www.rit.edu

- Rochester Institute of Technology -

Issued by InCommon RSA Server CA 2

About this certificate

This digital certificate with serial number 16:a2:00:52:b3:46:be:81:37:e9:f9:38:7e:23:ac:cb was issued on by Internet2.

With 41 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Rochester Institute of Technology

Organization: Rochester Institute of Technology
State / Province: New York
Country: US

Internet2

Organization: Internet2
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 16:a2:00:52:b3:46:be:81:37:e9:f9:38:7e:23:ac:cb
Serial Number (int): 30084174550543458648065925849882537163
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: c3:53:6f:1b:44:cd:c3:a9:67:30:2a:b5:c1:ec:5e:ce:3f:66:d7:c2
AuthorityKeyId: ef:4c:00:92:a6:fb:76:2e:5e:95:e2:c9:5f:87:1b:19:d5:4d:e2:d9

Fingerprint (sha1): d2:83:d1:42:9b:b9:26:83:49:f0:78:0a:13:3b:56:1a:b1:6c:7c:0a
Fingerprint (sha256): 00:73:63:c9:a6:e0:17:19:74:36:f4:1b:a6:97:1d:f7:3d:f9:41:51:c0:36:93:d9:42:97:26:9e:42:58:cc:72

Issuing Certificate URL: http://crt.sectigo.com/InCommonRSAServerCA2.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/InCommonRSAServerCA2.crl

Check the revocation status for certificate www.rit.edu

41

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.rit.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.rit.edu
rit.edu
www.mba.rit.edu
www.medicalscience.rit.edu
www.microe.rit.edu
www.microsystems.rit.edu
www.mml.rit.edu
www.mpd.rit.edu
www.my.rit.edu
www.netview.rit.edu
www.ntid.rit.edu
www.nysp2i.rit.edu
www.ocasa.rit.edu
www.osher.rit.edu
www.outdoored.rit.edu
www.physicianassistant.rit.edu
www.pltw.rit.edu
www.problemsolve.rit.edu
www.rbc.rit.edu
www.rbcfeedback.rit.edu
www.rc.rit.edu
www.redbarnclimbing.rit.edu
www.reman.rit.edu
www.research.rit.edu
www.researchscholars.rit.edu
www.ritinn.com
www.ritpedia.rit.edu
www.saunders.rit.edu
www.science.rit.edu
www.sg.rit.edu
www.smfl.rit.edu
www.sms.rit.edu
www.ssrc.rit.edu
www.stat.rit.edu
www.sustainability.rit.edu
www.teach.rit.edu
www.training.rit.edu
www.vote.rit.edu
www.wic.rit.edu
www.women.rit.edu
zoom.rit.edu

Other certificates including the domain name rit.edu

(limited to 100 certificates)
3dprint.csh.rit.edu
elkmoose.student.rit.edu
us.prod.campusgroups.com
ezproxy.rit.edu
arthouse.rit.edu
www.rit.edu
michaelfrancis.me
cluster3.technolutions.net
spam.rit.edu
us.prod.campusgroups.com
dbadmin.istlabs.rit.edu
bcc1.talentera.com
vems.main.ad.rit.edu
cs.rit.edu
hvz.rit.edu
afsabre.rit.edu
www.rit.edu
print02.main.ad.rit.edu
game.csh.rit.edu
inspirationalshitposts.a.csh.rit.edu
fma.rit.edu
apps-alpha.scb.rit.edu
www.rit.edu
cluster3.technolutions.net
astrodance.rit.edu
nga.scb.rit.edu
git.csh.rit.edu
myportal.rit.edu
oops.rit.edu
git.csh.rit.edu
croatia.rit.edu
hogs.rit.edu
us.prod.campusgroups.com
grapeape.se.rit.edu
spiritpass.rit.edu
openevals.rit.edu
reports.ntid.rit.edu
kgcoe-msdpics.rit.edu
crmstage-des.rit.edu
vpr-sandbox.rc.rit.edu
cias-jira.rit.edu
sites.sg.rit.edu
cias-confluence.rit.edu
samurai.csh.rit.edu
www.ist.rit.edu
bcc1.talentera.com
moonbounce.rit.edu
myupktest.rit.edu
castnet.rit.edu
cadetsrv.main.ad.rit.edu
crmprod-des.rit.edu
filedump.se.rit.edu
api.rit.edu
www.rit.edu
reslab.rit.edu
rit.edu
myportaladmin.rit.edu
ritmailtest.rit.edu
evt.rit.edu
us.prod.campusgroups.com
rlescloud.main.ad.rit.edu
jenky.csh.rit.edu
www.rit.edu
www.rit.edu
headcount.se.rit.edu
monitor.istlabs.rit.edu
argo.csh.rit.edu
people.rit.edu
purple.student.rit.edu
infoguides.rit.edu
msdnaa.rit.edu
mabl.rit.edu
us.prod.campusgroups.com
croatia.rit.edu
appsdev.ntid.rit.edu
www.rit.edu
bcc1.talentera.com
twcosxserver01.main.ad.rit.edu
scholarworks.rit.edu
www2.rit.edu
myinfographicsd.main.ad.rit.edu
*.ce.rit.edu
careerservices.rit.edu
ritanime.rit.edu
witr.rit.edu
ntidwb01d.ntid.rit.edu
ccserv.rit.edu
aod.rit.edu
swen-ads.igm.rit.edu
mabl.rit.edu
taco.student.rit.edu
myinfo.rit.edu
vm344c.se.rit.edu
imap.se.rit.edu
openbsd.se.rit.edu
*.ce.rit.edu
cluster3.technolutions.net
san-8-s10.tlsprovisioning.exacttarget.com
www.rit.edu
reporter.cias.rit.edu

Certificate

The complete raw certificate details for www.rit.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJ+jCCCGKgAwIBAgIQFqIAUrNGvoE36fk4fiOsyzANBgkqhkiG9w0BAQwFADBE
MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSW50ZXJuZXQyMSEwHwYDVQQDExhJbkNv
bW1vbiBSU0EgU2VydmVyIENBIDIwHhcNMjQwNTAyMDAwMDAwWhcNMjUwNjAyMjM1
OTU5WjBiMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxKjAoBgNVBAoT
IVJvY2hlc3RlciBJbnN0aXR1dGUgb2YgVGVjaG5vbG9neTEUMBIGA1UEAxMLd3d3
LnJpdC5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoIdx/qwOz
5CmYBKSm/ZPVEDfNkOqV5Z7SDvpUZzUeZRSDy3L8YHqWegXK0HuB1O/p7SfKnzaz
ARB9NFsUmFdMOquN/FmtabVaoggngB0Otlsqap8aGLDY6KLfnYC8F4Nc2WSMq9Zb
n3y83hZHD3u1GdSTKCItzoEEhdb8ZUCVYAl4h672uVZe6xwWwhxyIGi1kocE5g1K
mkEntha5J3WBf2PwC+FsDleGsNQtSBirzLym8mXKu5Nc9NIzSXpAA9VSCcCU5yOg
Y778xb3nkRuO9IbhTDNbD6cJ2dg7vGstRt+YgXf16hUE6dlYJ7FxCuEH0oN9oCy7
X2Z8Y1UlW6SzAgMBAAGjggZIMIIGRDAfBgNVHSMEGDAWgBTvTACSpvt2Ll6V4slf
hxsZ1U3i2TAdBgNVHQ4EFgQUw1NvG0TNw6lnMCq1wexezj9m18IwDgYDVR0PAQH/
BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
BwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAmcwJTAjBggrBgEFBQcCARYXaHR0
cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQICMEAGA1UdHwQ5MDcwNaAzoDGG
L2h0dHA6Ly9jcmwuc2VjdGlnby5jb20vSW5Db21tb25SU0FTZXJ2ZXJDQTIuY3Js
MHAGCCsGAQUFBwEBBGQwYjA7BggrBgEFBQcwAoYvaHR0cDovL2NydC5zZWN0aWdv
LmNvbS9JbkNvbW1vblJTQVNlcnZlckNBMi5jcnQwIwYIKwYBBQUHMAGGF2h0dHA6
Ly9vY3NwLnNlY3RpZ28uY29tMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdQDP
EVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3zsw7CAAAAY85/0J0AAAEAwBGMEQC
IGKmpaYgUwy/VZo8E7mvMjMc+RhWqiWjd8Jc4QDttxP+AiAg5XtZBqQeTIrYP7ZR
1+Eue3PK3ZB3/yBCMwhNZRQSLAB2AKLjCuRF772tm3447Udnd1PXgluElNcrXhss
xLlQpEfnAAABjzn/QgYAAAQDAEcwRQIgYc6/xFKPAEaTKFot2I2O05Ox6U19wLqw
iP5f/oC2spcCIQDmchzPFV2WiAQ4+ck+Z16TC9MZe6dN+oTh3JGMSTTJqQB2AE51
oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjzn/QgYAAAQDAEcwRQIh
AM4vWUzQm1IoyUJ8PWP+MTYedWuILR/X3JOZ9otlLLxDAiAgr24T6rSeWkER5guW
BM1mCXci6bw1g5eTAKnPOz+O+TCCA0MGA1UdEQSCAzowggM2ggt3d3cucml0LmVk
dYIHcml0LmVkdYIPd3d3Lm1iYS5yaXQuZWR1ghp3d3cubWVkaWNhbHNjaWVuY2Uu
cml0LmVkdYISd3d3Lm1pY3JvZS5yaXQuZWR1ghh3d3cubWljcm9zeXN0ZW1zLnJp
dC5lZHWCD3d3dy5tbWwucml0LmVkdYIPd3d3Lm1wZC5yaXQuZWR1gg53d3cubXku
cml0LmVkdYITd3d3Lm5ldHZpZXcucml0LmVkdYIQd3d3Lm50aWQucml0LmVkdYIS
d3d3Lm55c3AyaS5yaXQuZWR1ghF3d3cub2Nhc2Eucml0LmVkdYIRd3d3Lm9zaGVy
LnJpdC5lZHWCFXd3dy5vdXRkb29yZWQucml0LmVkdYIed3d3LnBoeXNpY2lhbmFz
c2lzdGFudC5yaXQuZWR1ghB3d3cucGx0dy5yaXQuZWR1ghh3d3cucHJvYmxlbXNv
bHZlLnJpdC5lZHWCD3d3dy5yYmMucml0LmVkdYIXd3d3LnJiY2ZlZWRiYWNrLnJp
dC5lZHWCDnd3dy5yYy5yaXQuZWR1ght3d3cucmVkYmFybmNsaW1iaW5nLnJpdC5l
ZHWCEXd3dy5yZW1hbi5yaXQuZWR1ghR3d3cucmVzZWFyY2gucml0LmVkdYIcd3d3
LnJlc2VhcmNoc2Nob2xhcnMucml0LmVkdYIOd3d3LnJpdGlubi5jb22CFHd3dy5y
aXRwZWRpYS5yaXQuZWR1ghR3d3cuc2F1bmRlcnMucml0LmVkdYITd3d3LnNjaWVu
Y2Uucml0LmVkdYIOd3d3LnNnLnJpdC5lZHWCEHd3dy5zbWZsLnJpdC5lZHWCD3d3
dy5zbXMucml0LmVkdYIQd3d3LnNzcmMucml0LmVkdYIQd3d3LnN0YXQucml0LmVk
dYIad3d3LnN1c3RhaW5hYmlsaXR5LnJpdC5lZHWCEXd3dy50ZWFjaC5yaXQuZWR1
ghR3d3cudHJhaW5pbmcucml0LmVkdYIQd3d3LnZvdGUucml0LmVkdYIPd3d3Lndp
Yy5yaXQuZWR1ghF3d3cud29tZW4ucml0LmVkdYIMem9vbS5yaXQuZWR1MA0GCSqG
SIb3DQEBDAUAA4IBgQBZOPsXTJswdkA1Z1UkonL5ROfDtBoiedmnEXb8n8TE8tKJ
ruarQZjQENPOC1EVdyyPK5StaCChxD46w/rMIsigcezhijxm6gT46LXE1FY9i5ip
ircujLMCQDtT0iceLE3iAlHik4iupHTQr8gufB0qj7XFN5reelm6jztjnuCAKe4S
n7BA3ACq9GUCYCa1EeFRDkrpDaIYuL7YBhKUHth+nVidJStHRA88WjRN/8Ub3olx
d253GSiicb3kS2wrArTyv4uYZ9zGg6DetMAI48604devzS86nJwhGoepb6IlUxW7
V0gfFxwFE4Od7QuEwIJz/l+UeSAXHp0QHFgKFBd2/ID4hRn0P1eaB4NT86+u3KMC
TKYLq5yStB9s3Ptqy1qNec8Z9CaXkuGVILkwvMSl+xUzLcDlNYHKRe+o+iXDhzEM
dTZzkn1Oi4Ue3T0AE1g6gfbMDpXMWVDoYMlNQy+xGFIiFOkWgw517bm5DClmmhut
24yxYsz4kUo6RieQm/8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CHcf6sDs+QpmASkpv2T
1RA3zZDqleWe0g76VGc1HmUUg8ty/GB6lnoFytB7gdTv6e0nyp82swEQfTRbFJhX
TDqrjfxZrWm1WqIIJ4AdDrZbKmqfGhiw2Oii352AvBeDXNlkjKvWW598vN4WRw97
tRnUkygiLc6BBIXW/GVAlWAJeIeu9rlWXuscFsIcciBotZKHBOYNSppBJ7YWuSd1
gX9j8AvhbA5XhrDULUgYq8y8pvJlyruTXPTSM0l6QAPVUgnAlOcjoGO+/MW955Eb
jvSG4UwzWw+nCdnYO7xrLUbfmIF39eoVBOnZWCexcQrhB9KDfaAsu19mfGNVJVuk
swIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 30084174550543458648065925849882537163
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA 2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-02 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-02 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rochester Institute of Technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.rit.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29303984392855816247972162750670366194475205411757845348436785973615340499604315601547373398680957855108540468443662734461335897191573873219637434378355802787399702803735026576518828228452667766909151997891103991898638978338131398550233585857231654869231740032221367655749006921987353814230593949358202792307806631062528297959049179135714400526796658223107938465462171758407222063104298113865201640203038331614637828353675982092111479774419964784598168208994186816704486596444106164807249213553361088009723793158860804179449579968676648804862186289606519345749225747416390659293987526501882650291396940266218245039283
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ef4c0092a6fb762e5e95e2c95f871b19d54de2d9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c3536f1b44cdc3a967302ab5c1ec5ece3f66d7c2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.103
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/InCommonRSAServerCA2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/InCommonRSAServerCA2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018f39ff42740000040300463044022062a6a5a620530cbf559a3c13b9af32331cf91856aa25a377c25ce100edb713fe022020e57b5906a41e4c8ad83fb651d7e12e7b73cadd9077ff204233084d6514122c007600a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018f39ff42060000040300473045022061cebfc4528f004693285a2dd88d8ed393b1e94d7dc0bab088fe5ffe80b6b297022100e6721ccf155d96880438f9c93e675e930bd3197ba74dfa84e1dc918c4934c9a90076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f39ff42060000040300473045022100ce2f594cd09b5228c9427c3d63fe31361e756b882d1fd7dc9399f68b652cbc43022020af6e13eab49e5a4111e60b9604cd66097722e9bc3583979300a9cf3b3f8ef9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (826 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mba.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.medicalscience.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.microe.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.microsystems.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mml.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mpd.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.my.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.netview.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ntid.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nysp2i.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ocasa.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.osher.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.outdoored.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.physicianassistant.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pltw.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.problemsolve.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rbc.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rbcfeedback.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rc.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.redbarnclimbing.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.reman.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.research.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.researchscholars.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ritinn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ritpedia.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.saunders.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.science.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sg.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.smfl.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sms.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ssrc.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stat.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sustainability.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.teach.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.training.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.vote.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.wic.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.women.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zoom.rit.edu'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (3072 bits)
		005938fb174c9b30764035675524a272f944e7c3b41a2279d9a71176fc9fc4c4f2d289aee6ab4198d010d3ce0b5115772c8f2b94ad6820a1c43e3ac3facc22c8a071ece18a3c66ea04f8e8b5c4d4563d8b98a98ab72e8cb302403b53d2271e2c4de20251e29388aea474d0afc82e7c1d2a8fb5c5379ade7a59ba8f3b639ee08029ee129fb040dc00aaf465026026b511e1510e4ae90da218b8bed80612941ed87e9d589d252b47440f3c5a344dffc51bde8971776e771928a271bde44b6c2b02b4f2bf8b9867dcc683a0deb4c008e3ceb4e1d7afcd2f3a9c9c211a87a96fa2255315bb57481f171c0513839ded0b84c08273fe5f947920171e9d101c580a141776fc80f88519f43f579a078353f3afaedca3024ca60bab9c92b41f6cdcfb6acb5a8d79cf19f4269792e19520b930bcc4a5fb15332dc0e53581ca45efa8fa25c387310c753673927d4e8b851edd3d0013583a81f6cc0e95cc5950e860c94d432fb118522214e916830e75edb9b90c29669a1baddb8cb162ccf8914a3a4627909bff