74 2B 63 03 .l..`.....>.t+c.
0010: F7 B6 59 BF ..Y.
]
]

*******************************************
*******************************************

Alias name: buypassclass3ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Buypass Class 3 Root CA, O=Buypass AS-983163327, C=NO


Issuer: CN=Buypass Class 3 Root CA, O=Buypass AS-983163327, C=NO
Serial number: 2
Valid from: Tue Oct 26 10:28:58 CEST 2010 until: Fri Oct 26 10:28:58 CEST 2040
Certificate fingerprints:
MD5: 3D:3B:18:9E:2C:64:5A:E8:D5:88:CE:0E:F9:37:C2:EC
SHA1: DA:FA:F7:FA:66:84:EC:06:8F:14:50:BD:C7:C2:81:A5:BC:A9:64:57
SHA256:
ED:F7:EB:BC:A2:7A:2A:38:4D:38:7B:7D:40:10:C6:66:E2:ED:B4:84:3E:4C:29:B4:AE:1D:5B:93
:32:E6:B2:4D
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 47 B8 CD FF E5 6F EE F8 B2 EC 2F 4E 0E F9 25 B0 G....o..../N..%.
0010: 8E 3C 6B C3 .<k.
]
]

*******************************************
*******************************************

Alias name: verisigntsaca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville,


ST=Western Cape, C=ZA
Issuer: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte,
L=Durbanville, ST=Western Cape, C=ZA
Serial number: 67c8e1e8e3be1cbdfc913b8ea6238749
Valid from: Wed Jan 01 01:00:00 CET 1997 until: Sat Jan 02 00:59:59 CET 2021
Certificate fingerprints:
MD5: F2:89:95:6E:4D:05:F0:F1:A7:21:55:7D:46:11:BA:47
SHA1: 20:CE:B1:F0:F5:1C:0E:19:A9:F3:8D:B1:AA:8E:03:8C:AA:7A:C7:01
SHA256:
CB:6B:05:D9:E8:E5:7C:D8:82:B1:0B:4D:B7:0D:E4:BB:1D:E4:2B:A4:8A:7B:D0:31:8B:63:5B:F6
:E7:78:1A:9D
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 1024-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

*******************************************
*******************************************

Alias name: verisignclass3g4ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=VeriSign Class 3 Public Primary Certification Authority - G4, OU="(c)


2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G4, OU="(c)
2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Serial number: 2f80fe238c0e220f486712289187acb3
Valid from: Mon Nov 05 01:00:00 CET 2007 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
MD5: 3A:52:E1:E7:FD:6F:3A:E3:6F:F3:6F:99:1B:F9:22:41
SHA1: 22:D5:D8:DF:8F:02:31:D1:8D:F7:9D:B7:CF:8A:2D:64:C9:3F:6C:3A
SHA256:
69:DD:D7:EA:90:BB:57:C9:3E:13:5D:C8:5E:A6:FC:D5:48:0B:60:32:39:BD:C4:54:FC:75:8B:2A
:26:CF:7F:79
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.5.5.7.1.12 Criticality=false


0000: 30 5F A1 5D A0 5B 30 59 30 57 30 55 16 09 69 6D 0_.].[0Y0W0U..im
0010: 61 67 65 2F 67 69 66 30 21 30 1F 30 07 06 05 2B age/gif0!0.0...+
0020: 0E 03 02 1A 04 14 8F E5 D3 1A 86 AC 8D 8E 6B C3 ..............k.
0030: CF 80 6A D4 48 18 2C 7B 19 2E 30 25 16 23 68 74 ..j.H.,...0%.#ht
0040: 74 70 3A 2F 2F 6C 6F 67 6F 2E 76 65 72 69 73 69 tp://logo.verisi
0050: 67 6E 2E 63 6F 6D 2F 76 73 6C 6F 67 6F 2E 67 69 gn.com/vslogo.gi
0060: 66 f

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: B3 16 91 FD EE A6 6E E4 B5 2E 49 8F 87 78 81 80 ......n...I..x..
0010: EC E5 B1 B5 ....
]
]

*******************************************
*******************************************

Alias name: baltimorecybertrustca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE


Issuer: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Serial number: 20000b9
Valid from: Fri May 12 20:46:00 CEST 2000 until: Tue May 13 01:59:00 CEST 2025
Certificate fingerprints:
MD5: AC:B6:94:A5:9C:17:E0:D7:91:52:9B:B1:97:06:A6:E4
SHA1: D4:DE:20:D0:5E:66:FC:53:FE:1A:50:88:2C:78:DB:28:52:CA:E4:74
SHA256:
16:AF:57:A9:F6:76:B0:AB:12:60:95:AA:5E:BA:DE:F2:2A:B3:11:19:D6:44:AC:95:CD:4B:93:DB
:F3:F2:6A:EB
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:3
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: E5 9D 59 30 82 47 58 CC AC FA 08 54 36 86 7B 3A ..Y0.GX....T6..:
0010: B5 04 4D F0 ..M.
]
]

*******************************************
*******************************************

Alias name: gtecybertrustglobalca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE
Corporation, C=US
Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE
Corporation, C=US
Serial number: 1a5
Valid from: Thu Aug 13 02:29:00 CEST 1998 until: Tue Aug 14 01:59:00 CEST 2018
Certificate fingerprints:
MD5: CA:3D:D3:68:F1:03:5C:D0:32:FA:B8:2B:59:E8:5A:DB
SHA1: 97:81:79:50:D8:1C:96:70:CC:34:D8:09:CF:79:44:31:36:7E:F4:74
SHA256:
A5:31:25:18:8D:21:10:AA:96:4B:02:C7:B7:C6:DA:32:03:17:08:94:E5:FB:71:FF:FB:66:67:D5
:E6:81:0A:36
Signature algorithm name: MD5withRSA
Subject Public Key Algorithm: 1024-bit RSA key
Version: 1

*******************************************
*******************************************
Alias name: baltimorecodesigningca
Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE


Issuer: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
Serial number: 20000bf
Valid from: Wed May 17 16:01:00 CEST 2000 until: Sun May 18 01:59:00 CEST 2025
Certificate fingerprints:
MD5: 90:F5:28:49:56:D1:5D:2C:B0:53:D4:4B:EF:6F:90:22
SHA1: 30:46:D8:C8:88:FF:69:30:C3:4A:FC:CD:49:27:08:7C:60:56:7B:0D
SHA256:
A9:15:45:DB:D2:E1:9C:4C:CD:F9:09:AA:71:90:0D:18:C7:35:1C:89:B3:15:F0:F1:3D:05:C1:3A
:8F:FB:46:87
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:3
]

#2: ObjectId: 2.5.29.37 Criticality=false


ExtendedKeyUsages [
codeSigning
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: C8 41 34 5C 15 15 04 E5 40 F2 D1 AB 9A 6F 24 92 .A4\....@....o$.
0010: 7A 87 42 5A z.BZ
]
]

*******************************************
*******************************************

Alias name: verisignclass1ca


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US


Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Serial number: 3f691e819cf09a4af373ffb948a2e4dd
Valid from: Mon Jan 29 01:00:00 CET 1996 until: Thu Aug 03 01:59:59 CEST 2028
Certificate fingerprints:
MD5: 86:AC:DE:2B:C5:6D:C3:D9:8C:28:88:D3:8D:16:13:1E
SHA1: CE:6A:64:A3:09:E4:2F:BB:D9:85:1C:45:3E:64:09:EA:E8:7D:60:F1
SHA256:
51:84:7C:8C:BD:2E:9A:72:C9:1E:29:2D:2A:E2:47:D7:DE:1E:3F:D2:70:54:7A:20:EF:7D:61:0F
:38:B8:84:2C
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 1024-bit RSA key
Version: 1

*******************************************
*******************************************

Alias name: luxtrustglobalrootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=LuxTrust Global Root, O=LuxTrust s.a., C=LU


Issuer: CN=LuxTrust Global Root, O=LuxTrust s.a., C=LU
Serial number: bb8
Valid from: Thu Mar 17 10:51:37 CET 2011 until: Wed Mar 17 10:51:37 CET 2021
Certificate fingerprints:
MD5: 42:A5:21:7A:4C:AF:C7:BF:FD:A7:F5:B2:10:4C:3E:BE
SHA1: C9:3C:34:EA:90:D9:13:0C:0F:03:00:4B:98:BD:8B:35:70:91:56:11
SHA256:
A1:B2:DB:EB:64:E7:06:C6:16:9E:3C:41:18:B2:3B:AA:09:01:8A:84:27:66:6D:8B:F0:E2:88:91
:EC:05:19:50
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 17 15 85 89 09 2F 24 87 6F 3F 1D 1B E4 F2 96 79 ...../$.o?.....y
0010: 83 48 13 CE .H..
]
]

#2: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 17 15 85 89 09 2F 24 87 6F 3F 1D 1B E4 F2 96 79 ...../$.o?.....y
0010: 83 48 13 CE .H..
]
]

*******************************************
*******************************************

Alias name: verisignclass3g2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use
only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.",
C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use
only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.",
C=US
Serial number: 7dd9fe07cfa81eb7107967fba78934c6
Valid from: Mon May 18 02:00:00 CEST 1998 until: Wed Aug 02 01:59:59 CEST 2028
Certificate fingerprints:
MD5: A2:33:9B:4C:74:78:73:D4:6C:E7:C1:F3:8D:CB:5C:E9
SHA1: 85:37:1C:A6:E5:50:14:3D:CE:28:03:47:1B:DE:3A:09:E8:F8:77:0F
SHA256:
83:CE:3C:12:29:68:8A:59:3D:48:5F:81:97:3C:0F:91:95:43:1E:DA:37:CC:5E:36:43:0E:79:C7
:A8:88:63:8B
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 1024-bit RSA key
Version: 1

*******************************************
*******************************************

Alias name: camerfirmachamberscommerceca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma


SA CIF A82743287, C=EU
Issuer: CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC
Camerfirma SA CIF A82743287, C=EU
Serial number: 0
Valid from: Tue Sep 30 18:13:43 CEST 2003 until: Wed Sep 30 18:13:44 CEST 2037
Certificate fingerprints:
MD5: B0:01:EE:14:D9:AF:29:18:94:76:8E:F1:69:33:2A:84
SHA1: 6E:3A:55:A4:19:0C:19:5C:93:84:3C:C0:DB:72:2E:31:30:61:F0:B1
SHA256:
0C:25:8A:12:A5:67:4A:EF:25:F2:8B:A7:DC:FA:EC:EE:A3:48:E5:41:E6:F5:CC:4E:E6:3B:71:B3
:61:60:6A:C3
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:
#1: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:12
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.chambersign.org/chambersroot.crl]
]]

#3: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [1.3.6.1.4.1.17326.10.3.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 30 68 74 74 70 3A 2F 2F 63 70 73 2E 63 68 61 .
0http://cps.cha
0010: 6D 62 65 72 73 69 67 6E 2E 6F 72 67 2F 63 70 73 mbersign.org/cps
0020: 2F 63 68 61 6D 62 65 72 73 72 6F 6F 74 2E 68 74 /chambersroot.ht
0030: 6D 6C ml

]] ]
]

#4: ObjectId: 2.5.29.18 Criticality=false


IssuerAlternativeName [
RFC822Name: chambersroot@chambersign.org
]

#5: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#6: ObjectId: 2.16.840.1.113730.1.1 Criticality=false


NetscapeCertType [
SSL CA
S/MIME CA
Object Signing CA]

#7: ObjectId: 2.5.29.17 Criticality=false


SubjectAlternativeName [
RFC822Name: chambersroot@chambersign.org
]

#8: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: E3 94 F5 B1 4D E9 DB A1 29 5B 57 8B 4D 76 06 76 ....M...)[W.Mv.v
0010: E1 D1 A2 8A ....
]
]
*******************************************
*******************************************

Alias name: soneraclass2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Sonera Class2 CA, O=Sonera, C=FI


Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI
Serial number: 1d
Valid from: Fri Apr 06 09:29:40 CEST 2001 until: Tue Apr 06 09:29:40 CEST 2021
Certificate fingerprints:
MD5: A3:EC:75:0F:2E:88:DF:FA:48:01:4E:0B:5C:48:6F:FB
SHA1: 37:F7:6D:E6:07:7C:90:C5:B1:3E:93:1A:B7:41:10:B4:F2:E4:9A:27
SHA256:
79:08:B4:03:14:C1:38:10:0B:51:8D:07:35:80:7F:FB:FC:F8:51:8A:00:95:33:71:05:BA:38:6B
:15:3D:D9:27
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 4A A0 AA 58 84 D3 5E 3C J..X..^<
]
]

*******************************************
*******************************************

Alias name: affirmtrustnetworkingca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AffirmTrust Networking, O=AffirmTrust, C=US


Issuer: CN=AffirmTrust Networking, O=AffirmTrust, C=US
Serial number: 7c4f04391cd4992d
Valid from: Fri Jan 29 15:08:24 CET 2010 until: Tue Dec 31 15:08:24 CET 2030
Certificate fingerprints:
MD5: 42:65:CA:BE:01:9A:9A:4C:A9:8C:41:49:CD:C0:D5:7F
SHA1: 29:36:21:02:8B:20:ED:02:F5:66:C5:32:D1:D6:ED:90:9F:45:00:2F
SHA256:
0A:81:EC:5A:92:97:77:F1:45:90:4A:F3:8D:5D:50:9F:66:B5:E2:C5:8F:CD:B5:31:05:8B:0E:17
:F3:F0:B4:1B
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 07 1F D2 E7 9C DA C2 6E A2 40 B4 B0 7A 50 10 50 .......n.@..zP.P
0010: 74 C4 C8 BD t...
]
]

*******************************************
*******************************************

Alias name: ttelesecglobalrootclass3ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems


Enterprise Services GmbH, C=DE
Issuer: CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems
Enterprise Services GmbH, C=DE
Serial number: 1
Valid from: Wed Oct 01 12:29:56 CEST 2008 until: Sun Oct 02 01:59:59 CEST 2033
Certificate fingerprints:
MD5: CA:FB:40:A8:4E:39:92:8A:1D:FE:8E:2F:C4:27:EA:EF
SHA1: 55:A6:72:3E:CB:F2:EC:CD:C3:23:74:70:19:9D:2A:BE:11:E3:81:D1
SHA256:
FD:73:DA:D3:1C:64:4F:F1:B4:3B:EF:0C:CD:DA:96:71:0B:9C:D9:87:5E:CA:7E:31:70:7A:F3:E9
:6D:52:2B:BD
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: B5 03 F7 76 3B 61 82 6A 12 AA 18 53 EB 03 21 94 ...v;a.j...S..!.
0010: BF FE CE CA ....
]
]

*******************************************
*******************************************

Alias name: xrampglobalca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=XRamp Global Certification Authority, O=XRamp Security Services Inc,


OU=www.xrampsecurity.com, C=US
Issuer: CN=XRamp Global Certification Authority, O=XRamp Security Services Inc,
OU=www.xrampsecurity.com, C=US
Serial number: 50946cec18ead59c4dd597ef758fa0ad
Valid from: Mon Nov 01 18:14:04 CET 2004 until: Mon Jan 01 06:37:19 CET 2035
Certificate fingerprints:
MD5: A1:0B:44:B3:CA:10:D8:00:6E:9D:0F:D8:0F:92:0A:D1
SHA1: B8:01:86:D1:EB:9C:86:A5:41:04:CF:30:54:F3:4C:52:B7:E5:58:C6
SHA256:
CE:CD:DC:90:50:99:D8:DA:DF:C5:B1:D2:09:B7:37:CB:E2:C1:8C:FB:2C:10:C0:FF:0B:CF:0D:32
:86:FC:1A:A2
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.4.1.311.20.2 Criticality=false


0000: 1E 04 00 43 00 41 ...C.A

#2: ObjectId: 1.3.6.1.4.1.311.21.1 Criticality=false


0000: 02 01 01 ...

#3: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#4: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.xrampsecurity.com/XGCA.crl]
]]

#5: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#6: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: C6 4F A2 3D 06 63 84 09 9C CE 62 E4 04 AC 8D 5C .O.=.c....b....\
0010: B5 E9 B6 1B ....
]
]

*******************************************
*******************************************

Alias name: geotrustprimarycag3 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc.
- For authorized use only, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc.
- For authorized use only, O=GeoTrust Inc., C=US
Serial number: 15ac6e9419b2794b41f627a9c3180f1f
Valid from: Wed Apr 02 02:00:00 CEST 2008 until: Wed Dec 02 00:59:59 CET 2037
Certificate fingerprints:
MD5: B5:E8:34:36:C9:10:44:58:48:70:6D:2E:83:D4:B8:05
SHA1: 03:9E:ED:B8:0B:E7:A0:3C:69:53:89:3B:20:D2:D9:32:3A:4C:2A:FD
SHA256:
B4:78:B8:12:25:0D:F8:78:63:5C:2A:A7:EC:7D:15:5E:AA:62:5E:E8:29:16:E2:CD:29:43:61:88
:6C:D1:FB:D4
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: C4 79 CA 8E A1 4E 03 1D 1C DC 6B DB 31 5B 94 3E .y...N....k.1[.>
0010: 3F 30 7F 2D ?0.-
]
]

*******************************************
*******************************************

Alias name: camerfirmachambersignca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A.,


SERIALNUMBER=A82743287, L=Madrid (see current address at
www.camerfirma.com/address), C=EU
Issuer: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A.,
SERIALNUMBER=A82743287, L=Madrid (see current address at
www.camerfirma.com/address), C=EU
Serial number: c9cdd3e9d57d23ce
Valid from: Fri Aug 01 14:31:40 CEST 2008 until: Sat Jul 31 14:31:40 CEST 2038
Certificate fingerprints:
MD5: 9E:80:FF:78:01:0C:2E:C1:36:BD:FE:96:90:6E:08:F3
SHA1: 4A:BD:EE:EC:95:0D:35:9C:89:AE:C7:52:A1:2C:5B:29:F6:D6:AA:0C
SHA256:
13:63:35:43:93:34:A7:69:80:16:A0:D3:24:DE:72:28:4E:07:9D:7B:52:20:BB:8F:BD:74:78:16
:EE:BE:BA:CA
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: B9 09 CA 9C 1E DB D3 6C 3A 6B AE ED 54 F1 5B 93 .......l:k..T.[.
0010: 06 35 2E 5E .5.^
]
[CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287,
L=Madrid (see current address at www.camerfirma.com/address), C=EU]
SerialNumber: [ c9cdd3e9 d57d23ce]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:12
]
#3: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 3A 2F 2F 70 6F 6C 69 63 79 2E
..http://policy.
0010: 63 61 6D 65 72 66 69 72 6D 61 2E 63 6F 6D camerfirma.com

]] ]
]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: B9 09 CA 9C 1E DB D3 6C 3A 6B AE ED 54 F1 5B 93 .......l:k..T.[.
0010: 06 35 2E 5E .5.^
]
]

*******************************************
*******************************************

Alias name: thawteprimaryrootcag2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized
use only", O="thawte, Inc.", C=US
Issuer: CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized
use only", O="thawte, Inc.", C=US
Serial number: 35fc265cd9844fc93d263d579baed756
Valid from: Mon Nov 05 01:00:00 CET 2007 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
MD5: 74:9D:EA:60:24:C4:FD:22:53:3E:CC:3A:72:D9:29:4F
SHA1: AA:DB:BC:22:23:8F:C4:01:A1:27:BB:38:DD:F4:1D:DB:08:9E:F0:12
SHA256:
A4:31:0D:50:AF:18:A6:44:71:90:37:2A:86:AF:AF:8B:95:1F:FB:43:1D:83:7F:1E:56:88:B4:59
:71:ED:15:57
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]
#2: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 9A D8 00 30 00 E7 6B 7F 85 18 EE 8B B6 CE 8A 0C ...0..k.........
0010: F8 11 E1 BB ....
]
]

*******************************************
*******************************************

Alias name: usertrusteccca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey


City, ST=New Jersey, C=US
Issuer: CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey
City, ST=New Jersey, C=US
Serial number: 5c8b99c55a94c5d27156decd8980cc26
Valid from: Mon Feb 01 01:00:00 CET 2010 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
MD5: FA:68:BC:D9:B5:7F:AD:FD:C9:1D:06:83:28:CC:24:C1
SHA1: D1:CB:CA:5D:B2:D5:2A:7F:69:3B:67:4D:E5:F0:5A:1D:0C:95:7D:F0
SHA256:
4F:F4:60:D5:4B:9C:86:DA:BF:BC:FC:57:12:E0:40:0D:2B:ED:3F:BC:4D:4F:BD:AA:86:E0:6A:DC
:D2:A9:AD:7A
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 3A E1 09 86 D4 CF 19 C2 96 76 74 49 76 DC E0 35 :........vtIv..5
0010: C6 63 63 9A .cc.
]
]

*******************************************
*******************************************

Alias name: certplusclass3pprimaryca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Class 3P Primary CA, O=Certplus, C=FR


Issuer: CN=Class 3P Primary CA, O=Certplus, C=FR
Serial number: bf5cdbb6f21c6ec04deb7a023b36e879
Valid from: Wed Jul 07 19:10:00 CEST 1999 until: Sun Jul 07 01:59:59 CEST 2019
Certificate fingerprints:
MD5: E1:4B:52:73:D7:1B:DB:93:30:E5:BD:E4:09:6E:BE:FB
SHA1: 21:6B:2A:29:E6:2A:00:CE:82:01:46:D8:24:41:41:B9:25:11:B2:79
SHA256:
CC:C8:94:89:37:1B:AD:11:1C:90:61:9B:EA:24:0A:2E:6D:AD:D9:9F:9F:6E:1D:4D:41:E5:8E:D6
:DE:3D:02:85
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:true
PathLen:10
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://www.certplus.com/CRL/class3P.crl]
]]

#3: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.16.840.1.113730.1.1 Criticality=false


NetscapeCertType [
Object Signing CA]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 86 E1 E1 81 71 BF 6A 12 F1 0A F2 01 E4 C8 FB 40 ....q.j........@
0010: CE 68 80 89 .h..
]
]
*******************************************
*******************************************

Alias name: swisssignsilverg2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH


Issuer: CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH
Serial number: 4f1bd42f54bb2f4b
Valid from: Wed Oct 25 10:32:46 CEST 2006 until: Sat Oct 25 10:32:46 CEST 2036
Certificate fingerprints:
MD5: E0:06:A1:C9:7D:CF:C9:FC:0D:C0:56:75:96:D8:62:13
SHA1: 9B:AA:E5:9F:56:EE:21:CB:43:5A:BE:25:93:DF:A7:F0:40:D1:1D:CB
SHA256:
BE:6C:4D:A2:BB:B9:BA:59:B6:F3:93:97:68:37:42:46:C3:C0:05:99:3F:A9:8F:02:0D:1D:ED:BE
:D4:8A:81:D5
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 17 A0 CD C1 E4 41 B6 3A 5B 3B CB 45 9D BD 1C C2 .....A.:[;.E....
0010: 98 FA 86 58 ...X
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [2.16.756.1.89.1.3.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 20 68 74 74 70 3A 2F 2F 72 65 70 6F 73 69 74 .
http://reposit
0010: 6F 72 79 2E 73 77 69 73 73 73 69 67 6E 2E 63 6F ory.swisssign.co
0020: 6D 2F m/

]] ]
]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]
#5: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 17 A0 CD C1 E4 41 B6 3A 5B 3B CB 45 9D BD 1C C2 .....A.:[;.E....
0010: 98 FA 86 58 ...X
]
]

*******************************************
*******************************************

Alias name: affirmtrustpremiumca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AffirmTrust Premium, O=AffirmTrust, C=US


Issuer: CN=AffirmTrust Premium, O=AffirmTrust, C=US
Serial number: 6d8c1446b1a60aee
Valid from: Fri Jan 29 15:10:36 CET 2010 until: Mon Dec 31 15:10:36 CET 2040
Certificate fingerprints:
MD5: C4:5D:0E:48:B6:AC:28:30:4E:0A:BC:F9:38:16:87:57
SHA1: D8:A6:33:2C:E0:03:6F:B1:85:F6:63:4F:7D:6A:06:65:26:32:28:27
SHA256:
70:A7:3F:7F:37:6B:60:07:42:48:90:45:34:B1:14:82:D5:BF:0E:69:8E:CC:49:8D:F5:25:77:EB
:F2:E9:3B:9A
Signature algorithm name: SHA384withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 9D C0 67 A6 0C 22 D9 26 F5 45 AB A6 65 52 11 27 ..g..".&.E..eR.'
0010: D8 45 AC 63 .E.c
]
]

*******************************************
*******************************************
Alias name: globalsignca [jdk]
Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE


Issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Serial number: 40000000001154b5ac394
Valid from: Tue Sep 01 14:00:00 CEST 1998 until: Fri Jan 28 13:00:00 CET 2028
Certificate fingerprints:
MD5: 3E:45:52:15:09:51:92:E1:B7:5D:37:9F:B1:87:29:8A
SHA1: B1:BC:96:8B:D4:F4:9D:62:2A:A8:9A:81:F2:15:01:52:A4:1D:82:9C
SHA256:
EB:D4:10:40:E4:BB:3E:C7:42:C9:E3:81:D3:1E:F2:A4:1A:48:B6:68:5C:96:E7:CE:F3:C1:DF:6C
:D4:33:1C:99
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 60 7B 66 1A 45 0D 97 CA 89 50 2F 7D 04 CD 34 A8 `.f.E....P/...4.
0010: FF FC FD 4B ...K
]
]

*******************************************
*******************************************

Alias name: dtrustclass3ca2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=D-TRUST Root Class 3 CA 2 2009, O=D-Trust GmbH, C=DE


Issuer: CN=D-TRUST Root Class 3 CA 2 2009, O=D-Trust GmbH, C=DE
Serial number: 983f3
Valid from: Thu Nov 05 09:35:58 CET 2009 until: Mon Nov 05 09:35:58 CET 2029
Certificate fingerprints:
MD5: CD:E0:25:69:8D:47:AC:9C:89:35:90:F7:FD:51:3D:2F
SHA1: 58:E8:AB:B0:36:15:33:FB:80:F7:9B:1B:6D:29:D3:FF:8D:5F:00:F0
SHA256:
49:E7:A4:42:AC:F0:EA:62:87:05:00:54:B5:25:64:B6:50:E4:F4:9E:42:E3:48:D6:AA:38:E0:39
:E9:57:B1:C1
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: ldap://directory.d-trust.net/CN=D-TRUST%20Root%20Class%203%20CA
%202%202009,O=D-Trust%20GmbH,C=DE?certificaterevocationlist]
, DistributionPoint:
[URIName: http://www.d-trust.net/crl/d-trust_root_class_3_ca_2_2009.crl]
]]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: FD DA 14 C4 9F 30 DE 21 BD 1E 42 39 FC AB 63 23 .....0.!..B9..c#
0010: 49 E0 F1 84 I...
]
]

*******************************************
*******************************************

Alias name: affirmtrustcommercialca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AffirmTrust Commercial, O=AffirmTrust, C=US


Issuer: CN=AffirmTrust Commercial, O=AffirmTrust, C=US
Serial number: 7777062726a9b17c
Valid from: Fri Jan 29 15:06:06 CET 2010 until: Tue Dec 31 15:06:06 CET 2030
Certificate fingerprints:
MD5: 82:92:BA:5B:EF:CD:8A:6F:A6:3D:55:F9:84:F6:D6:B7
SHA1: F9:B5:B6:32:45:5F:9C:BE:EC:57:5F:80:DC:E9:6E:2C:C7:B2:78:B7
SHA256:
03:76:AB:1D:54:C5:F9:80:3C:E4:B2:E2:01:A0:EE:7E:EF:7B:57:B6:36:E8:A9:3C:9B:8D:48:60
:C9:6F:5F:A7
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 9D 93 C6 53 8B 5E CA AF 3F 9F 1E 0F E5 99 95 BC ...S.^..?.......
0010: 24 F6 94 8F $...
]
]

*******************************************
*******************************************

Alias name: letsencryptisrgx1 [jdk]


Creation date: May 19, 2017
Entry type: trustedCertEntry

Owner: CN=ISRG Root X1, O=Internet Security Research Group, C=US


Issuer: CN=ISRG Root X1, O=Internet Security Research Group, C=US
Serial number: 8210cfb0d240e3594463e0bb63828b00
Valid from: Thu Jun 04 13:04:38 CEST 2015 until: Mon Jun 04 13:04:38 CEST 2035
Certificate fingerprints:
MD5: 0C:D2:F9:E0:DA:17:73:E9:ED:86:4D:A5:E3:70:E7:4E
SHA1: CA:BD:2A:79:A1:07:6A:31:F2:1D:25:36:35:CB:03:9D:43:29:A5:E8
SHA256:
96:BC:EC:06:26:49:76:F3:74:60:77:9A:CF:28:C5:A7:CF:E8:A3:C0:AA:E1:1A:8F:FC:EE:05:C0
:BD:DF:08:C6
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 79 B4 59 E6 7B B6 E5 E4 01 73 80 08 88 C8 1A 58 y.Y......s.....X
0010: F6 E9 9B 6E ...n
]
]

*******************************************
*******************************************

Alias name: thawtepremiumserverca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA,


OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western
Cape, C=ZA
Issuer: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western
Cape, C=ZA
Serial number: 36122296c5e338a520a1d25f4cd70954
Valid from: Thu Aug 01 02:00:00 CEST 1996 until: Sat Jan 02 00:59:59 CET 2021
Certificate fingerprints:
MD5: A6:6B:60:90:23:9B:3F:2D:BB:98:6F:D6:A7:19:0D:46
SHA1: E0:AB:05:94:20:72:54:93:05:60:62:02:36:70:F7:CD:2E:FC:66:66
SHA256:
3F:9F:27:D5:83:20:4B:9E:09:C8:A3:D2:06:6C:4B:57:D3:A2:47:9C:36:93:65:08:80:50:56:98
:10:5D:BC:E9
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 1024-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

*******************************************
*******************************************

Alias name: comodoaaaca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater


Manchester, C=GB
Issuer: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater
Manchester, C=GB
Serial number: 1
Valid from: Thu Jan 01 01:00:00 CET 2004 until: Mon Jan 01 00:59:59 CET 2029
Certificate fingerprints:
MD5: 49:79:04:B0:EB:87:19:AC:47:B0:BC:11:51:9B:74:D0
SHA1: D1:EB:23:A4:6D:17:D6:8F:D9:25:64:C2:F1:F1:60:17:64:D8:E3:49
SHA256:
D7:A7:A0:FB:5D:7E:27:31:D7:71:E9:48:4E:BC:DE:F7:1D:5F:0C:3E:0A:29:48:78:2B:C8:3E:E0
:EA:69:9E:F4
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.comodoca.com/AAACertificateServices.crl]
, DistributionPoint:
[URIName: http://crl.comodo.net/AAACertificateServices.crl]
]]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: A0 11 0A 23 3E 96 F1 07 EC E2 AF 29 EF 82 A5 7F ...#>......)....
0010: D0 30 A4 B4 .0..
]
]

*******************************************
*******************************************

Alias name: geotrustprimarycag2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GeoTrust Primary Certification Authority - G2, OU=(c) 2007 GeoTrust Inc.
- For authorized use only, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Primary Certification Authority - G2, OU=(c) 2007 GeoTrust Inc.
- For authorized use only, O=GeoTrust Inc., C=US
Serial number: 3cb2f4480a00e2feeb243b5e603ec36b
Valid from: Mon Nov 05 01:00:00 CET 2007 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
MD5: 01:5E:D8:6B:BD:6F:3D:8E:A1:31:F8:12:E0:98:73:6A
SHA1: 8D:17:84:D5:37:F3:03:7D:EC:70:FE:57:8B:51:9A:99:E6:10:D7:B0
SHA256:
5E:DB:7A:C4:3B:82:A0:6A:87:61:E8:D7:BE:49:79:EB:F2:61:1F:7D:D7:9B:F9:1C:1C:6B:56:6A
:21:9E:D7:66
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 15 5F 35 57 51 55 FB 25 B2 AD 03 69 FC 01 A3 FA ._5WQU.%...i....
0010: BE 11 55 D5 ..U.
]
]

*******************************************
*******************************************

Alias name: symantecg4ca


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network,


O=Symantec Corporation, C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c)
2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Serial number: 513fb9743870b73440418d30930699ff
Valid from: Thu Oct 31 01:00:00 CET 2013 until: Tue Oct 31 00:59:59 CET 2023
Certificate fingerprints:
MD5: 23:D5:85:8E:BC:89:86:10:7C:B7:AC:1E:17:F7:26:C5
SHA1: FF:67:36:7C:5C:D4:DE:4A:E1:8B:CC:E1:D7:0F:DA:BD:7C:86:61:35
SHA256:
EA:E7:2E:B4:54:BF:6C:39:77:EB:D2:89:E9:70:B2:F5:28:29:49:19:00:93:D0:D2:6F:98:D0:F0
:D6:A9:CF:17
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false


AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://s2.symcb.com
]
]

#2: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 7F D3 65 A7 C2 DD EC BB F0 30 09 F3 43 39 FA 02 ..e......0..C9..
0010: AF 33 31 33 .313
]
]

#3: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:0
]

#4: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://s1.symcb.com/pca3-g5.crl]
]]

#5: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.54]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1A 68 74 74 70 3A 2F 2F 77 77 77 2E 73 79 6D
..http://www.sym
0010: 61 75 74 68 2E 63 6F 6D 2F 63 70 73 auth.com/cps

], PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 1C 1A 1A 68 74 74 70 3A 2F 2F 77 77 77 2E 73
0...http://www.s
0010: 79 6D 61 75 74 68 2E 63 6F 6D 2F 72 70 61 ymauth.com/rpa

]] ]
]

#6: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#7: ObjectId: 2.5.29.17 Criticality=false


SubjectAlternativeName [
CN=SymantecPKI-1-534
]

#8: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 5F 60 CF 61 90 55 DF 84 43 14 8A 60 2A B2 F5 7A _`.a.U..C..`*..z
0010: F4 43 18 EF .C..
]
]

*******************************************
*******************************************

Alias name: globalsignr3ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3


Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3
Serial number: 4000000000121585308a2
Valid from: Wed Mar 18 11:00:00 CET 2009 until: Sun Mar 18 11:00:00 CET 2029
Certificate fingerprints:
MD5: C5:DF:B8:49:CA:05:13:55:EE:2D:BA:1A:C3:3E:B0:28
SHA1: D6:9B:56:11:48:F0:1C:77:C5:45:78:C1:09:26:DF:5B:85:69:76:AD
SHA256:
CB:B5:22:D7:B7:F1:27:AD:6A:01:13:86:5B:DF:1C:D4:10:2E:7D:07:59:AF:63:5A:7C:F4:72:0D
:C9:63:C5:3B
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 8F F0 4B 7F A8 2E 45 24 AE 4D 50 FA 63 9A 8B DE ..K...E$.MP.c...
0010: E2 DD 1B BC ....
]
]

*******************************************
*******************************************

Alias name: thawteprimaryrootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use
only", OU=Certification Services Division, O="thawte, Inc.", C=US
Issuer: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use
only", OU=Certification Services Division, O="thawte, Inc.", C=US
Serial number: 344ed55720d5edec49f42fce37db2b6d
Valid from: Fri Nov 17 01:00:00 CET 2006 until: Thu Jul 17 01:59:59 CEST 2036
Certificate fingerprints:
MD5: 8C:CA:DC:0B:22:CE:F5:BE:72:AC:41:1A:11:A8:D8:12
SHA1: 91:C6:D6:EE:3E:8A:C8:63:84:E5:48:C2:99:29:5C:75:6C:81:7B:81
SHA256:
8D:72:2F:81:A9:C1:13:C0:79:1D:F1:36:A2:96:6D:B2:6C:95:0A:97:1D:B4:6B:41:99:F4:EA:54
:B7:8B:FB:9F
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 7B 5B 45 CF AF CE CB 7A FD 31 92 1A 6A B6 F3 46 .[E....z.1..j..F
0010: EB 57 48 50 .WHP
]
]

*******************************************
*******************************************

Alias name: quovadisrootca3 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM


Issuer: CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM
Serial number: 5c6
Valid from: Fri Nov 24 20:11:23 CET 2006 until: Mon Nov 24 20:06:44 CET 2031
Certificate fingerprints:
MD5: 31:85:3C:62:94:97:63:B9:AA:FD:89:4E:AF:6F:E0:CF
SHA1: 1F:49:14:F7:D8:74:95:1D:DD:AE:02:C0:BE:FD:3A:2D:82:75:51:85
SHA256:
18:F1:FC:7F:20:5D:F8:AD:DD:EB:7F:E0:07:DD:57:E3:AF:37:5A:9C:4D:8D:73:54:6B:F4:F1:FE
:D1:E1:8D:35
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: F2 C0 13 E0 82 43 3E FB EE 2F 67 32 96 35 5C DB .....C>../g2.5\.
0010: B8 CB 02 D0 ....
]
[CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM]
SerialNumber: [ 05c6]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [1.3.6.1.4.1.8024.0.3]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 81 86 1A 81 83 41 6E 79 20 75 73 65 20 6F 66 0.....Any use
of
0010: 20 74 68 69 73 20 43 65 72 74 69 66 69 63 61 74 this Certificat
0020: 65 20 63 6F 6E 73 74 69 74 75 74 65 73 20 61 63 e constitutes ac
0030: 63 65 70 74 61 6E 63 65 20 6F 66 20 74 68 65 20 ceptance of the
0040: 51 75 6F 56 61 64 69 73 20 52 6F 6F 74 20 43 41 QuoVadis Root CA
0050: 20 33 20 43 65 72 74 69 66 69 63 61 74 65 20 50 3 Certificate P
0060: 6F 6C 69 63 79 20 2F 20 43 65 72 74 69 66 69 63 olicy / Certific
0070: 61 74 69 6F 6E 20 50 72 61 63 74 69 63 65 20 53 ation Practice S
0080: 74 61 74 65 6D 65 6E 74 2E tatement.

], PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 21 68 74 74 70 3A 2F 2F 77 77 77 2E 71 75 6F .!
http://www.quo
0010: 76 61 64 69 73 67 6C 6F 62 61 6C 2E 63 6F 6D 2F vadisglobal.com/
0020: 63 70 73 cps

]] ]
]

#4: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]
#5: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: F2 C0 13 E0 82 43 3E FB EE 2F 67 32 96 35 5C DB .....C>../g2.5\.
0010: B8 CB 02 D0 ....
]
]

*******************************************
*******************************************

Alias name: starfieldclass2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies,


Inc.", C=US
Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies,
Inc.", C=US
Serial number: 0
Valid from: Tue Jun 29 19:39:16 CEST 2004 until: Thu Jun 29 19:39:16 CEST 2034
Certificate fingerprints:
MD5: 32:4A:4B:BB:C8:63:69:9B:BE:74:9A:C6:DD:1D:46:24
SHA1: AD:7E:1C:28:B0:64:EF:8F:60:03:40:20:14:C3:D0:E3:37:0E:B5:8A
SHA256:
14:65:FA:20:53:97:B8:76:FA:A6:F0:A9:95:8E:55:90:E4:0F:CC:7F:AA:4F:B7:C2:C8:67:75:21
:FB:5F:B6:58
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: BF 5F B7 D1 CE DD 1F 86 F4 5B 55 AC DC D7 10 C2 ._.......[U.....
0010: 0E A9 88 E7 ....
]
[OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.",
C=US]
SerialNumber: [ 00]
]

#2: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: BF 5F B7 D1 CE DD 1F 86 F4 5B 55 AC DC D7 10 C2 ._.......[U.....
0010: 0E A9 88 E7 ....
]
]

*******************************************
*******************************************

Alias name: starfieldrootg2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies,


Inc.", L=Scottsdale, ST=Arizona, C=US
Issuer: CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies,
Inc.", L=Scottsdale, ST=Arizona, C=US
Serial number: 0
Valid from: Tue Sep 01 02:00:00 CEST 2009 until: Fri Jan 01 00:59:59 CET 2038
Certificate fingerprints:
MD5: D6:39:81:C6:52:7E:96:69:FC:FC:CA:66:ED:05:F2:96
SHA1: B5:1C:06:7C:EE:2B:0C:3D:F8:55:AB:2D:92:F4:FE:39:D4:E7:0F:0E
SHA256:
2C:E1:CB:0B:F9:D2:F9:E1:02:99:3F:BE:21:51:52:C3:B2:DD:0C:AB:DE:1C:68:E5:31:9B:83:91
:54:DB:B7:F5
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 7C 0C 32 1F A7 D9 30 7F C4 7D 68 A3 62 A8 A1 CE ..2...0...h.b...
0010: AB 07 5B 27 ..['
]
]

*******************************************
*******************************************

Alias name: verisignclass3ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US


Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Serial number: 3c9131cb1ff6d01b0e9ab8d044bf12be
Valid from: Mon Jan 29 01:00:00 CET 1996 until: Thu Aug 03 01:59:59 CEST 2028
Certificate fingerprints:
MD5: EF:5A:F1:33:EF:F1:CD:BB:51:02:EE:12:14:4B:96:C4
SHA1: A1:DB:63:93:91:6F:17:E4:18:55:09:40:04:15:C7:02:40:B0:AE:6B
SHA256:
A4:B6:B3:99:6F:C2:F3:06:B3:FD:86:81:BD:63:41:3D:8C:50:09:CC:4F:A3:29:C2:CC:F0:E2:FA
:1B:14:03:05
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 1024-bit RSA key
Version: 1

*******************************************
*******************************************

Alias name: affirmtrustpremiumeccca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US


Issuer: CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US
Serial number: 7497258ac73f7a54
Valid from: Fri Jan 29 15:20:24 CET 2010 until: Mon Dec 31 15:20:24 CET 2040
Certificate fingerprints:
MD5: 64:B0:09:55:CF:B1:D5:99:E2:BE:13:AB:A6:5D:EA:4D
SHA1: B8:23:6B:00:2F:1D:16:86:53:01:55:6C:11:A4:37:CA:EB:FF:C3:BB
SHA256:
BD:71:FD:F6:DA:97:E4:CF:62:D1:64:7A:DD:25:81:B0:7D:79:AD:F8:39:7E:B4:EC:BA:9C:5E:84
:88:82:14:23
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 9A AF 29 7A C0 11 35 35 26 51 30 00 C3 6A FE 40 ..)z..55&Q0..j.@
0010: D5 AE D6 3C ...<
]
]

*******************************************
*******************************************

Alias name: digicertsha2secureserverca


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US


Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Serial number: 1fda3eb6eca75c888438b724bcfbc91
Valid from: Fri Mar 08 13:00:00 CET 2013 until: Wed Mar 08 13:00:00 CET 2023
Certificate fingerprints:
MD5: 34:5E:FF:15:B7:A4:9A:DD:45:1B:65:A7:F4:BD:C6:AE
SHA1: 1F:B8:6B:11:68:EC:74:31:54:06:2E:8C:9C:C5:B1:71:A4:B7:CC:B4
SHA256:
15:4C:43:3C:49:19:29:C5:EF:68:6E:83:8E:32:36:64:A0:0E:6A:0D:82:2C:CC:95:8F:B4:DA:B0
:3E:49:A0:8F
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false


AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://ocsp.digicert.com
]
]

#2: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 03 DE 50 35 56 D1 4C BB 66 F0 A3 E2 1B 1B C3 97 ..P5V.L.f.......
0010: B2 3D D1 55 .=.U
]
]

#3: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:0
]

#4: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl3.digicert.com/DigiCertGlobalRootCA.crl]
, DistributionPoint:
[URIName: http://crl4.digicert.com/DigiCertGlobalRootCA.crl]
]]

#5: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 64 69
..https://www.di
0010: 67 69 63 65 72 74 2E 63 6F 6D 2F 43 50 53 gicert.com/CPS

]] ]
]

#6: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#7: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 0F 80 61 1C 82 31 61 D5 2F 28 E7 8D 46 38 B4 2C ..a..1a./(..F8.,
0010: E1 C6 D9 E2 ....
]
]

*******************************************
*******************************************

Alias name: geotrustglobalca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US


Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Serial number: 23456
Valid from: Tue May 21 06:00:00 CEST 2002 until: Sat May 21 06:00:00 CEST 2022
Certificate fingerprints:
MD5: F7:75:AB:29:FB:51:4E:B7:77:5E:FF:05:3C:99:8E:F5
SHA1: DE:28:F4:A4:FF:E5:B9:2F:A3:C5:03:D1:A3:49:A7:F9:96:2A:82:12
SHA256:
FF:85:6A:2D:25:1D:CD:88:D3:66:56:F4:50:12:67:98:CF:AB:AA:DE:40:79:9C:72:2D:E4:D2:B5
:DB:36:A7:3A
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: C0 7A 98 68 8D 89 FB AB 05 64 0C 11 7D AA 7D 65 .z.h.....d.....e
0010: B8 CA CC 4E ...N
]
]
#2: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: C0 7A 98 68 8D 89 FB AB 05 64 0C 11 7D AA 7D 65 .z.h.....d.....e
0010: B8 CA CC 4E ...N
]
]

*******************************************
*******************************************

Alias name: swisscomrootca2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Swisscom Root CA 2, OU=Digital Certificate Services, O=Swisscom, C=ch


Issuer: CN=Swisscom Root CA 2, OU=Digital Certificate Services, O=Swisscom, C=ch
Serial number: 1e9e28e848f2e5efc37c4a1e5a1867b6
Valid from: Fri Jun 24 10:38:14 CEST 2011 until: Wed Jun 25 09:38:14 CEST 2031
Certificate fingerprints:
MD5: 5B:04:69:EC:A5:83:94:63:18:A7:86:D0:E4:F2:6E:19
SHA1: 77:47:4F:C6:30:E4:0F:4C:47:64:3F:84:BA:B8:C6:95:4A:8A:41:EC
SHA256:
F0:9B:12:2C:71:14:F4:A0:9B:D4:EA:4F:4A:99:D5:58:B4:6E:4C:25:CD:81:14:0D:29:C0:56:13
:91:4C:38:41
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 4D 26 20 22 89 4B D3 D5 A4 0A A1 6F DE E2 12 81 M& ".K.....o....
0010: C5 F1 3C 2E ..<.
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:7
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.33 Criticality=false


PolicyMappings [
[CertificatePolicyMap: [
IssuerDomain:CertificatePolicyId: [2.16.756.1.83.2.1]
SubjectDomain:CertificatePolicyId: [2.16.756.1.83.2.1]
]
]]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 4D 26 20 22 89 4B D3 D5 A4 0A A1 6F DE E2 12 81 M& ".K.....o....
0010: C5 F1 3C 2E ..<.
]
]

*******************************************
*******************************************

Alias name: aolrootca2


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=America Online Root Certification Authority 2, O=America Online Inc.,


C=US
Issuer: CN=America Online Root Certification Authority 2, O=America Online Inc.,
C=US
Serial number: 1
Valid from: Tue May 28 08:00:00 CEST 2002 until: Tue Sep 29 16:08:00 CEST 2037
Certificate fingerprints:
MD5: D6:ED:3C:CA:E2:66:0F:AF:10:43:0D:77:9B:04:09:BF
SHA1: 85:B5:FF:67:9B:0C:79:96:1F:C8:6E:44:22:00:46:13:DB:17:92:84
SHA256:
7D:3B:46:5A:60:14:E5:26:C0:AF:FC:EE:21:27:D2:31:17:27:AD:81:1C:26:84:2D:00:6A:F3:73
:06:CC:80:BD
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 4D 45 C1 68 38 BB 73 A9 69 A1 20 E7 ED F5 22 A1 ME.h8.s.i. ...".
0010: 23 14 D7 9E #...
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 4D 45 C1 68 38 BB 73 A9 69 A1 20 E7 ED F5 22 A1 ME.h8.s.i. ...".
0010: 23 14 D7 9E #...
]
]

*******************************************
*******************************************

Alias name: verisignclass2g3ca


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c)


1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c)
1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Serial number: 6170cb498c5f984529e7b0a6d9505b7a
Valid from: Fri Oct 01 02:00:00 CEST 1999 until: Thu Jul 17 01:59:59 CEST 2036
Certificate fingerprints:
MD5: F8:BE:C4:63:22:C9:A8:46:74:8B:B8:1D:1E:4A:2B:F6
SHA1: 61:EF:43:D7:7F:CA:D4:61:51:BC:98:E0:C3:59:12:AF:9F:EB:63:11
SHA256:
92:A9:D9:83:3F:E1:94:4D:B3:66:E8:BF:AE:7A:95:B6:48:0C:2D:6C:6C:2A:1B:E6:5D:42:36:B6
:08:FC:A1:BB
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 1

*******************************************
*******************************************

Alias name: godaddyclass2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.",
C=US
Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.",
C=US
Serial number: 0
Valid from: Tue Jun 29 19:06:20 CEST 2004 until: Thu Jun 29 19:06:20 CEST 2034
Certificate fingerprints:
MD5: 91:DE:06:25:AB:DA:FD:32:17:0C:BB:25:17:2A:84:67
SHA1: 27:96:BA:E6:3F:18:01:E2:77:26:1B:A0:D7:77:70:02:8F:20:EE:E4
SHA256:
C3:84:6B:F2:4B:9E:93:CA:64:27:4C:0E:C6:7C:1E:CC:5E:02:4F:FC:AC:D2:D7:40:19:35:0E:81
:FE:54:6A:E4
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: D2 C4 B0 D2 91 D4 4C 11 71 B3 61 CB 3D A1 FE DD ......L.q.a.=...
0010: A8 6A D4 E3 .j..
]
[OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US]
SerialNumber: [ 00]
]

#2: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: D2 C4 B0 D2 91 D4 4C 11 71 B3 61 CB 3D A1 FE DD ......L.q.a.=...
0010: A8 6A D4 E3 .j..
]
]

*******************************************
*******************************************

Alias name: godaddyrootg2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.",


L=Scottsdale, ST=Arizona, C=US
Issuer: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.",
L=Scottsdale, ST=Arizona, C=US
Serial number: 0
Valid from: Tue Sep 01 02:00:00 CEST 2009 until: Fri Jan 01 00:59:59 CET 2038
Certificate fingerprints:
MD5: 80:3A:BC:22:C1:E6:FB:8D:9B:3B:27:4A:32:1B:9A:01
SHA1: 47:BE:AB:C9:22:EA:E8:0E:78:78:34:62:A7:9F:45:C2:54:FD:E6:8B
SHA256:
45:14:0B:32:47:EB:9C:C8:C5:B4:F0:D7:B5:30:91:F7:32:92:08:9E:6E:5A:63:E2:74:9D:D3:AC
:A9:19:8E:DA
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 3A 9A 85 07 10 67 28 B6 EF F6 BD 05 41 6E 20 C1 :....g(.....An .
0010: 94 DA 0F DE ....
]
]

*******************************************
*******************************************

Alias name: aolrootca1


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=America Online Root Certification Authority 1, O=America Online Inc.,


C=US
Issuer: CN=America Online Root Certification Authority 1, O=America Online Inc.,
C=US
Serial number: 1
Valid from: Tue May 28 08:00:00 CEST 2002 until: Thu Nov 19 21:43:00 CET 2037
Certificate fingerprints:
MD5: 14:F1:08:AD:9D:FA:64:E2:89:E7:1C:CF:A8:AD:7D:5E
SHA1: 39:21:C1:15:C1:5D:0E:CA:5C:CB:5B:C4:F0:7D:21:D8:05:0B:56:6A
SHA256:
77:40:73:12:C6:3A:15:3D:5B:C0:0B:4E:51:75:9C:DF:DA:C2:37:DC:2A:33:B6:79:46:E9:8E:9B
:FA:68:0A:E3
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 00 AD D9 A3 F6 79 F6 6E 74 A9 7F 33 3D 81 17 D7 .....y.nt..3=...
0010: 4C CF 33 DE L.3.
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 00 AD D9 A3 F6 79 F6 6E 74 A9 7F 33 3D 81 17 D7 .....y.nt..3=...
0010: 4C CF 33 DE L.3.
]
]

*******************************************
*******************************************

Alias name: verisignclass3g5ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c)


2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c)
2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Serial number: 18dad19e267de8bb4a2158cdcc6b3b4a
Valid from: Wed Nov 08 01:00:00 CET 2006 until: Thu Jul 17 01:59:59 CEST 2036
Certificate fingerprints:
MD5: CB:17:E4:31:67:3E:E2:09:FE:45:57:93:F3:0A:FA:1C
SHA1: 4E:B6:D5:78:49:9B:1C:CF:5F:58:1E:AD:56:BE:3D:9B:67:44:A5:E5
SHA256:
9A:CF:AB:7E:43:C8:D8:80:D0:6B:26:2A:94:DE:EE:E4:B4:65:99:89:C3:D0:CA:F1:9B:AF:64:05
:E4:1A:B7:DF
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.3.6.1.5.5.7.1.12 Criticality=false


0000: 30 5F A1 5D A0 5B 30 59 30 57 30 55 16 09 69 6D 0_.].[0Y0W0U..im
0010: 61 67 65 2F 67 69 66 30 21 30 1F 30 07 06 05 2B age/gif0!0.0...+
0020: 0E 03 02 1A 04 14 8F E5 D3 1A 86 AC 8D 8E 6B C3 ..............k.
0030: CF 80 6A D4 48 18 2C 7B 19 2E 30 25 16 23 68 74 ..j.H.,...0%.#ht
0040: 74 70 3A 2F 2F 6C 6F 67 6F 2E 76 65 72 69 73 69 tp://logo.verisi
0050: 67 6E 2E 63 6F 6D 2F 76 73 6C 6F 67 6F 2E 67 69 gn.com/vslogo.gi
0060: 66 f

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 7F D3 65 A7 C2 DD EC BB F0 30 09 F3 43 39 FA 02 ..e......0..C9..
0010: AF 33 31 33 .313
]
]

*******************************************
*******************************************

Alias name: quovadisrootca2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM


Issuer: CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM
Serial number: 509
Valid from: Fri Nov 24 19:27:00 CET 2006 until: Mon Nov 24 19:23:33 CET 2031
Certificate fingerprints:
MD5: 5E:39:7B:DD:F8:BA:EC:82:E9:AC:62:BA:0C:54:00:2B
SHA1: CA:3A:FB:CF:12:40:36:4B:44:B2:16:20:88:80:48:39:19:93:7C:F7
SHA256:
85:A0:DD:7D:D7:20:AD:B7:FF:05:F8:3D:54:2B:20:9D:C7:FF:45:28:F7:D6:77:B1:83:89:FE:A5
:E5:C4:9E:86
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 1A 84 62 BC 48 4C 33 25 04 D4 EE D0 F6 03 C4 19 ..b.HL3%........
0010: 46 D1 94 6B F..k
]
[CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM]
SerialNumber: [ 0509]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 1A 84 62 BC 48 4C 33 25 04 D4 EE D0 F6 03 C4 19 ..b.HL3%........
0010: 46 D1 94 6B F..k
]
]

*******************************************
*******************************************

Alias name: certumca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Certum CA, O=Unizeto Sp. z o.o., C=PL


Issuer: CN=Certum CA, O=Unizeto Sp. z o.o., C=PL
Serial number: 10020
Valid from: Tue Jun 11 12:46:39 CEST 2002 until: Fri Jun 11 12:46:39 CEST 2027
Certificate fingerprints:
MD5: 2C:8F:9F:66:1D:18:90:B1:47:26:9D:8E:86:82:8C:A9
SHA1: 62:52:DC:40:F7:11:43:A2:2F:DE:9E:F7:34:8E:06:42:51:B1:81:18
SHA256:
D8:E0:FE:BC:1D:B2:E3:8D:00:94:0F:37:D2:7D:41:34:4D:99:3E:73:4B:99:D5:65:6D:97:78:D4
:D8:14:36:24
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

*******************************************
*******************************************
Alias name: swisssignplatinumg2ca [jdk]
Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH


Issuer: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
Serial number: 4eb200670c035d4f
Valid from: Wed Oct 25 10:36:00 CEST 2006 until: Sat Oct 25 10:36:00 CEST 2036
Certificate fingerprints:
MD5: C9:98:27:77:28:1E:3D:0E:15:3C:84:00:B8:85:03:E6
SHA1: 56:E0:FA:C0:3B:8F:18:23:55:18:E5:D3:11:CA:E8:C2:43:31:AB:66
SHA256:
3B:22:2E:56:67:11:E9:92:30:0D:C0:B1:5A:B9:47:3D:AF:DE:F8:C8:4D:0C:EF:7D:33:17:B4:C1
:82:1D:14:36
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 50 AF CC 07 87 15 47 6F 38 C5 B4 65 D1 DE 95 AA P.....Go8..e....
0010: E9 DF 9C CC ....
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [2.16.756.1.89.1.1.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 20 68 74 74 70 3A 2F 2F 72 65 70 6F 73 69 74 .
http://reposit
0010: 6F 72 79 2E 73 77 69 73 73 73 69 67 6E 2E 63 6F ory.swisssign.co
0020: 6D 2F m/

]] ]
]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 50 AF CC 07 87 15 47 6F 38 C5 B4 65 D1 DE 95 AA P.....Go8..e....
0010: E9 DF 9C CC ....
]
]

*******************************************
*******************************************

Alias name: chunghwaepkirootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: OU=ePKI Root Certification Authority, O="Chunghwa Telecom Co., Ltd.", C=TW
Issuer: OU=ePKI Root Certification Authority, O="Chunghwa Telecom Co., Ltd.", C=TW
Serial number: 15c8bd65475cafb897005ee406d2bc9d
Valid from: Mon Dec 20 03:31:27 CET 2004 until: Wed Dec 20 03:31:27 CET 2034
Certificate fingerprints:
MD5: 1B:2E:00:CA:26:06:90:3D:AD:FE:6F:15:68:D3:6B:B3
SHA1: 67:65:0D:F1:7E:8E:7E:5B:82:40:A4:F4:56:4B:CF:E2:3D:69:C6:F0
SHA256:
C0:A6:F4:DC:63:A2:4B:FD:CF:54:EF:2A:6A:08:2A:0A:72:DE:35:80:3E:2F:F5:FF:52:7A:E5:D8
:72:06:DF:D5
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.23.42.7.0 Criticality=false


0000: 30 2F 30 2D 02 01 00 30 09 06 05 2B 0E 03 02 1A 0/0-...0...+....
0010: 05 00 30 07 06 05 67 2A 03 00 00 04 14 45 B0 C2 ..0...g*.....E..
0020: C7 0A 56 7C EE 5B 78 0C 95 F9 18 53 C1 A6 1C D8 ..V..[x....S....
0030: 10 .

#2: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 1E 0C F7 B6 67 F2 E1 92 26 09 45 C0 55 39 2E 77 ....g...&.E.U9.w
0010: 3F 42 4A A2 ?BJ.
]
]

*******************************************
*******************************************

Alias name: quovadisrootca3g3 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry
Owner: CN=QuoVadis Root CA 3 G3, O=QuoVadis Limited, C=BM
Issuer: CN=QuoVadis Root CA 3 G3, O=QuoVadis Limited, C=BM
Serial number: 2ef59b0228a7db7affd5a3a9eebd03a0cf126a1d
Valid from: Thu Jan 12 21:26:32 CET 2012 until: Sun Jan 12 21:26:32 CET 2042
Certificate fingerprints:
MD5: DF:7D:B9:AD:54:6F:68:A1:DF:89:57:03:97:43:B0:D7
SHA1: 48:12:BD:92:3C:A8:C4:39:06:E7:30:6D:27:96:E6:A4:CF:22:2E:7D
SHA256:
88:EF:81:DE:20:2E:B0:18:45:2E:43:F8:64:72:5C:EA:5F:BD:1F:C2:D9:D2:05:73:07:09:C5:D8
:B8:69:0F:46
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: C6 17 D0 BC A8 EA 02 43 F2 1B 06 99 5D 2B 90 20 .......C....]+.
0010: B9 D7 9C E4 ....
]
]

*******************************************
*******************************************

Alias name: addtrustclass1ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Serial number: 1
Valid from: Tue May 30 12:38:31 CEST 2000 until: Sat May 30 12:38:31 CEST 2020
Certificate fingerprints:
MD5: 1E:42:95:02:33:92:6B:B9:5F:C0:7F:DA:D6:B2:4B:FC
SHA1: CC:AB:0E:A0:4C:23:01:D6:69:7B:DD:37:9F:CD:12:EB:24:E3:94:9D
SHA256:
8C:72:09:27:9A:C0:4E:27:5E:16:D0:7F:D3:B7:75:E8:01:54:B5:96:80:46:E3:1F:52:DD:25:76
:63:24:E9:A7
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 95 B1 B4 F0 94 B6 BD C7 DA D1 11 09 21 BE C1 AF ............!...
0010: 49 FD 10 7B I...
]
[CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE]
SerialNumber: [ 01]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 95 B1 B4 F0 94 B6 BD C7 DA D1 11 09 21 BE C1 AF ............!...
0010: 49 FD 10 7B I...
]
]

*******************************************
*******************************************

Alias name: quovadisrootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=QuoVadis Root Certification Authority, OU=Root Certification Authority,


O=QuoVadis Limited, C=BM
Issuer: CN=QuoVadis Root Certification Authority, OU=Root Certification Authority,
O=QuoVadis Limited, C=BM
Serial number: 3ab6508b
Valid from: Mon Mar 19 19:33:33 CET 2001 until: Wed Mar 17 19:33:33 CET 2021
Certificate fingerprints:
MD5: 27:DE:36:FE:72:B7:00:03:00:9D:F4:F0:1E:6C:04:24
SHA1: DE:3F:40:BD:50:93:D3:9B:6C:60:F6:DA:BC:07:62:01:00:89:76:C9
SHA256:
A4:5E:DE:3B:BB:F0:9C:8A:E1:5C:72:EF:C0:72:68:D6:93:A2:1C:99:6F:D5:1E:67:CA:07:94:60
:FD:6D:88:73
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3
Extensions:

#1: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false


AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: https://ocsp.quovadisoffshore.com
]
]

#2: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 8B 4B 6D ED D3 29 B9 06 19 EC 39 39 A9 F0 97 84 .Km..)....99....
0010: 6A CB EF DF j...
]
[CN=QuoVadis Root Certification Authority, OU=Root Certification Authority,
O=QuoVadis Limited, C=BM]
SerialNumber: [ 3ab6508b]
]

#3: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#4: ObjectId: 2.5.29.32 Criticality=false


CertificatePolicies [
[CertificatePolicyId: [1.3.6.1.4.1.8024.0.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 81 C7 1A 81 C4 52 65 6C 69 61 6E 63 65 20 6F
0.....Reliance o
0010: 6E 20 74 68 65 20 51 75 6F 56 61 64 69 73 20 52 n the QuoVadis R
0020: 6F 6F 74 20 43 65 72 74 69 66 69 63 61 74 65 20 oot Certificate
0030: 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 73 by any party ass
0040: 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 20 umes acceptance
0050: 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 6C of the then appl
0060: 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 20 icable standard
0070: 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 74 terms and condit
0080: 69 6F 6E 73 20 6F 66 20 75 73 65 2C 20 63 65 72 ions of use, cer
0090: 74 69 66 69 63 61 74 69 6F 6E 20 70 72 61 63 74 tification pract
00A0: 69 63 65 73 2C 20 61 6E 64 20 74 68 65 20 51 75 ices, and the Qu
00B0: 6F 56 61 64 69 73 20 43 65 72 74 69 66 69 63 61 oVadis Certifica
00C0: 74 65 20 50 6F 6C 69 63 79 2E te Policy.

], PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 16 68 74 74 70 3A 2F 2F 77 77 77 2E 71 75 6F
..http://www.quo
0010: 76 61 64 69 73 2E 62 6D vadis.bm

]] ]
]

#5: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#6: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 8B 4B 6D ED D3 29 B9 06 19 EC 39 39 A9 F0 97 84 .Km..)....99....
0010: 6A CB EF DF j...
]
]

*******************************************
*******************************************

Alias name: digicerthighassuranceevrootca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc,


C=US
Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc,
C=US
Serial number: 2ac5c266a0b409b8f0b79f2ae462577
Valid from: Fri Nov 10 01:00:00 CET 2006 until: Mon Nov 10 01:00:00 CET 2031
Certificate fingerprints:
MD5: D4:74:DE:57:5C:39:B2:D3:9C:85:83:C5:C0:65:49:8A
SHA1: 5F:B7:EE:06:33:E2:59:DB:AD:0C:4C:9A:E6:D3:8F:1A:61:C7:DC:25
SHA256:
74:31:E5:F4:C3:C1:CE:46:90:77:4F:0B:61:E0:54:40:88:3B:A9:A0:1E:D0:0B:A6:AB:D7:80:6E
:D3:B1:18:CF
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: B1 3E C3 69 03 F8 BF 47 01 D4 98 26 1A 08 02 EF .>.i...G...&....
0010: 63 64 2B C3 cd+.
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: B1 3E C3 69 03 F8 BF 47 01 D4 98 26 1A 08 02 EF .>.i...G...&....
0010: 63 64 2B C3 cd+.
]
]

*******************************************
*******************************************

Alias name: quovadisrootca1g3 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=QuoVadis Root CA 1 G3, O=QuoVadis Limited, C=BM


Issuer: CN=QuoVadis Root CA 1 G3, O=QuoVadis Limited, C=BM
Serial number: 78585f2ead2c194be3370735341328b596d46593
Valid from: Thu Jan 12 18:27:44 CET 2012 until: Sun Jan 12 18:27:44 CET 2042
Certificate fingerprints:
MD5: A4:BC:5B:3F:FE:37:9A:FA:64:F0:E2:FA:05:3D:0B:AB
SHA1: 1B:8E:EA:57:96:29:1A:C9:39:EA:B8:0A:81:1A:73:73:C0:93:79:67
SHA256:
8A:86:6F:D1:B2:76:B5:7E:57:8E:92:1C:65:82:8A:2B:ED:58:E9:F2:F2:88:05:41:34:B7:F1:F4
:BF:C9:CC:74
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: A3 97 D6 F3 5E A2 10 E1 AB 45 9F 3C 17 64 3C EE ....^....E.<.d<.
0010: 01 70 9C CC .p..
]
]

*******************************************
*******************************************

Alias name: certplusclass2primaryca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Class 2 Primary CA, O=Certplus, C=FR


Issuer: CN=Class 2 Primary CA, O=Certplus, C=FR
Serial number: 85bd4bf3d8dae369f694d75fc3a54423
Valid from: Wed Jul 07 19:05:00 CEST 1999 until: Sun Jul 07 01:59:59 CEST 2019
Certificate fingerprints:
MD5: 88:2C:8C:52:B8:A2:3C:F3:F7:BB:03:EA:AE:AC:42:0B
SHA1: 74:20:74:41:72:9C:DD:92:EC:79:31:D8:23:10:8D:C2:81:92:E2:BB
SHA256:
0F:99:3C:8A:EF:97:BA:AF:56:87:14:0E:D5:9A:D1:82:1B:B4:AF:AC:F0:AA:9A:58:B5:D5:7A:33
:8A:3A:FB:CB
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=false


BasicConstraints:[
CA:true
PathLen:10
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://www.certplus.com/CRL/class2.crl]
]]

#3: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.16.840.1.113730.1.1 Criticality=false


NetscapeCertType [
SSL CA
S/MIME CA
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: E3 73 2D DF CB 0E 28 0C DE DD B3 A4 CA 79 B8 8E .s-...(......y..
0010: BB E8 30 89 ..0.
]
]

*******************************************
*******************************************
Alias name: keynectisrootca [jdk]
Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR


Issuer: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR
Serial number: 1121bc276c5547af584eefd4ced629b2a285
Valid from: Tue May 26 02:00:00 CEST 2009 until: Tue May 26 02:00:00 CEST 2020
Certificate fingerprints:
MD5: CC:4D:AE:FB:30:6B:D8:38:FE:50:EB:86:61:4B:D2:26
SHA1: 9C:61:5C:4D:4D:85:10:3A:53:26:C2:4D:BA:EA:E4:A2:D2:D5:CC:97
SHA256:
42:10:F1:99:49:9A:9A:C3:3C:8D:E0:2B:A6:DB:AA:14:40:8B:DD:8A:6E:32:46:89:C1:92:2D:06
:97:15:A3:32
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: EF B7 23 97 D0 A8 91 7F A6 CF A6 21 C0 34 9F CC ..#........!.4..
0010: 77 41 E1 D0 wA..
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:4
]

#3: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://trustcenter-
crl.certificat2.com/Keynectis/KEYNECTIS_ROOT_CA.crl]
]]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: EF B7 23 97 D0 A8 91 7F A6 CF A6 21 C0 34 9F CC ..#........!.4..
0010: 77 41 E1 D0 wA..
]
]
*******************************************
*******************************************

Alias name: comodorsaca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford,


ST=Greater Manchester, C=GB
Issuer: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford,
ST=Greater Manchester, C=GB
Serial number: 4caaf9cadb636fe01ff74ed85b03869d
Valid from: Tue Jan 19 01:00:00 CET 2010 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
MD5: 1B:31:B0:71:40:36:CC:14:36:91:AD:C4:3E:FD:EC:18
SHA1: AF:E5:D2:44:A8:D1:19:42:30:FF:47:9F:E2:F8:97:BB:CD:7A:8C:B4
SHA256:
52:F0:E1:C4:E5:8E:C6:29:29:1B:60:31:7F:07:46:71:B8:5D:7E:A8:0D:5B:07:27:34:63:53:4B
:32:B4:02:34
Signature algorithm name: SHA384withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: BB AF 7E 02 3D FA A6 F1 3C 84 8E AD EE 38 98 EC ....=...<....8..
0010: D9 32 32 D4 .22.
]
]

*******************************************
*******************************************

Alias name: buypassclass2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Buypass Class 2 Root CA, O=Buypass AS-983163327, C=NO


Issuer: CN=Buypass Class 2 Root CA, O=Buypass AS-983163327, C=NO
Serial number: 2
Valid from: Tue Oct 26 10:38:03 CEST 2010 until: Fri Oct 26 10:38:03 CEST 2040
Certificate fingerprints:
MD5: 46:A7:D2:FE:45:FB:64:5A:A8:59:90:9B:78:44:9B:29
SHA1: 49:0A:75:74:DE:87:0A:47:FE:58:EE:F6:C7:6B:EB:C6:0B:12:40:99
SHA256:
9A:11:40:25:19:7C:5B:B9:5D:94:E6:3D:55:CD:43:79:08:47:B6:46:B2:3C:DF:11:AD:A4:A0:0E
:FF:15:FB:48
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: C9 80 77 E0 62 92 82 F5 46 9C F3 BA F7 4C C3 DE ..w.b...F....L..
0010: B8 A3 AD 39 ...9
]
]

*******************************************
*******************************************

Alias name: secomscrootca2 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: OU=Security Communication RootCA2, O="SECOM Trust Systems CO.,LTD.", C=JP


Issuer: OU=Security Communication RootCA2, O="SECOM Trust Systems CO.,LTD.", C=JP
Serial number: 0
Valid from: Fri May 29 07:00:39 CEST 2009 until: Tue May 29 07:00:39 CEST 2029
Certificate fingerprints:
MD5: 6C:39:7D:A4:0E:55:59:B2:3F:D6:41:B1:12:50:DE:43
SHA1: 5F:3B:8C:F2:F8:10:B3:7D:78:B4:CE:EC:19:19:C3:73:34:B9:C7:74
SHA256:
51:3B:2C:EC:B8:10:D4:CD:E5:DD:85:39:1A:DF:C6:C2:DD:60:D8:7B:B7:36:D2:B5:21:48:4A:A4
:7A:0E:BE:F6
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:
#1: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 0A 85 A9 77 65 05 98 7C 40 81 F8 0F 97 2C 38 F1 ...we...@....,8.
0010: 0A EC 3C CF ..<.
]
]

*******************************************
*******************************************

Alias name: certumtrustednetworkca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto


Technologies S.A., C=PL
Issuer: CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto
Technologies S.A., C=PL
Serial number: 444c0
Valid from: Wed Oct 22 14:07:37 CEST 2008 until: Mon Dec 31 13:07:37 CET 2029
Certificate fingerprints:
MD5: D5:E9:81:40:C5:18:69:FC:46:2C:89:75:62:0F:AA:78
SHA1: 07:E0:32:E0:20:B7:2C:3F:19:2F:06:28:A2:59:3A:19:A7:0F:06:9E
SHA256:
5C:58:46:8D:55:F5:8E:49:7E:74:39:82:D2:B5:00:10:B6:D1:65:37:4A:CF:83:A7:D4:A3:2D:B7
:68:C4:40:8E
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]
#3: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 08 76 CD CB 07 FF 24 F6 C5 CD ED BB 90 BC E2 84 .v....$.........
0010: 37 46 75 F7 7Fu.
]
]

*******************************************
*******************************************

Alias name: verisignclass3g3ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c)


1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c)
1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Serial number: 9b7e0649a33e62b9d5ee90487129ef57
Valid from: Fri Oct 01 02:00:00 CEST 1999 until: Thu Jul 17 01:59:59 CEST 2036
Certificate fingerprints:
MD5: CD:68:B6:A7:C7:C4:CE:75:E0:1D:4F:57:44:61:92:09
SHA1: 13:2D:0D:45:53:4B:69:97:CD:B2:D5:C3:39:E2:55:76:60:9B:5C:C6
SHA256:
EB:04:CF:5E:B1:F3:9A:FA:76:2F:2B:B1:20:F2:96:CB:A5:20:C1:B9:7D:B1:58:95:65:B8:1C:B9
:A1:7B:72:44
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 1

*******************************************
*******************************************

Alias name: entrustevca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.",


OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US
Issuer: CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.",
OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US
Serial number: 456b5054
Valid from: Mon Nov 27 21:23:42 CET 2006 until: Fri Nov 27 21:53:42 CET 2026
Certificate fingerprints:
MD5: D6:A5:C3:ED:5D:DD:3E:00:C1:3D:87:92:1F:1D:3F:E4
SHA1: B3:1E:B1:B7:40:E3:6C:84:02:DA:DC:37:D4:4D:F5:D4:67:49:52:F9
SHA256:
73:C1:76:43:4F:1B:C6:D5:AD:F4:5B:0E:76:E7:27:28:7C:8D:E5:76:16:C1:E6:E6:14:1A:2B:2C
:BC:7D:8E:4C
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 1.2.840.113533.7.65.0 Criticality=false


0000: 30 0E 1B 08 56 37 2E 31 3A 34 2E 30 03 02 04 90 0...V7.1:4.0....

#2: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 68 90 E4 67 A4 A6 53 80 C7 86 66 A4 F1 F7 4B 43 h..g..S...f...KC
0010: FB 84 BD 6D ...m
]
]

#3: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#4: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.16 Criticality=false


PrivateKeyUsage: [
From: Mon Nov 27 21:23:42 CET 2006, To: Fri Nov 27 21:53:42 CET 2026]

#6: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 68 90 E4 67 A4 A6 53 80 C7 86 66 A4 F1 F7 4B 43 h..g..S...f...KC
0010: FB 84 BD 6D ...m
]
]

*******************************************
*******************************************

Alias name: teliasonerarootcav1 [jdk]


Creation date: Nov 20, 2017
Entry type: trustedCertEntry

Owner: CN=TeliaSonera Root CA v1, O=TeliaSonera


Issuer: CN=TeliaSonera Root CA v1, O=TeliaSonera
Serial number: 95be16a0f72e46f17b398272fa8bcd96
Valid from: Thu Oct 18 14:00:50 CEST 2007 until: Mon Oct 18 14:00:50 CEST 2032
Certificate fingerprints:
MD5: 37:41:49:1B:18:56:9A:26:F5:AD:C2:66:FB:40:A5:4C
SHA1: 43:13:BB:96:F1:D5:86:9B:C1:4E:6A:92:F6:CF:F6:34:69:87:82:37
SHA256:
DD:69:36:FE:21:F8:F0:77:C1:23:A1:A5:21:C1:22:24:F7:22:55:B7:3E:03:A7:26:06:93:E8:A2
:4B:0F:A3:89
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: F0 8F 59 38 00 B3 F5 8F 9A 96 0C D5 EB FA 7B AA ..Y8............
0010: 17 E8 13 12 ....
]
]

*******************************************
*******************************************

Alias name: utnuserfirsthardwareca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST


Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST
Network, L=Salt Lake City, ST=UT, C=US
Serial number: 44be0c8b500024b411d3362afe650afd
Valid from: Fri Jul 09 20:10:42 CEST 1999 until: Tue Jul 09 20:19:22 CEST 2019
Certificate fingerprints:
MD5: 4C:56:41:E5:0D:BB:2B:E8:CA:A3:ED:18:08:AD:43:39
SHA1: 04:83:ED:33:99:AC:36:08:05:87:22:ED:BC:5E:46:00:E3:BE:F9:D7
SHA256:
6E:A5:47:41:D0:04:66:7E:ED:1B:48:16:63:4A:A3:A7:9E:6E:4B:96:95:0F:82:79:DA:FC:8D:9B
:D8:81:21:37
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.usertrust.com/UTN-USERFirst-Hardware.crl]
]]

#3: ObjectId: 2.5.29.37 Criticality=false


ExtendedKeyUsages [
serverAuth
ipsecEndSystem
ipsecTunnel
ipsecUser
]

#4: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
DigitalSignature
Non_repudiation
Key_CertSign
Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: A1 72 5F 26 1B 28 98 43 95 5D 07 37 D5 85 96 9D .r_&.(.C.].7....
0010: 4B D2 C3 45 K..E
]
]

*******************************************
*******************************************

Alias name: verisignclass1g3ca


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c)


1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c)
1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
O="VeriSign, Inc.", C=US
Serial number: 8b5b75568454850b00cfaf3848ceb1a4
Valid from: Fri Oct 01 02:00:00 CEST 1999 until: Thu Jul 17 01:59:59 CEST 2036
Certificate fingerprints:
MD5: B1:47:BC:18:57:D1:18:A0:78:2D:EC:71:E8:2A:95:73
SHA1: 20:42:85:DC:F7:EB:76:41:95:57:8E:13:6B:D4:B7:D1:E9:8E:46:A5
SHA256:
CB:B5:AF:18:5E:94:2A:24:02:F9:EA:CB:C0:ED:5B:B8:76:EE:A3:C1:22:36:23:D0:04:47:E4:F3
:BA:55:4B:65
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 1

*******************************************
*******************************************

Alias name: secomevrootca1


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.", C=JP


Issuer: OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.",
C=JP
Serial number: 0
Valid from: Wed Jun 06 04:12:32 CEST 2007 until: Sat Jun 06 04:12:32 CEST 2037
Certificate fingerprints:
MD5: 22:2D:A6:01:EA:7C:0A:F7:F0:6C:56:43:3F:77:76:D3
SHA1: FE:B8:C4:32:DC:F9:76:9A:CE:AE:3D:D8:90:8F:FD:28:86:65:64:7D
SHA256:
A2:2D:BA:68:1E:97:37:6E:2D:39:7D:72:8A:AE:3A:9B:62:96:B9:FD:BA:60:BC:2E:11:F6:47:F2
:C6:75:FB:37
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 35 4A F5 4D AF 3F D7 82 38 AC AB 71 65 17 75 8C 5J.M.?..8..qe.u.
0010: 9D 55 93 E6 .U..
]
]

*******************************************
*******************************************

Alias name: globalsigneccrootcar5 [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R5


Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R5
Serial number: 605949e0262ebb55f90a778a71f94ad86c
Valid from: Tue Nov 13 01:00:00 CET 2012 until: Tue Jan 19 04:14:07 CET 2038
Certificate fingerprints:
MD5: 9F:AD:3B:1C:02:1E:8A:BA:17:74:38:81:0C:A2:BC:08
SHA1: 1F:24:C6:30:CD:A4:18:EF:20:69:FF:AD:4F:DD:5F:46:3A:1B:69:AA
SHA256:
17:9F:BC:14:8A:3D:D0:0F:D2:4E:A1:34:58:CC:43:BF:A7:F5:9C:81:82:D7:83:A5:13:F6:EB:EC
:10:0C:89:24
Signature algorithm name: SHA384withECDSA
Subject Public Key Algorithm: 384-bit EC key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 3D E6 29 48 9B EA 07 CA 21 44 4A 26 DE 6E DE D2 =.)H....!DJ&.n..
0010: 83 D0 9F 59 ...Y
]
]

*******************************************
*******************************************

Alias name: dtrustclass3ca2ev [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=D-TRUST Root Class 3 CA 2 EV 2009, O=D-Trust GmbH, C=DE


Issuer: CN=D-TRUST Root Class 3 CA 2 EV 2009, O=D-Trust GmbH, C=DE
Serial number: 983f4
Valid from: Thu Nov 05 09:50:46 CET 2009 until: Mon Nov 05 09:50:46 CET 2029
Certificate fingerprints:
MD5: AA:C6:43:2C:5E:2D:CD:C4:34:C0:50:4F:11:02:4F:B6
SHA1: 96:C9:1B:0B:95:B4:10:98:42:FA:D0:D8:22:79:FE:60:FA:B9:16:83
SHA256:
EE:C5:49:6B:98:8C:E9:86:25:B9:34:09:2E:EC:29:08:BE:D0:B0:F3:16:C2:D4:73:0C:84:EA:F1
:F3:D3:48:81
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3
Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.31 Criticality=false


CRLDistributionPoints [
[DistributionPoint:
[URIName: ldap://directory.d-trust.net/CN=D-TRUST%20Root%20Class%203%20CA
%202%20EV%202009,O=D-Trust%20GmbH,C=DE?certificaterevocationlist]
, DistributionPoint:
[URIName: http://www.d-trust.net/crl/d-trust_root_class_3_ca_2_ev_2009.crl]
]]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: D3 94 8A 4C 62 13 2A 19 2E CC AF 72 8A 7D 36 D7 ...Lb.*....r..6.
0010: 9A 1C DC 67 ...g
]
]

*******************************************
*******************************************

Alias name: verisignclass1g2ca


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use
only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.",
C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use
only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.",
C=US
Serial number: 4cc7eaaa983e71d39310f83d3a899192
Valid from: Mon May 18 02:00:00 CEST 1998 until: Wed Aug 02 01:59:59 CEST 2028
Certificate fingerprints:
MD5: DB:23:3D:F9:69:FA:4B:B9:95:80:44:73:5E:7D:41:83
SHA1: 27:3E:E1:24:57:FD:C4:F9:0C:55:E8:2B:56:16:7F:62:F5:32:E5:47
SHA256:
34:1D:E9:8B:13:92:AB:F7:F4:AB:90:A9:60:CF:25:D4:BD:6E:C6:5B:9A:51:CE:6E:D0:67:D0:0E
:C7:CE:9B:7F
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 1024-bit RSA key
Version: 1
*******************************************
*******************************************

Alias name: ttelesecglobalrootclass2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems


Enterprise Services GmbH, C=DE
Issuer: CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems
Enterprise Services GmbH, C=DE
Serial number: 1
Valid from: Wed Oct 01 12:40:14 CEST 2008 until: Sun Oct 02 01:59:59 CEST 2033
Certificate fingerprints:
MD5: 2B:9B:9E:E4:7B:6C:1F:00:72:1A:CC:C1:77:79:DF:6A
SHA1: 59:0D:2D:7D:88:4F:40:2E:61:7E:A5:62:32:17:65:CF:17:D8:94:E9
SHA256:
91:E2:F5:78:8D:58:10:EB:A7:BA:58:73:7D:E1:54:8A:8E:CA:CD:01:45:98:BC:0B:14:3E:04:1B
:17:05:25:52
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: BF 59 20 36 00 79 A0 A0 22 6B 8C D5 F2 61 D2 B8 .Y 6.y.."k...a..
0010: 2C CB 82 4A ,..J
]
]

*******************************************
*******************************************

Alias name: starfieldservicesrootg2ca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=Starfield Services Root Certificate Authority - G2, O="Starfield


Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
Issuer: CN=Starfield Services Root Certificate Authority - G2, O="Starfield
Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
Serial number: 0
Valid from: Tue Sep 01 02:00:00 CEST 2009 until: Fri Jan 01 00:59:59 CET 2038
Certificate fingerprints:
MD5: 17:35:74:AF:7B:61:1C:EB:F4:F9:3C:E2:EE:40:F9:A2
SHA1: 92:5A:8F:8D:2C:6D:04:E0:66:5F:59:6A:FF:22:D8:63:E8:25:6F:3F
SHA256:
56:8D:69:05:A2:C8:87:08:A4:B3:02:51:90:ED:CF:ED:B1:97:4A:60:6A:13:C6:E5:29:0F:CB:2A
:E6:3E:DA:B5
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 9C 5F 00 DF AA 01 D7 30 2B 38 88 A2 B8 6D 4A 9C ._.....0+8...mJ.
0010: F2 11 91 83 ....
]
]

*******************************************
*******************************************

Alias name: digicertglobalrootca [jdk]


Creation date: Jun 8, 2019
Entry type: trustedCertEntry

Owner: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US


Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Serial number: 83be056904246b1a1756ac95991c74a
Valid from: Fri Nov 10 01:00:00 CET 2006 until: Mon Nov 10 01:00:00 CET 2031
Certificate fingerprints:
MD5: 79:E4:A9:84:0D:7D:3A:96:D7:C0:4F:E2:43:4C:89:2E
SHA1: A8:98:5D:3A:65:E5:E5:C4:B2:D7:D6:6D:40:C6:DD:2F:B1:9C:54:36
SHA256:
43:48:A0:E9:44:4C:78:CB:26:5E:05:8D:5E:89:44:B4:D8:4F:96:62:BD:26:DB:25:7F:89:34:A4
:43:C7:01:61
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3
Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 03 DE 50 35 56 D1 4C BB 66 F0 A3 E2 1B 1B C3 97 ..P5V.L.f.......
0010: B2 3D D1 55 .=.U
]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 03 DE 50 35 56 D1 4C BB 66 F0 A3 E2 1B 1B C3 97 ..P5V.L.f.......
0010: B2 3D D1 55 .=.U
]
]

*******************************************
*******************************************

Alias name: addtrustqualifiedca [jdk]


Creation date: Aug 25, 2016
Entry type: trustedCertEntry

Owner: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Serial number: 1
Valid from: Tue May 30 12:44:50 CEST 2000 until: Sat May 30 12:44:50 CEST 2020
Certificate fingerprints:
MD5: 27:EC:39:47:CD:DA:5A:AF:E2:9A:01:65:21:A9:4C:BB
SHA1: 4D:23:78:EC:91:95:39:B5:00:7F:75:8F:03:3B:21:1E:C5:4D:8B:CF
SHA256:
80:95:21:08:05:DB:4B:BC:35:5E:44:28:D8:FD:6E:C2:CD:E3:AB:5F:B9:7A:99:42:98:8E:B8:F4
:DC:D0:60:16
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false


AuthorityKeyIdentifier [
KeyIdentifier [
0000: 39 95 8B 62 8B 5C C9 D4 80 BA 58 0F 97 3F 15 08 9..b.\....X..?..
0010: 43 CC 98 A7 C...
]
[CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE]
SerialNumber: [ 01]
]

#2: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.15 Criticality=false


KeyUsage [
Key_CertSign
Crl_Sign
]

#4: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 39 95 8B 62 8B 5C C9 D4 80 BA 58 0F 97 3F 15 08 9..b.\....X..?..
0010: 43 CC 98 A7 C...
]
]

*******************************************
*******************************************

vmohssera004:/dserai/product/1013/appsutil/jdk/jre/lib/security$ ls

You might also like