cosmetic.msu.edu

- Michigan State University -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 4c:7e:f5:6d:fa:28:42:05:4e:1a:d6:65:6d:5c:48:d1 was issued on by Internet2.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Michigan State University

Organization: Michigan State University
Organization unit: Information Technology
Address: 1355 Bogue St
Postal code: 48824
State / Province: MI
Locality: East Lansing
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 4c:7e:f5:6d:fa:28:42:05:4e:1a:d6:65:6d:5c:48:d1
Serial Number (int): 101680534987471524598121332420426614993
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 61:2d:8c:f7:c6:ba:ad:af:74:f9:66:ff:0c:30:56:59:df:06:ff:af
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): e3:0d:3c:35:aa:49:a2:00:00:3e:6b:76:3d:88:27:1d:c8:70:83:8f
Fingerprint (sha256): 00:19:d1:ee:b0:11:b3:ab:30:1d:87:e9:c9:89:9f:7d:62:d1:6e:ec:70:de:53:ee:ad:95:df:62:f9:46:d1:f4

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate cosmetic.msu.edu

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cosmetic.msu.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cosmetic.msu.edu
www.cosmetic.msu.edu

Other certificates including the domain name msu.edu

(limited to 100 certificates)
paw.itservices.msu.edu
shiny.stt.msu.edu
vdi.msu.edu
intranet.nscl.msu.edu
tls.automattic.com
www.licensing.msu.edu
cosmetic.msu.edu
5651276360581120-fe3.pantheonsite.io
dinglab.natsci.msu.edu
addrarch.ais.msu.edu
imperva.com
ooialt.qual.ebsp.msu.edu
dev.labeldat.vudat.msu.edu
www2.pa.msu.edu
mystuinfodirectdeposit.msu.edu
neurology.msu.edu
cj.msu.edu
eamcweb3.usfs.msu.edu
sw.msu.edu
tls.automattic.com
it.uahs.arizona.edu
civilrights.msu.edu
mystuinfo.test.itservices.msu.edu
soviethistory.msu.edu
5651276360581120-fe3.pantheonsite.io
unifier.msu.edu
share.rhs.msu.edu
imperva.com
www.h-net.msu.edu
web.cal.msu.edu
mistt.msu.edu
africanactivist.msu.edu
crm.test.itservices.msu.edu
www.collegelifeel.msu.edu
panorama0.itservices.msu.edu
edassist.hr.msu.edu
nartc.fcm.arizona.edu
nowlin.qual.psm.msu.edu
research.chm.msu.edu
rice-alt.test.ebsp.msu.edu
vdi-b-cs1.campusad.msu.edu
exchange.pa.msu.edu
imperva.com
dev.undergrad.msu.edu
animalhealth.msu.edu
5651276360581120-fe3.pantheonsite.io
5746985747349504-fe1.pantheonsite.io
wwdev2l.math.msu.edu
dmat.msu.edu
imperva.com
www.effs.msu.edu
incapsula.com
incapsula.com
plantbiology.natsci.msu.edu
uconnectlabs.com
dmat.msu.edu
5639955095224320-fe3.pantheonsite.io
reporting.anr.msu.edu
incapsula.com
news.jrn.msu.edu
systempassword.test.itservices.msu.edu
web.natsci.msu.edu
lms.advancement.msu.edu
ww2.math.msu.edu
mcfscholars.msu.edu
5658638538506240-fe4.pantheonsite.io
vita.msu.edu
mail.campusad.msu.edu
imperva.com
vegetable.ent.msu.edu
web5.cal.msu.edu
rdgateway.ipf.msu.edu
burgueno.egr.msu.edu
vp.research.msu.edu
glg.msu.edu
oauth2.qual.itservices.msu.edu
asset.itservicedesk.test.itservices.msu.edu
actsciclub.natsci.msu.edu
wwl6.math.msu.edu
cstat.research.msu.edu
search.msu.edu
bps.broad.msu.edu
rose.canr.msu.edu
imanage.itservices.msu.edu
wwl2.math.msu.edu
sgp.msu.edu
scholendow2.dev.ais.msu.edu
chems.msu.edu
rio.msu.edu
help.anr.msu.edu
jira.test.itservices.msu.edu
varietytrials.msu.edu
msu-water.msu.edu
epri-trac.egr.msu.edu
5651276360581120-fe3.pantheonsite.io
confrooms.pa.msu.edu
marcom.cal.msu.edu
oemi.msu.edu
netprint.msu.edu
5651276360581120-fe3.pantheonsite.io

Certificate

The complete raw certificate details for cosmetic.msu.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHFzCCBf+gAwIBAgIQTH71bfooQgVOGtZlbVxI0TANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0xODEwMDEwMDAwMDBaFw0yMDA5MzAy
MzU5NTlaMIG5MQswCQYDVQQGEwJVUzEOMAwGA1UEERMFNDg4MjQxCzAJBgNVBAgT
Ak1JMRUwEwYDVQQHEwxFYXN0IExhbnNpbmcxFjAUBgNVBAkTDTEzNTUgQm9ndWUg
U3QxIjAgBgNVBAoTGU1pY2hpZ2FuIFN0YXRlIFVuaXZlcnNpdHkxHzAdBgNVBAsT
FkluZm9ybWF0aW9uIFRlY2hub2xvZ3kxGTAXBgNVBAMTEGNvc21ldGljLm1zdS5l
ZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeQszqBsxjcl2dz2S9
RRJg6QyGzs9+tW1Duk55ouXWw+kZEpBMQ2jsORRuckbXwJzhSr0jbYkww6RRFgfa
TyBdTBCJ8wN1KWe1/JZTCn0WWsAK6OfSjWHb9bpPDn5pnMcW5k2UczvWz46el6/v
+VYOXr/EJ7mYhPWb24dufdQ9DuIYoXbe/KkFtvAM3MJWl2BVlHKsuNq9bewPkn3+
z6nsPWfiqztyCYqP57oS66YaZcmZvx2TeNOQVCK6w2uKt6T+CLFhapPfijBVnfe5
haHwLYoQ6aN+YozzdLrEmTbmce6Ts7/MDvE+wP+R2zEqvgP7wePUIcautyqPCtXG
FLDLAgMBAAGjggNbMIIDVzAfBgNVHSMEGDAWgBQeBaN3j2yW4luHS6a0hqxxAAzn
ODAdBgNVHQ4EFgQUYS2M98a6ra90+Wb/DDBWWd8G/68wDgYDVR0PAQH/BAQDAgWg
MAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGcG
A1UdIARgMF4wUgYMKwYBBAGuIwEEAwEBMEIwQAYIKwYBBQUHAgEWNGh0dHBzOi8v
d3d3LmluY29tbW9uLm9yZy9jZXJ0L3JlcG9zaXRvcnkvY3BzX3NzbC5wZGYwCAYG
Z4EMAQICMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwuaW5jb21tb24tcnNh
Lm9yZy9JbkNvbW1vblJTQVNlcnZlckNBLmNybDB1BggrBgEFBQcBAQRpMGcwPgYI
KwYBBQUHMAKGMmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9JbkNvbW1vblJTQVNl
cnZlckNBXzIuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3Qu
Y29tMDEGA1UdEQQqMCiCEGNvc21ldGljLm1zdS5lZHWCFHd3dy5jb3NtZXRpYy5t
c3UuZWR1MIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdQDuS723dc5guuFCaR+r
4Z5mow9+X7By2IMAxHuJeqj9ywAAAWYweMSFAAAEAwBGMEQCIGe2x78noQif53pX
StpmyZup0OYSEUCu3lP12g6fNffTAiBx0tMHtWhL15zfJHqJ1WCxnSTKLi7XC4wa
16tSLAbzPgB2AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABZjB4
xCMAAAQDAEcwRQIgI2Zxm0Y4wCyELv/H1QBh06w+ysrrvtRCI/bA173MsScCIQCt
Af16By97uGCRu7CgshOJKVufORzjju8V0wUBb6RZvwB2AFWB1MIWkDYBSuoLm1c8
U/DA5Dh4cCUIFy+jqh0HE9MMAAABZjB4xqMAAAQDAEcwRQIhALreS1jHv2RybTNK
9AGR1UvMWKKvsmIClBUKxasK+5nEAiBdS/FTdIcrqkqrZ++V0IEwPoHdP643lVab
axcCpKc2VzANBgkqhkiG9w0BAQsFAAOCAQEAMhSrlQBI4zliNYMctgDXpJrR0UKy
UC0ZeK5Db93SJy+iWKNMgSZAhfmof2XKPIX2SiTztaKnu0DhGsGUXAOF+Ygt+Ht2
fHkoJZfkvh8oWmMuJhvhY/oytb99KGgjw6InZmZMisgIFUQfnJqjJHGVpjZCIOR0
+zbDfz6ErMa2Ydh1VnnUZyPy7lE/UQxQQiQ8HkANS9xQ5wBDw4QMjcGDNG2iByh1
3hs4koK0QHMoKzhxI/J5H8l7FNM9uVQNiwKepsBwV5tGLsY7WiXbbtJmoiYV5+F+
gsbfo/eVL2vBhCtj/EaG2n0f7ZmFje1bETDNbrIrKdboxJLuYqb234tdDw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kLM6gbMY3Jdnc9kvUUS
YOkMhs7PfrVtQ7pOeaLl1sPpGRKQTENo7DkUbnJG18Cc4Uq9I22JMMOkURYH2k8g
XUwQifMDdSlntfyWUwp9FlrACujn0o1h2/W6Tw5+aZzHFuZNlHM71s+Onpev7/lW
Dl6/xCe5mIT1m9uHbn3UPQ7iGKF23vypBbbwDNzCVpdgVZRyrLjavW3sD5J9/s+p
7D1n4qs7cgmKj+e6EuumGmXJmb8dk3jTkFQiusNrirek/gixYWqT34owVZ33uYWh
8C2KEOmjfmKM83S6xJk25nHuk7O/zA7xPsD/kdsxKr4D+8Hj1CHGrrcqjwrVxhSw
ywIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 101680534987471524598121332420426614993
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-01 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-30 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '48824'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'East Lansing'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1355 Bogue St'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Michigan State University'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Information Technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cosmetic.msu.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28057844230079082683880661597817452177350033317907197162960189901756791714116040234099594498014827643091712339118403923839021104295150931351939902897020094170198599390101180300755396338596472220986507750346584848667324920176856900137041309383548998579802573477237181285062421344566265890465564523787399769253820142393361523116595723115043613306262637612305319827231739813955049788784512201614398472384913281732625805234931745206849013322231767121499003816469535151666129755711079118300925612740841217594463543645539185425270954769748241215336168552160862143278652438719955171511640776690397669847764582015900035887307
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							612d8cf7c6baadaf74f966ff0c305659df06ffaf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cosmetic.msu.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cosmetic.msu.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb000001663078c4850000040300463044022067b6c7bf27a1089fe77a574ada66c99ba9d0e6121140aede53f5da0e9f35f7d3022071d2d307b5684bd79cdf247a89d560b19d24ca2e2ed70b8c1ad7ab522c06f33e0076005ea773f9df56c0e7b536487dd049e0327a919a0c84a112128418759681714558000001663078c423000004030047304502202366719b4638c02c842effc7d50061d3ac3ecacaebbed44223f6c0d7bdccb127022100ad01fd7a072f7bb86091bbb0a0b21389295b9f391ce38eef15d305016fa459bf0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001663078c6a30000040300473045022100bade4b58c7bf64726d334af40191d54bcc58a2afb2620294150ac5ab0afb99c402205d4bf15374872baa4aab67ef95d081303e81dd3fae3795569b6b1702a4a73657
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003214ab950048e3396235831cb600d7a49ad1d142b2502d1978ae436fddd2272fa258a34c81264085f9a87f65ca3c85f64a24f3b5a2a7bb40e11ac1945c0385f9882df87b767c79282597e4be1f285a632e261be163fa32b5bf7d286823c3a22766664c8ac80815441f9c9aa3247195a6364220e474fb36c37f3e84acc6b661d8755679d46723f2ee513f510c5042243c1e400d4bdc50e70043c3840c8dc183346da2072875de1b389282b44073282b387123f2791fc97b14d33db9540d8b029ea6c070579b462ec63b5a25db6ed266a22615e7e17e82c6dfa3f7952f6bc1842b63fc4686da7d1fed99858ded5b1130cd6eb22b29d6e8c492ee62a6f6df8b5d0f