cs.rit.edu

- Rochester Institute of Technology -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 96:92:78:9b:e3:48:53:7a:83:09:88:47:80:c5:1f:a1 was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Rochester Institute of Technology

Organization: Rochester Institute of Technology
Organization unit: CS
Address: One Lomb Memorial Drive
Postal code: 14623
State / Province: NY
Locality: Rochester
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 96:92:78:9b:e3:48:53:7a:83:09:88:47:80:c5:1f:a1
Serial Number (int): 200144720948941627785580379184250036129
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: b7:24:fb:1a:45:91:07:c8:49:fe:62:12:16:ee:2b:0f:6e:e0:10:99
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 3d:1d:ab:fe:a5:ba:6c:eb:c7:81:7f:93:08:51:a0:07:87:b3:1b:74
Fingerprint (sha256): 00:da:77:b6:f3:cd:4a:21:0e:e9:4a:46:ce:b1:fc:f4:7a:54:97:d6:4e:cf:f4:ea:b1:4a:66:41:6b:cc:ce:1a

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate cs.rit.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cs.rit.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cs.rit.edu

Other certificates including the domain name rit.edu

(limited to 100 certificates)
3dprint.csh.rit.edu
elkmoose.student.rit.edu
us.prod.campusgroups.com
ezproxy.rit.edu
arthouse.rit.edu
www.rit.edu
michaelfrancis.me
cluster3.technolutions.net
spam.rit.edu
us.prod.campusgroups.com
dbadmin.istlabs.rit.edu
bcc1.talentera.com
vems.main.ad.rit.edu
cs.rit.edu
hvz.rit.edu
afsabre.rit.edu
kdcproxy.ad.rit.edu
www.rit.edu
print02.main.ad.rit.edu
game.csh.rit.edu
inspirationalshitposts.a.csh.rit.edu
fma.rit.edu
apps-alpha.scb.rit.edu
www.rit.edu
cluster3.technolutions.net
astrodance.rit.edu
nga.scb.rit.edu
git.csh.rit.edu
myportal.rit.edu
oops.rit.edu
git.csh.rit.edu
croatia.rit.edu
hogs.rit.edu
us.prod.campusgroups.com
grapeape.se.rit.edu
spiritpass.rit.edu
openevals.rit.edu
reports.ntid.rit.edu
kgcoe-msdpics.rit.edu
crmstage-des.rit.edu
vpr-sandbox.rc.rit.edu
cias-jira.rit.edu
sites.sg.rit.edu
cias-confluence.rit.edu
samurai.csh.rit.edu
www.ist.rit.edu
bcc1.talentera.com
moonbounce.rit.edu
myupktest.rit.edu
castnet.rit.edu
cadetsrv.main.ad.rit.edu
crmprod-des.rit.edu
filedump.se.rit.edu
api.rit.edu
www.rit.edu
reslab.rit.edu
rit.edu
myportaladmin.rit.edu
ritmailtest.rit.edu
evt.rit.edu
us.prod.campusgroups.com
rlescloud.main.ad.rit.edu
jenky.csh.rit.edu
www.rit.edu
www.rit.edu
headcount.se.rit.edu
monitor.istlabs.rit.edu
argo.csh.rit.edu
people.rit.edu
purple.student.rit.edu
infoguides.rit.edu
msdnaa.rit.edu
mabl.rit.edu
us.prod.campusgroups.com
croatia.rit.edu
appsdev.ntid.rit.edu
www.rit.edu
bcc1.talentera.com
twcosxserver01.main.ad.rit.edu
scholarworks.rit.edu
www2.rit.edu
myinfographicsd.main.ad.rit.edu
*.ce.rit.edu
careerservices.rit.edu
ritanime.rit.edu
witr.rit.edu
ntidwb01d.ntid.rit.edu
ccserv.rit.edu
aod.rit.edu
swen-ads.igm.rit.edu
mabl.rit.edu
taco.student.rit.edu
myinfo.rit.edu
vm344c.se.rit.edu
imap.se.rit.edu
openbsd.se.rit.edu
*.ce.rit.edu
cluster3.technolutions.net
san-8-s10.tlsprovisioning.exacttarget.com
www.rit.edu

Certificate

The complete raw certificate details for cs.rit.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIRAJaSeJvjSFN6gwmIR4DFH6EwDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMTgxMDA4MDAwMDAwWhcNMjAxMDA3
MjM1OTU5WjCBrjELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTE0NjIzMQswCQYDVQQI
EwJOWTESMBAGA1UEBxMJUm9jaGVzdGVyMSAwHgYDVQQJExdPbmUgTG9tYiBNZW1v
cmlhbCBEcml2ZTEqMCgGA1UEChMhUm9jaGVzdGVyIEluc3RpdHV0ZSBvZiBUZWNo
bm9sb2d5MQswCQYDVQQLEwJDUzETMBEGA1UEAxMKY3Mucml0LmVkdTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBALoiaFl2G/JDfFUgF3zBV5YuZPBDNYma
RRPt2NIM7zS30PKrBhbzD+kxT5IpZJRCAZv+Rr0Onwhl0iUnlEBf6PoI/2iIgTpu
6SooZ+FdMLPZkq3OoFZuG00k+zM3Vh+1k42XuWTVPXv6vQ8TFjlBao2OpO8QGKz6
YqUXi9JD6aLOQyXL9TzJNsw5VuTKahK8jsf0Tt4abWbdGPRmEzOUYYbHCujDkQyr
Nn0bqZTQBCxacjtSqjHlL1/krWASKitb/mOaYJdrZzLF9DJgz/ckscZ+nbzYw7WJ
gvn95Wr24X+Xbo8zhK1XdYnVH9DRb159P2RsLvAcADUAxV5JDPqEwFUCAwEAAaOC
AdMwggHPMB8GA1UdIwQYMBaAFB4Fo3ePbJbiW4dLprSGrHEADOc4MB0GA1UdDgQW
BBS3JPsaRZEHyEn+YhIW7isPbuAQmTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwZwYDVR0gBGAwXjBS
BgwrBgEEAa4jAQQDAQEwQjBABggrBgEFBQcCARY0aHR0cHM6Ly93d3cuaW5jb21t
b24ub3JnL2NlcnQvcmVwb3NpdG9yeS9jcHNfc3NsLnBkZjAIBgZngQwBAgIwRAYD
VR0fBD0wOzA5oDegNYYzaHR0cDovL2NybC5pbmNvbW1vbi1yc2Eub3JnL0luQ29t
bW9uUlNBU2VydmVyQ0EuY3JsMHUGCCsGAQUFBwEBBGkwZzA+BggrBgEFBQcwAoYy
aHR0cDovL2NydC51c2VydHJ1c3QuY29tL0luQ29tbW9uUlNBU2VydmVyQ0FfMi5j
cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wFQYDVR0R
BA4wDIIKY3Mucml0LmVkdTATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0B
AQsFAAOCAQEAQ7dew3t+lHKRywAKKC3CSCLOuSeIMY4vzUuOFLGxp/jgYjni74u9
0Z3DHAcOUdJa1eUt+T9yL1n6iS19jVVeUhPxtfvAn3Lc7IK6WgEO8BX4sAGVQKu/
EaYNSIwbpJ7PjFkl7uAMh7xHHT4tYrQRFDCj4iVeHUX8Fq/wKrkXQoPYlqWP14Jb
dXiIvInyae8S9N+61RBJE/8DjIxmB/nL8qEMRmwZWpPIIwQ63bZtDH+rIDnNE9J7
W4Qd8aEgTKoCXcbnaB/Ko6m6ePafmER9QX27o9CVAJfsEep/49e5PgJMS73YKpgl
w9UMSuT80pVHMHFTUOS6pPAt9fPkEOObsg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiJoWXYb8kN8VSAXfMFX
li5k8EM1iZpFE+3Y0gzvNLfQ8qsGFvMP6TFPkilklEIBm/5GvQ6fCGXSJSeUQF/o
+gj/aIiBOm7pKihn4V0ws9mSrc6gVm4bTST7MzdWH7WTjZe5ZNU9e/q9DxMWOUFq
jY6k7xAYrPpipReL0kPpos5DJcv1PMk2zDlW5MpqEryOx/RO3hptZt0Y9GYTM5Rh
hscK6MORDKs2fRuplNAELFpyO1KqMeUvX+StYBIqK1v+Y5pgl2tnMsX0MmDP9ySx
xn6dvNjDtYmC+f3lavbhf5dujzOErVd1idUf0NFvXn0/ZGwu8BwANQDFXkkM+oTA
VQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 200144720948941627785580379184250036129
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-08 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-10-07 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '14623'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NY'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rochester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'One Lomb Memorial Drive'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rochester Institute of Technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cs.rit.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23497291751048716899221315814470250221148070286419212179217667543887886722524808222684159937591869613467161794667532057509687081845351423840626276315712776453880211730279958068310709351840461502853993869777414343815269240835506145597767302287154388005365516518541585398157615302720452388174491025451087294091714186230066730941158115405923231876759755328388134128615651543469435248829165595023961736752895845239646806407085020460678970681865762928527559374267253367758678903237603372405304270577221917591025743269138944701267832831977303093899850495285213596015472949731519053881736248206235767483258496630836882096213
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b724fb1a459107c849fe621216ee2b0f6ee01099
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cs.rit.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0043b75ec37b7e947291cb000a282dc24822ceb92788318e2fcd4b8e14b1b1a7f8e06239e2ef8bbdd19dc31c070e51d25ad5e52df93f722f59fa892d7d8d555e5213f1b5fbc09f72dcec82ba5a010ef015f8b0019540abbf11a60d488c1ba49ecf8c5925eee00c87bc471d3e2d62b4111430a3e2255e1d45fc16aff02ab9174283d896a58fd7825b757888bc89f269ef12f4dfbad5104913ff038c8c6607f9cbf2a10c466c195a93c823043addb66d0c7fab2039cd13d27b5b841df1a1204caa025dc6e7681fcaa3a9ba78f69f98447d417dbba3d0950097ec11ea7fe3d7b93e024c4bbdd82a9825c3d50c4ae4fcd2954730715350e4baa4f02df5f3e410e39bb2