obprodrest.ci.northwestern.edu

- Northwestern University -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 98:fb:71:00:4e:7b:fd:37:81:0a:57:67:78:62:f3:a5 was issued on by Internet2.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Northwestern University

Organization: Northwestern University
State / Province: Illinois
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 98:fb:71:00:4e:7b:fd:37:81:0a:57:67:78:62:f3:a5
Serial Number (int): 203348213807374391479364679086500934565
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 94:56:69:f3:f0:f5:3b:e5:66:6e:c3:66:af:20:35:20:20:74:f7:0f
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 27:64:7c:68:3e:70:2e:25:2c:5c:5f:2e:95:21:97:2e:d4:e0:79:e6
Fingerprint (sha256): 01:42:4d:aa:b0:a4:48:e1:37:ef:b9:86:82:16:1e:ad:fd:6e:4b:76:f3:a1:fe:9b:61:d5:f5:70:a1:c5:89:c6

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate obprodrest.ci.northwestern.edu

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for obprodrest.ci.northwestern.edu

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

obprodrest.ci.northwestern.edu
obdevrest.ci.northwestern.edu
obqarest.ci.northwestern.edu
onbaserest.northwestern.edu

Other certificates including the domain name northwestern.edu

(limited to 100 certificates)
evcasper.ci.northwestern.edu
zfsmweb02.fsm.northwestern.edu
*.soc.northwestern.edu
hub.mmlc.northwestern.edu
idmspqa5.ci.northwestern.edu
degree.ai.northwestern.edu
askplrc.law.northwestern.edu
faoadmin-dev.api.fsm.northwestern.edu
carpepm.almonds.com
catalyst-sync-gateway.fsm.northwestern.edu
account-inventory-dev.entapp.northwestern.edu
ssl6901.cloudflare.com
ct-stem.northwestern.edu
cps.northwestern.edu
secure.ard.northwestern.edu
boshercollection.northwestern.edu
5707931811053568-fe1.pantheonsite.io
osep.northwestern.edu
web.madstudio.northwestern.edu
degree.robotics.northwestern.edu
www.alumni.northwestern.edu
tls.automattic.com
sesdlab.northwestern.edu
fed.it.northwestern.edu
admissions.emeritus.org
badges.gmac.com
websso.it.northwestern.edu
teenshealth.qatar.northwestern.edu
cluster.technolutions.net
lingwebx.ci.northwestern.edu
lyncedge.northwestern.edu
medillwatchdog.medill.northwestern.edu
buddhist-art.arthistory.northwestern.edu
nubio.northwestern.edu
nextcloud.sesp.northwestern.edu
scientificpractices.sesp.northwestern.edu
gallery.kellogg.northwestern.edu
dev-websso.it.northwestern.edu
calendar.sdzsafaripark.org
sec-pagely.at.northwestern.edu
ishi.earth.northwestern.edu
lcanresearch.northwestern.edu
dialects.soc.northwestern.edu
evcsdskypse1.adsdev.northwestern.edu
cspac.eecs.northwestern.edu
catracks-dev.northwestern.edu
www.nsis-train.northwestern.edu
childlab.northwestern.edu
tls.automattic.com
labmail.misitlab.northwestern.edu
features.qatar.northwestern.edu
abct.ebbp.northwestern.edu
nuplansqa.northwestern.edu
ssl371003.cloudflaressl.com
lfeev.adsdev.northwestern.edu
apply.music.northwestern.edu
5693200475881472-fe2.pantheonsite.io
nuqcsptmg.qatar.northwestern.edu
tqn.sesp.northwestern.edu
slpd.northwestern.edu
sesp.northwestern.edu
www6.kellogg.northwestern.edu
ansys.mccormick.northwestern.edu
obprodrest.ci.northwestern.edu
ldapqa1.ci.northwestern.edu
ecocasting.northwestern.edu
cms7test2012.kellogg.northwestern.edu
sec-pagely.at.northwestern.edu
cdn-test.battlefields.org
zfsmweb01.fsm.northwestern.edu
ozzie.traffic.northwestern.edu
nuhr.northwestern.edu
vmath.northwestern.edu
ilabcentral.sesp.northwestern.edu
eecs211.cs.northwestern.edu
liszt.northwestern.edu
parisprogram.northwestern.edu
www.mccormick.northwestern.edu
citeak.multidevcom.uaf.edu
illinoisjudges.law.northwestern.edu
compphotolab.northwestern.edu
kisb21a.kellogg.northwestern.edu
securedns1.planmygift.org
securedns1.planmygift.org
chhr92uatibweb1.ci.northwestern.edu
orfa.northwestern.edu
webssodev-vip.ci.northwestern.edu
bora.cs.northwestern.edu
badges.gmac.com
argallab.northwestern.edu
gabrielse.physics.northwestern.edu
allancollins.northwestern.edu
biology.northwestern.edu
ecstest.entapp.northwestern.edu
uec.adea-cloud.northwestern.edu
courses1.northwestern.edu
www.cfp.physics.northwestern.edu
crs-dev.fsm.northwestern.edu
musictherapy.soc.northwestern.edu
www.jlsp.law.northwestern.edu

Certificate

The complete raw certificate details for obprodrest.ci.northwestern.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIHTCCBwWgAwIBAgIRAJj7cQBOe/03gQpXZ3hi86UwDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMjIxMjA2MDAwMDAwWhcNMjQwMTA2
MjM1OTU5WjBrMQswCQYDVQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxIDAeBgNV
BAoTF05vcnRod2VzdGVybiBVbml2ZXJzaXR5MScwJQYDVQQDEx5vYnByb2RyZXN0
LmNpLm5vcnRod2VzdGVybi5lZHUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
AoICAQCTD8tigFj6Kk4lw7ByoVx7SXX3T8sWI6cXPRS3IL3LsfAfXUVBZs6CDrfL
IfEVQ8vCI5VUtlyyE+/7pagYxAOfWI5sWHlwgHmEEEJst6aYC/5zAFJdtmufvCl9
jghlSzVIKy5WxAO1+O43tGMwjXkdnY/CHJgmVm+XNlUWDvefPA/gFxJj6QXvzjRw
e6PdItN+r4Bfqbk5jcSR/yuTIhr2HuSJI518GnPdq0wPCEDfwUUY578zek5Jxttl
NqEgqZXD9MjOpPWJOLk6XRDb3tNYTwkrYqT7bj09ilVjaMuw5DvMgdoI+lxSSUk4
Q3iOVjx1XVJIGhp0DzYXnr98PgxfjSKKBvVKgKpBSXgVNcnP7bcM1Bb4P9QvIWSG
UncsEnf727RSpOCjYdhJzloxCDkExmvfQhx8t/oSkbAfygDTmO0ue79P0qJ8F8Fz
dNuHE5DriYuvBQwQgGPETc3d8RLm/0ky6JydvcCTIb9rNy2FBGxLb68FIR9mygTo
lwrE/jQiC8lC7Uu0B04jXJbarOqelmGpVYxGhvOuKmdsgk/CarZxRJ3eSqL4GtL1
RJ8EEi84BgnRBHnv9MXNvOK/lHtywgM1i1PuC26n1SKXidnTOm56l5k+7EJSEbto
3x3Hcz4QckFef8Wqv68w9c/f7aYOUwNknZLRA47elWKn9OQv5QIDAQABo4IDrzCC
A6swHwYDVR0jBBgwFoAUHgWjd49sluJbh0umtIascQAM5zgwHQYDVR0OBBYEFJRW
afPw9TvlZm7DZq8gNSAgdPcPMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBnBgNVHSAEYDBeMFIGDCsG
AQQBriMBBAMBATBCMEAGCCsGAQUFBwIBFjRodHRwczovL3d3dy5pbmNvbW1vbi5v
cmcvY2VydC9yZXBvc2l0b3J5L2Nwc19zc2wucGRmMAgGBmeBDAECAjBEBgNVHR8E
PTA7MDmgN6A1hjNodHRwOi8vY3JsLmluY29tbW9uLXJzYS5vcmcvSW5Db21tb25S
U0FTZXJ2ZXJDQS5jcmwwdQYIKwYBBQUHAQEEaTBnMD4GCCsGAQUFBzAChjJodHRw
Oi8vY3J0LnVzZXJ0cnVzdC5jb20vSW5Db21tb25SU0FTZXJ2ZXJDQV8yLmNydDAl
BggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTCCAX4GCisGAQQB
1nkCBAIEggFuBIIBagFoAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xa
OnQAAAGE6Gy78AAABAMARzBFAiEA3F1FcW7fz7sYcuYcv/Hpjz2utIsKf0kDKgk9
cuct780CICICu3asoH81k5kuO+8GqD+dB2kRpTEobgzjdB76x7ihAHUA2ra/az+1
tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGE6Gy7vAAABAMARjBEAiA5y7yD
Mcpr4kU0u/gKYUtFO6pEq88DE5PTem8JROAMjQIgLMOVWe4unkilem02lkgvBoQP
O/aw/B0ayf+VKG6GEowAdwDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1
mwAAAYTobLuIAAAEAwBIMEYCIQDBMXtAeKex1aUebK94V6f2KmS0Qr4bot66Ds38
yNu9kwIhAJUgjjPsW2pRpIcEtXxUoiFOEHPsTWNsuFEy0k/6xv7jMIGDBgNVHREE
fDB6gh5vYnByb2RyZXN0LmNpLm5vcnRod2VzdGVybi5lZHWCHW9iZGV2cmVzdC5j
aS5ub3J0aHdlc3Rlcm4uZWR1ghxvYnFhcmVzdC5jaS5ub3J0aHdlc3Rlcm4uZWR1
ghtvbmJhc2VyZXN0Lm5vcnRod2VzdGVybi5lZHUwDQYJKoZIhvcNAQELBQADggEB
AGDgyems7pYStAKqMmd858gHfxg9a5rlN+o4WVx4BFxxEu1e4wv6dz3U4ZxmghhN
8uzGg3coX9z9lwtlDqiUBGEIMBjbPvtIs8Ny74e7n65TfiCNTcq1OEO2DMdb9u5l
XvT/uqAH50kRODEqNZwcBNaYvJRWTrplxHEq/HA7RRmawfBJcybS26r7G/4TSb+J
DHqJry3wTStJs88L2VGQHIjQr10fgliiYgROxjcVFMZrnB6v487thWdleAsdYMe1
QyU0/ywhVzJEVgmALZfYbewLZIl+k2vN0DtylVjReYaYUxrpxbKcYqj8NRBqqeuD
gfANb22l79xY+qug6xnmtDY=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkw/LYoBY+ipOJcOwcqFc
e0l190/LFiOnFz0UtyC9y7HwH11FQWbOgg63yyHxFUPLwiOVVLZcshPv+6WoGMQD
n1iObFh5cIB5hBBCbLemmAv+cwBSXbZrn7wpfY4IZUs1SCsuVsQDtfjuN7RjMI15
HZ2PwhyYJlZvlzZVFg73nzwP4BcSY+kF7840cHuj3SLTfq+AX6m5OY3Ekf8rkyIa
9h7kiSOdfBpz3atMDwhA38FFGOe/M3pOScbbZTahIKmVw/TIzqT1iTi5Ol0Q297T
WE8JK2Kk+249PYpVY2jLsOQ7zIHaCPpcUklJOEN4jlY8dV1SSBoadA82F56/fD4M
X40iigb1SoCqQUl4FTXJz+23DNQW+D/ULyFkhlJ3LBJ3+9u0UqTgo2HYSc5aMQg5
BMZr30IcfLf6EpGwH8oA05jtLnu/T9KifBfBc3TbhxOQ64mLrwUMEIBjxE3N3fES
5v9JMuicnb3AkyG/azcthQRsS2+vBSEfZsoE6JcKxP40IgvJQu1LtAdOI1yW2qzq
npZhqVWMRobzripnbIJPwmq2cUSd3kqi+BrS9USfBBIvOAYJ0QR57/TFzbziv5R7
csIDNYtT7gtup9Uil4nZ0zpuepeZPuxCUhG7aN8dx3M+EHJBXn/Fqr+vMPXP3+2m
DlMDZJ2S0QOO3pVip/TkL+UCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 203348213807374391479364679086500934565
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-06 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Illinois'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Northwestern University'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'obprodrest.ci.northwestern.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 599959380432665959514452044853930361592543819694209743396867563453891026233664038787193952324476849636859508700012834641352892783901194395407318575157586050694889490126499699109074932502928316155469668420436920502667784087276934187791241152038577421067936729317641120366052216274979897972620770380451499829140625122721162157549962928834564462344865333525558753197400969751135889367693901183246175391643055017876217958321746068222182893733505507865794820304290413037396171179353786556486583735032285501662104484194186044229259152390191338352588372441968913171534729427197002882573080715765660842459372889631641978602029371103459492298952671478188792810416966636112828618830140669961647786872606547328864506075355082555639003973578091246571149860346742702726305510206250014448521887401999646683188000446196626856825626936097183068766590148829145287021546941609920916112897472039938564555681468021257059132364650343789285060548191451040764042053173384356965725540397186081523927708587366048810569818505397961933244505934702144436100520692423592993360449140803629428531594997349314454814467844907086187738022522177618440810108299412125808585578670914289658230823238977583667629780615934672658020506036119871259264511465947837069741273061
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							945669f3f0f53be5666ec366af2035202074f70f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							016800760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a7400000184e86cbbf00000040300473045022100dc5d45716edfcfbb1872e61cbff1e98f3daeb48b0a7f49032a093d72e72defcd02202202bb76aca07f3593992e3bef06a83f9d076911a531286e0ce3741efac7b8a1007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000184e86cbbbc0000040300463044022039cbbc8331ca6be24534bbf80a614b453baa44abcf031393d37a6f0944e00c8d02202cc39559ee2e9e48a57a6d3696482f06840f3bf6b0fc1d1ac9ff95286e86128c007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000184e86cbb880000040300483046022100c1317b4078a7b1d5a51e6caf7857a7f62a64b442be1ba2deba0ecdfcc8dbbd9302210095208e33ec5b6a51a48704b57c54a2214e1073ec4d636cb85132d24ffac6fee3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'obprodrest.ci.northwestern.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'obdevrest.ci.northwestern.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'obqarest.ci.northwestern.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'onbaserest.northwestern.edu'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0060e0c9e9acee9612b402aa32677ce7c8077f183d6b9ae537ea38595c78045c7112ed5ee30bfa773dd4e19c6682184df2ecc68377285fdcfd970b650ea8940461083018db3efb48b3c372ef87bb9fae537e208d4dcab53843b60cc75bf6ee655ef4ffbaa007e7491138312a359c1c04d698bc94564eba65c4712afc703b45199ac1f0497326d2dbaafb1bfe1349bf890c7a89af2df04d2b49b3cf0bd951901c88d0af5d1f8258a262044ec6371514c66b9c1eafe3ceed856765780b1d60c7b5432534ff2c215732445609802d97d86dec0b64897e936bcdd03b729558d1798698531ae9c5b29c62a8fc35106aa9eb8381f00d6f6da5efdc58faaba0eb19e6b436