ici-risp-dev-api-01.oit.umn.edu

- University of Minnesota -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 78:20:95:b7:25:e4:93:8c:b5:d3:e8:44:17:ff:d9:06 was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of Minnesota

Organization: University of Minnesota
Organization unit: Institute on Community Integration
Address: 100 Union Street SE
Postal code: 55455
State / Province: MN
Locality: Minneapolis
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 78:20:95:b7:25:e4:93:8c:b5:d3:e8:44:17:ff:d9:06
Serial Number (int): 159676549583174980675617897147103435014
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 5c:b8:2e:c3:d2:9c:8e:b9:a3:77:4f:0b:ce:db:a0:ea:4c:2e:a0:66
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 60:9b:33:fb:7f:fc:fc:17:e9:4b:89:05:a0:be:85:87:00:52:3e:54
Fingerprint (sha256): 01:6a:9e:37:6d:52:5a:2d:1f:66:3c:b8:75:68:6f:02:77:60:28:a4:3e:0d:fe:fe:39:f7:f6:80:e2:8d:9c:4f

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate ici-risp-dev-api-01.oit.umn.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ici-risp-dev-api-01.oit.umn.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ici-risp-dev-api-01.oit.umn.edu

Other certificates including the domain name umn.edu

(limited to 100 certificates)
sni.cloudflaressl.com
sni.cloudflaressl.com
axiumssl-prod.ahc.umn.edu
ggg.umn.edu
rhrc.umn.edu
scholarship.law.umn.edu
stg-webfilesdev.ad.umn.edu
sni.cloudflaressl.com
p.acm.umn.edu
futureservicesinstitute.umn.edu
www.ncfpd.umn.edu
ceed.umn.edu
sni.cloudflaressl.com
www-test.hhh.umn.edu
ur.umn.edu
sni.cloudflaressl.com
www.finpack.umn.edu
test.statefair.umn.edu
bema.dash.umn.edu
research.cs.umn.edu
fmp.cla.umn.edu
sni.cloudflaressl.com
*.psepbizplan.umn.edu
msa.umn.edu
sni.cloudflaressl.com
www.claoit.umn.edu
nutnet.umn.edu
givingday.umn.edu
sni.cloudflaressl.com
incapsula.com
lawandinequality.org
sni.cloudflaressl.com
umartauth.umn.edu
umconnect-v9-test.oit.umn.edu
1819subfield.dash.umn.edu
itg-dev.oit.umn.edu
dairyknow.umn.edu
oreapps.d.umn.edu
sni.cloudflaressl.com
sl2-dev.d.umn.edu
cla-comm-copy-lw.d.umn.edu
sni.cloudflaressl.com
www.bellmuseum.umn.edu
provost.umn.edu
sni.cloudflaressl.com
controller.umn.edu
www.psych.umn.edu
usvcs-pvve022l.uservices.umn.edu
sni.cloudflaressl.com
umnd801.umn.edu
www.plantinfo.umn.edu
ds.umn.edu
fmresident-database.umn.edu
*.charfac.umn.edu
5659822271758336-fe3.pantheonsite.io
www.ahcs.umn.edu
camp.dash.umn.edu
clagency.umn.edu
requests.cseit.umn.edu
cpheo2.sph.umn.edu
p.acm.umn.edu
prodtest.extension.umn.edu
cf-test1.crk.umn.edu
printing.umn.edu
viviendasite.mbc.dash.umn.edu
cascw.umn.edu
sichl.dash.umn.edu
pias02-r.uservices.umn.edu
drivenvolunteers.umn.edu
madyun.dash.umn.edu
umnstandard.umn.edu
ecrt.oit.umn.edu
acm.umn.edu
sni.cloudflaressl.com
ici-risp-dev-api-01.oit.umn.edu
rt.msi.umn.edu
sunfish.biostat.umn.edu
pilot.cap.oit.umn.edu
emis-hub.ahc.umn.edu
aux400.auxs.umn.edu
sni.cloudflaressl.com
cpheo1.sph.umn.edu
sni.cloudflaressl.com
mnlink.org
drupalmigrate.umn.edu
incapsula.com
ihrca.dash.umn.edu
*.elevator.umn.edu
sni.cloudflaressl.com
*.law.umn.edu
www.msi.umn.edu
ahcauth.ahc.umn.edu
research-innovation.umn.edu
grouper.umn.edu
chan-lab.umn.edu
www.ofyp.umn.edu
www.afrotc.umn.edu
careers.cvm.umn.edu
lcms.ahc.umn.edu
sni.cloudflaressl.com

Certificate

The complete raw certificate details for ici-risp-dev-api-01.oit.umn.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHLzCCBhegAwIBAgIQeCCVtyXkk4y10+hEF//ZBjANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0xODEwMTUwMDAwMDBaFw0yMDEwMTQy
MzU5NTlaMIHXMQswCQYDVQQGEwJVUzEOMAwGA1UEERMFNTU0NTUxCzAJBgNVBAgT
Ak1OMRQwEgYDVQQHEwtNaW5uZWFwb2xpczEcMBoGA1UECRMTMTAwIFVuaW9uIFN0
cmVldCBTRTEgMB4GA1UEChMXVW5pdmVyc2l0eSBvZiBNaW5uZXNvdGExKzApBgNV
BAsTIkluc3RpdHV0ZSBvbiBDb21tdW5pdHkgSW50ZWdyYXRpb24xKDAmBgNVBAMT
H2ljaS1yaXNwLWRldi1hcGktMDEub2l0LnVtbi5lZHUwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDdHBH4b7gH3pbEc+dz0uckCHt8acuX7gRgJSI7X5D8
Abx0bzhHjmsQzeeyZlcyMOptpLuNhiIOM11BV5dsw2Zw+RTkQY5EoSJR7BsCb9h/
MZGkGAFzH/cYH17jEdawx7WBd0tNkFPutJsV21NWaG4Bv+Fend374ObQclVR9rLe
5liKUnD0xBi+KGDJxmuMxubIfM2wyoBIftjNSxPAPRVqJLUcRmqbSl5g0rxJhRUg
Oe1GfpJvWTiuJMC/PTziyW/eYlYQT3jNbzLgQ6o2ucb2DHHX4W520VUMPdrxhmWP
m/RIA7M/LYn7dPARynHWAYpQmyzcqblJJ+URolpJ/BhtAgMBAAGjggNVMIIDUTAf
BgNVHSMEGDAWgBQeBaN3j2yW4luHS6a0hqxxAAznODAdBgNVHQ4EFgQUXLguw9Kc
jrmjd08Lztug6kwuoGYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGcGA1UdIARgMF4wUgYMKwYBBAGu
IwEEAwEBMEIwQAYIKwYBBQUHAgEWNGh0dHBzOi8vd3d3LmluY29tbW9uLm9yZy9j
ZXJ0L3JlcG9zaXRvcnkvY3BzX3NzbC5wZGYwCAYGZ4EMAQICMEQGA1UdHwQ9MDsw
OaA3oDWGM2h0dHA6Ly9jcmwuaW5jb21tb24tcnNhLm9yZy9JbkNvbW1vblJTQVNl
cnZlckNBLmNybDB1BggrBgEFBQcBAQRpMGcwPgYIKwYBBQUHMAKGMmh0dHA6Ly9j
cnQudXNlcnRydXN0LmNvbS9JbkNvbW1vblJTQVNlcnZlckNBXzIuY3J0MCUGCCsG
AQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMCoGA1UdEQQjMCGCH2lj
aS1yaXNwLWRldi1hcGktMDEub2l0LnVtbi5lZHUwggF+BgorBgEEAdZ5AgQCBIIB
bgSCAWoBaAB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABZnlt
ObYAAAQDAEcwRQIhAMW5sqcimYKfU0G8StSN68K1mo8Og9w2Y9w3E/vol0FGAiAp
PWoQMGxe/F51Plbuz3+4xkiH5ZVuTFgRiiXtgndheQB2AF6nc/nfVsDntTZIfdBJ
4DJ6kZoMhKESEoQYdZaBcUVYAAABZnltOgUAAAQDAEcwRQIgNuN8EtNHdh6XBDdC
STakjjh9fDN3p41JOOObsbwwGhkCIQCveMFxZNY/j9bIFko7q69519bh4Rhk/S9z
6EBH6qMVxQB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZnlt
OdUAAAQDAEcwRQIgRpe98MwFOsrM1MwXML9F2upIV06odMwx/yhLEPR9Z8ACIQCm
OBK59Sp+i4ZtN/N+Up9wO/hPgtPE/KjDDDbfmUDINzANBgkqhkiG9w0BAQsFAAOC
AQEADIso4dEiIOkI1K+0KBt7LNnPwfW0zH3F7796hLoCYJidsi0YA/RS2ouMSTeG
O7UUwLkf8IffzDqcPC0duIv2+N0NI+mi/8330KsP/ueVH/sY+hxaA4dk5MEkEOnR
4GwZCX+NRDf79ND26KPL7WMMUKUoWEdn+1T6mceKr1Yk1qMLHWX1GMjHeN0Hr4FM
DjUBDKF4Lzzp+8Pg6WL0VkyXUc5jQirAaFr2m5bLvTXD0nsv/MJVIHSkOUU++WLV
uv1Jf6/fA9N1Zl34sWGR4QQhDBETlF8ZlMMq+cWcwqOofBm0vyshuTVtcb3Urwu6
jvIG2rJx5hxXbmpQfuKSiqNLHw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RwR+G+4B96WxHPnc9Ln
JAh7fGnLl+4EYCUiO1+Q/AG8dG84R45rEM3nsmZXMjDqbaS7jYYiDjNdQVeXbMNm
cPkU5EGORKEiUewbAm/YfzGRpBgBcx/3GB9e4xHWsMe1gXdLTZBT7rSbFdtTVmhu
Ab/hXp3d++Dm0HJVUfay3uZYilJw9MQYvihgycZrjMbmyHzNsMqASH7YzUsTwD0V
aiS1HEZqm0peYNK8SYUVIDntRn6Sb1k4riTAvz084slv3mJWEE94zW8y4EOqNrnG
9gxx1+FudtFVDD3a8YZlj5v0SAOzPy2J+3TwEcpx1gGKUJss3Km5SSflEaJaSfwY
bQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 159676549583174980675617897147103435014
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-10-14 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '55455'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MN'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Minneapolis'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '100 Union Street SE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of Minnesota'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Institute on Community Integration'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ici-risp-dev-api-01.oit.umn.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27912507327579168428021008016497729796146984070875961370350813451203543449082410679513000065954393420143703387399602916888427751840877981098477023932974680464626787273927665851606070267497153378746226337097400771573632103810388129529016455231285569739929361488474684139874551526441385685753084495982942557054971257164241429251783723364275934628086771979882592636401160712078926102635825989941648569937718314535281117701867905664212356064364703754015351872809134161808547888423951188240984296941863196413693443764298382832638785910461510868352578142267367998760223031716238347514721326199379559464121023264407127070829
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5cb82ec3d29c8eb9a3774f0bcedba0ea4c2ea066
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (35 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ici-risp-dev-api-01.oit.umn.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000166796d39b60000040300473045022100c5b9b2a72299829f5341bc4ad48debc2b59a8f0e83dc3663dc3713fbe89741460220293d6a10306c5efc5e753e56eecf7fb8c64887e5956e4c58118a25ed827761790076005ea773f9df56c0e7b536487dd049e0327a919a0c84a11212841875968171455800000166796d3a050000040300473045022036e37c12d347761e970437424936a48e387d7c3377a78d4938e39bb1bc301a19022100af78c17164d63f8fd6c8164a3babaf79d7d6e1e11864fd2f73e84047eaa315c50076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000166796d39d5000004030047304502204697bdf0cc053acaccd4cc1730bf45daea48574ea874cc31ff284b10f47d67c0022100a63812b9f52a7e8b866d37f37e529f703bf84f82d3c4fca8c30c36df9940c837
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000c8b28e1d12220e908d4afb4281b7b2cd9cfc1f5b4cc7dc5efbf7a84ba0260989db22d1803f452da8b8c4937863bb514c0b91ff087dfcc3a9c3c2d1db88bf6f8dd0d23e9a2ffcdf7d0ab0ffee7951ffb18fa1c5a038764e4c12410e9d1e06c19097f8d4437fbf4d0f6e8a3cbed630c50a528584767fb54fa99c78aaf5624d6a30b1d65f518c8c778dd07af814c0e35010ca1782f3ce9fbc3e0e962f4564c9751ce63422ac0685af69b96cbbd35c3d27b2ffcc2552074a439453ef962d5bafd497fafdf03d375665df8b16191e104210c1113945f1994c32af9c59cc2a3a87c19b4bf2b21b9356d71bdd4af0bba8ef206dab271e61c576e6a507ee2928aa34b1f