rshiny.math.uwaterloo.ca

- University of Waterloo -

Issued by GlobalSign Organization Validation CA - SHA256 - G2

About this certificate

This digital certificate with serial number 4a:55:43:09:18:68:36:c9:b5:a7:37:a7 was issued on by GlobalSign nv-sa.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of Waterloo

Organization: University of Waterloo
State / Province: Ontario
Locality: Waterloo
Country: CA

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate has expire since

Certificate Details

Serial Number (hex): 4a:55:43:09:18:68:36:c9:b5:a7:37:a7
Serial Number (int): 23004965987780543389551245223
Serial Number lenght: 95 bits, 12 octets

SubjectKeyId: 8a:8b:de:bc:a8:a6:7e:38:7f:e9:14:ab:4f:00:e2:24:2a:4f:3b:5e
AuthorityKeyId: 96:de:61:f1:bd:1c:16:29:53:1c:c0:cc:7d:3b:83:00:40:e6:1a:7c

Fingerprint (sha1): 1e:4e:84:55:0e:70:a3:45:1d:f1:11:cd:82:3e:6b:ce:91:8c:0e:4d
Fingerprint (sha256): 00:0a:8b:c4:32:15:88:b5:7e:e4:cf:36:b2:fb:44:46:88:1c:a4:70:89:73:81:42:ee:c9:98:38:af:d9:da:c5

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsorganizationvalsha2g2
CRL Distribution Point: http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl

Check the revocation status for certificate rshiny.math.uwaterloo.ca

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for rshiny.math.uwaterloo.ca

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

rshiny.math.uwaterloo.ca

Other certificates including the domain name uwaterloo.ca

(limited to 100 certificates)
cn-ipam-mc.uwaterloo.ca
rshiny.math.uwaterloo.ca
bolek.uwaterloo.ca
cemc2.math.uwaterloo.ca
icinga.cscf.uwaterloo.ca
cryptoworks21.uwaterloo.ca
bonavista.uwaterloo.ca
git.iqc.uwaterloo.ca
env-emp-vlnx1.uwaterloo.ca
wstore.uwaterloo.ca
epark1.uwaterloo.ca
databace.scisat.ca
www.cs.uwaterloo.ca
ppcentre.uwaterloo.ca
s4b-ec2-fe-ext.uwaterloo.ca
sneaky.uwaterloo.ca
wiki.uwaterloo.ca
ibis.uwaterloo.ca
account.watcard.uwaterloo.ca
cte-blog.uwaterloo.ca
subjectguides.uwaterloo.ca
aurora.uwaterloo.ca
uwhvz.uwaterloo.ca
o365activation.uwaterloo.ca
www.igloosoftware.com
cemc2.math.uwaterloo.ca
cclr.uwaterloo.ca
quark.uwaterloo.ca
shop.uwaterloo.ca
mailservices.uwaterloo.ca
canadianfoodstudies.uwaterloo.ca
koios.cs.uwaterloo.ca
www.igloosoftware.com
multicom-pc20.uwaterloo.ca
env-gisdev.uwaterloo.ca
learntest.uwaterloo.ca
blockchain-group.cs.uwaterloo.ca
evaluate.uwaterloo.ca
info.uwaterloo.ca
lineone.uwaterloo.ca
webreg.uwaterloo.ca
nagios.cscf.uwaterloo.ca
aurora.uwaterloo.ca
epark.uwaterloo.ca
cn-vpn.uwaterloo.ca
ahs-jitsi.uwaterloo.ca
rcs.uwaterloo.ca
wchound.uwaterloo.ca
sasfilemaker.math.uwaterloo.ca
mmm.eng.uwaterloo.ca
essex.uwaterloo.ca
contensis.uwaterloo.ca
www.civil.uwaterloo.ca
cclr.uwaterloo.ca
lineone.uwaterloo.ca
chesp.uwaterloo.ca
learndev3.uwaterloo.ca
ugtwo.uwaterloo.ca
smbp.uwaterloo.ca
library.uwaterloo.ca
2fa.uwaterloo.ca
secure.ce.uwaterloo.ca
cn-vpn.uwaterloo.ca
shop.uwaterloo.ca
styx-reserve.shoshin.uwaterloo.ca
iis1.nexus.uwaterloo.ca
iisweb2.nexus.uwaterloo.ca
uwhvz.uwaterloo.ca
www.eng.uwaterloo.ca
shop.uwaterloo.ca
cewil.uwaterloo.ca
lss.uwaterloo.ca
rt.uwaterloo.ca
ne111.uwaterloo.ca
sslvs06.igloosoftware.com
uqml.iqc.uwaterloo.ca
env-kix-tours.uwaterloo.ca
learndevdav.uwaterloo.ca
qoqiwiki.iqc.uwaterloo.ca
learn.uwaterloo.ca
wcms-training.uwaterloo.ca
mansci045.uwaterloo.ca
ctf.uwaterloo.ca
sesoc.uwaterloo.ca
courseware.cemc.uwaterloo.ca
healthy.uwaterloo.ca
ivc.uwaterloo.ca
mansci045.uwaterloo.ca
courses.math.uwaterloo.ca
artsonline.uwaterloo.ca
staff.retailservices.uwaterloo.ca
ist.uwaterloo.ca
himrod-reserve.cs.uwaterloo.ca
wiki.math.uwaterloo.ca
macduff.private.uwaterloo.ca
wcms-training.uwaterloo.ca
quest.pecs.uwaterloo.ca
libanswers.uwaterloo.ca
stargroup.uwaterloo.ca
mansci045e.uwaterloo.ca

Certificate

The complete raw certificate details for rshiny.math.uwaterloo.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgIMSlVDCRhoNsm1pzenMA0GCSqGSIb3DQEBCwUAMGYxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNH
bG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g
RzIwHhcNMTkwMTI5MTYyMTI0WhcNMjAwMzI2MTkzNjA0WjB2MQswCQYDVQQGEwJD
QTEQMA4GA1UECBMHT250YXJpbzERMA8GA1UEBxMIV2F0ZXJsb28xHzAdBgNVBAoT
FlVuaXZlcnNpdHkgb2YgV2F0ZXJsb28xITAfBgNVBAMTGHJzaGlueS5tYXRoLnV3
YXRlcmxvby5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOzDFoeg
wViE+/8N10lD6jrUrptuvREXhT6tDxbBt27hBo3tP0ssKz77FGOo4wGRZjtCoFaW
oeFxB38AbROkZJhIS+F0arTlvw8SVduDGF4kFeiHOiTw6SGsMnTKMr91PN+KwHAA
UvWo6puP0MnZ0CugBxwt2Hybl8HnmIISAhTMl2PJclcyY+e4l9lgou+cFRyHj4q+
ucos3KKk5uEgqofv/K87OvgaUf2n9wMGVDM1R5h19d53+kmHJjpSbb7NdOXXUmjn
FFrSCoWuX3/Ma1Id/W9FeB3BV4x1I17b/hUZpECccWaPRxmX26WuNxlBKbnAL5gu
CsQfIVpQaWqEyLMCAwEAAaOCAf4wggH6MA4GA1UdDwEB/wQEAwIFoDCBoAYIKwYB
BQUHAQEEgZMwgZAwTQYIKwYBBQUHMAKGQWh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2ln
bi5jb20vY2FjZXJ0L2dzb3JnYW5pemF0aW9udmFsc2hhMmcycjEuY3J0MD8GCCsG
AQUFBzABhjNodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nvcmdhbml6YXRp
b252YWxzaGEyZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyARQwNDAyBggrBgEFBQcC
ARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EM
AQICMAkGA1UdEwQCMAAwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5nbG9i
YWxzaWduLmNvbS9ncy9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMi5jcmwwIwYDVR0R
BBwwGoIYcnNoaW55Lm1hdGgudXdhdGVybG9vLmNhMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUiovevKimfjh/6RSrTwDiJCpPO14wHwYD
VR0jBBgwFoAUlt5h8b0cFilTHMDMfTuDAEDmGnwwEwYKKwYBBAHWeQIEAwEB/wQC
BQAwDQYJKoZIhvcNAQELBQADggEBAGdzIPbTzOQovtjWq1cKwT1D/KEDaxGgdHEt
X2g8lke9jJIVXf1LTAC/kbb81EUToG+rX9q0wcWu4kBa2u1EUBvjekRGc7do00Le
lC1m4ZtuoxDX/0+DIYZWphfVUKh6nBzP++O9ftlwv220VbN9qwYMJ6D1VXbTlC7M
7Iu4yhyYST1+DlGlwFgXxgIhjSwQVAbt/WKMQ/9w9GiJpgVUo+8Q/eueiZReTnhj
iOk4erK3hS3e6Z0akOc/FjUxK2t6a7wAq5D5sz35lfVUqfhM1EEC+1DOGl0KCzfz
vgiAllrznVL8U33oGdrRAmUaukGRbA6WDvJCtRGcXwp7/IL6vdk=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7MMWh6DBWIT7/w3XSUPq
OtSum269EReFPq0PFsG3buEGje0/SywrPvsUY6jjAZFmO0KgVpah4XEHfwBtE6Rk
mEhL4XRqtOW/DxJV24MYXiQV6Ic6JPDpIawydMoyv3U834rAcABS9ajqm4/QydnQ
K6AHHC3YfJuXweeYghICFMyXY8lyVzJj57iX2WCi75wVHIePir65yizcoqTm4SCq
h+/8rzs6+BpR/af3AwZUMzVHmHX13nf6SYcmOlJtvs105ddSaOcUWtIKha5ff8xr
Uh39b0V4HcFXjHUjXtv+FRmkQJxxZo9HGZfbpa43GUEpucAvmC4KxB8hWlBpaoTI
swIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 23004965987780543389551245223
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Organization Validation CA - SHA256 - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-29 16:21:24 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-26 19:36:04 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Waterloo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of Waterloo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'rshiny.math.uwaterloo.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29888441453728876447885870609914573718270569239885205193722124943645108198046267173770987279792831707764474351759801909663941347451443724067893502172065415381713563907322729763331549067265980307036278637770813580284296072288418695482697993720184436861185813075504371039478876511772555538290596847338670232221141403496325853848781202075141075881668677420692617945589352444446890871951720674125893639771324511529708214877644007403059766038302537357199405739915389611954321874514222111731784507269808285147486459501684015428132707455507685812895572166527873161183739248141469855149715174040076345347661060100871516637363
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (147 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsorganizationvalsha2g2'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rshiny.math.uwaterloo.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8a8bdebca8a67e387fe914ab4f00e2242a4f3b5e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 96de61f1bd1c1629531cc0cc7d3b830040e61a7c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00677320f6d3cce428bed8d6ab570ac13d43fca1036b11a074712d5f683c9647bd8c92155dfd4b4c00bf91b6fcd44513a06fab5fdab4c1c5aee2405adaed44501be37a444673b768d342de942d66e19b6ea310d7ff4f83218656a617d550a87a9c1ccffbe3bd7ed970bf6db455b37dab060c27a0f55576d3942eccec8bb8ca1c98493d7e0e51a5c05817c602218d2c105406edfd628c43ff70f46889a60554a3ef10fdeb9e89945e4e786388e9387ab2b7852ddee99d1a90e73f1635312b6b7a6bbc00ab90f9b33df995f554a9f84cd44102fb50ce1a5d0a0b37f3be0880965af39d52fc537de819dad102651aba41916c0e960ef242b5119c5f0a7bfc82fabdd9