leaf.sr.unh.edu
- University System of New Hampshire -
Issued by InCommon RSA Server CA
About this certificate
This digital certificate with serial number a9:49:e0:d7:d3:bc:2b:75:13:e2:86:ea:41:80:f6:58 was issued on by Internet2.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
University System of New Hampshire
Organization:
University System of New Hampshire
State / Province:
New Hampshire
Country: US
Country: US
Internet2
Organization:
Internet2
Organization unit: InCommon
Organization unit: InCommon
State / Province:
MI
Locality: Ann Arbor
Country: US
Locality: Ann Arbor
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): a9:49:e0:d7:d3:bc:2b:75:13:e2:86:ea:41:80:f6:58Serial Number (int): 225023129317658803826485701992320661080
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 7d:96:49:50:cd:2c:b5:c2:d9:ff:9e:8b:58:77:e8:31:52:16:ce:d4
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38
Fingerprint (sha1): 3b:46:c6:0b:ce:73:c1:7f:8b:4d:81:06:f2:c4:e5:7a:c4:7e:f1:71
Fingerprint (sha256): 01:44:b7:9b:fd:30:a7:54:83:be:bb:38:f2:c6:83:f3:4a:29:0d:9c:1a:f6:61:e6:ba:73:3f:98:24:d5:06:fd
Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt
Revocation information
OCSP Server: http://ocsp.usertrust.comCRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl
Check the revocation status for certificate leaf.sr.unh.edu
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for leaf.sr.unh.edu
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
leaf.sr.unh.edu
Other certificates including the domain name unh.edu
(limited to 100 certificates)
oak.cs.unh.edu
law.unh.edu
graddevserver.unh.edu
prominence.unh.edu
dpdkdashboard.iol.unh.edu
fammob-test1.unh.edu
media.unh.edu
zeke.sr.unh.edu
leaf.sr.unh.edu
klima.sr.unh.edu
zeke.sr.unh.edu
atcirculation.unh.edu
q.sr.unh.edu
nicldb.unh.edu
ddc.unh.edu
cipher2.unh.edu
wwdrii.sr.unh.edu
*.libproxy.unh.edu
webapps.unh.edu
hcgs.unh.edu
library.unh.edu
apply.unh.edu
wintermute.sr.unh.edu
litwebsitedev.unh.edu
webauthdev.unh.edu
jointagencyvm.sr.unh.edu
tcpalo4-1-mgmt.unh.edu
idmdev.unh.edu
collegiatelink.studentvoice.com
at-training.unh.edu
phenocam.sr.unh.edu
mylogin.law.unh.edu
pacapp.cs.unh.edu
operations.onecampus.com
sirs-actutest.sr.unh.edu
kato.unh.edu
foss.unh.edu
owl.sr.unh.edu
applecore.sr.unh.edu
networking.unh.edu
place.sr.unh.edu
clusters.unh.edu
collegiatelink.studentvoice.com
ea-poe-cert.iol.unh.edu
icebridge.sr.unh.edu
fishercat.sr.unh.edu
rcc.sr.unh.edu
blackstar.sr.unh.edu
unity.unh.edu
idmdev.unh.edu
herculesdome.org
*.ccom.unh.edu
webmail.eos.sr.unh.edu
wsdev.unh.edu
posters.unh.edu
ddc.sr.unh.edu
owl.sr.unh.edu
scholars.unh.edu
bootcamp.unh.edu
nhihpp-backups.sr.unh.edu
appropriations.unh.edu
waterviz.org
nuclear.unh.edu
law.unh.edu
*.libproxy.unh.edu
posters.unh.edu
bootcamp.unh.edu
clockwork.unh.edu
alumni.law.unh.edu
*.iol.unh.edu
admissions.unh.edu
apexdev.unh.edu
marco2.unh.edu
admissions.unh.edu
dawn.sr.unh.edu
www.iol.unh.edu
bugzilla.sr.unh.edu
www.library.unh.edu
www.transfer.unh.edu
ww.vpn.unh.edu
unhconnect.unh.edu
dawn.sr.unh.edu
hastings.unh.edu
akamai-san192.exacttarget.com
mycourses.unh.edu
enterprise.vpn.unh.edu
prc.unh.edu
gradschool.unh.edu
contracts.unh.edu
housingonline.unh.edu
co-gen-gw.unh.edu
lists.unh.edu
ipmall.info
ciceet.unh.edu
saip2.unh.edu
exchange.unh.edu
blackbaudfrogprod.unh.edu
leaf.sr.unh.edu
connect.vpn.unh.edu
www.unh.edu
law.unh.edu
graddevserver.unh.edu
prominence.unh.edu
dpdkdashboard.iol.unh.edu
fammob-test1.unh.edu
media.unh.edu
zeke.sr.unh.edu
leaf.sr.unh.edu
klima.sr.unh.edu
zeke.sr.unh.edu
atcirculation.unh.edu
q.sr.unh.edu
nicldb.unh.edu
ddc.unh.edu
cipher2.unh.edu
wwdrii.sr.unh.edu
*.libproxy.unh.edu
webapps.unh.edu
hcgs.unh.edu
library.unh.edu
apply.unh.edu
wintermute.sr.unh.edu
litwebsitedev.unh.edu
webauthdev.unh.edu
jointagencyvm.sr.unh.edu
tcpalo4-1-mgmt.unh.edu
idmdev.unh.edu
collegiatelink.studentvoice.com
at-training.unh.edu
phenocam.sr.unh.edu
mylogin.law.unh.edu
pacapp.cs.unh.edu
operations.onecampus.com
sirs-actutest.sr.unh.edu
kato.unh.edu
foss.unh.edu
owl.sr.unh.edu
applecore.sr.unh.edu
networking.unh.edu
place.sr.unh.edu
clusters.unh.edu
collegiatelink.studentvoice.com
ea-poe-cert.iol.unh.edu
icebridge.sr.unh.edu
fishercat.sr.unh.edu
rcc.sr.unh.edu
blackstar.sr.unh.edu
unity.unh.edu
idmdev.unh.edu
herculesdome.org
*.ccom.unh.edu
webmail.eos.sr.unh.edu
wsdev.unh.edu
posters.unh.edu
ddc.sr.unh.edu
owl.sr.unh.edu
scholars.unh.edu
bootcamp.unh.edu
nhihpp-backups.sr.unh.edu
appropriations.unh.edu
waterviz.org
nuclear.unh.edu
law.unh.edu
*.libproxy.unh.edu
posters.unh.edu
bootcamp.unh.edu
clockwork.unh.edu
alumni.law.unh.edu
*.iol.unh.edu
admissions.unh.edu
apexdev.unh.edu
marco2.unh.edu
admissions.unh.edu
dawn.sr.unh.edu
www.iol.unh.edu
bugzilla.sr.unh.edu
www.library.unh.edu
www.transfer.unh.edu
ww.vpn.unh.edu
unhconnect.unh.edu
dawn.sr.unh.edu
hastings.unh.edu
akamai-san192.exacttarget.com
mycourses.unh.edu
enterprise.vpn.unh.edu
prc.unh.edu
gradschool.unh.edu
contracts.unh.edu
housingonline.unh.edu
co-gen-gw.unh.edu
lists.unh.edu
ipmall.info
ciceet.unh.edu
saip2.unh.edu
exchange.unh.edu
blackbaudfrogprod.unh.edu
leaf.sr.unh.edu
connect.vpn.unh.edu
www.unh.edu
Certificate
The complete raw certificate details for leaf.sr.unh.edu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHtTCCBp2gAwIBAgIRAKlJ4NfTvCt1E+KG6kGA9lgwDQYJKoZIhvcNAQELBQAw djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMjIwOTAzMDAwMDAwWhcNMjMwOTAz MjM1OTU5WjBsMQswCQYDVQQGEwJVUzEWMBQGA1UECBMNTmV3IEhhbXBzaGlyZTEr MCkGA1UEChMiVW5pdmVyc2l0eSBTeXN0ZW0gb2YgTmV3IEhhbXBzaGlyZTEYMBYG A1UEAxMPbGVhZi5zci51bmguZWR1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC CgKCAgEA5eF18OtW6W2nx+GGNONqVIga+IIqnYsZOH9IcFl/DyZkRbgSpQTaKGSR 7TTsvR651pkvLiT7SKOx04WHPU61OKBilnfyn/BNdKvRKRGUpHxi5j6r/xxEQKLw 20H3rWkP0hPgREg/bg6Ro24Y2ItNVKuuBPZ5O67iE+ZvKz0DRbFxKs0j2zE7JbvU 6BlD9UL+ibEXVm0xATXcdDmIIVxCszgpJ1ro0GFHN4c7GecnHsOMjXmPo88P42qp UpBXSIhJAbhvBtpKMFBfDv9Rov8IUdMnyruAxXkkdpX6q2/Q1WmOnskI4t/AQQel zja5KcJmQ08E7npVIkyCnt0fNJdbvlPeg/3fgYPK0ZZ5dL63W84zka+INEa5aUxb B9dsVl2AzlKqrB7RRAlfkDCraBdFM8+M1VorF/y/xRcfRnEXes+WPqCDeHpaBxgB ILgECE4fFzpC3UALQAoVjiT/nXgh3Ptt+7tJQT6H9rrbekQhSpVMMPoVNEuvKgHo rZO/78r7PmY8jxIl//UAwv2h0FEB35ha/FW6AyA/tFKz8ujgQ1SF1z9o/HzrgBWP xIgv1TvDeBFF5PESJGWJ4M/+V3Eo90onKy4KbKeKIjFWPU2azEeDHq5aeF1IVZGf TEdTkaT/oxWFxdXZtDAs85v7A5cTiFnoz3srviN4JSBUD5HVnr0CAwEAAaOCA0Yw ggNCMB8GA1UdIwQYMBaAFB4Fo3ePbJbiW4dLprSGrHEADOc4MB0GA1UdDgQWBBR9 lklQzSy1wtn/notYd+gxUhbO1DAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwZwYDVR0gBGAwXjBSBgwr BgEEAa4jAQQDAQEwQjBABggrBgEFBQcCARY0aHR0cHM6Ly93d3cuaW5jb21tb24u b3JnL2NlcnQvcmVwb3NpdG9yeS9jcHNfc3NsLnBkZjAIBgZngQwBAgIwRAYDVR0f BD0wOzA5oDegNYYzaHR0cDovL2NybC5pbmNvbW1vbi1yc2Eub3JnL0luQ29tbW9u UlNBU2VydmVyQ0EuY3JsMHUGCCsGAQUFBwEBBGkwZzA+BggrBgEFBQcwAoYyaHR0 cDovL2NydC51c2VydHJ1c3QuY29tL0luQ29tbW9uUlNBU2VydmVyQ0FfMi5jcnQw JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wGgYDVR0RBBMw EYIPbGVhZi5zci51bmguZWR1MIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgCt 9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAYMAs9JNAAAEAwBHMEUC IGKWsnkjnQ0KDO73RDK23Bqz8jkjQpG/orXDCFhmzUfYAiEA6vG3kh7KQhcOTh28 IlTj6Bgar19uaQFGeR7A2gtvNBEAdwB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9Ir wTpXo1LrUgAAAYMAs9JQAAAEAwBIMEYCIQDrGuK5Co+i1zoB/gFnol2zNogqDnYK GeYeqpybj3xG1AIhAMyOzys918s5pu4AVW1WU93WFm0BZDUoUHm7EweGANa+AHYA 6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4AAAGDALPSJwAABAMARzBF AiAJ6Am4qZG0Lx+wUG5ije94WqM9/gW2KbTWufBo/vjSaAIhAMAda1+89BD1Qemy A5AWrDNK/0PPH0IfK3+FClJt1hq8MA0GCSqGSIb3DQEBCwUAA4IBAQAsJo0287Oy JaWhOk0XXzRF2LKK7xaeW7S6eSDV87KTDiI4v0YAmuAnjo5ybXMD5cZCEiemQcGE bjCkhNhU6FcxEvxDYZlZ6KQCw7lCv/I468N+VE4n/u8KiTdDBrgr7ucZfEZp9TI1 kaNOuAXhdWgW1HQDDySaguAbKN9ns/RUNE7UXJcO9Fei2X0AE4V8lymHzusu7Y/c v9FTbY9Gq4DlAVQnGkixZHZ3V1E0vvJGgTBePCbNXj3TKnfribT/iO+x9HjbU99s CYXudjfF6gui3oHY1HkN7M1LyEcklipnRHZE0mOI4+EeL8erO1SYD9+qRKplT3+d sd+s5YZxV+kn -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5eF18OtW6W2nx+GGNONq VIga+IIqnYsZOH9IcFl/DyZkRbgSpQTaKGSR7TTsvR651pkvLiT7SKOx04WHPU61 OKBilnfyn/BNdKvRKRGUpHxi5j6r/xxEQKLw20H3rWkP0hPgREg/bg6Ro24Y2ItN VKuuBPZ5O67iE+ZvKz0DRbFxKs0j2zE7JbvU6BlD9UL+ibEXVm0xATXcdDmIIVxC szgpJ1ro0GFHN4c7GecnHsOMjXmPo88P42qpUpBXSIhJAbhvBtpKMFBfDv9Rov8I UdMnyruAxXkkdpX6q2/Q1WmOnskI4t/AQQelzja5KcJmQ08E7npVIkyCnt0fNJdb vlPeg/3fgYPK0ZZ5dL63W84zka+INEa5aUxbB9dsVl2AzlKqrB7RRAlfkDCraBdF M8+M1VorF/y/xRcfRnEXes+WPqCDeHpaBxgBILgECE4fFzpC3UALQAoVjiT/nXgh 3Ptt+7tJQT6H9rrbekQhSpVMMPoVNEuvKgHorZO/78r7PmY8jxIl//UAwv2h0FEB 35ha/FW6AyA/tFKz8ujgQ1SF1z9o/HzrgBWPxIgv1TvDeBFF5PESJGWJ4M/+V3Eo 90onKy4KbKeKIjFWPU2azEeDHq5aeF1IVZGfTEdTkaT/oxWFxdXZtDAs85v7A5cT iFnoz3srviN4JSBUD5HVnr0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 225023129317658803826485701992320661080 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-09-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Hampshire' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University System of New Hampshire' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'leaf.sr.unh.edu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 937831458129194162226879851457888892301589155880014554025736134402817417024342414398484797392837209186375523163985670504900262268414607081229488197689315834819225575315903801478634799269801682602926340842351351064021504302739636196539389321314152355138152574392732581162216726687628074838253471183044915558350272820299215350822351988757358270009135253253959024157999081816190824030999829830924320370674952897523909102281835474176434666271458851293846675953800846843666306062947509635971090355853221457257985795977905488256315568724813507386141401391167394434514784755267103220058701144347108137608583426682357682122391575952370236119894844036868425396593446948495210466689154062629512795047121145459830219214893469907550250369175230631164097963798667965417644973741443327770805427461675323163257219744035530670182332031214950706066016187940558716123924254925645323453554934713355891585078326755198784771508724283938224317708936164024854798748008383996616913135217438579145845787415059573183390483296596401132357119160065986586078597892402056501809083572428918284924140751545860150441078874666994528571229871595057350438246743026708418993723220216095780719462226331800983285826087889983443912308845000757942120190363663325974431637181 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7d964950cd2cb5c2d9ff9e8b5877e8315216ced4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'leaf.sr.unh.edu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000018300b3d24d000004030047304502206296b279239d0d0a0ceef74432b6dc1ab3f239234291bfa2b5c3085866cd47d8022100eaf1b7921eca42170e4e1dbc2254e3e8181aaf5f6e690146791ec0da0b6f34110077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018300b3d2500000040300483046022100eb1ae2b90a8fa2d73a01fe0167a25db336882a0e760a19e61eaa9c9b8f7c46d4022100cc8ecf2b3dd7cb39a6ee00556d5653ddd6166d016435285079bb13078600d6be007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018300b3d2270000040300473045022009e809b8a991b42f1fb0506e628def785aa33dfe05b629b4d6b9f068fef8d268022100c01d6b5fbcf410f541e9b2039016ac334aff43cf1f421f2b7f850a526dd61abc . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002c268d36f3b3b225a5a13a4d175f3445d8b28aef169e5bb4ba7920d5f3b2930e2238bf46009ae0278e8e726d7303e5c6421227a641c1846e30a484d854e8573112fc43619959e8a402c3b942bff238ebc37e544e27feef0a89374306b82beee7197c4669f5323591a34eb805e1756816d474030f249a82e01b28df67b3f454344ed45c970ef457a2d97d0013857c972987ceeb2eed8fdcbfd1536d8f46ab80e50154271a48b1647677575134bef24681305e3c26cd5e3dd32a77eb89b4ff88efb1f478db53df6c0985ee7637c5ea0ba2de81d8d4790deccd4bc84724962a67447644d26388e3e11e2fc7ab3b54980fdfaa44aa654f7f9db1dface5867157e927