I'm not terribly familiar with private key formats, but it appears to be encrypted (the `Proc-Type` and `DEK-Info` lines). Is the `localKeyID` the password used to encrypt?
(2) This is not necessarily the private key used to sign other certificates.
(3) If they're lucky, this is a private key only used for their web server. OR, this key is an intermediate key. In which case they can invalidate it, create a new one, and reissue certificates for all the affected customers.
If it is encrypted, it would at least buy some time to replace all the certificates signed by this private key. Depending on the strength of the encryption key, obviously.
That's the private key itself. I was somewhat unclear in my wording. We (I and the grandparent poster) were wondering if the private key was encrypted with a passphrase.
(2) This is not necessarily the private key used to sign other certificates.
(3) If they're lucky, this is a private key only used for their web server. OR, this key is an intermediate key. In which case they can invalidate it, create a new one, and reissue certificates for all the affected customers.