prditpm.gse.harvard.edu
- President and Fellows of Harvard College -
Issued by InCommon RSA Server CA 2
About this certificate
This digital certificate with serial number 1d:c9:d4:04:77:43:d3:bd:e2:7a:d4:07:81:0e:f6:52 was issued on by Internet2.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
President and Fellows of Harvard College
Organization:
President and Fellows of Harvard College
State / Province:
Massachusetts
Country: US
Country: US
Internet2
Organization:
Internet2
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 1d:c9:d4:04:77:43:d3:bd:e2:7a:d4:07:81:0e:f6:52Serial Number (int): 39595563770987398999468609789376788050
Serial Number lenght: 125 bits, 16 octets
SubjectKeyId: 5c:a3:16:23:09:d1:c5:9d:66:48:5e:40:71:e4:bb:53:7a:57:bf:77
AuthorityKeyId: ef:4c:00:92:a6:fb:76:2e:5e:95:e2:c9:5f:87:1b:19:d5:4d:e2:d9
Fingerprint (sha1): c4:50:2c:ce:d7:57:41:19:06:03:3f:0f:f2:d9:14:85:f5:eb:53:a6
Fingerprint (sha256): 00:23:96:32:64:f5:84:1d:17:22:65:3e:57:51:98:a0:b8:c9:7a:42:9b:e3:64:07:88:bc:65:a6:2e:e4:93:0b
Issuing Certificate URL: http://crt.sectigo.com/InCommonRSAServerCA2.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/InCommonRSAServerCA2.crl
Check the revocation status for certificate prditpm.gse.harvard.edu
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for prditpm.gse.harvard.edu
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
prditpm.gse.harvard.edu
Other certificates including the domain name harvard.edu
(limited to 100 certificates)
*.meei.harvard.edu
www.nieman.harvard.edu
cds4.cvent.com
lee.hms.harvard.edu
cvvr.hms.harvard.edu
imperva.com
iqss-sid-env-uat.herokuapp.com
takesian.hms.harvard.edu
dssg.fas.harvard.edu
scorsese.wjh.harvard.edu
geodata-proxy.lib.harvard.edu
prditpm.gse.harvard.edu
5769623379116032-fe2.pantheonsite.io
incapsula.com
zhanglab.tch.harvard.edu
tech.seas.harvard.edu
5762637883244544-fe3.pantheonsite.io
incapsula.com
getonline.harvard.edu
archives.harvard.edu
acquia-sites.com
hub.test.lxp.huit.harvard.edu
filetransfer.harvard.edu
www.datascience.harvard.edu
nlbsp.med.harvard.edu
alumni.dce-test.upstatement.dev
neprc-vpn.hms.harvard.edu
*.hmc.harvard.edu
docker.rc.fas.harvard.edu
webmail.hsl.harvard.edu
www.hup.harvard.edu
statuspage.io
it.uahs.arizona.edu
healthinnovationnetwork.harvard.edu
sfsportal.harvard.edu
termbill.harvard.edu
admissions.emeritus.org
ordlvapexd01.med.harvard.edu
incapsula.com
cluster3.technolutions.net
hhi.harvard.edu
rmfs-blog.rmf.harvard.edu
cluster.technolutions.net
sandbox-ak150.rc.hms.harvard.edu
jdcmoveit1.joslin.harvard.edu
giftshop.metalab.harvard.edu
avayaacp5west-mgmt.bidmc.harvard.edu
forerun-beta.bidmc.harvard.edu
coreapitest.tch.harvard.edu
incapsula.com
cluster3.technolutions.net
cvvr.hms.harvard.edu
jenkins.tlt.harvard.edu
worldmap.harvard.edu
omero-dev.hms.harvard.edu
www.production.sid.hmdc.harvard.edu
email.med.harvard.edu
ccib.mgh.harvard.edu
5709068098338816-fe3.pantheonsite.io
sites.sph.harvard.edu
incapsula.com
db1.mgh.harvard.edu
peerprereview.iq.harvard.edu
incapsula.com
bonescan.bidmc.harvard.edu
*.wcfia.harvard.edu
teachingpost.hbsp.harvard.edu
canvas.hms.harvard.edu
5762637883244544-fe3.pantheonsite.io
p0-univad-dc6.university.harvard.edu
coptic.share.library.harvard.edu
gc.seas.harvard.edu
fugue.arp.harvard.edu
incapsula.com
incapsula.com
edportal.harvard.edu
p2m2a.dbmi.hms.harvard.edu
pilac.law.harvard.edu
5753952654065664-fe1.pantheonsite.io
bootcamp.extension.harvard.edu
vpn.harvard.edu
prostatus.whitepages.com
sni.cloudflaressl.com
iiif.lib.harvard.edu
hds.harvard.edu
rmfvpn.rmf.harvard.edu
incapsula.com
axistv.fas.harvard.edu
vector.meei.harvard.edu
mywellnetmobiletest.tch.harvard.edu
nautilus.gse.harvard.edu
countway.harvard.edu
eve.law.harvard.edu
dlabss.harvard.edu
mail.jbcc.harvard.edu
200.hls.harvard.edu
chsi.harvard.edu
hgc.harvard.edu
vpn.dce.harvard.edu
oi.mgh.harvard.edu
www.nieman.harvard.edu
cds4.cvent.com
lee.hms.harvard.edu
cvvr.hms.harvard.edu
imperva.com
iqss-sid-env-uat.herokuapp.com
takesian.hms.harvard.edu
dssg.fas.harvard.edu
scorsese.wjh.harvard.edu
geodata-proxy.lib.harvard.edu
prditpm.gse.harvard.edu
5769623379116032-fe2.pantheonsite.io
incapsula.com
zhanglab.tch.harvard.edu
tech.seas.harvard.edu
5762637883244544-fe3.pantheonsite.io
incapsula.com
getonline.harvard.edu
archives.harvard.edu
acquia-sites.com
hub.test.lxp.huit.harvard.edu
filetransfer.harvard.edu
www.datascience.harvard.edu
nlbsp.med.harvard.edu
alumni.dce-test.upstatement.dev
neprc-vpn.hms.harvard.edu
*.hmc.harvard.edu
docker.rc.fas.harvard.edu
webmail.hsl.harvard.edu
www.hup.harvard.edu
statuspage.io
it.uahs.arizona.edu
healthinnovationnetwork.harvard.edu
sfsportal.harvard.edu
termbill.harvard.edu
admissions.emeritus.org
ordlvapexd01.med.harvard.edu
incapsula.com
cluster3.technolutions.net
hhi.harvard.edu
rmfs-blog.rmf.harvard.edu
cluster.technolutions.net
sandbox-ak150.rc.hms.harvard.edu
jdcmoveit1.joslin.harvard.edu
giftshop.metalab.harvard.edu
avayaacp5west-mgmt.bidmc.harvard.edu
forerun-beta.bidmc.harvard.edu
coreapitest.tch.harvard.edu
incapsula.com
cluster3.technolutions.net
cvvr.hms.harvard.edu
jenkins.tlt.harvard.edu
worldmap.harvard.edu
omero-dev.hms.harvard.edu
www.production.sid.hmdc.harvard.edu
email.med.harvard.edu
ccib.mgh.harvard.edu
5709068098338816-fe3.pantheonsite.io
sites.sph.harvard.edu
incapsula.com
db1.mgh.harvard.edu
peerprereview.iq.harvard.edu
incapsula.com
bonescan.bidmc.harvard.edu
*.wcfia.harvard.edu
teachingpost.hbsp.harvard.edu
canvas.hms.harvard.edu
5762637883244544-fe3.pantheonsite.io
p0-univad-dc6.university.harvard.edu
coptic.share.library.harvard.edu
gc.seas.harvard.edu
fugue.arp.harvard.edu
incapsula.com
incapsula.com
edportal.harvard.edu
p2m2a.dbmi.hms.harvard.edu
pilac.law.harvard.edu
5753952654065664-fe1.pantheonsite.io
bootcamp.extension.harvard.edu
vpn.harvard.edu
prostatus.whitepages.com
sni.cloudflaressl.com
iiif.lib.harvard.edu
hds.harvard.edu
rmfvpn.rmf.harvard.edu
incapsula.com
axistv.fas.harvard.edu
vector.meei.harvard.edu
mywellnetmobiletest.tch.harvard.edu
nautilus.gse.harvard.edu
countway.harvard.edu
eve.law.harvard.edu
dlabss.harvard.edu
mail.jbcc.harvard.edu
200.hls.harvard.edu
chsi.harvard.edu
hgc.harvard.edu
vpn.dce.harvard.edu
oi.mgh.harvard.edu
Certificate
The complete raw certificate details for prditpm.gse.harvard.edu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGgzCCBOugAwIBAgIQHcnUBHdD073ietQHgQ72UjANBgkqhkiG9w0BAQwFADBE MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSW50ZXJuZXQyMSEwHwYDVQQDExhJbkNv bW1vbiBSU0EgU2VydmVyIENBIDIwHhcNMjMxMjEyMDAwMDAwWhcNMjUwMTExMjM1 OTU5WjB6MQswCQYDVQQGEwJVUzEWMBQGA1UECBMNTWFzc2FjaHVzZXR0czExMC8G A1UEChMoUHJlc2lkZW50IGFuZCBGZWxsb3dzIG9mIEhhcnZhcmQgQ29sbGVnZTEg MB4GA1UEAxMXcHJkaXRwbS5nc2UuaGFydmFyZC5lZHUwggIiMA0GCSqGSIb3DQEB AQUAA4ICDwAwggIKAoICAQCxCBeZQ/+J+HBJ5oh1JIbz9yISGsLOrx8UkPWJHe1i XBekE5/tY34LRxKIUpekdQQizfVXVoni3eot5Wiuj9c0q/Nhcl9c0wpOdq0Ykyhz RFH4WElseYIOYhkJvGj1wwTiBYGKcZxh2eUvu5i6bly4Sg35T1ITU9YUTFL7ciiW soEPBnbIY3OaMbM8UkHztxIISbXod4MofLG/N08vWON0vspNS6GzOGnXF3bwQOsp dSEUtqU+wnoaDIUjyzwWS00ZqbzPkmP1Mipnk+s9QhOMj2NVcswJe2pNOEWM/Een aQx8GLdyUd2EeqceplxaAIyCegsCfrEEx7tuNA8LxZVBHyO3maH6KIkqtJJqE52y LCCRv9HSeN8gZkdaYsITw1uGZi+5pHeX1wrGHk1XR4G6zpGwvbQJickp5blQdCe7 JjjgBaFr5Tfc4pCQJShGvwy9ATiuvpr4rjx5w90Yj8Na2q8IzrXwBBi41JMFfAfa ai3gDFXF9xTF1LmxDKYtA08D0+vVTLkU+6g+KVMgyOpSwSQv3Ff0j2TV1pERpZXM MDBKMVuYg2SY9wi2XZVBMtowpEwMDSdj/mc1fr8hQxTpYz5EziYPfNXYkABr1LNu 4UUxtG25+SuigFidbvNfnuY4pSLBH9WAeyVtsfH8D9+QCmu2M4Nr1K3jYfxsvBQr qQIDAQABo4IBuTCCAbUwHwYDVR0jBBgwFoAU70wAkqb7di5eleLJX4cbGdVN4tkw HQYDVR0OBBYEFFyjFiMJ0cWdZkheQHHku1N6V793MA4GA1UdDwEB/wQEAwIFoDAM BgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBJBgNV HSAEQjBAMDQGCysGAQQBsjEBAgJnMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2Vj dGlnby5jb20vQ1BTMAgGBmeBDAECAjBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8v Y3JsLnNlY3RpZ28uY29tL0luQ29tbW9uUlNBU2VydmVyQ0EyLmNybDBwBggrBgEF BQcBAQRkMGIwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuc2VjdGlnby5jb20vSW5D b21tb25SU0FTZXJ2ZXJDQTIuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5z ZWN0aWdvLmNvbTAiBgNVHREEGzAZghdwcmRpdHBtLmdzZS5oYXJ2YXJkLmVkdTAT BgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQwFAAOCAYEAgrWWrhau18rv YgyaVL2he3ncUGwG+AgdasSd+IjCjsGShBCnq+PeuRFgya1uJLm4SC4apH56JQLP KBuJYyHGptWbEsfIbTZZZayPZlG9sIZ5i/Anpg8snxYm9g2YBA5mleBhs5Fdkif2 hDn4E8RsmGh59t2tpxRikdKLt2Z/oo9KF6DkWkG13fiCloQXUECOioFDTkrJNreQ LDnj/uAdIubFJH27YeGWJEDAVl8mPJVpT6x7NPp2ydizCmaU+NPVySiZWPNtMSvU 65uMKvQuLkrNzoGPRgdqU8ha06ZMN56l2enM61LrkVq93Jawm7ay6flll9GK7xvY J5rHnRgPgI3OzHb0/DPSqZ5KFnX97pqEag2dG7ZisA5ESxl00YAhHzZirWXhuLfJ Yyc9nyUbxpuarXK7F2f9f56PXZd4eggj4tmxMen/8ZrrAGHNwP2HMJk3gfUkJWG/ QwDB+2e9mkt/D+GwwKpdtPK0xTHvht4jfr1cJ2h37FplHzQmGpq5 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsQgXmUP/ifhwSeaIdSSG 8/ciEhrCzq8fFJD1iR3tYlwXpBOf7WN+C0cSiFKXpHUEIs31V1aJ4t3qLeVoro/X NKvzYXJfXNMKTnatGJMoc0RR+FhJbHmCDmIZCbxo9cME4gWBinGcYdnlL7uYum5c uEoN+U9SE1PWFExS+3IolrKBDwZ2yGNzmjGzPFJB87cSCEm16HeDKHyxvzdPL1jj dL7KTUuhszhp1xd28EDrKXUhFLalPsJ6GgyFI8s8FktNGam8z5Jj9TIqZ5PrPUIT jI9jVXLMCXtqTThFjPxHp2kMfBi3clHdhHqnHqZcWgCMgnoLAn6xBMe7bjQPC8WV QR8jt5mh+iiJKrSSahOdsiwgkb/R0njfIGZHWmLCE8NbhmYvuaR3l9cKxh5NV0eB us6RsL20CYnJKeW5UHQnuyY44AWha+U33OKQkCUoRr8MvQE4rr6a+K48ecPdGI/D WtqvCM618AQYuNSTBXwH2mot4AxVxfcUxdS5sQymLQNPA9Pr1Uy5FPuoPilTIMjq UsEkL9xX9I9k1daREaWVzDAwSjFbmINkmPcItl2VQTLaMKRMDA0nY/5nNX6/IUMU 6WM+RM4mD3zV2JAAa9SzbuFFMbRtufkrooBYnW7zX57mOKUiwR/VgHslbbHx/A/f kAprtjODa9St42H8bLwUK6kCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 39595563770987398999468609789376788050 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA 2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-11 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Massachusetts' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'President and Fellows of Harvard College' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'prditpm.gse.harvard.edu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 722225957945485353163065238541618506186295749631051680241745967081066009559896558309591559011563602325084031115887087851742927545793763289550417179520207604663600329765345821267619843843380551440464357579401220203372376618939091456803510437283450775807489833962740252938046456116601820563846086195799024287231053560171516061615879439936713392071551689135889362128116510866373369720645508765714706152031821959066374753523871998510148373613835008982226200795924058236618409607635375412315938329302648986829668247723914408266465234600979212710369533205224258641982829658289906643936486785568602718154659082805750911534581542729012219101901898041917042950827177916036404735397959839612313957937651967511904910089719542615748986731640194413005978129934303455292958278560539940106441832115770010468508528182668506642798171801023243261641773546972983249565603476199131213199802896926683598839421967913912705094964269954104407651923325286983736083943756644043868476892453223089250137977464270559434896868258737255073863255978436622720540967804059081735502067336445577734789878764287971628941812552125040327952033813106832726295373900470784099533809376159276657310845769285663864995680463609367337705851510580168309053128212444801100118502313 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ef4c0092a6fb762e5e95e2c95f871b19d54de2d9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5ca3162309d1c59d66485e4071e4bb537a57bf77 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.103 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/InCommonRSAServerCA2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/InCommonRSAServerCA2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prditpm.gse.harvard.edu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (3072 bits) 0082b596ae16aed7caef620c9a54bda17b79dc506c06f8081d6ac49df888c28ec1928410a7abe3deb91160c9ad6e24b9b8482e1aa47e7a2502cf281b896321c6a6d59b12c7c86d365965ac8f6651bdb086798bf027a60f2c9f1626f60d98040e6695e061b3915d9227f68439f813c46c986879f6ddada7146291d28bb7667fa28f4a17a0e45a41b5ddf88296841750408e8a81434e4ac936b7902c39e3fee01d22e6c5247dbb61e1962440c0565f263c95694fac7b34fa76c9d8b30a6694f8d3d5c9289958f36d312bd4eb9b8c2af42e2e4acdce818f46076a53c85ad3a64c379ea5d9e9cceb52eb915abddc96b09bb6b2e9f96597d18aef1bd8279ac79d180f808dcecc76f4fc33d2a99e4a1675fdee9a846a0d9d1bb662b00e444b1974d180211f3662ad65e1b8b7c963273d9f251bc69b9aad72bb1767fd7f9e8f5d97787a0823e2d9b131e9fff19aeb0061cdc0fd8730993781f5242561bf4300c1fb67bd9a4b7f0fe1b0c0aa5db4f2b4c531ef86de237ebd5c276877ec5a651f34261a9ab9