microscopy.nri.ucsb.edu

- University of California, Santa Barbara -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number a8:8e:ce:36:c9:32:61:06:30:e1:b9:61:c0:c1:4f:11 was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of California, Santa Barbara

Organization: University of California, Santa Barbara
Organization unit: SSL Management
Postal code: 93106
State / Province: CA
Locality: Santa Barbara
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): a8:8e:ce:36:c9:32:61:06:30:e1:b9:61:c0:c1:4f:11
Serial Number (int): 224051791962744331634295173074322018065
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 70:c7:61:d3:35:f2:ec:6f:58:de:22:2a:03:b1:a4:17:00:f7:fb:3e
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 78:63:8d:c4:53:28:25:c7:b7:aa:8c:73:19:97:96:3a:1a:f2:4e:85
Fingerprint (sha256): 00:e5:02:37:da:c2:12:47:a7:1e:61:fe:fc:ff:4d:35:1d:ee:2a:4a:ab:b6:a9:27:ac:42:b0:50:13:b5:ec:e5

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate microscopy.nri.ucsb.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for microscopy.nri.ucsb.edu

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

microscopy.nri.ucsb.edu

Other certificates including the domain name ucsb.edu

(limited to 100 certificates)
flour.ece.ucsb.edu
physics.ucsb.edu
wepawet.cs.ucsb.edu
5665833682468864-fe1.pantheonsite.io
hrsweb-kx.housing.ucsb.edu
bic03.bic.ucsb.edu
carpepm.almonds.com
idm.my.ucsb.edu
ictf.cs.ucsb.edu
us.prod.campusgroups.com
github.nceas.ucsb.edu
5715605172781056-fe1.pantheonsite.io
leadership.sa.ucsb.edu
learning.nceas.ucsb.edu
5719721496281088-fe4.pantheonsite.io
studentvisa.test.sa.ucsb.edu
5729821648748544-fe1.pantheonsite.io
securessl-pst1.tessituranetworkhost.com
www.csmd.ucsb.edu
ucdc.edu
5680534013345792-fe1.pantheonsite.io
us.prod.campusgroups.com
rotabullstatus.com
www.ece.ucsb.edu
nartc.fcm.arizona.edu
5704093720903680-fe2.pantheonsite.io
api-status.360cities.net
5762637883244544-fe3.pantheonsite.io
ucen.ucsb.edu
5661530653720576-fe2.pantheonsite.io
5715605172781056-fe1.pantheonsite.io
api-status.360cities.net
math.ucsb.edu
5703789046661120-fe2.pantheonsite.io
aurora.nceas.ucsb.edu
www.ascidiancenter.ucsb.edu
microscopy.nri.ucsb.edu
5665370564198400-fe2.pantheonsite.io
donelan.faculty.writing.ucsb.edu
history.ucsb.edu
checkrstatus.com
eci.ucsb.edu
support.nceas.ucsb.edu
5755164371714048-fe3.pantheonsite.io
5654961308303360-fe2.pantheonsite.io
housing.ucsb.edu
info.resnet.ucsb.edu
secure.identity.ucsb.edu
www.mcdb.ucsb.edu
aurora.nceas.ucsb.edu
banknorthstatus.mambu.com
gibber.cc
webmail.sa.ucsb.edu
banking-business-review.com
barc.isc.ucsb.edu
paymentsolutions-status.shijicloud.com
cdn-test.battlefields.org
daylight-header-293093155.eks.dld.library.ucsb.edu
test.eis.uw.edu
dev.nceas.ucsb.edu
admissions.ext-prod.sa.ucsb.edu
5665833682468864-fe1.pantheonsite.io
ucen.ucsb.edu
5636953047302144-fe4.pantheonsite.io
citeak.multidevcom.uaf.edu
5720605454237696-fe1.pantheonsite.io
cowbird.lifesci.ucsb.edu
pathodstest.systems.isc.ucsb.edu
www.cnsi.ucsb.edu
5701569219657728-fe1.pantheonsite.io
web.physics.ucsb.edu
5715605172781056-fe1.pantheonsite.io
5715605172781056-fe1.pantheonsite.io
admin7status.brinkpos.net
graylog.library.ucsb.edu
5762637883244544-fe3.pantheonsite.io
webextracts.test.sa.ucsb.edu
helios.geog.ucsb.edu
studentvisa.test.sa.ucsb.edu
www.arch.cs.ucsb.edu
scl.ece.ucsb.edu
5696605713858560-fe4.pantheonsite.io
philosophy.ucsb.edu
ucen.ucsb.edu
banking-business-review.com
apptcha.seclab.cs.ucsb.edu
anubis.cs.ucsb.edu
5666823336886272-fe4.pantheonsite.io
5715605172781056-fe1.pantheonsite.io
paymentsolutions-status.shijicloud.com
santacruz.nrs.ucsb.edu
scalefundercert.net
chns120.courseresource.yale.edu
5735393697726464-fe2.pantheonsite.io
5738369707409408-fe3.pantheonsite.io
marc.ucsb.edu
5706646944743424-fe4.pantheonsite.io
5703789046661120-fe2.pantheonsite.io
5696605713858560-fe4.pantheonsite.io
208.lsnc.net

Certificate

The complete raw certificate details for microscopy.nri.ucsb.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGfjCCBWagAwIBAgIRAKiOzjbJMmEGMOG5YcDBTxEwDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMTcwMzA5MDAwMDAwWhcNMjAwMzA4
MjM1OTU5WjCBrzELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTkzMTA2MQswCQYDVQQI
EwJDQTEWMBQGA1UEBxMNU2FudGEgQmFyYmFyYTEwMC4GA1UEChMnVW5pdmVyc2l0
eSBvZiBDYWxpZm9ybmlhLCBTYW50YSBCYXJiYXJhMRcwFQYDVQQLEw5TU0wgTWFu
YWdlbWVudDEgMB4GA1UEAxMXbWljcm9zY29weS5ucmkudWNzYi5lZHUwggIiMA0G
CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCw/Ph+GqHTj9bh9ITW7iqZ0rTkqmgE
ANR1aJdYme3FfrR4+b/Vpn2qhlTBkq98jLu1I21oQxFnCz9W2p5hNQnAn0wlD3Pm
xjhMvGcSQLODafEQfuehArzpe5a09MAb6ORoUxZlNqBojTYZo5R/lEC3PD27iBag
t3WBKqC4rZobQ9emwy3x5PWsn8z0R+DV72hl2tFh/uV4HUq4I07ZF8V7sjKoM9Wb
ZVYcn1NmfSCT20KBWpNsfJmo+FP/BlvPVvpHc8VwHITf+yt8qHWTDfAlvFs2i2a2
e1iyNka5/FBRhS8rrQ+LsEIE2sU2cfa/NcLk8FsjH9SmL0DKdNJWq+bl+ow/JD6U
m1oCx1vlSIzDLRQdBwBgKpjnQpkdjifKOKFQ/RMI9RtXjYljt6ndCzH0CQuRx8Vd
643JQW1nbCTYTS6CZSelG5NYdb9aoNOFxtMPPqFxdARMF+U1duU3A8Aj7hDVyFbn
05aOIqI7bGy+bV2sqDcCgna/v5LYZ0esaFyBp46RAWTFyNV7QmPNinCzy+hCn28z
d76WHYgwxV7He76f2NBRbmY20P0oqngA3BXT9o8u9XZQ9VFHpdPTcGpv/+b29bcf
pwN9NJZ1XToFb+1j8WRruoeSU0glq/115xy2rTZ5YwesVIz/2qp2W9giTf7u4NBe
uGj0gVB1AEidxQIDAQABo4IByzCCAccwHwYDVR0jBBgwFoAUHgWjd49sluJbh0um
tIascQAM5zgwHQYDVR0OBBYEFHDHYdM18uxvWN4iKgOxpBcA9/s+MA4GA1UdDwEB
/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
BQcDAjBnBgNVHSAEYDBeMFIGDCsGAQQBriMBBAMBATBCMEAGCCsGAQUFBwIBFjRo
dHRwczovL3d3dy5pbmNvbW1vbi5vcmcvY2VydC9yZXBvc2l0b3J5L2Nwc19zc2wu
cGRmMAgGBmeBDAECAjBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLmluY29t
bW9uLXJzYS5vcmcvSW5Db21tb25SU0FTZXJ2ZXJDQS5jcmwwdQYIKwYBBQUHAQEE
aTBnMD4GCCsGAQUFBzAChjJodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vSW5Db21t
b25SU0FTZXJ2ZXJDQV8yLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNl
cnRydXN0LmNvbTAiBgNVHREEGzAZghdtaWNyb3Njb3B5Lm5yaS51Y3NiLmVkdTAN
BgkqhkiG9w0BAQsFAAOCAQEAOJUEgCCu33a6fzrv+am21jRaxOPnJ8/oOxSlhjW9
/SngmpDti9wE7y8BCioFtv/I/px2nx4dOAeOFEa6ZimEs2UvcUnnjCFnR1T4SXKR
Vxrh3W9WNJht0aninMP8IxwwUhoKrXh/FaZQrqPCsy+DWm5wL4s/pBYX3riFx4hg
BlEOTK6nQOKlfV8/InnAKd6UXS/xIEjcetCCSE6Kv+o5ehb0QjWFahuDNgrGwyGk
Zjw0w4YwVZpZgLdyma8fGpN0mKGQKj7rTbe/PMCdtksVlCfkb+vVX0+eiUPHMMGr
1GRMeWyKkyvnrXYbEWXSUVG9mbkSpuDf1yjUdDusKQ2gYw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsPz4fhqh04/W4fSE1u4q
mdK05KpoBADUdWiXWJntxX60ePm/1aZ9qoZUwZKvfIy7tSNtaEMRZws/VtqeYTUJ
wJ9MJQ9z5sY4TLxnEkCzg2nxEH7noQK86XuWtPTAG+jkaFMWZTagaI02GaOUf5RA
tzw9u4gWoLd1gSqguK2aG0PXpsMt8eT1rJ/M9Efg1e9oZdrRYf7leB1KuCNO2RfF
e7IyqDPVm2VWHJ9TZn0gk9tCgVqTbHyZqPhT/wZbz1b6R3PFcByE3/srfKh1kw3w
JbxbNotmtntYsjZGufxQUYUvK60Pi7BCBNrFNnH2vzXC5PBbIx/Upi9AynTSVqvm
5fqMPyQ+lJtaAsdb5UiMwy0UHQcAYCqY50KZHY4nyjihUP0TCPUbV42JY7ep3Qsx
9AkLkcfFXeuNyUFtZ2wk2E0ugmUnpRuTWHW/WqDThcbTDz6hcXQETBflNXblNwPA
I+4Q1chW59OWjiKiO2xsvm1drKg3AoJ2v7+S2GdHrGhcgaeOkQFkxcjVe0JjzYpw
s8voQp9vM3e+lh2IMMVex3u+n9jQUW5mNtD9KKp4ANwV0/aPLvV2UPVRR6XT03Bq
b//m9vW3H6cDfTSWdV06BW/tY/Fka7qHklNIJav9decctq02eWMHrFSM/9qqdlvY
Ik3+7uDQXrho9IFQdQBIncUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 224051791962744331634295173074322018065
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-09 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-08 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '93106'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Santa Barbara'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of California, Santa Barbara'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SSL Management'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'microscopy.nri.ucsb.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 722048724371393726617375036570694087146218342291120854748841612541298766885957885930500861472843064617773608464824042126893006740320209116284687072197413245962899566208878831505456356822615262652105190072746508808401559628204179606525910182006683518402303285510004704187873048368793713451575893345304701878757251366771141762733340816019015844187991005039245348790665191758036543398175589578219847385790475396577697376650402332961879885912492753007897796866405933926329385413097737889146460559293738208659669875323676485121969969804565909611961608389006421332977004248858870439245700460973014859668513252598895717850322716570636914558586382618188750390900420714413121997275525371796236601046836010722968151612228884101487834236373765373047042143184613537459915465255494184137191901569347996905592737272684420226958210315053473784822491158507772061838858879059962158424088254650667858000509024843188627190953342749552389094535142578345154425312038805460483379435398886719709844184742334196508061660482012565563260568142249279019340081118847172311805823142673074071267038939578613152504898225000805189999996669056638605049379475966747505421270466710044829931240090929130826850918437117413047707493765280570064775164164356415680267460037
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							70c761d335f2ec6f58de222a03b1a41700f7fb3e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'microscopy.nri.ucsb.edu'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003895048020aedf76ba7f3aeff9a9b6d6345ac4e3e727cfe83b14a58635bdfd29e09a90ed8bdc04ef2f010a2a05b6ffc8fe9c769f1e1d38078e1446ba662984b3652f7149e78c21674754f8497291571ae1dd6f5634986dd1a9e29cc3fc231c30521a0aad787f15a650aea3c2b32f835a6e702f8b3fa41617deb885c7886006510e4caea740e2a57d5f3f2279c029de945d2ff12048dc7ad082484e8abfea397a16f44235856a1b83360ac6c321a4663c34c38630559a5980b77299af1f1a937498a1902a3eeb4db7bf3cc09db64b159427e46febd55f4f9e8943c730c1abd4644c796c8a932be7ad761b1165d25151bd99b912a6e0dfd728d4743bac290da063