ldap10.iam.psu.edu
- The Pennsylvania State University -
Issued by InCommon RSA Server CA 2
About this certificate
This digital certificate with serial number d3:c7:26:94:2c:22:06:f7:61:5c:b8:f2:14:c4:69:66 was issued on by Internet2.
With 17 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
The Pennsylvania State University
Organization:
The Pennsylvania State University
State / Province:
Pennsylvania
Country: US
Country: US
Internet2
Organization:
Internet2
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): d3:c7:26:94:2c:22:06:f7:61:5c:b8:f2:14:c4:69:66Serial Number (int): 281501156656457147562945381838088333670
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: b7:01:65:62:65:53:6d:c8:f5:00:56:ce:8e:1c:c9:6b:3c:ef:d5:46
AuthorityKeyId: ef:4c:00:92:a6:fb:76:2e:5e:95:e2:c9:5f:87:1b:19:d5:4d:e2:d9
Fingerprint (sha1): 76:f0:f7:e9:c5:bc:18:0c:c2:d3:61:d3:5c:bd:62:22:8c:67:05:2b
Fingerprint (sha256): 00:2d:82:f9:38:bd:c7:9f:71:b8:94:8f:fa:36:72:c4:eb:a2:2b:2f:52:2d:7d:38:fe:4f:54:46:f9:7f:b5:7f
Issuing Certificate URL: http://crt.sectigo.com/InCommonRSAServerCA2.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/InCommonRSAServerCA2.crl
Check the revocation status for certificate ldap10.iam.psu.edu
17
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ldap10.iam.psu.edu
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ldap10.iam.psu.edu
dirapps-offsite.aset.psu.edu
dirapps.aset.psu.edu
dirapps.gslb.psu.edu
dirapps.iam.psu.edu
ldap-alert.iam.psu.edu
ldap-lb-test.iam.psu.edu
ldap-prime-offsite.iam.psu.edu
ldap-prime.gslb.psu.edu
ldap-prime.iam.psu.edu
ldap.gslb.psu.edu
ldap.psu.edu
test-dirapps-offsite.aset.psu.edu
test-dirapps.aset.psu.edu
test-dirapps.gslb.psu.edu
test-dirapps.iam.psu.edu
tr25g10.aset.psu.edu
dirapps-offsite.aset.psu.edu
dirapps.aset.psu.edu
dirapps.gslb.psu.edu
dirapps.iam.psu.edu
ldap-alert.iam.psu.edu
ldap-lb-test.iam.psu.edu
ldap-prime-offsite.iam.psu.edu
ldap-prime.gslb.psu.edu
ldap-prime.iam.psu.edu
ldap.gslb.psu.edu
ldap.psu.edu
test-dirapps-offsite.aset.psu.edu
test-dirapps.aset.psu.edu
test-dirapps.gslb.psu.edu
test-dirapps.iam.psu.edu
tr25g10.aset.psu.edu
Other certificates including the domain name psu.edu
(limited to 100 certificates)
cds4.cvent.com
pennstatehealthnews.org
nemesis.vmhost.psu.edu
apply.psu.edu
d5-gogreenfront.ddar.psu.edu
vpfa.psu.edu
5693703389708288-fe3.pantheonsite.io
crmcn-prd-db.windom.outreach.psu.edu
apps.opp.psu.edu
prod-web10.lionpath.psu.edu
software.psu.edu
idashboard.hbg.psu.edu
svrp.psu.edu
www.causeweb.org
harrelllibcal.library.psu.edu
carpepm.almonds.com
ldap10.iam.psu.edu
webfiles.psu.edu
harrell.library.psu.edu
fandb.psu.edu
coaction.psu.edu
us.prod.campusgroups.com
qaauth.libraries.psu.edu
online.ist.psu.edu
morph-331.vmhost.psu.edu
angelshibaccept.ais.psu.edu
schoolresources.militaryfamilies.psu.edu
hrservdc.ohrrider.psu.edu
ssc1.wpsu.psu.edu
watchdog.vmhost.psu.edu
wsus.sysman.it.psu.edu
www.inclusivity.psu.edu
mkt-prod-db.windom.outreach.psu.edu
scholarsphere-qa.dlt.psu.edu
secure.smeal.psu.edu
collegian.psu.edu
www.ems.psu.edu
www.solutions2wxrisk.psu.edu
ucdc.edu
methodology.psu.edu
us.prod.campusgroups.com
ezaccess.libraries.psu.edu
usegalaxy.org
apps.tlt.psu.edu
alumni.libraries.psu.edu
exchange.ag.psu.edu
nartc.fcm.arizona.edu
egsc.psu.edu
calendar.sdzsafaripark.org
grafana.ais.psu.edu
artedu.vmhost.psu.edu
com-ce.vmhost.psu.edu
www.engr.psu.edu
webdev.research.psu.edu
mrsec.psu.edu
isserv83.psuas.psu.edu
anth.la.psu.edu
nrotc.psu.edu
www.bookrequest.psu.edu
grp-app-prod.sil.arl.psu.edu
ocaltest.aset.psu.edu
courses.schoolresources.militaryfamilies.psu.edu
5693703389708288-fe3.pantheonsite.io
openid.et-test.psu.edu
f1adp-smartpark.ad.psu.edu
current.it.psu.edu
cas-cp-01.ag.psu.edu
inclusivity.psu.edu
vivid.cse.psu.edu
morgancenter.psu.edu
www.vmhost.psu.edu
www.studentloans.psu.edu
cds4.cvent.com
math.science.psu.edu
uconnectlabs.com
newkensington.psu.edu
chat.pshs.psu.edu
cpy-web1.lionpath.psu.edu
campusmap.psu.edu
www.opia.psu.edu
science.aws.science.psu.edu
genuinerisk.bmb.psu.edu
delta.csec-cra.psu.edu
cdn-test.battlefields.org
psualert-test.iam.psu.edu
e8-pnc-sep.ad.psu.edu
staging.aws.science.psu.edu
test.eis.uw.edu
dev.e-education.psu.edu
admissions.med.psu.edu
etda-explore-prod.libraries.psu.edu
secure.wpsu.psu.edu
www2.ems.psu.edu
admin.hhdev.psu.edu
citeak.multidevcom.uaf.edu
newton.vmhost.psu.edu
5693703389708288-fe3.pantheonsite.io
www.design-engineering.princeton.edu
latinocaucus.psu.edu
jupyterhub.ist.psu.edu
pennstatehealthnews.org
nemesis.vmhost.psu.edu
apply.psu.edu
d5-gogreenfront.ddar.psu.edu
vpfa.psu.edu
5693703389708288-fe3.pantheonsite.io
crmcn-prd-db.windom.outreach.psu.edu
apps.opp.psu.edu
prod-web10.lionpath.psu.edu
software.psu.edu
idashboard.hbg.psu.edu
svrp.psu.edu
www.causeweb.org
harrelllibcal.library.psu.edu
carpepm.almonds.com
ldap10.iam.psu.edu
webfiles.psu.edu
harrell.library.psu.edu
fandb.psu.edu
coaction.psu.edu
us.prod.campusgroups.com
qaauth.libraries.psu.edu
online.ist.psu.edu
morph-331.vmhost.psu.edu
angelshibaccept.ais.psu.edu
schoolresources.militaryfamilies.psu.edu
hrservdc.ohrrider.psu.edu
ssc1.wpsu.psu.edu
watchdog.vmhost.psu.edu
wsus.sysman.it.psu.edu
www.inclusivity.psu.edu
mkt-prod-db.windom.outreach.psu.edu
scholarsphere-qa.dlt.psu.edu
secure.smeal.psu.edu
collegian.psu.edu
www.ems.psu.edu
www.solutions2wxrisk.psu.edu
ucdc.edu
methodology.psu.edu
us.prod.campusgroups.com
ezaccess.libraries.psu.edu
usegalaxy.org
apps.tlt.psu.edu
alumni.libraries.psu.edu
exchange.ag.psu.edu
nartc.fcm.arizona.edu
egsc.psu.edu
calendar.sdzsafaripark.org
grafana.ais.psu.edu
artedu.vmhost.psu.edu
com-ce.vmhost.psu.edu
www.engr.psu.edu
webdev.research.psu.edu
mrsec.psu.edu
isserv83.psuas.psu.edu
anth.la.psu.edu
nrotc.psu.edu
www.bookrequest.psu.edu
grp-app-prod.sil.arl.psu.edu
ocaltest.aset.psu.edu
courses.schoolresources.militaryfamilies.psu.edu
5693703389708288-fe3.pantheonsite.io
openid.et-test.psu.edu
f1adp-smartpark.ad.psu.edu
current.it.psu.edu
cas-cp-01.ag.psu.edu
inclusivity.psu.edu
vivid.cse.psu.edu
morgancenter.psu.edu
www.vmhost.psu.edu
www.studentloans.psu.edu
cds4.cvent.com
math.science.psu.edu
uconnectlabs.com
newkensington.psu.edu
chat.pshs.psu.edu
cpy-web1.lionpath.psu.edu
campusmap.psu.edu
www.opia.psu.edu
science.aws.science.psu.edu
genuinerisk.bmb.psu.edu
delta.csec-cra.psu.edu
cdn-test.battlefields.org
psualert-test.iam.psu.edu
e8-pnc-sep.ad.psu.edu
staging.aws.science.psu.edu
test.eis.uw.edu
dev.e-education.psu.edu
admissions.med.psu.edu
etda-explore-prod.libraries.psu.edu
secure.wpsu.psu.edu
www2.ems.psu.edu
admin.hhdev.psu.edu
citeak.multidevcom.uaf.edu
newton.vmhost.psu.edu
5693703389708288-fe3.pantheonsite.io
www.design-engineering.princeton.edu
latinocaucus.psu.edu
jupyterhub.ist.psu.edu
Certificate
The complete raw certificate details for ldap10.iam.psu.edu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIcTCCBtmgAwIBAgIRANPHJpQsIgb3YVy48hTEaWYwDQYJKoZIhvcNAQEMBQAw RDELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCUludGVybmV0MjEhMB8GA1UEAxMYSW5D b21tb24gUlNBIFNlcnZlciBDQSAyMB4XDTIzMTIxNTAwMDAwMFoXDTI1MDExNDIz NTk1OVowbTELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBlbm5zeWx2YW5pYTEqMCgG A1UEChMhVGhlIFBlbm5zeWx2YW5pYSBTdGF0ZSBVbml2ZXJzaXR5MRswGQYDVQQD ExJsZGFwMTAuaWFtLnBzdS5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQCp+yCc4XGI4u2j+TmkWD2stkmAFgV17gYKFHymR8ZeevULxhra1hgyuWhI vPzGfVy9ybDQyuyYyqUk6cVF95lRU+2gjtRKhaZC9iBRcWGWiEKS/JmvjRO1QrRx CK5NqhxsPdzRdLonOl/KhG2V6eE69JZ6GQkgRtvCdKGXOLrp0e38gXso157JEzQf 0X1iMYh4PBdTv0N4GYl4fNR5f1yQ8HPUoO0CSfDAXDim889h/vebzPW0rSf7kInK Zw0SBtQKsQfWglL/biR+R8G5TFHhng51HuBT6VKcqC8d/UF28GRrO1+Xq4BndkKW hwmJzO8hCyibUU4EY/F5iKZWnJJnAgMBAAGjggSzMIIErzAfBgNVHSMEGDAWgBTv TACSpvt2Ll6V4slfhxsZ1U3i2TAdBgNVHQ4EFgQUtwFlYmVTbcj1AFbOjhzJazzv 1UYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAmcwJTAjBggr BgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQICMEAGA1Ud HwQ5MDcwNaAzoDGGL2h0dHA6Ly9jcmwuc2VjdGlnby5jb20vSW5Db21tb25SU0FT ZXJ2ZXJDQTIuY3JsMHAGCCsGAQUFBwEBBGQwYjA7BggrBgEFBQcwAoYvaHR0cDov L2NydC5zZWN0aWdvLmNvbS9JbkNvbW1vblJTQVNlcnZlckNBMi5jcnQwIwYIKwYB BQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMIIBfgYKKwYBBAHWeQIEAgSC AW4EggFqAWgAdQDPEVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3zsw7CAAAAYxu 7OBdAAAEAwBGMEQCIEOcDMCffqPq4opjFId4zZeUF1yJ0xuJibs2hz5UaJ3bAiBw xcFkSQL0XxNKaZgchivvGh2c0Vvb9ubGoogKXoiQaAB3AKLjCuRF772tm3447Udn d1PXgluElNcrXhssxLlQpEfnAAABjG7s4MwAAAQDAEgwRgIhAIKwC5Xh+VfmmDfe Bv/YSZdUQzKXYzsP4eiUidRB+0hZAiEAzjp/0B2vsSh3/xvjKZdW8p9iH3F4WOfc edf1p189FQwAdgBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAYxu 7OA6AAAEAwBHMEUCIQCj0jWap81qM/hkgLAYvmJdR8znCTRB+sw7TbsElENiQQIg cY1Y6+alvO+0xGe3etdZY35smvaN5O3QDi/F1NRRFqIwggGtBgNVHREEggGkMIIB oIISbGRhcDEwLmlhbS5wc3UuZWR1ghxkaXJhcHBzLW9mZnNpdGUuYXNldC5wc3Uu ZWR1ghRkaXJhcHBzLmFzZXQucHN1LmVkdYIUZGlyYXBwcy5nc2xiLnBzdS5lZHWC E2RpcmFwcHMuaWFtLnBzdS5lZHWCFmxkYXAtYWxlcnQuaWFtLnBzdS5lZHWCGGxk YXAtbGItdGVzdC5pYW0ucHN1LmVkdYIebGRhcC1wcmltZS1vZmZzaXRlLmlhbS5w c3UuZWR1ghdsZGFwLXByaW1lLmdzbGIucHN1LmVkdYIWbGRhcC1wcmltZS5pYW0u cHN1LmVkdYIRbGRhcC5nc2xiLnBzdS5lZHWCDGxkYXAucHN1LmVkdYIhdGVzdC1k aXJhcHBzLW9mZnNpdGUuYXNldC5wc3UuZWR1ghl0ZXN0LWRpcmFwcHMuYXNldC5w c3UuZWR1ghl0ZXN0LWRpcmFwcHMuZ3NsYi5wc3UuZWR1ghh0ZXN0LWRpcmFwcHMu aWFtLnBzdS5lZHWCFHRyMjVnMTAuYXNldC5wc3UuZWR1MA0GCSqGSIb3DQEBDAUA A4IBgQAfVnJBxzr4Wgs0CEw/kbnoci74B5UpWdUxRCkhKloStomucKlYOzYtMcBT fIr1vzy3UBHGFM+FMNOJFeftXVLzNbDKuqU5bUFxcE+DmYqqN60fXP03NF2BYV02 iWntxYI70RuBEYA6Qjw+IjSoIMFvOiqoxwLh9KqGsWHDdIPH+hNOr5EWnnRfhp27 0DVVRCM/D8tN9PwklFUxRh2JZTfzH14oS4jL9rz7LxJtV+B8pi/V/psOf+WSkPk6 RSiF+XhWAjjuKQSIPyjdnzpmHxqGWARmuxfnesERMqLguqGQIJEsfb8/CvHpzBnW p74Vxl082WBPmrTFEPGbdZ4WBaSydpaA4mJvjj+xQE88z7fiyEpO8/czuAcPYAsU bLBQ0KMNUZNSzV3JEHC2mfq+THsHpXXuqYJw3ei2TSsizFLsR9F80ay9QWyjObsK 9OhYWWy7+r/4KlX9o9tQyBQoqZoO9yFsUfNY9/mHfrQptPxQjOQCghGSC23Fndy3 /XQDzwk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfsgnOFxiOLto/k5pFg9 rLZJgBYFde4GChR8pkfGXnr1C8Ya2tYYMrloSLz8xn1cvcmw0MrsmMqlJOnFRfeZ UVPtoI7USoWmQvYgUXFhlohCkvyZr40TtUK0cQiuTaocbD3c0XS6JzpfyoRtlenh OvSWehkJIEbbwnShlzi66dHt/IF7KNeeyRM0H9F9YjGIeDwXU79DeBmJeHzUeX9c kPBz1KDtAknwwFw4pvPPYf73m8z1tK0n+5CJymcNEgbUCrEH1oJS/24kfkfBuUxR 4Z4OdR7gU+lSnKgvHf1BdvBkaztfl6uAZ3ZClocJiczvIQsom1FOBGPxeYimVpyS ZwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 281501156656457147562945381838088333670 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA 2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-15 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-14 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pennsylvania' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Pennsylvania State University' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ldap10.iam.psu.edu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21458109072564446864812800908507831611003638542863942607087168646728137571777951160412715663396134717202759907937087938087281449110634427899711390678206011056326584404840818541282076155502273473800574865334090511731816637409849374077163975256699222288207338645852889043477714851427534574097099661940287933435014640594386315261246741404213970261127066129446221210058076366378864651943098832679632092286306233680807048151838517514449961266532923646860734891603292398966505980345465589047274359364498768492953540960739668407550199489045780688170994360909337501269321879416959505971847207435481355919690985095984196653671 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ef4c0092a6fb762e5e95e2c95f871b19d54de2d9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b701656265536dc8f50056ce8e1cc96b3cefd546 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.103 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/InCommonRSAServerCA2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/InCommonRSAServerCA2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007500cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018c6eece05d00000403004630440220439c0cc09f7ea3eae28a63148778cd9794175c89d31b8989bb36873e54689ddb022070c5c1644902f45f134a69981c862bef1a1d9cd15bdbf6e6c6a2880a5e889068007700a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018c6eece0cc000004030048304602210082b00b95e1f957e69837de06ffd8499754433297633b0fe1e89489d441fb4859022100ce3a7fd01dafb12877ff1be3299756f29f621f717858e7dc79d7f5a75f3d150c0076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018c6eece03a0000040300473045022100a3d2359aa7cd6a33f86480b018be625d47cce7093441facc3b4dbb04944362410220718d58ebe6a5bcefb4c467b77ad759637e6c9af68de4edd00e2fc5d4d45116a2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (420 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ldap10.iam.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dirapps-offsite.aset.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dirapps.aset.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dirapps.gslb.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dirapps.iam.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ldap-alert.iam.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ldap-lb-test.iam.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ldap-prime-offsite.iam.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ldap-prime.gslb.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ldap-prime.iam.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ldap.gslb.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ldap.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-dirapps-offsite.aset.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-dirapps.aset.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-dirapps.gslb.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-dirapps.iam.psu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tr25g10.aset.psu.edu' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (3072 bits) 001f567241c73af85a0b34084c3f91b9e8722ef807952959d5314429212a5a12b689ae70a9583b362d31c0537c8af5bf3cb75011c614cf8530d38915e7ed5d52f335b0cabaa5396d4171704f83998aaa37ad1f5cfd37345d81615d368969edc5823bd11b8111803a423c3e2234a820c16f3a2aa8c702e1f4aa86b161c37483c7fa134eaf91169e745f869dbbd0355544233f0fcb4df4fc24945531461d896537f31f5e284b88cbf6bcfb2f126d57e07ca62fd5fe9b0e7fe59290f93a452885f978560238ee2904883f28dd9f3a661f1a86580466bb17e77ac11132a2e0baa19020912c7dbf3f0af1e9cc19d6a7be15c65d3cd9604f9ab4c510f19b759e1605a4b2769680e2626f8e3fb1404f3ccfb7e2c84a4ef3f733b8070f600b146cb050d0a30d519352cd5dc91070b699fabe4c7b07a575eea98270dde8b64d2b22cc52ec47d17cd1acbd416ca339bb0af4e858596cbbfabff82a55fda3db50c81428a99a0ef7216c51f358f7f9877eb429b4fc508ce4028211920b6dc59ddcb7fd7403cf09