vcm-5257.vm.duke.edu

- Duke University -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number f1:29:e1:31:38:c0:4f:31:c2:5c:0f:94:1e:32:05:2b was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Duke University

Organization: Duke University
Organization unit: OIT
Address: 103 Allen Bldg
Postal code: 27708
State / Province: NC
Locality: Durham
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): f1:29:e1:31:38:c0:4f:31:c2:5c:0f:94:1e:32:05:2b
Serial Number (int): 320561398597269086419594207126176793899
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 8c:7c:f9:b2:36:62:5f:96:e3:2a:e1:d3:8d:07:22:3c:cf:e8:25:db
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): ed:4b:2f:40:a1:95:32:70:d8:ea:82:3c:99:b0:c6:dd:82:b1:64:ea
Fingerprint (sha256): 00:c4:88:d2:d1:f2:13:f0:84:6c:5b:ac:92:2e:93:a8:9b:d9:d1:6b:61:96:16:01:da:f7:58:6a:08:ef:38:01

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate vcm-5257.vm.duke.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for vcm-5257.vm.duke.edu

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

vcm-5257.vm.duke.edu

Other certificates including the domain name duke.edu

(limited to 100 certificates)
solr.oit.duke.edu
eam-app-test-01.oit.duke.edu
statuspage.io
www1-stage.fuqua.duke.edu
stream.fuqua.duke.edu
vlp-orimrh001.dhe.duke.edu
vcm-7069.vm.duke.edu
rapid-936.vm.duke.edu
vcm-5696.vm.duke.edu
stiffrobertslab.pratt.duke.edu
inform4-edc-qc.dcri.duke.edu
vcm-6141.vm.duke.edu
fitz-cups-01.oit.duke.edu
vcm-4779.vm.duke.edu
sakai.duke.edu
trivedi.pratt.duke.edu
inform46-aq52-qc.dcri.duke.edu
statuspage.io
dws-e.oit.duke.edu
statuspage.io
web.visaservices.duke.edu
patty.dnec.duke.edu
www.dukephoto.duke.edu
alsclinic.duke.edu
cluster.technolutions.net
oriapps.duhs.duke.edu
statuspage.io
ccbb.duke.edu
dukecapitalpartners.duke.edu
cpe-bach-multi1.trinity.duke.edu
projects.law.duke.edu
connect.ssri.duke.edu
work.duke.edu
gartner.oit.duke.edu
vcm-6535.vm.duke.edu
go.fuqua.duke.edu
queerhistory.duke.edu
communications.hr.duke.edu
vcm-6503.vm.duke.edu
tts-web-01-staging-multi1.trinity.duke.edu
vcm-4198.vm.duke.edu
maestro-hsw.duhs.duke.edu
dcid.sanford.duke.edu
web.visaservices.duke.edu
recreation.duke.edu
tts-web-01-staging-multi1.trinity.duke.edu
tts-web-01-staging-multi1.trinity.duke.edu
vcm-5257.vm.duke.edu
vcm-5238.vm.duke.edu
vcm-12275.vm.duke.edu
www.fuquaworld.duke.edu
iqaapp.dhvi.duke.edu
yt-cs216.cs.duke.edu
andererseits.library.duke.edu
appledore2.notes.duke.edu
payments.tip.duke.edu
vcm-6956.vm.duke.edu
vcm-6655.vm.duke.edu
portal.duke.edu
vcm-4178.vm.duke.edu
www.highseas.env.duke.edu
bradford.lib.duke.edu
abaqus.oit.duke.edu
nunn-lab.evolutionaryanthropology.duke.edu
vcm-7023.vm.duke.edu
vcm-7214.vm.duke.edu
redy.ssri.duke.edu
globaled.duke.edu
vcm-5001.vm.duke.edu
warpwire-frontend-test.oit.duke.edu
vcm-24408.vm.duke.edu
pateklab.biology.duke.edu
cacti-test.oit.duke.edu
vcm-5694.vm.duke.edu
roomview.trinity.duke.edu
fast.dcri.duke.edu
www.gifts.duke.edu
medspace.mc.duke.edu
vcm-6817.vm.duke.edu
forms.hr.duke.edu
enquire.ads.duke.edu
vcm-4824.vm.duke.edu
vcm-4390.vm.duke.edu
conf.events.duke.edu
vcm-5513.vm.duke.edu
calendar.duke.edu
highseas.env.duke.edu
vcm-4296.vm.duke.edu
www1-prod.fuqua.duke.edu
api.oit.duke.edu
www.callrec.oit.duke.edu
igs.duke.edu
vcm-4734.vm.duke.edu
lift.duke.edu
vcm-6534.vm.duke.edu
socialequity.duke.edu
statuspage.io
news-old.sanford.duke.edu
vcm-4573.vm.duke.edu
vcm-6671.vm.duke.edu

Certificate

The complete raw certificate details for vcm-5257.vm.duke.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGfDCCBWSgAwIBAgIRAPEp4TE4wE8xwlwPlB4yBSswDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMTgwODA2MDAwMDAwWhcNMjAwODA1
MjM1OTU5WjCBmzELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTI3NzA4MQswCQYDVQQI
EwJOQzEPMA0GA1UEBxMGRHVyaGFtMRcwFQYDVQQJEw4xMDMgQWxsZW4gQmxkZzEY
MBYGA1UEChMPRHVrZSBVbml2ZXJzaXR5MQwwCgYDVQQLEwNPSVQxHTAbBgNVBAMT
FHZjbS01MjU3LnZtLmR1a2UuZWR1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
CgKCAgEAqC6quVW966UxIQtWdRYf+H/wiiK89738Ad6v6YuCVrmruJhmedKVELdz
0XODcl1OXpo+10CPaOyVY2zSTAlQnmr9RS/ywQYkHYAvVkEI8PH79GBUf/6sQ+TC
vgxysSJ9T2WlgsR/n8duQHpAGnFFTjd+tRtjgNlT+YkaIrM7d4KB7TxMyyaqXCTq
ZB74NgUzrXAPeMPuTGmi2Xa7gqYepSBqt4vvZVoWxFKvpuTF77lNyUYgNPmGlmc+
zSbDpB5eq9mxPxWWysRRSxbxKn9rD51VAmnlJxBJpCvDwGjUzllPHCExW5AKt1ar
wgC/+6kQJln7eE19nRiUiMSXnYUTPDgJFX6Umosj10+R2AMpF8m83TCLxNwRId0I
1TumZw5P8rP7kwDvG6N7LHhgqGKiVoBEmznMzde0QxkpZwd3CEDxFbZB5P4YB4P2
4xvMRM5XzSDXi6vr45SP8PATwCWLQfaThUMTc4RdlrNDo4A6NwDd1caRCHq7gkQv
yH5BStBrKYZbWgTVc1aCimrVcWvnOkKAUyZjCLr7juNHDXajOeug/JjXS87sARok
Mm4BOSI0wqrWlwZe40k+yo00+8aEq+0iEAqxxmj7WCUcWuAW2+pH1JPHdfdUVHr6
ZgPEXBQjL8PNXC6SxNPQm/NYwrTHeOCuqw8ufmPSxqli8vPZ0QMCAwEAAaOCAd0w
ggHZMB8GA1UdIwQYMBaAFB4Fo3ePbJbiW4dLprSGrHEADOc4MB0GA1UdDgQWBBSM
fPmyNmJfluMq4dONByI8z+gl2zAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwZwYDVR0gBGAwXjBSBgwr
BgEEAa4jAQQDAQEwQjBABggrBgEFBQcCARY0aHR0cHM6Ly93d3cuaW5jb21tb24u
b3JnL2NlcnQvcmVwb3NpdG9yeS9jcHNfc3NsLnBkZjAIBgZngQwBAgIwRAYDVR0f
BD0wOzA5oDegNYYzaHR0cDovL2NybC5pbmNvbW1vbi1yc2Eub3JnL0luQ29tbW9u
UlNBU2VydmVyQ0EuY3JsMHUGCCsGAQUFBwEBBGkwZzA+BggrBgEFBQcwAoYyaHR0
cDovL2NydC51c2VydHJ1c3QuY29tL0luQ29tbW9uUlNBU2VydmVyQ0FfMi5jcnQw
JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wHwYDVR0RBBgw
FoIUdmNtLTUyNTcudm0uZHVrZS5lZHUwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJ
KoZIhvcNAQELBQADggEBAIeoYZpqWbGtnQyBYHIZcNavibGOL6HDe/E3MyhZmUo0
eBz/JK6gIEN0Th7cuxhx8HmISmt9S/1KfNQ7Z8wqAxmoImJ/YEj9dSzcFbDaidXK
u21/g2joAH0AgqrU+wIB12hidvF53CH77UBScftcq48hiEMttTw8OLfGsMDAVjqS
1we7oUnlUk2SduUzR2TjMRcXd066sGLTLt9yiokD+6hLUXjOKU9R4Fjzst1XQBJS
CV8QG1IL8DvfXuSzexl+SyTNDVtLo9jKhpMlIWV/5NCOQJUXsGfOh0CgcjcQ6Wbv
9swUz/SVEZW5fJ1Y6kQlZt2k6VTeEldLOKeqh0GqX0w=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqC6quVW966UxIQtWdRYf
+H/wiiK89738Ad6v6YuCVrmruJhmedKVELdz0XODcl1OXpo+10CPaOyVY2zSTAlQ
nmr9RS/ywQYkHYAvVkEI8PH79GBUf/6sQ+TCvgxysSJ9T2WlgsR/n8duQHpAGnFF
Tjd+tRtjgNlT+YkaIrM7d4KB7TxMyyaqXCTqZB74NgUzrXAPeMPuTGmi2Xa7gqYe
pSBqt4vvZVoWxFKvpuTF77lNyUYgNPmGlmc+zSbDpB5eq9mxPxWWysRRSxbxKn9r
D51VAmnlJxBJpCvDwGjUzllPHCExW5AKt1arwgC/+6kQJln7eE19nRiUiMSXnYUT
PDgJFX6Umosj10+R2AMpF8m83TCLxNwRId0I1TumZw5P8rP7kwDvG6N7LHhgqGKi
VoBEmznMzde0QxkpZwd3CEDxFbZB5P4YB4P24xvMRM5XzSDXi6vr45SP8PATwCWL
QfaThUMTc4RdlrNDo4A6NwDd1caRCHq7gkQvyH5BStBrKYZbWgTVc1aCimrVcWvn
OkKAUyZjCLr7juNHDXajOeug/JjXS87sARokMm4BOSI0wqrWlwZe40k+yo00+8aE
q+0iEAqxxmj7WCUcWuAW2+pH1JPHdfdUVHr6ZgPEXBQjL8PNXC6SxNPQm/NYwrTH
eOCuqw8ufmPSxqli8vPZ0QMCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 320561398597269086419594207126176793899
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-05 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '27708'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Durham'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '103 Allen Bldg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Duke University'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'OIT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'vcm-5257.vm.duke.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 686123892110766350318698670211498243767060518079033429944624646077473290717149430331498885464548271901478232165108871544252881681859283173902854050283392880421281274664042289256735372014182779593172980198972869164178322790336637682269666125100092144472294710671725254207896684690991188210266032056814347860356588709385503574554454777584361339941683107487821864972393753663597354652075973838647556888758437297185894431126615809424529759029295960024817023236667322736312494110855877872000519368576362202217171040323445449833551128700138843218584500349184013242315575807102584544861676929387343608557241752075358548996823493758016979147548274989518877617377763917474003298750571956038642288695170334956570460796621992805725938890716252074528761790088838125968511764580658311420943165329436058066061207729143562760390674699512339465344055447785971878956779224063316144028839019676567233683201703922003414879677580918878642392178764214282527768487378598290428446382771106346823865754349115847238354220792617449593273783647537399586988218584926578679622605885084933992858686972876343452888445368654106447173123087524615498360508313833601465181078914891213368576948505443973077606634502458725849311084996725833319527867283502830135778332931
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8c7cf9b236625f96e32ae1d38d07223ccfe825db
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vcm-5257.vm.duke.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0087a8619a6a59b1ad9d0c8160721970d6af89b18e2fa1c37bf137332859994a34781cff24aea02043744e1edcbb1871f079884a6b7d4bfd4a7cd43b67cc2a0319a822627f6048fd752cdc15b0da89d5cabb6d7f8368e8007d0082aad4fb0201d7686276f179dc21fbed405271fb5cab8f2188432db53c3c38b7c6b0c0c0563a92d707bba149e5524d9276e5334764e3311717774ebab062d32edf728a8903fba84b5178ce294f51e058f3b2dd57401252095f101b520bf03bdf5ee4b37b197e4b24cd0d5b4ba3d8ca86932521657fe4d08e409517b067ce8740a0723710e966eff6cc14cff4951195b97c9d58ea442566dda4e954de12574b38a7aa8741aa5f4c