ccib.mgh.harvard.edu
- President and Fellows of Harvard College -
Issued by InCommon RSA Server CA 2
About this certificate
This digital certificate with serial number bb:ff:d1:65:c9:50:29:ff:08:ef:94:1f:a2:60:c4:d8 was issued on by Internet2.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
President and Fellows of Harvard College
Organization:
President and Fellows of Harvard College
State / Province:
Massachusetts
Country: US
Country: US
Internet2
Organization:
Internet2
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): bb:ff:d1:65:c9:50:29:ff:08:ef:94:1f:a2:60:c4:d8Serial Number (int): 249893917998660625779352860494206649560
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: a7:b7:f9:16:2f:9f:c2:6e:93:c4:32:e6:b5:ad:3f:43:73:9b:b1:11
AuthorityKeyId: ef:4c:00:92:a6:fb:76:2e:5e:95:e2:c9:5f:87:1b:19:d5:4d:e2:d9
Fingerprint (sha1): 54:7c:ee:80:c8:e2:12:86:d3:2b:fb:73:e9:31:00:e4:69:f0:ab:2e
Fingerprint (sha256): 00:a6:a8:4b:03:56:02:d8:97:8a:b8:b6:1f:b1:20:15:1e:48:20:94:c0:14:83:32:18:ca:4e:a2:7c:c1:4c:61
Issuing Certificate URL: http://crt.sectigo.com/InCommonRSAServerCA2.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/InCommonRSAServerCA2.crl
Check the revocation status for certificate ccib.mgh.harvard.edu
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ccib.mgh.harvard.edu
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ccib.mgh.harvard.edu
Other certificates including the domain name harvard.edu
(limited to 100 certificates)
*.meei.harvard.edu
www.nieman.harvard.edu
cds4.cvent.com
lee.hms.harvard.edu
cvvr.hms.harvard.edu
imperva.com
iqss-sid-env-uat.herokuapp.com
takesian.hms.harvard.edu
dssg.fas.harvard.edu
scorsese.wjh.harvard.edu
geodata-proxy.lib.harvard.edu
5769623379116032-fe2.pantheonsite.io
incapsula.com
zhanglab.tch.harvard.edu
tech.seas.harvard.edu
5762637883244544-fe3.pantheonsite.io
incapsula.com
getonline.harvard.edu
archives.harvard.edu
acquia-sites.com
hub.test.lxp.huit.harvard.edu
filetransfer.harvard.edu
www.datascience.harvard.edu
nlbsp.med.harvard.edu
alumni.dce-test.upstatement.dev
neprc-vpn.hms.harvard.edu
*.hmc.harvard.edu
docker.rc.fas.harvard.edu
webmail.hsl.harvard.edu
www.hup.harvard.edu
statuspage.io
it.uahs.arizona.edu
healthinnovationnetwork.harvard.edu
sfsportal.harvard.edu
termbill.harvard.edu
admissions.emeritus.org
ordlvapexd01.med.harvard.edu
incapsula.com
cluster3.technolutions.net
hhi.harvard.edu
rmfs-blog.rmf.harvard.edu
cluster.technolutions.net
sandbox-ak150.rc.hms.harvard.edu
jdcmoveit1.joslin.harvard.edu
giftshop.metalab.harvard.edu
forerun-beta.bidmc.harvard.edu
coreapitest.tch.harvard.edu
incapsula.com
cluster3.technolutions.net
cvvr.hms.harvard.edu
jenkins.tlt.harvard.edu
worldmap.harvard.edu
omero-dev.hms.harvard.edu
www.production.sid.hmdc.harvard.edu
email.med.harvard.edu
ccib.mgh.harvard.edu
5709068098338816-fe3.pantheonsite.io
sites.sph.harvard.edu
incapsula.com
db1.mgh.harvard.edu
peerprereview.iq.harvard.edu
incapsula.com
bonescan.bidmc.harvard.edu
*.wcfia.harvard.edu
teachingpost.hbsp.harvard.edu
canvas.hms.harvard.edu
5762637883244544-fe3.pantheonsite.io
p0-univad-dc6.university.harvard.edu
coptic.share.library.harvard.edu
gc.seas.harvard.edu
fugue.arp.harvard.edu
incapsula.com
incapsula.com
edportal.harvard.edu
p2m2a.dbmi.hms.harvard.edu
pilac.law.harvard.edu
5753952654065664-fe1.pantheonsite.io
bootcamp.extension.harvard.edu
vpn.harvard.edu
prostatus.whitepages.com
sni.cloudflaressl.com
iiif.lib.harvard.edu
hds.harvard.edu
rmfvpn.rmf.harvard.edu
incapsula.com
axistv.fas.harvard.edu
vector.meei.harvard.edu
mywellnetmobiletest.tch.harvard.edu
nautilus.gse.harvard.edu
countway.harvard.edu
eve.law.harvard.edu
dlabss.harvard.edu
mail.jbcc.harvard.edu
200.hls.harvard.edu
chsi.harvard.edu
hgc.harvard.edu
vpn.dce.harvard.edu
oi.mgh.harvard.edu
wagnerlab.tch.harvard.edu
bioinformatics.sph.harvard.edu
www.nieman.harvard.edu
cds4.cvent.com
lee.hms.harvard.edu
cvvr.hms.harvard.edu
imperva.com
iqss-sid-env-uat.herokuapp.com
takesian.hms.harvard.edu
dssg.fas.harvard.edu
scorsese.wjh.harvard.edu
geodata-proxy.lib.harvard.edu
5769623379116032-fe2.pantheonsite.io
incapsula.com
zhanglab.tch.harvard.edu
tech.seas.harvard.edu
5762637883244544-fe3.pantheonsite.io
incapsula.com
getonline.harvard.edu
archives.harvard.edu
acquia-sites.com
hub.test.lxp.huit.harvard.edu
filetransfer.harvard.edu
www.datascience.harvard.edu
nlbsp.med.harvard.edu
alumni.dce-test.upstatement.dev
neprc-vpn.hms.harvard.edu
*.hmc.harvard.edu
docker.rc.fas.harvard.edu
webmail.hsl.harvard.edu
www.hup.harvard.edu
statuspage.io
it.uahs.arizona.edu
healthinnovationnetwork.harvard.edu
sfsportal.harvard.edu
termbill.harvard.edu
admissions.emeritus.org
ordlvapexd01.med.harvard.edu
incapsula.com
cluster3.technolutions.net
hhi.harvard.edu
rmfs-blog.rmf.harvard.edu
cluster.technolutions.net
sandbox-ak150.rc.hms.harvard.edu
jdcmoveit1.joslin.harvard.edu
giftshop.metalab.harvard.edu
forerun-beta.bidmc.harvard.edu
coreapitest.tch.harvard.edu
incapsula.com
cluster3.technolutions.net
cvvr.hms.harvard.edu
jenkins.tlt.harvard.edu
worldmap.harvard.edu
omero-dev.hms.harvard.edu
www.production.sid.hmdc.harvard.edu
email.med.harvard.edu
ccib.mgh.harvard.edu
5709068098338816-fe3.pantheonsite.io
sites.sph.harvard.edu
incapsula.com
db1.mgh.harvard.edu
peerprereview.iq.harvard.edu
incapsula.com
bonescan.bidmc.harvard.edu
*.wcfia.harvard.edu
teachingpost.hbsp.harvard.edu
canvas.hms.harvard.edu
5762637883244544-fe3.pantheonsite.io
p0-univad-dc6.university.harvard.edu
coptic.share.library.harvard.edu
gc.seas.harvard.edu
fugue.arp.harvard.edu
incapsula.com
incapsula.com
edportal.harvard.edu
p2m2a.dbmi.hms.harvard.edu
pilac.law.harvard.edu
5753952654065664-fe1.pantheonsite.io
bootcamp.extension.harvard.edu
vpn.harvard.edu
prostatus.whitepages.com
sni.cloudflaressl.com
iiif.lib.harvard.edu
hds.harvard.edu
rmfvpn.rmf.harvard.edu
incapsula.com
axistv.fas.harvard.edu
vector.meei.harvard.edu
mywellnetmobiletest.tch.harvard.edu
nautilus.gse.harvard.edu
countway.harvard.edu
eve.law.harvard.edu
dlabss.harvard.edu
mail.jbcc.harvard.edu
200.hls.harvard.edu
chsi.harvard.edu
hgc.harvard.edu
vpn.dce.harvard.edu
oi.mgh.harvard.edu
wagnerlab.tch.harvard.edu
bioinformatics.sph.harvard.edu
Certificate
The complete raw certificate details for ccib.mgh.harvard.edu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIH7DCCBlSgAwIBAgIRALv/0WXJUCn/CO+UH6JgxNgwDQYJKoZIhvcNAQEMBQAw RDELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCUludGVybmV0MjEhMB8GA1UEAxMYSW5D b21tb24gUlNBIFNlcnZlciBDQSAyMB4XDTI0MDIwODAwMDAwMFoXDTI1MDIwNzIz NTk1OVowdzELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxMTAv BgNVBAoTKFByZXNpZGVudCBhbmQgRmVsbG93cyBvZiBIYXJ2YXJkIENvbGxlZ2Ux HTAbBgNVBAMTFGNjaWIubWdoLmhhcnZhcmQuZWR1MIICIjANBgkqhkiG9w0BAQEF AAOCAg8AMIICCgKCAgEAwpEZWzKdzjve8cmBIfXxL5J04v0HPAiqPzn6CUgePfq/ QJScKk8mnn+bxsnuBBeethQw8JAKa3NE8x9abu/LO5GKZn73t7x+weZ+aQm7VhPP nTb25UM13jvs7QNRqoLOXPYEA0jaUr7rA6gVUsLcvrT+jgRVXawGUKAiAwsQwEl0 eboH9wwJ8AoQZPIcEhOHby6yjz/14DgdE+V5NqkmqqHGTRrSl82t3+GK8qD9kjJS T4l5scJi5jolzwDqBHfKORB5g3cJb06x8cCBVGetswLuIiqdAo5GAqADnjEj4RLy 2bNVDJXJS/rICVaVruNyWduRHMuC1GktCNh6FGdHDwfxD28oNh09E1uKEzdWgnYT +QxtLnzW7BYWUSfBe/X49y2bkckzB8mudzwf4fv6Pn2hOHrs1wOmAo5MTJYDkhqR N6WEdd6l6pM9LzvnQmqP3Hf+5b9mFEeit3FxmGIV2iYTwgOD5ORFqdS5B/jg7jfr KNsEtnhrmAQRXzJA6obKg2jI54aykkkjW6/THHc8RWRnoXwy0n9RUee4Qfv/UTco WcyIow18HMdxihTA+SX8gdYjSxGF+l9uFox1/By9bwzSqjJ+Tws/3ehAmRzwiIMs z8MoZ9BT3jVB7wKaCUy24kAD5PtNF9DzuqdlwkRTm5US7QLZs7zmI6YMPK9Ab9EC AwEAAaOCAyQwggMgMB8GA1UdIwQYMBaAFO9MAJKm+3YuXpXiyV+HGxnVTeLZMB0G A1UdDgQWBBSnt/kWL5/CbpPEMua1rT9Dc5uxETAOBgNVHQ8BAf8EBAMCBaAwDAYD VR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0g BEIwQDA0BgsrBgEEAbIxAQICZzAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3Rp Z28uY29tL0NQUzAIBgZngQwBAgIwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cDovL2Ny bC5zZWN0aWdvLmNvbS9JbkNvbW1vblJTQVNlcnZlckNBMi5jcmwwcAYIKwYBBQUH AQEEZDBiMDsGCCsGAQUFBzAChi9odHRwOi8vY3J0LnNlY3RpZ28uY29tL0luQ29t bW9uUlNBU2VydmVyQ0EyLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2Vj dGlnby5jb20wHwYDVR0RBBgwFoIUY2NpYi5tZ2guaGFydmFyZC5lZHUwggF/Bgor BgEEAdZ5AgQCBIIBbwSCAWsBaQB2AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHS W3fOzDsIAAABjYmu4oQAAAQDAEcwRQIhAJgrVsWEJZgqM8NwkQT+Pso7Fk9nVC8d 7DF7hm0tHBXzAiA8toC0HA3ttl7PF2ztZt1onMJMlW1aUjlU2jKyY9vMhwB3AKLj CuRF772tm3447Udnd1PXgluElNcrXhssxLlQpEfnAAABjYmu4y0AAAQDAEgwRgIh AIlOI7AhrDhbbjLXycIvAQZPfXwqkprg98YjDjdp854fAiEAzIYh3NVwwKXewsGC dwGiQsHF430TZfDTSu1C+RTVa9sAdgBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx +mSxYpo53wAAAY2JruK3AAAEAwBHMEUCIQDOrNDB+Pd4bTmBZQtzJo7rXfVwOqXC 8UkKhOSwHtn9TQIgX7E9vLQ1gGLTTXsMi0VyO4tyNYJt1PcXfTGvgVHbBmIwDQYJ KoZIhvcNAQEMBQADggGBAFir6vZsiLz46AEgl9t3CBB7iFRtyuAN1cRbbO2bH1wJ JDjCgV+0OrHY5D4snmjQ2FNf2LQG2+LwYt9Za1nhArE+SacoausnaOzHQosnKMpg U0lQhEFTU9DBfGrYkYATy0O5PkUQzCk6FI240H8tPeu+nQ4LeILYMeBWBqJxBp1H HQ+qhw2pisu9+NOgfOYtVFZimS28z3E6vWWQ6NYH5Ufjb7xcWLSsV0KuithBJgub AGsRZ3oEhpHlnFfIrHak7WeKStdDsHA6PNUm8fCXpBTnYL33mjH+binpO0oJWwpa 0yPvBAI038IHPLyntgHQgsSEUEzHBIrzic6EPayL+z19t4IkREHeATfwhb+MUSCG Wy+QIvgdAv7wPl+UluAcIvVVw0urwvBBoDxaKyCwoZ04ghhP8nHfLDAEANzSbV0d vZv9tYZojFQuGgAtZzxLCypbknUfagQqZ4U4VEwiYn1VgMefXE/uxsUQnxsgO/7G UMtKox+6P2zte41W/JMiqw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwpEZWzKdzjve8cmBIfXx L5J04v0HPAiqPzn6CUgePfq/QJScKk8mnn+bxsnuBBeethQw8JAKa3NE8x9abu/L O5GKZn73t7x+weZ+aQm7VhPPnTb25UM13jvs7QNRqoLOXPYEA0jaUr7rA6gVUsLc vrT+jgRVXawGUKAiAwsQwEl0eboH9wwJ8AoQZPIcEhOHby6yjz/14DgdE+V5Nqkm qqHGTRrSl82t3+GK8qD9kjJST4l5scJi5jolzwDqBHfKORB5g3cJb06x8cCBVGet swLuIiqdAo5GAqADnjEj4RLy2bNVDJXJS/rICVaVruNyWduRHMuC1GktCNh6FGdH DwfxD28oNh09E1uKEzdWgnYT+QxtLnzW7BYWUSfBe/X49y2bkckzB8mudzwf4fv6 Pn2hOHrs1wOmAo5MTJYDkhqRN6WEdd6l6pM9LzvnQmqP3Hf+5b9mFEeit3FxmGIV 2iYTwgOD5ORFqdS5B/jg7jfrKNsEtnhrmAQRXzJA6obKg2jI54aykkkjW6/THHc8 RWRnoXwy0n9RUee4Qfv/UTcoWcyIow18HMdxihTA+SX8gdYjSxGF+l9uFox1/By9 bwzSqjJ+Tws/3ehAmRzwiIMsz8MoZ9BT3jVB7wKaCUy24kAD5PtNF9DzuqdlwkRT m5US7QLZs7zmI6YMPK9Ab9ECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 249893917998660625779352860494206649560 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA 2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-08 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-07 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Massachusetts' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'President and Fellows of Harvard College' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ccib.mgh.harvard.edu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 793763263530674519992950876555401131280151147492694985850011932259174319297880753961930662362157328638751402427201497969158995681916713352268720223232827033300953285609672755171385681633631425057552635520716044560743380711702917986153396507174702771181627816098442832515350984743830693415271555900975517729426052876127144664826535218452977191848905059656660888765441080117696023283724631765032796344722200309329251686493348326512933941643367292698347530457059306353009430221065964438499592288697517865453437410183246404608822850771028233989517218528207963782625944663945399754280855326188510353532000793188823853921932068317620849452170411083876013160647407992611433658675483832390967898435586272752510168201083844635911256351918584941943155282090144459547968838993572051862545995706577702403748596189972497405756736460432590983341100968392056580427878661673171056515444037279591106103755348898927156964308347375365238175833854179360142644626898186663864356410744899583503201734504229592135295636231522332883694730923178039254119215978425349262601859920876426331558500177021004468844743875968882479691782589883710685808287160033429749620250525666446140957875637990278606390807908959711716338873261562539774345253865466298805033922513 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ef4c0092a6fb762e5e95e2c95f871b19d54de2d9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a7b7f9162f9fc26e93c432e6b5ad3f43739bb111 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.103 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/InCommonRSAServerCA2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/InCommonRSAServerCA2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ccib.mgh.harvard.edu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018d89aee2840000040300473045022100982b56c58425982a33c3709104fe3eca3b164f67542f1dec317b866d2d1c15f302203cb680b41c0dedb65ecf176ced66dd689cc24c956d5a523954da32b263dbcc87007700a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018d89aee32d0000040300483046022100894e23b021ac385b6e32d7c9c22f01064f7d7c2a929ae0f7c6230e3769f39e1f022100cc8621dcd570c0a5dec2c1827701a242c1c5e37d1365f0d34aed42f914d56bdb0076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d89aee2b70000040300473045022100ceacd0c1f8f7786d3981650b73268eeb5df5703aa5c2f1490a84e4b01ed9fd4d02205fb13dbcb4358062d34d7b0c8b45723b8b7235826dd4f7177d31af8151db0662 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (3072 bits) 0058abeaf66c88bcf8e8012097db7708107b88546dcae00dd5c45b6ced9b1f5c092438c2815fb43ab1d8e43e2c9e68d0d8535fd8b406dbe2f062df596b59e102b13e49a7286aeb2768ecc7428b2728ca6053495084415353d0c17c6ad8918013cb43b93e4510cc293a148db8d07f2d3debbe9d0e0b7882d831e05606a271069d471d0faa870da98acbbdf8d3a07ce62d545662992dbccf713abd6590e8d607e547e36fbc5c58b4ac5742ae8ad841260b9b006b11677a048691e59c57c8ac76a4ed678a4ad743b0703a3cd526f1f097a414e760bdf79a31fe6e29e93b4a095b0a5ad323ef040234dfc2073cbca7b601d082c484504cc7048af389ce843dac8bfb3d7db782244441de0137f085bf8c5120865b2f9022f81d02fef03e5f9496e01c22f555c34babc2f041a03c5a2b20b0a19d3882184ff271df2c300400dcd26d5d1dbd9bfdb586688c542e1a002d673c4b0b2a5b92751f6a042a678538544c22627d5580c79f5c4feec6c5109f1b203bfec650cb4aa31fba3f6ced7b8d56fc9322ab