test-onbase.rutgers.edu

- Rutgers, The State University of New Jersey -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 9b:d7:d4:12:b7:3b:1c:88:db:d0:d8:84:73:90:9d:58 was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Rutgers, The State University of New Jersey

Organization: Rutgers, The State University of New Jersey
Organization unit: OIT-ESS
Address: 57 US HIGHWAY 1
Postal code: 08901
State / Province: NJ
Locality: NEW BRUNSWICK
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 9b:d7:d4:12:b7:3b:1c:88:db:d0:d8:84:73:90:9d:58
Serial Number (int): 207150984524897065822633627580655246680
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 36:f1:c5:98:89:e0:62:9a:ce:58:83:02:fa:35:6c:56:7b:66:f4:09
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 4f:31:1c:00:50:18:dd:1a:5e:06:86:61:0a:3a:14:9f:91:85:78:23
Fingerprint (sha256): 00:81:f9:3f:db:d7:c8:b3:53:97:49:e8:b4:41:7c:6a:84:63:d6:b0:eb:92:f3:5f:56:b8:c0:96:c5:56:1a:d7

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate test-onbase.rutgers.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for test-onbase.rutgers.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

test-onbase.rutgers.edu

Other certificates including the domain name rutgers.edu

(limited to 100 certificates)
signalsweb.rutgers.edu
ncs.newark.rutgers.edu
5767253387640832-fe2.pantheonsite.io
test-web-lws.edu.help
5662197925543936-fe2.pantheonsite.io
vawconsortium.rutgers.edu
business.rutgers.edu
5767253387640832-fe2.pantheonsite.io
carpepm.almonds.com
5759522421342208-fe1.pantheonsite.io
5685265389584384-fe2.pantheonsite.io
5732694713434112-fe3.pantheonsite.io
t5-asb-2-sp.ei.rutgers.edu
globalhealth.rutgers.edu
sauron.rutgers.edu
nonviolence.rutgers.edu
admissionservices.rutgers.edu
ucm.rutgers.edu
sk1897.rutgers-sci.domains
brodskycenter.rutgers.edu
english.rutgers.edu
5723088213770240-fe3.pantheonsite.io
it.uahs.arizona.edu
mailoptin.rutgers.edu
my.rutgers.edu
mybook.physics.rutgers.edu
www.nbcs.rutgers.edu
chrs.rutgers.edu
test-rt.ips.rutgers.edu
lammerts.religion.rutgers.edu
test-onbase.rutgers.edu
dev-developer.njdatabook.docs.rutgers.edu
etba.rbhs.rutgers.edu
transcripts.rutgers.edu
ucdc.edu
test-hdrti.rutgers.edu
5731283548241920-fe4.pantheonsite.io
data.rutgers.edu
5202656289095680-fe4.pantheonsite.io
nj-vegetable-crops-online-resources.rutgers.edu
5636647567753216-fe1.pantheonsite.io
rackstation.falabs.rutgers.edu
nartc.fcm.arizona.edu
5753050442498048-fe1.pantheonsite.io
5685057352105984-fe4.pantheonsite.io
5732694713434112-fe3.pantheonsite.io
calendar.sdzsafaripark.org
policy.rutgers.edu
5649521866440704-fe3.pantheonsite.io
5723088213770240-fe3.pantheonsite.io
orad.rutgers.edu
tag.rutgers.edu
5743114304094208-fe3.pantheonsite.io
aim1.ufcp.rutgers.edu
events.newark.rutgers.edu
apps.physics.rutgers.edu
aspoerri.rutgers-sci.domains
webprod.cs.rutgers.edu
5178081291534336-fe1.pantheonsite.io
qa-helpdesk.docs.rutgers.edu
bigideas.rutgers.edu
sourendev.scilsnet.rutgers.edu
5755812509122560-fe2.pantheonsite.io
hsgpawsvr.hars.rutgers.edu
software.rutgers.edu
5672749318012928-fe3.pantheonsite.io
exchange.nwk-campus.rutgers.edu
uconnectlabs.com
5639955095224320-fe3.pantheonsite.io
nagios.rutgers.edu
sasip.rutgers.edu
5759522421342208-fe1.pantheonsite.io
operations-web-dev.ssw.rutgers.edu
banking-business-review.com
idts.comminfo.rutgers.edu
cdn-test.battlefields.org
reu.physics.rutgers.edu
test.eis.uw.edu
5753113524830208-fe1.pantheonsite.io
helpdesk.gse.rutgers.edu
5700019675987968-fe2.pantheonsite.io
5662197925543936-fe2.pantheonsite.io
5699866936213504-fe4.pantheonsite.io
5163657986048000-fe4.pantheonsite.io
citeak.multidevcom.uaf.edu
www.design-engineering.princeton.edu
5753050442498048-fe1.pantheonsite.io
taws-upgrade-web.ssw.rutgers.edu
5644309118320640-fe3.pantheonsite.io
5644309118320640-fe3.pantheonsite.io
achieve.escoffier.edu
5644309118320640-fe3.pantheonsite.io
gradschoolalumni.rutgers.edu
aspoerri.rutgers-sci.domains
5646535253557248-fe3.pantheonsite.io
benedick.rutgers.edu
operations.rutgers.edu
www.hikeforlifetexas.org
5644309118320640-fe3.pantheonsite.io
nxterra.ucop.edu

Certificate

The complete raw certificate details for test-onbase.rutgers.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHFjCCBf6gAwIBAgIRAJvX1BK3OxyI29DYhHOQnVgwDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMTgxMDIzMDAwMDAwWhcNMjAxMDIy
MjM1OTU5WjCBxjELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTA4OTAxMQswCQYDVQQI
EwJOSjEWMBQGA1UEBxMNTkVXIEJSVU5TV0lDSzEYMBYGA1UECRMPNTcgVVMgSElH
SFdBWSAxMTQwMgYDVQQKEytSdXRnZXJzLCBUaGUgU3RhdGUgVW5pdmVyc2l0eSBv
ZiBOZXcgSmVyc2V5MRAwDgYDVQQLEwdPSVQtRVNTMSAwHgYDVQQDExd0ZXN0LW9u
YmFzZS5ydXRnZXJzLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANdOsgiB7TkuhZDvQB6ERy2ub1c0Lb+QlaH2Pi2ZabCyfdiliQnFDnZ3QH0e4G9T
mbpMChqh82Jfs90Xgexpf7ot+oUB5+PJ7/+WhqKpaLjDGk57mk/f1B9ezI4m8bva
WiamSXaWq2AYBF7PB1TSAguRi00q6EoUQcQZycF1FH49XkR49EAhyU2m9eSf4BGF
0u6WCEQu7S03T9hC1qAVRKNuQQwjAqWFQ0lDft4u7WmmMu3jYFg6KyC4oxTn4URO
WyKB5VgIE5rjRgX40nUAnLg0b5GvVypFyaTTIDqkAdgia7NpJNWGyd2KW+KnQxKt
DvvJMfLdliEbzs48A0xSUe0CAwEAAaOCA0wwggNIMB8GA1UdIwQYMBaAFB4Fo3eP
bJbiW4dLprSGrHEADOc4MB0GA1UdDgQWBBQ28cWYieBims5YgwL6NWxWe2b0CTAO
BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwZwYDVR0gBGAwXjBSBgwrBgEEAa4jAQQDAQEwQjBABggrBgEF
BQcCARY0aHR0cHM6Ly93d3cuaW5jb21tb24ub3JnL2NlcnQvcmVwb3NpdG9yeS9j
cHNfc3NsLnBkZjAIBgZngQwBAgIwRAYDVR0fBD0wOzA5oDegNYYzaHR0cDovL2Ny
bC5pbmNvbW1vbi1yc2Eub3JnL0luQ29tbW9uUlNBU2VydmVyQ0EuY3JsMHUGCCsG
AQUFBwEBBGkwZzA+BggrBgEFBQcwAoYyaHR0cDovL2NydC51c2VydHJ1c3QuY29t
L0luQ29tbW9uUlNBU2VydmVyQ0FfMi5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9v
Y3NwLnVzZXJ0cnVzdC5jb20wIgYDVR0RBBswGYIXdGVzdC1vbmJhc2UucnV0Z2Vy
cy5lZHUwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AO5Lvbd1zmC64UJpH6vh
nmajD35fsHLYgwDEe4l6qP3LAAABZqF0vi4AAAQDAEcwRQIgJZ9bJ52tithTMjWm
iMunaCo0ZwoW2qdolnJ0S0SlmkYCIQCufROzSPV5XMOWvLHMs1rA4DlLNVaEUk9P
0K5SFs78ZgB1AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABZqF0
vc0AAAQDAEYwRAIgBABcNT/hmLxV/S1xOytab6rl2pWmcwGyPFKSekVirHsCIFCf
GrirEiS0zChmZFiAaVU5XrJ22gJwJJAZ/QHOTDT2AHYAVYHUwhaQNgFK6gubVzxT
8MDkOHhwJQgXL6OqHQcT0wwAAAFmoXS9qQAABAMARzBFAiEAhkpyFimhS4TwCeTZ
+rOrJOMbkkrBMKmK90X7PHeZK4ECIGl7Siebbo3ZKHH0xk1M7CWO3tFShyFgghN2
2YwY2SRKMA0GCSqGSIb3DQEBCwUAA4IBAQBkmXosD/DQdOcSMzr/YCwi8dxJY5n7
MD+zzKo0j6Oo6dhACHV9tOK2mrXV5/3O8TaT1h7N6EZyGB8Slsk6SeG0WAfEqyAi
n4LIawJ77ScrbcVI/b+5v2nn3L4Hd+RIJhOwIrL+jTKwvHbvO1IanWiY+YbOmcPV
GFZFnK8iiaYFKGJPOvkQffzsRkP6Jq4LoOxN2BJuQIxx+ousaWakpqF2YmN5i32n
xqjlQiCfWk04gwV+cRqeHXPOD+KbjhdU+sZdqx4YkCNcjYEPyQoxPBkhjtkG5uPu
xf06SERlm9eWZ8yKRMbLkfIGKfZtDe0EVCBNxv7c6Xt83xMcB2cfsN79
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA106yCIHtOS6FkO9AHoRH
La5vVzQtv5CVofY+LZlpsLJ92KWJCcUOdndAfR7gb1OZukwKGqHzYl+z3ReB7Gl/
ui36hQHn48nv/5aGoqlouMMaTnuaT9/UH17Mjibxu9paJqZJdparYBgEXs8HVNIC
C5GLTSroShRBxBnJwXUUfj1eRHj0QCHJTab15J/gEYXS7pYIRC7tLTdP2ELWoBVE
o25BDCMCpYVDSUN+3i7taaYy7eNgWDorILijFOfhRE5bIoHlWAgTmuNGBfjSdQCc
uDRvka9XKkXJpNMgOqQB2CJrs2kk1YbJ3Ypb4qdDEq0O+8kx8t2WIRvOzjwDTFJR
7QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 207150984524897065822633627580655246680
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-23 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-10-22 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '08901'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NJ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NEW BRUNSWICK'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '57 US HIGHWAY 1'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rutgers, The State University of New Jersey'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'OIT-ESS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'test-onbase.rutgers.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27180041736633628586461624267061706516841871476131114270782981458906393410183617154188678679092763201918507987543441636914271275938470289500710982616979973012451706098637652614172019015798639531284282025156449236698423844362480931109196167139422383490341545132240966928333486881949595668045358113472734082858303597401678471480528722729806516173178527378410410256391483107633383307191137888589425216308904530821314007439540384679049759137122469928779227192336022564285598956925169427190296485768466804388544248395811671665083710779352298863013912509352482430996827443384946510070147278364644292751992712845275423724013
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							36f1c59889e0629ace588302fa356c567b66f409
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-onbase.rutgers.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000166a174be2e00000403004730450220259f5b279dad8ad8533235a688cba7682a34670a16daa7689672744b44a59a46022100ae7d13b348f5795cc396bcb1ccb35ac0e0394b355684524f4fd0ae5216cefc660075005ea773f9df56c0e7b536487dd049e0327a919a0c84a11212841875968171455800000166a174bdcd0000040300463044022004005c353fe198bc55fd2d713b2b5a6faae5da95a67301b23c52927a4562ac7b0220509f1ab8ab1224b4cc28666458806955395eb276da0270249019fd01ce4c34f60076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000166a174bda90000040300473045022100864a721629a14b84f009e4d9fab3ab24e31b924ac130a98af745fb3c77992b810220697b4a279b6e8dd92871f4c64d4cec258eded152872160821376d98c18d9244a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0064997a2c0ff0d074e712333aff602c22f1dc496399fb303fb3ccaa348fa3a8e9d84008757db4e2b69ab5d5e7fdcef13693d61ecde84672181f1296c93a49e1b45807c4ab20229f82c86b027bed272b6dc548fdbfb9bf69e7dcbe0777e4482613b022b2fe8d32b0bc76ef3b521a9d6898f986ce99c3d51856459caf2289a60528624f3af9107dfcec4643fa26ae0ba0ec4dd8126e408c71fa8bac6966a4a6a1766263798b7da7c6a8e542209f5a4d3883057e711a9e1d73ce0fe29b8e1754fac65dab1e1890235c8d810fc90a313c19218ed906e6e3eec5fd3a4844659bd79667cc8a44c6cb91f20629f66d0ded0454204dc6fedce97b7cdf131c07671fb0defd