braintree-qa.udar.berkeley.edu

- University of California, Berkeley -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 22:0a:1a:59:44:aa:0d:31:1d:43:7b:60:68:6a:79:68 was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of California, Berkeley

Organization: University of California, Berkeley
State / Province: California
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 22:0a:1a:59:44:aa:0d:31:1d:43:7b:60:68:6a:79:68
Serial Number (int): 45246209240479207021921166721448311144
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 74:00:e3:65:d7:74:e5:19:b3:1b:78:eb:0a:c6:fb:70:08:34:b7:2d
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 84:63:e6:ec:82:29:57:88:7a:ae:10:44:35:d4:14:d7:36:f6:b0:a5
Fingerprint (sha256): 00:65:b3:6a:fd:a5:ae:fd:28:42:f5:09:7f:48:5b:0e:f4:18:c2:b4:7c:7a:96:66:5c:28:c8:49:d5:2c:10:98

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate braintree-qa.udar.berkeley.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for braintree-qa.udar.berkeley.edu

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

braintree-qa.udar.berkeley.edu

Other certificates including the domain name berkeley.edu

(limited to 100 certificates)
5631131353350144-fe1.pantheonsite.io
iris.eecs.berkeley.edu
vc.berkeley.edu
goldenkey.berkeley.edu
157ac.berkeley.edu
dynamics.berkeley.edu
dsec-pa01.ist.berkeley.edu
eps.berkeley.edu
5767281011326976-fe3.pantheonsite.io
test-web-lws.edu.help
isab.berkeley.edu
riverrestoration.ced.berkeley.edu
tsa.berkeley.edu
urbansustainability.berkeley.edu
carpepm.almonds.com
telemonitoring.berkeley.edu
ucmc.berkeley.edu
5693048138760192-fe2.pantheonsite.io
skiteam.berkeley.edu
5685265389584384-fe2.pantheonsite.io
robobears.berkeley.edu
asa.berkeley.edu
bleex.me.berkeley.edu
5732694713434112-fe3.pantheonsite.io
5695872079757312-fe3.pantheonsite.io
cuwip.physics.berkeley.edu
pawsandclaws.berkeley.edu
goldenapple.berkeley.edu
5690145009303552-fe2.pantheonsite.io
puzzle.berkeley.edu
bc.berkeley.edu
accredible.tutor.com
cs184.eecs.berkeley.edu
5702666986455040-fe2.pantheonsite.io
esw.berkeley.edu
5745580152193024-fe4.pantheonsite.io
mcbcdna.berkeley.edu
biomechanics.berkeley.edu
www.site.demog.berkeley.edu
foresight.berkeley.edu
5657535201673216-fe3.pantheonsite.io
gdso.berkeley.edu
mcbcdna.berkeley.edu
zhoulab.berkeley.edu
edam.berkeley.edu
it.uahs.arizona.edu
braintree-qa.udar.berkeley.edu
admissions.emeritus.org
astep.berkeley.edu
journalofethics.berkeley.edu
5695872079757312-fe3.pantheonsite.io
orchestra.berkeley.edu
cluster3.technolutions.net
yearbook.berkeley.edu
communityinnovation.berkeley.edu
as-axolotl-qa.ist.berkeley.edu
coffinaward.berkeley.edu
libguides.law.berkeley.edu
sinberbest.berkeley.edu
dwx.berkeley.edu
5645628478586880-fe4.pantheonsite.io
ide.berkeley.edu
securessl-pst1.tessituranetworkhost.com
startup.berkeley.edu
labmon.qnl-internal.berkeley.edu
caldesignlab.berkeley.edu
wordsoundlife.berkeley.edu
5702351037923328-fe2.pantheonsite.io
astral.berkeley.edu
bioehs.berkeley.edu
interucconference.berkeley.edu
5702666986455040-fe2.pantheonsite.io
mtab.berkeley.edu
exhibits.ced.berkeley.edu
ucdc.edu
cluster3.technolutions.net
chrzan.mse.berkeley.edu
olab.berkeley.edu
proxy.kchsieh-dev0.api.berkeley.edu
ecoengine.berkeley.edu
southindiansociety.berkeley.edu
reservemapper.berkeley.edu
5704980631650304-fe4.pantheonsite.io
5693048138760192-fe2.pantheonsite.io
fp2.law.berkeley.edu
ce3.berkeley.edu
sailing.berkeley.edu
veteran.berkeley.edu
cryoem.berkeley.edu
solr.urel.berkeley.edu
qtsab.berkeley.edu
pasae.berkeley.edu
ulab.berkeley.edu
5636647567753216-fe1.pantheonsite.io
uav.berkeley.edu
nimitz.berkeley.edu
millslab.berkeley.edu
parking.berkeley.edu
prototype.berkeley.edu
nartc.fcm.arizona.edu

Certificate

The complete raw certificate details for braintree-qa.udar.berkeley.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHzTCCBrWgAwIBAgIQIgoaWUSqDTEdQ3tgaGp5aDANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0yMjEyMTkwMDAwMDBaFw0yNDAxMTky
MzU5NTlaMHgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMSswKQYD
VQQKEyJVbml2ZXJzaXR5IG9mIENhbGlmb3JuaWEsIEJlcmtlbGV5MScwJQYDVQQD
Ex5icmFpbnRyZWUtcWEudWRhci5iZXJrZWxleS5lZHUwggIiMA0GCSqGSIb3DQEB
AQUAA4ICDwAwggIKAoICAQCwvADuAgHTitBMJlJgkZr59oQCckS+IvQ5yGPLqnfV
acLrsGGU50mXh2YI4S9SU3t1LBmhK5565N7HGJcqacjIcEm0P6XMlI4tb0/6fztL
FqA4JY9vFiLHwZZ/0U28oUnzoA91360pSEEydQAa8dJsrN3uh04x6mXQv/HTFr2I
qmnHsHbvZbT3MCLfUSKB99sJm7dpZQks0ZdHq/M/h9NHC1FlVMGM32jdYOQ9n+iw
xR93A2c145IWSmXgrFoSI9YmpIwriDcw7aCsfE/dL3jf+ALYRhGqmYua+KZDymxJ
q4sFRJblZ9Px0XzPZDtkj1kj4HAysiow6ZUJWcUnENmFSbmhR9dZXM5Osg3AwKtO
0GkINXtautlXGWYP4aNU+7Z4nVxEpf8yst0vRxDHeA4eGl5bQlHabeVdfQSOdgaL
kFuQeuRgf4bSoslKEND6qUEwYxW7e/sd1Lm4HPC64CFpAABANkBvmAin4ymJw9eL
HFAwIt+GfkFkuN/znTAB91EkPb+q4tu2tps3udegNdlJxrqdwQSFtvYEicU8uO2O
i8yTK5zOaKvgw/2LM91Nus/BFtH0MzrB9ePI+JZhBEGekvw2iMM0+WqNrZwPNpP3
+Fp/clateLeLYWGb1WuKL9ckQxSl+zA7/Jixua5O1+/TGdzgjEf3Q7xDOZ0VwRWv
AQIDAQABo4IDUzCCA08wHwYDVR0jBBgwFoAUHgWjd49sluJbh0umtIascQAM5zgw
HQYDVR0OBBYEFHQA42XXdOUZsxt46wrG+3AINLctMA4GA1UdDwEB/wQEAwIFoDAM
BgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBnBgNV
HSAEYDBeMFIGDCsGAQQBriMBBAMBATBCMEAGCCsGAQUFBwIBFjRodHRwczovL3d3
dy5pbmNvbW1vbi5vcmcvY2VydC9yZXBvc2l0b3J5L2Nwc19zc2wucGRmMAgGBmeB
DAECAjBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLmluY29tbW9uLXJzYS5v
cmcvSW5Db21tb25SU0FTZXJ2ZXJDQS5jcmwwdQYIKwYBBQUHAQEEaTBnMD4GCCsG
AQUFBzAChjJodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vSW5Db21tb25SU0FTZXJ2
ZXJDQV8yLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNv
bTCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHYAdv+IPwq2+5VRwmHM9Ye6NLSk
zbsp3GhCCp/mZ0xaOnQAAAGFLOM6IgAABAMARzBFAiBCmjEtUJCsA+C9pvLKu2jG
ywRWtaMN3XM/MRbVB52QXQIhAKYU8X0P7//KjirGtkEmBKrhJwnHs6O9JsZrqwU1
KclsAHYA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGFLOM6PAAA
BAMARzBFAiARqAjWuNsf2ZZs2HV7dOvJI5qhkZkov+pO/n1eah5E2AIhAPCzOSvA
x+H88EfoIl+rmAECyI2+SZoOxZ7TNyp/7sgdAHUA7s3QZNXbGs7FXLedtM0TojKH
Rny87N7DUUhZRnEftZsAAAGFLOM6BgAABAMARjBEAiBjXc1NO7qGjdcZUhEDgc4s
jzKQ5mA+2g4Ug+Z/UAUk+gIgdpEPBBlqxGoH+9bujibHjpE4Iuchqa6td1zEsg9T
SqIwKQYDVR0RBCIwIIIeYnJhaW50cmVlLXFhLnVkYXIuYmVya2VsZXkuZWR1MA0G
CSqGSIb3DQEBCwUAA4IBAQANxR5xbe/4kApFcoKR6m0BnM34P7ZeyZWmRbDVsWJg
UtIpCreVEoJ2upKwY/STX+XBDAqhKokF/tgda96nSpygH+ldbTVfnoI/oAphdQLc
wgX+qVCAPnArww+WhT1S8wgsr1/xfgtwWrTz7+LETjOoygAx0xoKnr7u0D4XbeFc
Lkcl9NQ17uPnw5Xgh4rdL+M0wFVhlhbEaq5H7TrQ8LZAyvNoNv264xyJ2m5wRJ3x
2t1ZoEfCCluXFNLlkRgaNlIvGKKEOwPxl1td0O7Zlc1UmkXfG/I3r8dGeonM423P
DTVRMDxDdzRp0y0LRBpTYhouYrI5rrgMY25XUxOehS9v
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsLwA7gIB04rQTCZSYJGa
+faEAnJEviL0Ochjy6p31WnC67BhlOdJl4dmCOEvUlN7dSwZoSueeuTexxiXKmnI
yHBJtD+lzJSOLW9P+n87SxagOCWPbxYix8GWf9FNvKFJ86APdd+tKUhBMnUAGvHS
bKzd7odOMepl0L/x0xa9iKppx7B272W09zAi31EigffbCZu3aWUJLNGXR6vzP4fT
RwtRZVTBjN9o3WDkPZ/osMUfdwNnNeOSFkpl4KxaEiPWJqSMK4g3MO2grHxP3S94
3/gC2EYRqpmLmvimQ8psSauLBUSW5WfT8dF8z2Q7ZI9ZI+BwMrIqMOmVCVnFJxDZ
hUm5oUfXWVzOTrINwMCrTtBpCDV7WrrZVxlmD+GjVPu2eJ1cRKX/MrLdL0cQx3gO
HhpeW0JR2m3lXX0EjnYGi5BbkHrkYH+G0qLJShDQ+qlBMGMVu3v7HdS5uBzwuuAh
aQAAQDZAb5gIp+MpicPXixxQMCLfhn5BZLjf850wAfdRJD2/quLbtrabN7nXoDXZ
Sca6ncEEhbb2BInFPLjtjovMkyuczmir4MP9izPdTbrPwRbR9DM6wfXjyPiWYQRB
npL8NojDNPlqja2cDzaT9/haf3JWrXi3i2Fhm9Vrii/XJEMUpfswO/yYsbmuTtfv
0xnc4IxH90O8QzmdFcEVrwECAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 45246209240479207021921166721448311144
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-19 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-19 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of California, Berkeley'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'braintree-qa.udar.berkeley.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 721013402459346183156459546689534627434512512419485947582764143636037767517706977573537893191531694485903955695843884400463260366871923300438368875940564076079709170899146717485723895900877419341193701535814850619382516233665605479201113229794382578586507254073841836909074895665301561835809364484199299993762175017123529243880279754100270495837398571170375260154881236827064921517977708194536573633932589295965567368655453228379516386776788120524539292729292586805963779863985170048772410167287714752562963980399772002493609814164465603730843147153725054425434700777574252692285130440529276241684311717021793627625663036351856601124007640348545490215752598387092004707745182805946019300529058820612837166623693261500150322916990947358680489645151808415100471442129727498593055995568747602188267356110071074897494307046737618930876775885898556899444524663686285526967184501683497179291017507228851962209633179107191697745081574565471410714033587355478845632144449185372378448348976743630192208092515276517212198280280477039953403307046034982733499691559001799346110672393563451074119810913825101554067228168266084653059542277069915544509075357224433876567178688961850707656595282589391050698360438067926820454353977076685197085617921
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7400e365d774e519b31b78eb0ac6fb700834b72d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							016700760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a74000001852ce33a2200000403004730450220429a312d5090ac03e0bda6f2cabb68c6cb0456b5a30ddd733f3116d5079d905d022100a614f17d0fefffca8e2ac6b6412604aae12709c7b3a3bd26c66bab053529c96c007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab000001852ce33a3c0000040300473045022011a808d6b8db1fd9966cd8757b74ebc9239aa1919928bfea4efe7d5e6a1e44d8022100f0b3392bc0c7e1fcf047e8225fab980102c88dbe499a0ec59ed3372a7feec81d007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001852ce33a0600000403004630440220635dcd4d3bba868dd71952110381ce2c8f3290e6603eda0e1483e67f500524fa022076910f04196ac46a07fbd6ee8e26c78e913822e721a9aead775cc4b20f534aa2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'braintree-qa.udar.berkeley.edu'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000dc51e716deff8900a45728291ea6d019ccdf83fb65ec995a645b0d5b1626052d2290ab795128276ba92b063f4935fe5c10c0aa12a8905fed81d6bdea74a9ca01fe95d6d355f9e823fa00a617502dcc205fea950803e702bc30f96853d52f3082caf5ff17e0b705ab4f3efe2c44e33a8ca0031d31a0a9ebeeed03e176de15c2e4725f4d435eee3e7c395e0878add2fe334c055619616c46aae47ed3ad0f0b640caf36836fdbae31c89da6e70449df1dadd59a047c20a5b9714d2e591181a36522f18a2843b03f1975b5dd0eed995cd549a45df1bf237afc7467a89cce36dcf0d3551303c43773469d32d0b441a53621a2e62b239aeb80c636e5753139e852f6f