kdcproxy.ad.rit.edu

- Rochester Institute of Technology -

Issued by InCommon RSA Server CA 2

About this certificate

This digital certificate with serial number e2:31:20:2b:00:df:c2:ba:24:13:0e:86:0b:85:24:2e was issued on by Internet2.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Rochester Institute of Technology

Organization: Rochester Institute of Technology
State / Province: New York
Country: US

Internet2

Organization: Internet2
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): e2:31:20:2b:00:df:c2:ba:24:13:0e:86:0b:85:24:2e
Serial Number (int): 300660602037648008827444046883832800302
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 27:45:14:f8:95:f7:2c:7a:09:54:b7:d6:ac:28:85:c7:d2:dd:e4:48
AuthorityKeyId: ef:4c:00:92:a6:fb:76:2e:5e:95:e2:c9:5f:87:1b:19:d5:4d:e2:d9

Fingerprint (sha1): cc:57:0c:b7:e3:15:e1:73:c7:e3:a8:f6:c7:72:34:f3:06:63:78:7a
Fingerprint (sha256): 01:2b:db:bb:85:47:04:e1:bc:ea:43:8e:70:98:f3:d2:9a:bd:b3:dc:03:ed:eb:1b:20:2d:c8:4a:13:55:01:85

Issuing Certificate URL: http://crt.sectigo.com/InCommonRSAServerCA2.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/InCommonRSAServerCA2.crl

Check the revocation status for certificate kdcproxy.ad.rit.edu

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for kdcproxy.ad.rit.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

kdcproxy.ad.rit.edu
kdcproxy.main.ad.rit.edu
pta01a.ad.rit.edu
pta01b.ad.rit.edu
pta01c.ad.rit.edu

Other certificates including the domain name rit.edu

(limited to 100 certificates)
3dprint.csh.rit.edu
elkmoose.student.rit.edu
us.prod.campusgroups.com
ezproxy.rit.edu
arthouse.rit.edu
www.rit.edu
michaelfrancis.me
cluster3.technolutions.net
spam.rit.edu
us.prod.campusgroups.com
dbadmin.istlabs.rit.edu
bcc1.talentera.com
vems.main.ad.rit.edu
cs.rit.edu
hvz.rit.edu
afsabre.rit.edu
kdcproxy.ad.rit.edu
www.rit.edu
print02.main.ad.rit.edu
game.csh.rit.edu
inspirationalshitposts.a.csh.rit.edu
fma.rit.edu
apps-alpha.scb.rit.edu
www.rit.edu
cluster3.technolutions.net
astrodance.rit.edu
nga.scb.rit.edu
git.csh.rit.edu
myportal.rit.edu
www.rit.edu
oops.rit.edu
git.csh.rit.edu
croatia.rit.edu
hogs.rit.edu
us.prod.campusgroups.com
grapeape.se.rit.edu
spiritpass.rit.edu
openevals.rit.edu
reports.ntid.rit.edu
kgcoe-msdpics.rit.edu
crmstage-des.rit.edu
vpr-sandbox.rc.rit.edu
cias-jira.rit.edu
sites.sg.rit.edu
pawprints.rit.edu
cias-confluence.rit.edu
samurai.csh.rit.edu
www.ist.rit.edu
bcc1.talentera.com
moonbounce.rit.edu
myupktest.rit.edu
castnet.rit.edu
cadetsrv.main.ad.rit.edu
crmprod-des.rit.edu
filedump.se.rit.edu
api.rit.edu
www.rit.edu
reslab.rit.edu
rit.edu
myportaladmin.rit.edu
ritmailtest.rit.edu
evt.rit.edu
us.prod.campusgroups.com
rlescloud.main.ad.rit.edu
jenky.csh.rit.edu
www.rit.edu
www.rit.edu
headcount.se.rit.edu
monitor.istlabs.rit.edu
argo.csh.rit.edu
people.rit.edu
purple.student.rit.edu
infoguides.rit.edu
msdnaa.rit.edu
mabl.rit.edu
us.prod.campusgroups.com
croatia.rit.edu
appsdev.ntid.rit.edu
www.rit.edu
bcc1.talentera.com
twcosxserver01.main.ad.rit.edu
scholarworks.rit.edu
www2.rit.edu
myinfographicsd.main.ad.rit.edu
*.ce.rit.edu
careerservices.rit.edu
ritanime.rit.edu
witr.rit.edu
ntidwb01d.ntid.rit.edu
ccserv.rit.edu
aod.rit.edu
swen-ads.igm.rit.edu
mabl.rit.edu
taco.student.rit.edu
myinfo.rit.edu
vm344c.se.rit.edu
imap.se.rit.edu
openbsd.se.rit.edu
*.ce.rit.edu
cluster3.technolutions.net

Certificate

The complete raw certificate details for kdcproxy.ad.rit.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHMjCCBZqgAwIBAgIRAOIxICsA38K6JBMOhguFJC4wDQYJKoZIhvcNAQEMBQAw
RDELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCUludGVybmV0MjEhMB8GA1UEAxMYSW5D
b21tb24gUlNBIFNlcnZlciBDQSAyMB4XDTI0MDUzMTAwMDAwMFoXDTI1MDcwMTIz
NTk1OVowajELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE5ldyBZb3JrMSowKAYDVQQK
EyFSb2NoZXN0ZXIgSW5zdGl0dXRlIG9mIFRlY2hub2xvZ3kxHDAaBgNVBAMTE2tk
Y3Byb3h5LmFkLnJpdC5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDZbY64HoUYy2sjExvXh9WskbxmDlqaVkOAZyTUB2srPhkM9naSq7rard6rE+Ep
dARB/E9WNU52CeLBgSnVJqHwBoKdnyIGDnZGaVP5/CjCNv9bMPJyH9hQsTUf6GCb
CR0UYegM7CtuqevGWttRfxHimd9v/PcNVAScZW3jLV5oubegiLt0T3vRRtgV7evJ
cpdIi6nf/jqRX0zQowJTGgFwoxQPAsYuLPeo6Tvyq47PWAUUuxzyW04+ZUCtgznC
XE9j+refQmPmkEnnpkqJuQB93bSyDOLXGqy4/Te7EDJooyUwJJ8X+trIzR2W2e6D
KN8ESXr+SYpknhm0ldPzpElZAgMBAAGjggN3MIIDczAfBgNVHSMEGDAWgBTvTACS
pvt2Ll6V4slfhxsZ1U3i2TAdBgNVHQ4EFgQUJ0UU+JX3LHoJVLfWrCiFx9Ld5Egw
DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAmcwJTAjBggrBgEF
BQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQICMEAGA1UdHwQ5
MDcwNaAzoDGGL2h0dHA6Ly9jcmwuc2VjdGlnby5jb20vSW5Db21tb25SU0FTZXJ2
ZXJDQTIuY3JsMHAGCCsGAQUFBwEBBGQwYjA7BggrBgEFBQcwAoYvaHR0cDovL2Ny
dC5zZWN0aWdvLmNvbS9JbkNvbW1vblJTQVNlcnZlckNBMi5jcnQwIwYIKwYBBQUH
MAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMIIBgAYKKwYBBAHWeQIEAgSCAXAE
ggFsAWoAdwDd3Mo0ldfhFgXnlTL6x5/4PRxQ39sAOhQSdgosrLvIKgAAAY/L/ljz
AAAEAwBIMEYCIQCJK/LWtvm5X/EmkmxeQjaZpAcwlUer1VqFGjVyP3xFKAIhAK7p
o+4gQB7X4TE8HMdDHc+3IVkTTJVaZY7TK9/KeShZAHcADeHyMCvTDcFAYhIJ6lUu
/Ed0fLHX6TDvDkIetH5OqjQAAAGPy/5YtwAABAMASDBGAiEAq3ylxhAuF+YIdEZ0
2M/P3eXaK63180NZ0NPPXaPJQeICIQCWIWwX3gFXOE7IFe9DqdJJMqL15W+XFh2W
qpltkZkGmQB2ABLxTjS9U3JMhAYZw48/ehP457Vih4icbTAFhOvlhiY6AAABj8v+
WJMAAAQDAEcwRQIhAKZp8Mkdldr9PAEsG0f90t10D6liNN6r3wKS0fBFwfDcAiBS
KFLZNJ7AgNaf8reytJgV5eCCgh8V1acmRQkj5xaAojBxBgNVHREEajBoghNrZGNw
cm94eS5hZC5yaXQuZWR1ghhrZGNwcm94eS5tYWluLmFkLnJpdC5lZHWCEXB0YTAx
YS5hZC5yaXQuZWR1ghFwdGEwMWIuYWQucml0LmVkdYIRcHRhMDFjLmFkLnJpdC5l
ZHUwDQYJKoZIhvcNAQEMBQADggGBAA4+i95oMepqKLEVmDrMnyyHNAdzpPiTvJiF
k5swxxW/D8LQVFzKDXj37UfraC1UND0iMmxyZ+9h21kVAQpWRK76LraJFU9MwfCq
0ekzmJvoiKl6JCitvUWC6Vwdxvyom3Zjtk+N/If7GwPjliebgKcGT/HtQjTGpUOW
g0kWN29LNEunFOQpC90gkPqQ23JsdGTULGlm7jyIzjmoJ6rdjr63uwxtLXpqfBpN
IChhHBCBZVop7bhzqIhSqWe46dpEcMWQfvoaWYmCorrEWRiih3YIcKpt3OksUDKf
UyHs6+pn5hpRcNWP6NmQyCWa0VoYuSzt4KrZdsDrM3xE+IgHlbYv3iIfYQeBFFoX
7343JNKRXeurqEaCVnGhSTqagO0/2JASI6Z84kdYB3fNDmrsP7TTPqEF8EQ+a8Q8
4/O+BuRRjONO7HS/RpE680FiqPP4F6ZUNDEH+plWp3roOUiOBFQDEVpesDPEvggy
bc7HNe3O69tqOKct+deAuqQK86pmgw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2W2OuB6FGMtrIxMb14fV
rJG8Zg5amlZDgGck1AdrKz4ZDPZ2kqu62q3eqxPhKXQEQfxPVjVOdgniwYEp1Sah
8AaCnZ8iBg52RmlT+fwowjb/WzDych/YULE1H+hgmwkdFGHoDOwrbqnrxlrbUX8R
4pnfb/z3DVQEnGVt4y1eaLm3oIi7dE970UbYFe3ryXKXSIup3/46kV9M0KMCUxoB
cKMUDwLGLiz3qOk78quOz1gFFLsc8ltOPmVArYM5wlxPY/q3n0Jj5pBJ56ZKibkA
fd20sgzi1xqsuP03uxAyaKMlMCSfF/rayM0dltnugyjfBEl6/kmKZJ4ZtJXT86RJ
WQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 300660602037648008827444046883832800302
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA 2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-31 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-01 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rochester Institute of Technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kdcproxy.ad.rit.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27447736992906458047537135950938113077080990256754567253773678205829816959036434551590877510716287897514805161141852625765098122624621973338685304806513333462093376503186776231805509441270420790740756800613811454310317470597625063406334759924341853304432742355926718355940775721427048030798076127274929587947977015545242418571675438526966812126706402635328031156807880543432973039868226529460817977576935361494786676975148909087170709050025347050549646518646431885340960610334196818531610594861686558724574407564697359320801507008819761422941632024900394939259460778201903219748323616773618614135768965867062813804889
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ef4c0092a6fb762e5e95e2c95f871b19d54de2d9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							274514f895f72c7a0954b7d6ac2885c7d2dde448
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.103
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/InCommonRSAServerCA2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/InCommonRSAServerCA2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a007700dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a0000018fcbfe58f30000040300483046022100892bf2d6b6f9b95ff126926c5e423699a407309547abd55a851a35723f7c4528022100aee9a3ee20401ed7e1313c1cc7431dcfb72159134c955a658ed32bdfca7928590077000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa340000018fcbfe58b70000040300483046022100ab7ca5c6102e17e608744674d8cfcfdde5da2badf5f34359d0d3cf5da3c941e202210096216c17de0157384ec815ef43a9d24932a2f5e56f97161d96aa996d9199069900760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a0000018fcbfe58930000040300473045022100a669f0c91d95dafd3c012c1b47fdd2dd740fa96234deabdf0292d1f045c1f0dc0220522852d9349ec080d69ff2b7b2b49815e5e082821f15d5a726450923e71680a2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kdcproxy.ad.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kdcproxy.main.ad.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pta01a.ad.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pta01b.ad.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pta01c.ad.rit.edu'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (3072 bits)
		000e3e8bde6831ea6a28b115983acc9f2c87340773a4f893bc9885939b30c715bf0fc2d0545cca0d78f7ed47eb682d54343d22326c7267ef61db5915010a5644aefa2eb689154f4cc1f0aad1e933989be888a97a2428adbd4582e95c1dc6fca89b7663b64f8dfc87fb1b03e396279b80a7064ff1ed4234c6a54396834916376f4b344ba714e4290bdd2090fa90db726c7464d42c6966ee3c88ce39a827aadd8ebeb7bb0c6d2d7a6a7c1a4d2028611c1081655a29edb873a88852a967b8e9da4470c5907efa1a598982a2bac45918a287760870aa6ddce92c50329f5321ecebea67e61a5170d58fe8d990c8259ad15a18b92cede0aad976c0eb337c44f8880795b62fde221f610781145a17ef7e3724d2915debaba846825671a1493a9a80ed3fd8901223a67ce247580777cd0e6aec3fb4d33ea105f0443e6bc43ce3f3be06e4518ce34eec74bf46913af34162a8f3f817a654343107fa9956a77ae839488e045403115a5eb033c4be08326dcec735edceebdb6a38a72df9d780baa40af3aa6683