payments.tip.duke.edu
- Duke University -
Issued by InCommon RSA Server CA
About this certificate
This digital certificate with serial number 49:0a:c7:a4:2f:19:97:0c:97:89:be:2f:79:58:d8:19 was issued on by Internet2.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Duke University
Organization:
Duke University
Organization unit: OIT
Organization unit: OIT
Address:
103 Allen Bldg
Postal code: 27708
State / Province: NC
Locality: Durham
Country: US
Postal code: 27708
State / Province: NC
Locality: Durham
Country: US
Internet2
Organization:
Internet2
Organization unit: InCommon
Organization unit: InCommon
State / Province:
MI
Locality: Ann Arbor
Country: US
Locality: Ann Arbor
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): 49:0a:c7:a4:2f:19:97:0c:97:89:be:2f:79:58:d8:19Serial Number (int): 97089615868390717936741845250990463001
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 1a:77:b1:5a:a3:83:ba:47:3b:c1:96:f7:44:2b:31:81:4c:e3:00:18
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38
Fingerprint (sha1): 1f:cf:2e:4f:11:c6:74:d6:7d:d8:4a:f4:f7:71:aa:49:04:79:73:39
Fingerprint (sha256): 00:dc:1b:e6:94:be:9d:1e:2b:71:fe:d2:5c:50:5b:52:37:ad:13:13:18:d8:c4:6d:5a:02:03:d3:61:77:38:cc
Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt
Revocation information
OCSP Server: http://ocsp.usertrust.comCRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl
Check the revocation status for certificate payments.tip.duke.edu
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for payments.tip.duke.edu
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
payments.tip.duke.edu
www.payments.tip.duke.edu
www.payments.tip.duke.edu
Other certificates including the domain name duke.edu
(limited to 100 certificates)
solr.oit.duke.edu
eam-app-test-01.oit.duke.edu
statuspage.io
www1-stage.fuqua.duke.edu
stream.fuqua.duke.edu
vlp-orimrh001.dhe.duke.edu
vcm-7069.vm.duke.edu
rapid-936.vm.duke.edu
vcm-5696.vm.duke.edu
stiffrobertslab.pratt.duke.edu
inform4-edc-qc.dcri.duke.edu
vcm-6141.vm.duke.edu
fitz-cups-01.oit.duke.edu
vcm-4779.vm.duke.edu
sakai.duke.edu
trivedi.pratt.duke.edu
inform46-aq52-qc.dcri.duke.edu
statuspage.io
dws-e.oit.duke.edu
statuspage.io
web.visaservices.duke.edu
patty.dnec.duke.edu
www.dukephoto.duke.edu
alsclinic.duke.edu
cluster.technolutions.net
oriapps.duhs.duke.edu
statuspage.io
ccbb.duke.edu
dukecapitalpartners.duke.edu
cpe-bach-multi1.trinity.duke.edu
projects.law.duke.edu
connect.ssri.duke.edu
work.duke.edu
gartner.oit.duke.edu
vcm-6535.vm.duke.edu
go.fuqua.duke.edu
queerhistory.duke.edu
communications.hr.duke.edu
vcm-6503.vm.duke.edu
tts-web-01-staging-multi1.trinity.duke.edu
vcm-4198.vm.duke.edu
maestro-hsw.duhs.duke.edu
dcid.sanford.duke.edu
web.visaservices.duke.edu
recreation.duke.edu
tts-web-01-staging-multi1.trinity.duke.edu
tts-web-01-staging-multi1.trinity.duke.edu
vcm-5257.vm.duke.edu
vcm-5238.vm.duke.edu
vcm-12275.vm.duke.edu
www.fuquaworld.duke.edu
iqaapp.dhvi.duke.edu
yt-cs216.cs.duke.edu
andererseits.library.duke.edu
appledore2.notes.duke.edu
payments.tip.duke.edu
vcm-6956.vm.duke.edu
vcm-6655.vm.duke.edu
portal.duke.edu
vcm-4178.vm.duke.edu
www.highseas.env.duke.edu
bradford.lib.duke.edu
abaqus.oit.duke.edu
nunn-lab.evolutionaryanthropology.duke.edu
vcm-7023.vm.duke.edu
vcm-7214.vm.duke.edu
redy.ssri.duke.edu
globaled.duke.edu
vcm-5001.vm.duke.edu
warpwire-frontend-test.oit.duke.edu
vcm-24408.vm.duke.edu
pateklab.biology.duke.edu
cacti-test.oit.duke.edu
vcm-5694.vm.duke.edu
roomview.trinity.duke.edu
fast.dcri.duke.edu
www.gifts.duke.edu
medspace.mc.duke.edu
vcm-6817.vm.duke.edu
forms.hr.duke.edu
enquire.ads.duke.edu
vcm-4824.vm.duke.edu
vcm-4390.vm.duke.edu
conf.events.duke.edu
vcm-5513.vm.duke.edu
calendar.duke.edu
highseas.env.duke.edu
vcm-4296.vm.duke.edu
www1-prod.fuqua.duke.edu
api.oit.duke.edu
www.callrec.oit.duke.edu
igs.duke.edu
vcm-4734.vm.duke.edu
lift.duke.edu
vcm-6534.vm.duke.edu
socialequity.duke.edu
statuspage.io
news-old.sanford.duke.edu
vcm-4573.vm.duke.edu
vcm-6671.vm.duke.edu
eam-app-test-01.oit.duke.edu
statuspage.io
www1-stage.fuqua.duke.edu
stream.fuqua.duke.edu
vlp-orimrh001.dhe.duke.edu
vcm-7069.vm.duke.edu
rapid-936.vm.duke.edu
vcm-5696.vm.duke.edu
stiffrobertslab.pratt.duke.edu
inform4-edc-qc.dcri.duke.edu
vcm-6141.vm.duke.edu
fitz-cups-01.oit.duke.edu
vcm-4779.vm.duke.edu
sakai.duke.edu
trivedi.pratt.duke.edu
inform46-aq52-qc.dcri.duke.edu
statuspage.io
dws-e.oit.duke.edu
statuspage.io
web.visaservices.duke.edu
patty.dnec.duke.edu
www.dukephoto.duke.edu
alsclinic.duke.edu
cluster.technolutions.net
oriapps.duhs.duke.edu
statuspage.io
ccbb.duke.edu
dukecapitalpartners.duke.edu
cpe-bach-multi1.trinity.duke.edu
projects.law.duke.edu
connect.ssri.duke.edu
work.duke.edu
gartner.oit.duke.edu
vcm-6535.vm.duke.edu
go.fuqua.duke.edu
queerhistory.duke.edu
communications.hr.duke.edu
vcm-6503.vm.duke.edu
tts-web-01-staging-multi1.trinity.duke.edu
vcm-4198.vm.duke.edu
maestro-hsw.duhs.duke.edu
dcid.sanford.duke.edu
web.visaservices.duke.edu
recreation.duke.edu
tts-web-01-staging-multi1.trinity.duke.edu
tts-web-01-staging-multi1.trinity.duke.edu
vcm-5257.vm.duke.edu
vcm-5238.vm.duke.edu
vcm-12275.vm.duke.edu
www.fuquaworld.duke.edu
iqaapp.dhvi.duke.edu
yt-cs216.cs.duke.edu
andererseits.library.duke.edu
appledore2.notes.duke.edu
payments.tip.duke.edu
vcm-6956.vm.duke.edu
vcm-6655.vm.duke.edu
portal.duke.edu
vcm-4178.vm.duke.edu
www.highseas.env.duke.edu
bradford.lib.duke.edu
abaqus.oit.duke.edu
nunn-lab.evolutionaryanthropology.duke.edu
vcm-7023.vm.duke.edu
vcm-7214.vm.duke.edu
redy.ssri.duke.edu
globaled.duke.edu
vcm-5001.vm.duke.edu
warpwire-frontend-test.oit.duke.edu
vcm-24408.vm.duke.edu
pateklab.biology.duke.edu
cacti-test.oit.duke.edu
vcm-5694.vm.duke.edu
roomview.trinity.duke.edu
fast.dcri.duke.edu
www.gifts.duke.edu
medspace.mc.duke.edu
vcm-6817.vm.duke.edu
forms.hr.duke.edu
enquire.ads.duke.edu
vcm-4824.vm.duke.edu
vcm-4390.vm.duke.edu
conf.events.duke.edu
vcm-5513.vm.duke.edu
calendar.duke.edu
highseas.env.duke.edu
vcm-4296.vm.duke.edu
www1-prod.fuqua.duke.edu
api.oit.duke.edu
www.callrec.oit.duke.edu
igs.duke.edu
vcm-4734.vm.duke.edu
lift.duke.edu
vcm-6534.vm.duke.edu
socialequity.duke.edu
statuspage.io
news-old.sanford.duke.edu
vcm-4573.vm.duke.edu
vcm-6671.vm.duke.edu
Certificate
The complete raw certificate details for payments.tip.duke.edu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIBTCCBu2gAwIBAgIQSQrHpC8ZlwyXib4veVjYGTANBgkqhkiG9w0BAQsFADB2 MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0xOTAxMTQwMDAwMDBaFw0yMTAxMTMy MzU5NTlaMIGcMQswCQYDVQQGEwJVUzEOMAwGA1UEERMFMjc3MDgxCzAJBgNVBAgT Ak5DMQ8wDQYDVQQHEwZEdXJoYW0xFzAVBgNVBAkTDjEwMyBBbGxlbiBCbGRnMRgw FgYDVQQKEw9EdWtlIFVuaXZlcnNpdHkxDDAKBgNVBAsTA09JVDEeMBwGA1UEAxMV cGF5bWVudHMudGlwLmR1a2UuZWR1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC CgKCAgEA250/LveqWY98T8DQJEYrKYnpCYvBOmNKsbd4kPlESOklEJUgC5qtwf6/ 8iR+Q7X364jJdQZjvuCLvcKHZpMQXf4kUjhRy5vG5nfv/IuXhdJ63JxiRYhkPpcZ xn4HtstTQA2wfpwhwwgOSWBv6hZS5ena7Mprm8yv02a1JqNBS6jmVPOG+yXo6vsz G8i/JNBPnIKFDtRT5TqiVzsZ2ekCI6KwtnwDGkMHiXNofWO8FYGj1N250dzB+eGj pPwsOcOUXaMz9zvBeJk5LzW6e/dJHx3ZxZDcUEVp0VNKNdZGavRAjsBF51KEJ+oA EYDvaHEIXj/kh6beRkGvhh28HbjiRtYOuPmKXSdDJWfjrJ0puzCR0GHD1ZO1UqKy m4JiqIC+bS6Io3Kbo2/gaW7MAaRM5YjIW5GCIWRpr781osY6v1GfUWG2RESQ7WeU 2EbLJ6SFPgDzPm3XU/8u7IX5YfvIgzYrel8r00nsThTSG5u7dTEIsMKCSXIHVEAP ZtdZIh0k+7ddm2kq4nA/V173Ei93o+rRUm/5j7OAZrdNAW71vvUpHEmQqfr7Xu4Q 2ONRem8Wk+JzjJwpyjM0uXxqlEfP4QiluEWQ5upRusf1AM6twdMGjMM4NxdsBHoD czGRcTSR8ap/Ld1ZBLFTnfCVqO/ZnjcDZ5xEnoP3FAO4sb76sscCAwEAAaOCA2Yw ggNiMB8GA1UdIwQYMBaAFB4Fo3ePbJbiW4dLprSGrHEADOc4MB0GA1UdDgQWBBQa d7Fao4O6RzvBlvdEKzGBTOMAGDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwZwYDVR0gBGAwXjBSBgwr BgEEAa4jAQQDAQEwQjBABggrBgEFBQcCARY0aHR0cHM6Ly93d3cuaW5jb21tb24u b3JnL2NlcnQvcmVwb3NpdG9yeS9jcHNfc3NsLnBkZjAIBgZngQwBAgIwRAYDVR0f BD0wOzA5oDegNYYzaHR0cDovL2NybC5pbmNvbW1vbi1yc2Eub3JnL0luQ29tbW9u UlNBU2VydmVyQ0EuY3JsMHUGCCsGAQUFBwEBBGkwZzA+BggrBgEFBQcwAoYyaHR0 cDovL2NydC51c2VydHJ1c3QuY29tL0luQ29tbW9uUlNBU2VydmVyQ0FfMi5jcnQw JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wOwYDVR0RBDQw MoIVcGF5bWVudHMudGlwLmR1a2UuZWR1ghl3d3cucGF5bWVudHMudGlwLmR1a2Uu ZWR1MIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgC72d+8H4pxtZOUI5eqkntH OFeVCqtS6BqQlmQ2jh7RhQAAAWhNhouVAAAEAwBHMEUCIQDKn0e4LOykqOSpPJPn EBx9Q+fc+CYJx8EKq5IyYnGuhwIgGKfOIfFF9bXDORqgmtSsh+7VAlqRv4jaFEM3 hjct3iEAdgBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/0zOWtbaBqAAAAWhNhovy AAAEAwBHMEUCIHTN9/EsNq8C15pnFuoddunuqeObDhcqvYlUHhXaPu2FAiEA1YIQ uJvRVY5kuasP6MnO4/UXQi7sJHtZ2dNywbemhcgAdgBc3EOS/uarRUSxXprUVuYQ N/vV+kfcoXOUsl7m9scOygAAAWhNhoxjAAAEAwBHMEUCIAZp1r6QtvkkZSpT/nHI ZgMVwREXIky6/h1MOxhzn8/gAiEAgSerhhN3/JrhH6QfEHVseDic4x60PYKqfSfj 3NbRNrwwDQYJKoZIhvcNAQELBQADggEBAICv0wYAnIM0+pR8LXkxVgvZh4AFx5LN 7omRMx6onIjHqfhKNw6yhoV+9NjPti/jWI+pKZ9Kb2YzJc/KXAuB/R7BQYN94Zx2 BGaIhwWMdcOu7lFWxJUBsuLcNko9Bg0oZ7QMJ0L26l8WxHmOh1Y5r0eJT6lXVrth wG3AY18BKUfgKs9EVysYuQMINe48LsjTy6QK0YppcyPNTDpvx1gM1GPNwsYafKub T9JiJi0KyjElgKemTMUWZIuSalMadB+7gI591mRdEe39zIa1cjs1v8GIGK19OQ6i +7s0jaIPJoIS4CJw4IdAbANs9dvKA+T/MieTmpm5Q8YlQELfMKviS6A= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA250/LveqWY98T8DQJEYr KYnpCYvBOmNKsbd4kPlESOklEJUgC5qtwf6/8iR+Q7X364jJdQZjvuCLvcKHZpMQ Xf4kUjhRy5vG5nfv/IuXhdJ63JxiRYhkPpcZxn4HtstTQA2wfpwhwwgOSWBv6hZS 5ena7Mprm8yv02a1JqNBS6jmVPOG+yXo6vszG8i/JNBPnIKFDtRT5TqiVzsZ2ekC I6KwtnwDGkMHiXNofWO8FYGj1N250dzB+eGjpPwsOcOUXaMz9zvBeJk5LzW6e/dJ Hx3ZxZDcUEVp0VNKNdZGavRAjsBF51KEJ+oAEYDvaHEIXj/kh6beRkGvhh28Hbji RtYOuPmKXSdDJWfjrJ0puzCR0GHD1ZO1UqKym4JiqIC+bS6Io3Kbo2/gaW7MAaRM 5YjIW5GCIWRpr781osY6v1GfUWG2RESQ7WeU2EbLJ6SFPgDzPm3XU/8u7IX5YfvI gzYrel8r00nsThTSG5u7dTEIsMKCSXIHVEAPZtdZIh0k+7ddm2kq4nA/V173Ei93 o+rRUm/5j7OAZrdNAW71vvUpHEmQqfr7Xu4Q2ONRem8Wk+JzjJwpyjM0uXxqlEfP 4QiluEWQ5upRusf1AM6twdMGjMM4NxdsBHoDczGRcTSR8ap/Ld1ZBLFTnfCVqO/Z njcDZ5xEnoP3FAO4sb76sscCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 97089615868390717936741845250990463001 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-14 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-13 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '27708' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Durham' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '103 Allen Bldg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Duke University' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'OIT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'payments.tip.duke.edu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 895947953307853009807465180007942260215971345564569863510546864910399475397287316286784752744360987380790701711063049803842867925255396698423863525293907237983540275377047909397092939220274875633642564422212161762384270596475563784030094485715278965033469025381216002725749109130671646914356151409556177187708634926714642330417520829146191326574090945558525724754328258225308384582030908571939803650703426947387068163470996327920187418854936888445971817472825470684516792709885091311122863844901924205195985071945788506730306077542136910448595387524132177681329802376047884443237960978668382910450205723482828887740028496199365131055579848488907116846991943476765617411347449057330326096697834856785204147278366133046395186292409749464314988756143975888702167693739475890311363653018366751133457006941100136180404241171467516294472533980845609532699523716923311330446133301160627016820733075497874644966405827299070962675503662043399087976623880930326163677359508711909718509526766198663510918872944575224997112515001986837952941242523800109543488516483355078885344131617910989450580662404353060485879837770783368552729425683982371636094438620953102020594921549008206195940108805676630307100972480846396548778191012527686080999895751 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1a77b15aa383ba473bc196f7442b31814ce30018 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'payments.tip.duke.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.payments.tip.duke.edu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed185000001684d868b950000040300473045022100ca9f47b82ceca4a8e4a93c93e7101c7d43e7dcf82609c7c10aab92326271ae87022018a7ce21f145f5b5c3391aa09ad4ac87eed5025a91bf88da14433786372dde210076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a8000001684d868bf20000040300473045022074cdf7f12c36af02d79a6716ea1d76e9eea9e39b0e172abd89541e15da3eed85022100d58210b89bd1558e64b9ab0fe8c9cee3f517422eec247b59d9d372c1b7a685c80076005cdc4392fee6ab4544b15e9ad456e61037fbd5fa47dca17394b25ee6f6c70eca000001684d868c63000004030047304502200669d6be90b6f924652a53fe71c8660315c11117224cbafe1d4c3b18739fcfe00221008127ab861377fc9ae11fa41f10756c78389ce31eb43d82aa7d27e3dcd6d136bc . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0080afd306009c8334fa947c2d7931560bd9878005c792cdee8991331ea89c88c7a9f84a370eb286857ef4d8cfb62fe3588fa9299f4a6f663325cfca5c0b81fd1ec141837de19c7604668887058c75c3aeee5156c49501b2e2dc364a3d060d2867b40c2742f6ea5f16c4798e875639af47894fa95756bb61c06dc0635f012947e02acf44572b18b9030835ee3c2ec8d3cba40ad18a697323cd4c3a6fc7580cd463cdc2c61a7cab9b4fd262262d0aca312580a7a64cc516648b926a531a741fbb808e7dd6645d11edfdcc86b5723b35bfc18818ad7d390ea2fbbb348da20f268212e02270e087406c036cf5dbca03e4ff3227939a99b943c6254042df30abe24ba0