its-cyhy-up01.its.rochester.edu

- University of Rochester -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 17:73:e5:9b:f1:af:26:23:21:98:5d:04:09:3d:9f:a8 was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of Rochester

Organization: University of Rochester
Organization unit: URMC
Address: 500 Joseph C. Wilson Blvd
Postal code: 14627
State / Province: NY
Locality: Rochester
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 17:73:e5:9b:f1:af:26:23:21:98:5d:04:09:3d:9f:a8
Serial Number (int): 31174015068746625680927880750391205800
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: 00:57:81:09:81:a7:36:69:e5:aa:cc:e1:71:8e:bd:d5:c3:86:f5:c4
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 3e:40:95:bc:46:53:d5:ca:94:09:33:76:32:6b:46:64:ec:39:b9:35
Fingerprint (sha256): 01:5d:13:bb:26:e0:06:b9:11:5f:85:10:7d:ce:74:44:37:06:65:6e:7c:cf:2e:93:f5:ac:a2:c5:91:e6:48:b6

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate its-cyhy-up01.its.rochester.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for its-cyhy-up01.its.rochester.edu

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

its-cyhy-up01.its.rochester.edu

Other certificates including the domain name rochester.edu

(limited to 100 certificates)
ertest-mctrain.urmc-sh.rochester.edu
sjelderk.digitalscholar.rochester.edu
*.givegab.com
us.prod.campusgroups.com
ercprd3-dr.urmc-sh.rochester.edu
lists.rochester.edu
mmolchan.digitalscholar.rochester.edu
sjelderk.digitalscholar.rochester.edu
caponech.dslab.digitalscholar.rochester.edu
cluster.technolutions.net
*.mc.rochester.edu
cluster3.technolutions.net
admissionwebdev.urmc.rochester.edu
tstuber.digitalscholar.rochester.edu
us.prod.campusgroups.com
fertilegroundroc.org
myidentity.rochester.edu
rna.urmc.rochester.edu
simonadm.rochester.edu
bis.urmc.rochester.edu
filemaker.ur.rochester.edu
corona-dmc-3.its.rochester.edu
rclomeka2.lib.rochester.edu
*.givegab.com
digitalelmina.org
msrl-gw.circ.rochester.edu
cvsnas4.cvs.rochester.edu
test.mcdonough.digitalscholar.rochester.edu
public-art.dslab.digitalscholar.rochester.edu
its-cyhy-up01.its.rochester.edu
swang.digitalscholar.rochester.edu
fogbugz.lle.rochester.edu
its-bblmap-ud02.its.rochester.edu
its-fmsweb-wp01.ur.rochester.edu
info.circ.rochester.edu
*.givegab.com
urspace.ur.rochester.edu
www.cse.rochester.edu
spoons.digitalscholar.rochester.edu
studentservices.ur.rochester.edu
healthlab.urmc.rochester.edu
cluster3.technolutions.net
*.givegab.com
khuskin.digitalscholar.rochester.edu
tstuber.digitalscholar.rochester.edu
tracker.ctcc.rochester.edu
dslab.digitalscholar.rochester.edu
itgovernance.ur.rochester.edu
s.patricksullivan.digitalscholar.rochester.edu
research.son.rochester.edu
wchui.digitalscholar.rochester.edu
illiad.lib.rochester.edu
its-uceapp-wq1.ur.rochester.edu
*.lle.rochester.edu
us.prod.campusgroups.com
son.rochester.edu
rochesteraliaspages-dev.ur.rochester.edu
ercd-epcs.urmc-sh.rochester.edu
wchui.digitalscholar.rochester.edu
arcgis.ur.rochester.edu
brainlabweb.urmc-sh.rochester.edu
yourhealth.rochester.edu
mulberry.lle.rochester.edu
cluster.technolutions.net
urwell.rochester.edu
aths.digitalscholar.rochester.edu
its-uceapp-wt1.ur.rochester.edu
brainlabweb.urmc-sh.rochester.edu
voltage-pp-0000.ur.rochester.edu
cluster.technolutions.net
carolenasra.digitalscholar.rochester.edu
sbarrett.digitalscholar.rochester.edu
i2b2.urmc-sh.rochester.edu
helendavies.digitalscholar.rochester.edu
trials.ctcc.rochester.edu
tarmin2.circ.rochester.edu
uconnectlabs.com
pstestcont.acs.rochester.edu
cluster.technolutions.net
orbit.urmc.rochester.edu
sp-expcore01.urmc-sh.rochester.edu
connect.son.rochester.edu
its-cylancehybrid-ut1.ur.rochester.edu
lasso.rochester.edu
ucisarts.sa.digitalscholar.rochester.edu
idp.rochester.edu
*.givegab.com
*.givegab.com
rochestermd.urmc.rochester.edu
admissionsstage.urmc-sh.rochester.edu
www.cvs.rochester.edu
uofr.rochester.edu
urtransfer.ur.rochester.edu
totleben.digitalscholar.rochester.edu
its-bblmap-ud01.its.rochester.edu
spoons.digitalscholar.rochester.edu
tdzuba.digitalscholar.rochester.edu
us.prod.campusgroups.com
dev.lasso.rochester.edu
medsis.urmc.rochester.edu

Certificate

The complete raw certificate details for its-cyhy-up01.its.rochester.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIFTCCBv2gAwIBAgIQF3Plm/GvJiMhmF0ECT2fqDANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0xODA4MDYwMDAwMDBaFw0yMDA4MDUy
MzU5NTlaMIG9MQswCQYDVQQGEwJVUzEOMAwGA1UEERMFMTQ2MjcxCzAJBgNVBAgT
Ak5ZMRIwEAYDVQQHEwlSb2NoZXN0ZXIxIjAgBgNVBAkTGTUwMCBKb3NlcGggQy4g
V2lsc29uIEJsdmQxIDAeBgNVBAoTF1VuaXZlcnNpdHkgb2YgUm9jaGVzdGVyMQ0w
CwYDVQQLEwRVUk1DMSgwJgYDVQQDEx9pdHMtY3loeS11cDAxLml0cy5yb2NoZXN0
ZXIuZWR1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlEbW67LTr2zp
nxK4ktr9cvwAI/NTjTWEqSHnSMZZpy4DO3YYhyeFOCJcQXNEVvvCvbXu1yCk7owM
r+e2RQ8F7MbmJXk7sU5FM/WA8kS/+SrFI93xU1ZXOv/iIuJlczNqYorUnU5ZdYqf
SmpvP5xNZTPYSNNDFF6upxAP2xPa6WJPDwFf/9F7IW8BTydcgojJ7DJOcih+9hxN
rUKnqYrb8AlhGc6/MHmwujes44Z2UdTyG+7ZbjSIjUEn9IvFR1tc/pesDA4WCMd2
uXtPo8n6mJQG5bNIeMVhIsXuWWF4im+4Xdb8iOPaUgwQNFDPDyjWMrRivXqcRyLG
Q/F1qizFI3/tGSZzGmUC5hwYXFCi1nS4KiA1oE4CraTkkMtExBkZHRQD0EpTLFQr
op18gMryJwo47y9CDNX0knd1ns7rqkIVqrafUXciupoxCIDBcvO8CoRTVGmwzlWn
JMyTEl5S+HSkWXZ5e/ZjGbsFimmsg4xnvrZQ2eA1SH744MTKksWyTzcHHXb8OJKY
bTr1N6Z1zamW8h0MzD48RDl/NUNaGcI16kK3zQxd9D1seSJGm7TWoSaQOgnn3Tit
6lLfNmye1QjS6jsiovTpN2I9W2hYNnoH6HQVzGv2rr/lVb231PntvHMDmM0rU9jE
iuVP6k72cJGkaLvTO6NIyvWONFIhQnMCAwEAAaOCA1UwggNRMB8GA1UdIwQYMBaA
FB4Fo3ePbJbiW4dLprSGrHEADOc4MB0GA1UdDgQWBBQAV4EJgac2aeWqzOFxjr3V
w4b1xDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwZwYDVR0gBGAwXjBSBgwrBgEEAa4jAQQDAQEwQjBA
BggrBgEFBQcCARY0aHR0cHM6Ly93d3cuaW5jb21tb24ub3JnL2NlcnQvcmVwb3Np
dG9yeS9jcHNfc3NsLnBkZjAIBgZngQwBAgIwRAYDVR0fBD0wOzA5oDegNYYzaHR0
cDovL2NybC5pbmNvbW1vbi1yc2Eub3JnL0luQ29tbW9uUlNBU2VydmVyQ0EuY3Js
MHUGCCsGAQUFBwEBBGkwZzA+BggrBgEFBQcwAoYyaHR0cDovL2NydC51c2VydHJ1
c3QuY29tL0luQ29tbW9uUlNBU2VydmVyQ0FfMi5jcnQwJQYIKwYBBQUHMAGGGWh0
dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wKgYDVR0RBCMwIYIfaXRzLWN5aHktdXAw
MS5pdHMucm9jaGVzdGVyLmVkdTCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHcA
7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFlENbI+wAABAMASDBG
AiEAxQW+VwEo4tMc6h51PNODX9r090RWL3gUUAjDWrvVM7ECIQD6W6Sf4iyS1JF8
OqE4kPr1I50+OXcS9Q5DsBmCS3SvEgB1AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKES
EoQYdZaBcUVYAAABZRDWyYgAAAQDAEYwRAIgL64egk8wB2KduQLy+AAdw7NUKtbj
6OsT+ZLtapB4+mUCIEhJORVxu3jSGLEXC9qEwrn0zWl0NkwcfxXMlFa46ZlnAHYA
VYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAFlENbKngAABAMARzBF
AiEA8Nu8d82kQ/ESc3BvqLb8/MbJfvZ9or7B4+hqK0HHUzECIHV9ikabl5t+WN7b
guoJdiP/g30STwhEMRCZi6Qlh7i9MA0GCSqGSIb3DQEBCwUAA4IBAQAJ6ZW63ap8
kpVlLwGXKtJGW/dd2xkpR+5ocU56PlBCJC2ELnK/v3bHqBa93dZFqtuOPRuxvSKF
lvKSgL0i3Ix4RWyuJ8gCqnNG33MnfTNJGfr1WZDGSipSzw1I3M5FzBu7Sf5DVIgS
Svcktqq8QkQAQrxCaOl38d7kvBCSOZFgJUnx6xqOc2lIKRgO/4cDVNfEFFwyWGcH
QcWsi9Vw3RMALQSKdg7kztH5gFJq2aqbI1/85IchgYxgwdogQyggh884370uD/UB
0Gbe+zp8UBeVxOFhCCdSr6KKFp1Hh5v24I6JkqlbNyy4NOS8aL8eXo6+340gmqw7
uqCe6O8/goQf
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlEbW67LTr2zpnxK4ktr9
cvwAI/NTjTWEqSHnSMZZpy4DO3YYhyeFOCJcQXNEVvvCvbXu1yCk7owMr+e2RQ8F
7MbmJXk7sU5FM/WA8kS/+SrFI93xU1ZXOv/iIuJlczNqYorUnU5ZdYqfSmpvP5xN
ZTPYSNNDFF6upxAP2xPa6WJPDwFf/9F7IW8BTydcgojJ7DJOcih+9hxNrUKnqYrb
8AlhGc6/MHmwujes44Z2UdTyG+7ZbjSIjUEn9IvFR1tc/pesDA4WCMd2uXtPo8n6
mJQG5bNIeMVhIsXuWWF4im+4Xdb8iOPaUgwQNFDPDyjWMrRivXqcRyLGQ/F1qizF
I3/tGSZzGmUC5hwYXFCi1nS4KiA1oE4CraTkkMtExBkZHRQD0EpTLFQrop18gMry
Jwo47y9CDNX0knd1ns7rqkIVqrafUXciupoxCIDBcvO8CoRTVGmwzlWnJMyTEl5S
+HSkWXZ5e/ZjGbsFimmsg4xnvrZQ2eA1SH744MTKksWyTzcHHXb8OJKYbTr1N6Z1
zamW8h0MzD48RDl/NUNaGcI16kK3zQxd9D1seSJGm7TWoSaQOgnn3Tit6lLfNmye
1QjS6jsiovTpN2I9W2hYNnoH6HQVzGv2rr/lVb231PntvHMDmM0rU9jEiuVP6k72
cJGkaLvTO6NIyvWONFIhQnMCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 31174015068746625680927880750391205800
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-05 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '14627'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NY'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rochester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '500 Joseph C. Wilson Blvd'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of Rochester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'URMC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'its-cyhy-up01.its.rochester.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 604916228647290276442822673867867032838874850143565471602227964256092868208263816035974014388584662936033493166265538860810516759124066493643374439330708628843101812123931375334330953443134863652318022197808897030914152726664275263474822401695207451814455781694815880348995466732010165892116588282250051315948434512319105437633796537760702640519706593772606345668934470334942936086980331115857216010613466234129435635625506080628099974565453997392429346408113068663448001508090254523208027684329541548750115248706283868195631378840973090348111510621986935138934707892952986198246382369685165616037602308101012736598217452648956040565948699213953212934636409539800800115755715918483096559841854186011326912082820240069843115836080186162734711866825572107112372106459863207019309866386867592136068046111176190341221078853197835587282264833889696505730686155169794923531652023055316283307336978412435024305412098549073949348016484700670312935631761490559571090831348179136045826097531671092079217638113630408388063338934393346620955015465803132725067999150128347088500052150847929838999839196724157160978710007798743694739808977514237169926541759945096199144109398690878560988306461193385828926303826625879921351998183785086055478280819
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0057810981a73669e5aacce1718ebdd5c386f5c4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (35 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'its-cyhy-up01.its.rochester.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016510d6c8fb0000040300483046022100c505be570128e2d31cea1e753cd3835fdaf4f744562f78145008c35abbd533b1022100fa5ba49fe22c92d4917c3aa13890faf5239d3e397712f50e43b019824b74af120075005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016510d6c988000004030046304402202fae1e824f3007629db902f2f8001dc3b3542ad6e3e8eb13f992ed6a9078fa6502204849391571bb78d218b1170bda84c2b9f4cd6974364c1c7f15cc9456b8e999670076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016510d6ca9e0000040300473045022100f0dbbc77cda443f11273706fa8b6fcfcc6c97ef67da2bec1e3e86a2b41c753310220757d8a469b979b7e58dedb82ea097623ff837d124f08443110998ba42587b8bd
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0009e995baddaa7c9295652f01972ad2465bf75ddb192947ee68714e7a3e5042242d842e72bfbf76c7a816bdddd645aadb8e3d1bb1bd228596f29280bd22dc8c78456cae27c802aa7346df73277d334919faf55990c64a2a52cf0d48dcce45cc1bbb49fe435488124af724b6aabc42440042bc4268e977f1dee4bc10923991602549f1eb1a8e73694829180eff870354d7c4145c3258670741c5ac8bd570dd13002d048a760ee4ced1f980526ad9aa9b235ffce48721818c60c1da2043282087cf38dfbd2e0ff501d066defb3a7c501795c4e161082752afa28a169d47879bf6e08e8992a95b372cb834e4bc68bf1e5e8ebedf8d209aac3bbaa09ee8ef3f82841f