sustain.iu.edu

- Indiana University-Bloomington -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 8b:e3:c2:15:6d:76:30:e2:a7:8a:53:cb:6d:20:95:a4 was issued on by Internet2.

With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Indiana University-Bloomington

Organization: Indiana University-Bloomington
Organization unit: University Information Technology Services
Address: 107 South Indiana Ave
Postal code: 47405
State / Province: Indiana
Locality: Bloomington
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 8b:e3:c2:15:6d:76:30:e2:a7:8a:53:cb:6d:20:95:a4
Serial Number (int): 185945279286121983600787970296113042852
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: ac:87:1f:5a:77:30:4c:7a:1a:35:ee:6a:46:58:0d:2e:ee:9e:8a:61
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 2b:7f:65:ac:49:30:f4:78:3a:11:a6:96:a4:55:f8:66:b8:e0:30:2b
Fingerprint (sha256): 01:58:60:a4:45:46:b4:8a:73:93:fe:8d:f2:c8:c5:b5:4f:b5:11:1a:ee:0d:ee:27:a4:b3:83:11:f1:14:88:ba

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate sustain.iu.edu

13

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sustain.iu.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sustain.iu.edu
bicycle.indiana.edu
breg.indiana.edu
ewaste.indiana.edu
greenrps.indiana.edu
nowaste.indiana.edu
sustain.indiana.edu
www.bicycle.indiana.edu
www.breg.indiana.edu
www.ewaste.indiana.edu
www.greenrps.indiana.edu
www.nowaste.indiana.edu
www.sustain.indiana.edu

Other certificates including the domain name iu.edu

(limited to 100 certificates)
helpnet.iu.edu
bl-bus-msfile1.ads.iu.edu
crimsoncardphoto-stage.ait.iu.edu
bl-geol-montana.geology.iu.edu
bl-s4b-dirpool.ads.iu.edu
innovate.medicine.iu.edu
lmsproxy-beta.uits.iu.edu
rs.iu.edu
sb-psy-laddnas.ads.iu.edu
eds.iu.edu
content.mdpi.iu.edu
uisapp.iu.edu
cennoc.grnoc.iu.edu
dc-snmp.wcc.grnoc.iu.edu
opera.imu.indiana.edu
slis.iu.edu
lux4.uits.iu.edu
coreapi-qa.ait.iu.edu
owa.exchange.iu.edu
meeting.unicom.iu.edu
es-rm-prd.uits.iu.edu
netsage-demo.grnoc.iu.edu
test2.uisapp2.iu.edu
ibw.ph2tst.iu.edu
temp.mobileuse.vpcpf.iu.edu
iulicensing.iu.edu
status.iu.edu
mike.sca.iu.edu
iu.edu
mail.ll.grnoc.iu.edu
msupdate.iu.edu
sn-tools.grnoc.iu.edu
cishell.wiki.cns.iu.edu
uconnectlabs.com
appstest.anesthesia.iu.edu
ps1dev.iu.edu
original-oncourse.iu.edu
gmoc-db.grnoc.iu.edu
sustain.iu.edu
in-cci-cmdctr.ads.iu.edu
esdbm96t.uits.iu.edu
proxyse.uits.iu.edu
internal.sharepoint.iu.edu
footprints.iu.edu
app.teaching.iu.edu
mon-classify-stage.grnoc.iu.edu
styleguide.communications.iu.edu
crimsonconnect.iuf.iu.edu
jenkins.grnoc.iu.edu
uconnectlabs.com
in-cci-f5-1.ads.iu.edu
calendar.grnoc.iu.edu
netsage-demo.grnoc.iu.edu
in-peds-casper.ads.iu.edu
dev.mckinneylaw.iu.edu
dc-snmp.wcc.grnoc.iu.edu
db2.ctc.grnoc.iu.edu
camelx.uiso.iu.edu
iujur.iu.edu
icb.grnoc.iu.edu
frontend.tsds.bldc.grnoc.iu.edu
in-peds-sql02d.pediatrics.iu.edu
testmms.iu.edu
email.kelley.iu.edu
twiki.grid.iu.edu
sk80-dev.grnoc.iu.edu
cds-stage.grnoc.iu.edu
securitycenter.iu.edu
pre.kb.iu.edu
eroteeth.iuni.iu.edu
npmjs.iu.edu
accountingblog.kelley.iu.edu
pravilla-dev7.grnoc.iu.edu
www.oudecho.iu.edu
sci2.cns.iu.edu
mas-test.iu.edu
help.ppa.iu.edu
bl-s4b-fepool.testads.iu.edu
sqlserver-prod.dpa.uits.iu.edu
jenkins.grnoc.iu.edu
iufservices.iu.edu
testbridge.iu.edu
oneshotx.uiso.iu.edu
ds-dev.iu.edu
iu-cv-xa7psf-02.uits.indiana.edu
ajyong-dev7.grnoc.iu.edu
essch02.uits.iu.edu
external-relay.indiana.edu
webtest.iu.edu
womensblog.kelley.iu.edu
wcmstest-p.uits.iu.edu
iu.goranku.com
iu-iusm-biopp1s.ads.iu.edu
passphrase.iu.edu
mt.sharepoint.iu.edu
prod.livesupport.iu.edu
proxy.ulib.uits.iu.edu
uconnectlabs.com
test.uisapp2.iu.edu
sn-tools-test.grnoc.iu.edu

Certificate

The complete raw certificate details for sustain.iu.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGyzCCBbOgAwIBAgIRAIvjwhVtdjDip4pTy20glaQwDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMTgwODIyMDAwMDAwWhcNMjAwODIx
MjM1OTU5WjCB3DELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTQ3NDA1MRAwDgYDVQQI
EwdJbmRpYW5hMRQwEgYDVQQHEwtCbG9vbWluZ3RvbjEeMBwGA1UECRMVMTA3IFNv
dXRoIEluZGlhbmEgQXZlMScwJQYDVQQKEx5JbmRpYW5hIFVuaXZlcnNpdHktQmxv
b21pbmd0b24xMzAxBgNVBAsTKlVuaXZlcnNpdHkgSW5mb3JtYXRpb24gVGVjaG5v
bG9neSBTZXJ2aWNlczEXMBUGA1UEAxMOc3VzdGFpbi5pdS5lZHUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS/Ef5SfNsvt+HQo+lzHsDblM9NnvkPBU/
gBFGaeb3vqIQsnXfun//dS4CT+1QpXhAgrTd3DTdNN3EfZWYx/y1fzwiinBUlVcS
Nj1AzxY7S9fUoNeFfB4MgMwHV8Af+Q27HajUv9PbzDykYpq0mTTqVD2Pn4r9EFlD
gCjje4l0fKMIjoXoJyWCBV2IPimS8cC9ZXMzXbz5YgpYVj/RXSHo1HwcYtNycLfC
1nbmSQ2gvTa5Qm1ZOv1qN0KnMAJwVJR/BBNSfTGm6Tq8Y58Mowskut/Ay3JtWhAO
oRQcKOLjKU9+UvFnzJlYvnLKYShHI+VEgnwW0WbWjSYArrLKtwWNAgMBAAGjggLr
MIIC5zAfBgNVHSMEGDAWgBQeBaN3j2yW4luHS6a0hqxxAAznODAdBgNVHQ4EFgQU
rIcfWncwTHoaNe5qRlgNLu6eimEwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGcGA1UdIARgMF4wUgYM
KwYBBAGuIwEEAwEBMEIwQAYIKwYBBQUHAgEWNGh0dHBzOi8vd3d3LmluY29tbW9u
Lm9yZy9jZXJ0L3JlcG9zaXRvcnkvY3BzX3NzbC5wZGYwCAYGZ4EMAQICMEQGA1Ud
HwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwuaW5jb21tb24tcnNhLm9yZy9JbkNvbW1v
blJTQVNlcnZlckNBLmNybDB1BggrBgEFBQcBAQRpMGcwPgYIKwYBBQUHMAKGMmh0
dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9JbkNvbW1vblJTQVNlcnZlckNBXzIuY3J0
MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMBMGCisGAQQB
1nkCBAMBAf8EAgUAMIIBKwYDVR0RBIIBIjCCAR6CDnN1c3RhaW4uaXUuZWR1ghNi
aWN5Y2xlLmluZGlhbmEuZWR1ghBicmVnLmluZGlhbmEuZWR1ghJld2FzdGUuaW5k
aWFuYS5lZHWCFGdyZWVucnBzLmluZGlhbmEuZWR1ghNub3dhc3RlLmluZGlhbmEu
ZWR1ghNzdXN0YWluLmluZGlhbmEuZWR1ghd3d3cuYmljeWNsZS5pbmRpYW5hLmVk
dYIUd3d3LmJyZWcuaW5kaWFuYS5lZHWCFnd3dy5ld2FzdGUuaW5kaWFuYS5lZHWC
GHd3dy5ncmVlbnJwcy5pbmRpYW5hLmVkdYIXd3d3Lm5vd2FzdGUuaW5kaWFuYS5l
ZHWCF3d3dy5zdXN0YWluLmluZGlhbmEuZWR1MA0GCSqGSIb3DQEBCwUAA4IBAQCG
3rsyqnNl3lElDqV4HA0jo5IfSs52lcogDUwGyriblJLGLIQDj/DfQuXIux+hA/Qo
YMKawVS0g2Dp17QLSOELfJr2PGLeHVH6nb5nGOLC8ZRRsHdvzevKgBizDmmeAvet
hNZVuR0Ba5e07lw3ROTtioAp6JusPM40/vPEt73+2l9QjTzWNpfjP4EVCLW0dtq4
ggJa4JHWIFPFft/eHa8mGvwHjuGm48ssBuua9feWLwSJhAJKAJfb1oNzY+SIauNJ
hdiqbGSBVcsh02q2xlPVuH3xEJn4saYq7smJ2uPFyhVo7LJ9mB64f5e3RENtd6qS
9UFFMFYYBMN/I0U6RDR5
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvxH+UnzbL7fh0KPpcx7
A25TPTZ75DwVP4ARRmnm976iELJ137p//3UuAk/tUKV4QIK03dw03TTdxH2VmMf8
tX88IopwVJVXEjY9QM8WO0vX1KDXhXweDIDMB1fAH/kNux2o1L/T28w8pGKatJk0
6lQ9j5+K/RBZQ4Ao43uJdHyjCI6F6CclggVdiD4pkvHAvWVzM128+WIKWFY/0V0h
6NR8HGLTcnC3wtZ25kkNoL02uUJtWTr9ajdCpzACcFSUfwQTUn0xpuk6vGOfDKML
JLrfwMtybVoQDqEUHCji4ylPflLxZ8yZWL5yymEoRyPlRIJ8FtFm1o0mAK6yyrcF
jQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 185945279286121983600787970296113042852
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-22 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-21 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '47405'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Indiana'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bloomington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '107 South Indiana Ave'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Indiana University-Bloomington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University Information Technology Services'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sustain.iu.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18555196995542402619719856223053704252832947332683117086519331443408060570634554653786097443871662617316373550896823113447859922066800874590450275724629768895156016853140840090473763673681967933790104266819735029891295332696238797882337175895660993946490544626273239407861313470418499904108602793833862404601992432959577091538602798327165282794463118289551757757093544844238651708989474286761149380481290314961089810698075419685192753912733055740025418111863177219637369391729021250582757455706819692855731356517893942631733381043996957823799776455472021532051362601747473635650195128305648187589966435786493756114317
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ac871f5a77304c7a1a35ee6a46580d2eee9e8a61
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (290 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sustain.iu.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bicycle.indiana.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'breg.indiana.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ewaste.indiana.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'greenrps.indiana.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nowaste.indiana.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sustain.indiana.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bicycle.indiana.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.breg.indiana.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ewaste.indiana.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.greenrps.indiana.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nowaste.indiana.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sustain.indiana.edu'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0086debb32aa7365de51250ea5781c0d23a3921f4ace7695ca200d4c06cab89b9492c62c84038ff0df42e5c8bb1fa103f42860c29ac154b48360e9d7b40b48e10b7c9af63c62de1d51fa9dbe6718e2c2f19451b0776fcdebca8018b30e699e02f7ad84d655b91d016b97b4ee5c3744e4ed8a8029e89bac3cce34fef3c4b7bdfeda5f508d3cd63697e33f811508b5b476dab882025ae091d62053c57edfde1daf261afc078ee1a6e3cb2c06eb9af5f7962f048984024a0097dbd6837363e4886ae34985d8aa6c648155cb21d36ab6c653d5b87df11099f8b1a62aeec989dae3c5ca1568ecb27d981eb87f97b744436d77aa92f5414530561804c37f23453a443479