hlp-web.pmacs.upenn.edu
- The Trustees of the University of Pennsylvania -
Issued by InCommon RSA Server CA 2
About this certificate
This digital certificate with serial number bf:1f:b4:8e:36:a4:78:8e:54:5c:27:fc:58:7b:73:ac was issued on by Internet2.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
The Trustees of the University of Pennsylvania
Organization:
The Trustees of the University of Pennsylvania
State / Province:
Pennsylvania
Country: US
Country: US
Internet2
Organization:
Internet2
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): bf:1f:b4:8e:36:a4:78:8e:54:5c:27:fc:58:7b:73:acSerial Number (int): 254047170498572269381587655970009084844
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: cd:fc:3b:73:88:dc:a1:0d:c6:d2:8c:f0:9b:91:97:75:0a:8c:ae:0f
AuthorityKeyId: ef:4c:00:92:a6:fb:76:2e:5e:95:e2:c9:5f:87:1b:19:d5:4d:e2:d9
Fingerprint (sha1): ae:1a:86:c4:68:b5:75:f4:52:83:a5:94:b5:8b:6c:1e:2a:02:57:78
Fingerprint (sha256): 01:8c:13:d0:78:bc:58:07:b0:a4:44:b0:0b:c3:89:90:1e:96:22:c1:5c:9d:5c:22:56:48:fe:bf:a5:32:dc:dd
Issuing Certificate URL: http://crt.sectigo.com/InCommonRSAServerCA2.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/InCommonRSAServerCA2.crl
Check the revocation status for certificate hlp-web.pmacs.upenn.edu
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for hlp-web.pmacs.upenn.edu
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
hlp-web.pmacs.upenn.edu
hlp.ibi.upenn.edu
hlp.ibi.upenn.edu
Other certificates including the domain name upenn.edu
(limited to 100 certificates)
5647435049205760-fe4.pantheonsite.io
www.nursing.upenn.edu
cbio.med.upenn.edu
test-web-lws.edu.help
htsc.med.upenn.edu
statuspage.io
carpepm.almonds.com
5646620347596800-fe3.pantheonsite.io
us.prod.campusgroups.com
5648867420798976-fe4.pantheonsite.io
experience.wharton.upenn.edu
5739407210446848-fe1.pantheonsite.io
gezfpcardio.uphs.upenn.edu
test.climateweek.provost.upenn.edu
5153437574496256-fe4.pantheonsite.io
color.psych.upenn.edu
5648334039547904-fe1.pantheonsite.io
covidresults.upenn.edu
prod.2.slot.cdn.salesforce-communities.com
5739407210446848-fe1.pantheonsite.io
admissions.emeritus.org
5753264117121024-fe2.pantheonsite.io
cluster.technolutions.net
5666985740337152-fe1.pantheonsite.io
answers.design.upenn.edu
5663284820705280-fe3.pantheonsite.io
basesite.isc.upenn.edu
ucdc.edu
cluster3.technolutions.net
*.one.upenn.edu
5663284820705280-fe3.pantheonsite.io
us.prod.campusgroups.com
sites.nursing.upenn.edu
media.vet.upenn.edu
nartc.fcm.arizona.edu
adrf.upenn.edu
5704093720903680-fe2.pantheonsite.io
5742796208078848-fe2.pantheonsite.io
5732694713434112-fe3.pantheonsite.io
5680876067225600-fe2.pantheonsite.io
calendar.sdzsafaripark.org
bhlab.wharton.upenn.edu
cinemastudies.sas.upenn.edu
5707324073181184-fe2.pantheonsite.io
j3.shared.global.fastly.net
wemba-sanfran.wharton.upenn.edu
5652786310021120-fe4.pantheonsite.io
www.ic.groupish.com
*.dental.upenn.edu
*.house.upenn.edu
faryabi16.pmacs.upenn.edu
my.wharton.upenn.edu
slimscale.seas.upenn.edu
5711129414205440-fe2.pantheonsite.io
5740745361195008-fe4.pantheonsite.io
statuspage.io
wepapps06.wharton.upenn.edu
arcbase2.admin.upenn.edu
uconnectlabs.com
statuspage.io
5728757302165504-fe2.pantheonsite.io
5663284820705280-fe3.pantheonsite.io
5751399832879104-fe1.pantheonsite.io
banking-business-review.com
5739407210446848-fe1.pantheonsite.io
5741031244955648-fe4.pantheonsite.io
5747976207073280-fe2.pantheonsite.io
cdn-test.battlefields.org
chef.itmat.upenn.edu
apex.sas.upenn.edu
test.eis.uw.edu
5753113524830208-fe1.pantheonsite.io
5634612826996736-fe4.pantheonsite.io
statuspage.io
mshp.med.upenn.edu
powerofpenn.upenn.edu
hlp-web.pmacs.upenn.edu
5659974608879616-fe3.pantheonsite.io
statuspage.io
auctions.wharton.upenn.edu
citeak.multidevcom.uaf.edu
5728757302165504-fe2.pantheonsite.io
www.design-engineering.princeton.edu
5720605454237696-fe1.pantheonsite.io
achieve.escoffier.edu
5739407210446848-fe1.pantheonsite.io
*.afcri.upenn.edu
matrox-config.wharton.upenn.edu
*.upenn.edu
cluster3.technolutions.net
5663284820705280-fe3.pantheonsite.io
5739407210446848-fe1.pantheonsite.io
logic.sas.upenn.edu
nxterra.ucop.edu
wwwapprl07.isc.upenn.edu
5764878782431232-fe4.pantheonsite.io
prod.2.slot.cdn.salesforce-communities.com
banking-business-review.com
cpcrs.upenn.edu
rt19.pmacs.upenn.edu
www.nursing.upenn.edu
cbio.med.upenn.edu
test-web-lws.edu.help
htsc.med.upenn.edu
statuspage.io
carpepm.almonds.com
5646620347596800-fe3.pantheonsite.io
us.prod.campusgroups.com
5648867420798976-fe4.pantheonsite.io
experience.wharton.upenn.edu
5739407210446848-fe1.pantheonsite.io
gezfpcardio.uphs.upenn.edu
test.climateweek.provost.upenn.edu
5153437574496256-fe4.pantheonsite.io
color.psych.upenn.edu
5648334039547904-fe1.pantheonsite.io
covidresults.upenn.edu
prod.2.slot.cdn.salesforce-communities.com
5739407210446848-fe1.pantheonsite.io
admissions.emeritus.org
5753264117121024-fe2.pantheonsite.io
cluster.technolutions.net
5666985740337152-fe1.pantheonsite.io
answers.design.upenn.edu
5663284820705280-fe3.pantheonsite.io
basesite.isc.upenn.edu
ucdc.edu
cluster3.technolutions.net
*.one.upenn.edu
5663284820705280-fe3.pantheonsite.io
us.prod.campusgroups.com
sites.nursing.upenn.edu
media.vet.upenn.edu
nartc.fcm.arizona.edu
adrf.upenn.edu
5704093720903680-fe2.pantheonsite.io
5742796208078848-fe2.pantheonsite.io
5732694713434112-fe3.pantheonsite.io
5680876067225600-fe2.pantheonsite.io
calendar.sdzsafaripark.org
bhlab.wharton.upenn.edu
cinemastudies.sas.upenn.edu
5707324073181184-fe2.pantheonsite.io
j3.shared.global.fastly.net
wemba-sanfran.wharton.upenn.edu
5652786310021120-fe4.pantheonsite.io
www.ic.groupish.com
*.dental.upenn.edu
*.house.upenn.edu
faryabi16.pmacs.upenn.edu
my.wharton.upenn.edu
slimscale.seas.upenn.edu
5711129414205440-fe2.pantheonsite.io
5740745361195008-fe4.pantheonsite.io
statuspage.io
wepapps06.wharton.upenn.edu
arcbase2.admin.upenn.edu
uconnectlabs.com
statuspage.io
5728757302165504-fe2.pantheonsite.io
5663284820705280-fe3.pantheonsite.io
5751399832879104-fe1.pantheonsite.io
banking-business-review.com
5739407210446848-fe1.pantheonsite.io
5741031244955648-fe4.pantheonsite.io
5747976207073280-fe2.pantheonsite.io
cdn-test.battlefields.org
chef.itmat.upenn.edu
apex.sas.upenn.edu
test.eis.uw.edu
5753113524830208-fe1.pantheonsite.io
5634612826996736-fe4.pantheonsite.io
statuspage.io
mshp.med.upenn.edu
powerofpenn.upenn.edu
hlp-web.pmacs.upenn.edu
5659974608879616-fe3.pantheonsite.io
statuspage.io
auctions.wharton.upenn.edu
citeak.multidevcom.uaf.edu
5728757302165504-fe2.pantheonsite.io
www.design-engineering.princeton.edu
5720605454237696-fe1.pantheonsite.io
achieve.escoffier.edu
5739407210446848-fe1.pantheonsite.io
*.afcri.upenn.edu
matrox-config.wharton.upenn.edu
*.upenn.edu
cluster3.technolutions.net
5663284820705280-fe3.pantheonsite.io
5739407210446848-fe1.pantheonsite.io
logic.sas.upenn.edu
nxterra.ucop.edu
wwwapprl07.isc.upenn.edu
5764878782431232-fe4.pantheonsite.io
prod.2.slot.cdn.salesforce-communities.com
banking-business-review.com
cpcrs.upenn.edu
rt19.pmacs.upenn.edu
Certificate
The complete raw certificate details for hlp-web.pmacs.upenn.edu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHCDCCBXCgAwIBAgIRAL8ftI42pHiOVFwn/Fh7c6wwDQYJKoZIhvcNAQEMBQAw RDELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCUludGVybmV0MjEhMB8GA1UEAxMYSW5D b21tb24gUlNBIFNlcnZlciBDQSAyMB4XDTIzMTEyMTAwMDAwMFoXDTI0MTEyMDIz NTk1OVowfzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBlbm5zeWx2YW5pYTE3MDUG A1UEChMuVGhlIFRydXN0ZWVzIG9mIHRoZSBVbml2ZXJzaXR5IG9mIFBlbm5zeWx2 YW5pYTEgMB4GA1UEAxMXaGxwLXdlYi5wbWFjcy51cGVubi5lZHUwggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhLL9osQWiRa6UxTo/FyttOfQjN3OPaV7d wFETfIqtwbhfza9cUPYzVzfP0dwsX0KRNVlR0ANM7yzExeBtnKCagPsQJQ7lsTXj xbtwwPQZIJHuNB7766dMreCmyPGAFF8BWvWz3BeXd+D8RvbMmBR7muO7ct4k8RO1 UjycSr3l/3pHF5VpeJ5U0Y2+/RG+uQUhMlPK6+0fVbtBU9Lczsm10kg3AgXIkxu8 PvAask9kw1/leducZubynP74j65mkNfcykk2SHvWF/KWW93zbGaB0zwHO82u4VPu VVYHOGa6wegvvXZilhCGm3rwbZPGNgeiL7ayl21TMRazHM4SSjKLAgMBAAGjggM4 MIIDNDAfBgNVHSMEGDAWgBTvTACSpvt2Ll6V4slfhxsZ1U3i2TAdBgNVHQ4EFgQU zfw7c4jcoQ3G0ozwm5GXdQqMrg8wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNAYL KwYBBAGyMQECAmcwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9D UFMwCAYGZ4EMAQICMEAGA1UdHwQ5MDcwNaAzoDGGL2h0dHA6Ly9jcmwuc2VjdGln by5jb20vSW5Db21tb25SU0FTZXJ2ZXJDQTIuY3JsMHAGCCsGAQUFBwEBBGQwYjA7 BggrBgEFBQcwAoYvaHR0cDovL2NydC5zZWN0aWdvLmNvbS9JbkNvbW1vblJTQVNl cnZlckNBMi5jcnQwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29t MIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgB2/4g/Crb7lVHCYcz1h7o0tKTN uyncaEIKn+ZnTFo6dAAAAYvzEpvaAAAEAwBHMEUCIQC8PbutjxigHgYog6Ps4rqH ECwaceHKvoELM3kUu2zVqgIgdJAJd8qJGvHCNH9XtM46GRsf5lhfRUI2U8egq2t5 SbEAdQA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF7PhkbgAAAYvzEpwNAAAE AwBGMEQCIDoGPtErczC8SayMDC5D2YJcOTsbP0A11zUrOTWSLfnbAiAaqPKz2384 ghvhLy+9l+4OHeoP5Zsu/wqNFBUK/WeSqQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8 vOzew1FIWUZxH7WbAAABi/MSnAMAAAQDAEcwRQIhAOshU4MuN4vFI8oxKxBgWT7N UVTJh+Zkhsts4cQ4OIqnAiAMGfWMZM0GfAQFqXVMFswYlzrWxXhJ09cg7YBZOPVZ uDA1BgNVHREELjAsghdobHAtd2ViLnBtYWNzLnVwZW5uLmVkdYIRaGxwLmliaS51 cGVubi5lZHUwDQYJKoZIhvcNAQEMBQADggGBABlv+x7Rcabj5xmwUBfmCCufmTKQ fPNyPRIS303YyozelWSfzgsL69MsZnvJEXCim3GARNdeq3wpwRDLAzNKWuHvYlYX 67F6TPFtNWZCECnAUkjYXNXGgR55akQmkukRqA+nEj5auVQ3iaHg+J1JS3Y7YUfc IiOZB8d2CqspdvMJlCQFOThE7g+X6qEHwFF5Z9MPzycHbqn0D145atBUun0Pcojy XWz1Wc63pusbWenP0hH373nMgIyGr/EmQK/lufop+VgFzMX02asHhHtFRavO8mxu Hyb5gHJFfSKZRgCiKz/qzBsdUt6ICUMwnSIYe2j7oePg8ynnt1dUfUK57Aau3Ckg by4yvGBdLDTQUAGC1sAie0hSdCzGPDNhJ/xkwt/Jz1rANqu0KoNGrS5E6+7MPk54 wJJNDtesOKWQdf11khlHXm9JfjB1NMX2jZRLT8b3/NOJlgKTHzSheVmEoKbyizsJ TJojLnmQD3z99UhtgUyMwdlCdwtpNev/WthSDw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Sy/aLEFokWulMU6Pxcr bTn0Izdzj2le3cBRE3yKrcG4X82vXFD2M1c3z9HcLF9CkTVZUdADTO8sxMXgbZyg moD7ECUO5bE148W7cMD0GSCR7jQe++unTK3gpsjxgBRfAVr1s9wXl3fg/Eb2zJgU e5rju3LeJPETtVI8nEq95f96RxeVaXieVNGNvv0RvrkFITJTyuvtH1W7QVPS3M7J tdJINwIFyJMbvD7wGrJPZMNf5XnbnGbm8pz++I+uZpDX3MpJNkh71hfyllvd82xm gdM8BzvNruFT7lVWBzhmusHoL712YpYQhpt68G2TxjYHoi+2spdtUzEWsxzOEkoy iwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 254047170498572269381587655970009084844 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA 2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-21 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-20 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pennsylvania' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Trustees of the University of Pennsylvania' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hlp-web.pmacs.upenn.edu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28425684526309190903460676435281317537147393757539816064335112798653717923624323506997486635226807955863364565140370964756366702632545668401609052154002504662588592701640226637156262863850121103691166019532391180157241289386162913614590623730734078006896390383410944496547056393229264113938838402955489186034295387575101362804321155954205671050234403977523448069452581919998999147901352758225190122529979750864613856076566352516509783738443199051627052331932294374446755745446583185119197906489499038556442135291199960740574593932439397341988110503869150011988148681775395987274619183403050845024233785974768993448587 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ef4c0092a6fb762e5e95e2c95f871b19d54de2d9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) cdfc3b7388dca10dc6d28cf09b9197750a8cae0f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.103 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/InCommonRSAServerCA2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/InCommonRSAServerCA2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 016700760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018bf3129bda0000040300473045022100bc3dbbad8f18a01e062883a3ece2ba87102c1a71e1cabe810b337914bb6cd5aa022074900977ca891af1c2347f57b4ce3a191b1fe6585f45423653c7a0ab6b7949b10075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018bf3129c0d000004030046304402203a063ed12b7330bc49ac8c0c2e43d9825c393b1b3f4035d7352b3935922df9db02201aa8f2b3db7f38821be12f2fbd97ee0e1dea0fe59b2eff0a8d14150afd6792a9007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bf3129c030000040300473045022100eb2153832e378bc523ca312b1060593ecd5154c987e66486cb6ce1c438388aa702200c19f58c64cd067c0405a9754c16cc18973ad6c57849d3d720ed805938f559b8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hlp-web.pmacs.upenn.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hlp.ibi.upenn.edu' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (3072 bits) 00196ffb1ed171a6e3e719b05017e6082b9f9932907cf3723d1212df4dd8ca8cde95649fce0b0bebd32c667bc91170a29b718044d75eab7c29c110cb03334a5ae1ef625617ebb17a4cf16d3566421029c05248d85cd5c6811e796a442692e911a80fa7123e5ab9543789a1e0f89d494b763b6147dc22239907c7760aab2976f309942405393844ee0f97eaa107c0517967d30fcf27076ea9f40f5e396ad054ba7d0f7288f25d6cf559ceb7a6eb1b59e9cfd211f7ef79cc808c86aff12640afe5b9fa29f95805ccc5f4d9ab07847b4545abcef26c6e1f26f98072457d22994600a22b3feacc1b1d52de880943309d22187b68fba1e3e0f329e7b757547d42b9ec06aedc29206f2e32bc605d2c34d0500182d6c0227b4852742cc63c336127fc64c2dfc9cf5ac036abb42a8346ad2e44ebeecc3e4e78c0924d0ed7ac38a59075fd759219475e6f497e307534c5f68d944b4fc6f7fcd3899602931f34a1795984a0a6f28b3b094c9a232e79900f7cfdf5486d814c8cc1d942770b6935ebff5ad8520f