mmm.eng.uwaterloo.ca

- University of Waterloo -

Issued by GlobalSign RSA OV SSL CA 2018

About this certificate

This digital certificate with serial number 06:2e:a3:68:a4:5a:ab:21:bb:64:1b:dc was issued on by GlobalSign nv-sa.

With 33 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

University of Waterloo

Organization: University of Waterloo
State / Province: Ontario
Locality: Waterloo
Country: CA

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate will expire on

Certificate Details

Serial Number (hex): 06:2e:a3:68:a4:5a:ab:21:bb:64:1b:dc
Serial Number (int): 1913292322671401103838682076
Serial Number lenght: 91 bits, 12 octets

SubjectKeyId: af:da:4b:4a:d2:5f:84:47:35:cf:5c:27:94:82:c0:70:84:23:3b:d0
AuthorityKeyId: f8:ef:7f:f2:cd:78:67:a8:de:6f:8f:24:8d:88:f1:87:03:02:b3:eb

Fingerprint (sha1): dc:e6:8d:6b:7d:7b:c2:75:23:dc:8e:b5:7f:2e:0c:f6:23:b3:c7:0d
Fingerprint (sha256): 01:eb:41:fc:af:df:0d:c2:0e:ec:9d:03:27:60:4e:22:e3:1e:b5:68:5f:9f:fa:de:8a:a7:ce:91:aa:e8:45:30

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt

Revocation information

OCSP Server: http://ocsp.globalsign.com/gsrsaovsslca2018
CRL Distribution Point: http://crl.globalsign.com/gsrsaovsslca2018.crl

Check the revocation status for certificate mmm.eng.uwaterloo.ca

33

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mmm.eng.uwaterloo.ca

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mmm.eng.uwaterloo.ca
engsoc.uwaterloo.ca
engmysql.uwaterloo.ca
conradconnect.uwaterloo.ca
www.eng.uwaterloo.ca
www.engineering.uwaterloo.ca
exams.engsoc.uwaterloo.ca
ecesociety.uwaterloo.ca
ieee.uwaterloo.ca
engorientation.uwaterloo.ca
www.ecesociety.uwaterloo.ca
www.ieee.uwaterloo.ca
dev.engorientation.uwaterloo.ca
www.engsoc.uwaterloo.ca
fde.uwaterloo.ca
iwarrior.uwaterloo.ca
biomems.uwaterloo.ca
greenautopowertrain.uwaterloo.ca
mess.uwaterloo.ca
den.uwaterloo.ca
dev.engsoc.uwaterloo.ca
nsbe.uwaterloo.ca
engrt.uwaterloo.ca
chemengvirtual.uwaterloo.ca
engevals.uwaterloo.ca
endevals.uwaterloo.ca
engcc.uwaterloo.ca
devcc.uwaterloo.ca
tempmon.uwaterloo.ca
engconnect.uwaterloo.ca
vip.uwaterloo.ca
fmrl.uwaterloo.ca
www.fmrl.uwaterloo.ca

Other certificates including the domain name uwaterloo.ca

(limited to 100 certificates)
cn-ipam-mc.uwaterloo.ca
rshiny.math.uwaterloo.ca
bolek.uwaterloo.ca
cemc2.math.uwaterloo.ca
icinga.cscf.uwaterloo.ca
cryptoworks21.uwaterloo.ca
bonavista.uwaterloo.ca
git.iqc.uwaterloo.ca
env-emp-vlnx1.uwaterloo.ca
wstore.uwaterloo.ca
epark1.uwaterloo.ca
databace.scisat.ca
www.cs.uwaterloo.ca
ppcentre.uwaterloo.ca
s4b-ec2-fe-ext.uwaterloo.ca
sneaky.uwaterloo.ca
wiki.uwaterloo.ca
ibis.uwaterloo.ca
account.watcard.uwaterloo.ca
cte-blog.uwaterloo.ca
subjectguides.uwaterloo.ca
aurora.uwaterloo.ca
uwhvz.uwaterloo.ca
o365activation.uwaterloo.ca
www.igloosoftware.com
cemc2.math.uwaterloo.ca
cclr.uwaterloo.ca
quark.uwaterloo.ca
shop.uwaterloo.ca
mailservices.uwaterloo.ca
canadianfoodstudies.uwaterloo.ca
koios.cs.uwaterloo.ca
www.igloosoftware.com
multicom-pc20.uwaterloo.ca
env-gisdev.uwaterloo.ca
learntest.uwaterloo.ca
blockchain-group.cs.uwaterloo.ca
evaluate.uwaterloo.ca
info.uwaterloo.ca
lineone.uwaterloo.ca
webreg.uwaterloo.ca
nagios.cscf.uwaterloo.ca
aurora.uwaterloo.ca
epark.uwaterloo.ca
cn-vpn.uwaterloo.ca
ahs-jitsi.uwaterloo.ca
rcs.uwaterloo.ca
wchound.uwaterloo.ca
sasfilemaker.math.uwaterloo.ca
mmm.eng.uwaterloo.ca
essex.uwaterloo.ca
contensis.uwaterloo.ca
www.civil.uwaterloo.ca
cclr.uwaterloo.ca
lineone.uwaterloo.ca
chesp.uwaterloo.ca
learndev3.uwaterloo.ca
ugtwo.uwaterloo.ca
smbp.uwaterloo.ca
library.uwaterloo.ca
2fa.uwaterloo.ca
secure.ce.uwaterloo.ca
cn-vpn.uwaterloo.ca
shop.uwaterloo.ca
styx-reserve.shoshin.uwaterloo.ca
iis1.nexus.uwaterloo.ca
iisweb2.nexus.uwaterloo.ca
uwhvz.uwaterloo.ca
www.eng.uwaterloo.ca
shop.uwaterloo.ca
cewil.uwaterloo.ca
lss.uwaterloo.ca
rt.uwaterloo.ca
ne111.uwaterloo.ca
sslvs06.igloosoftware.com
uqml.iqc.uwaterloo.ca
env-kix-tours.uwaterloo.ca
learndevdav.uwaterloo.ca
qoqiwiki.iqc.uwaterloo.ca
learn.uwaterloo.ca
wcms-training.uwaterloo.ca
mansci045.uwaterloo.ca
ctf.uwaterloo.ca
sesoc.uwaterloo.ca
courseware.cemc.uwaterloo.ca
healthy.uwaterloo.ca
ivc.uwaterloo.ca
mansci045.uwaterloo.ca
courses.math.uwaterloo.ca
artsonline.uwaterloo.ca
staff.retailservices.uwaterloo.ca
ist.uwaterloo.ca
himrod-reserve.cs.uwaterloo.ca
wiki.math.uwaterloo.ca
macduff.private.uwaterloo.ca
wcms-training.uwaterloo.ca
quest.pecs.uwaterloo.ca
libanswers.uwaterloo.ca
stargroup.uwaterloo.ca
mansci045e.uwaterloo.ca

Certificate

The complete raw certificate details for mmm.eng.uwaterloo.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJkTCCCHmgAwIBAgIMBi6jaKRaqyG7ZBvcMA0GCSqGSIb3DQEBCwUAMFAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSYwJAYDVQQDEx1H
bG9iYWxTaWduIFJTQSBPViBTU0wgQ0EgMjAxODAeFw0yMzExMjgxNDQxMTlaFw0y
NDEyMjkxNDQxMThaMHIxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMREw
DwYDVQQHEwhXYXRlcmxvbzEfMB0GA1UEChMWVW5pdmVyc2l0eSBvZiBXYXRlcmxv
bzEdMBsGA1UEAxMUbW1tLmVuZy51d2F0ZXJsb28uY2EwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQC7usq+1oQAElsEvUuKqkHW/ouVvszjBA9QPNBtPiJb
FZ/tv1GpCmwiajkaoQFWflbB0kyUDoHPOTcrFSNpR5rq6wyTrz3laMThR0nGTmxU
2BdRG5OYKrCELu8oEYOPJfrsnklYUeKEo7BgMJP80zDigLTD/lo59FPgkp4t+Kwx
iLzW+hWzwkDYWt9ztsSdH7lp0BHgGO7hjk+9VIQRNI9rfQ/LrmVz3o4lRmbOxQTt
CXM3Wa80t0r2bWqaRFdCCiMZGzblfgzV8Tn/dkcBDTceozktEnBXZtPHm1rGx53w
gYfQyo1pbUv1KDG0OVof5OAnmcslMAi+NzqxEsxpxWDJAgMBAAGjggZHMIIGQzAO
BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADCBjgYIKwYBBQUHAQEEgYEwfzBE
BggrBgEFBQcwAoY4aHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQv
Z3Nyc2FvdnNzbGNhMjAxOC5jcnQwNwYIKwYBBQUHMAGGK2h0dHA6Ly9vY3NwLmds
b2JhbHNpZ24uY29tL2dzcnNhb3Zzc2xjYTIwMTgwVgYDVR0gBE8wTTBBBgkrBgEE
AaAyARQwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20v
cmVwb3NpdG9yeS8wCAYGZ4EMAQICMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9j
cmwuZ2xvYmFsc2lnbi5jb20vZ3Nyc2FvdnNzbGNhMjAxOC5jcmwwggMVBgNVHREE
ggMMMIIDCIIUbW1tLmVuZy51d2F0ZXJsb28uY2GCE2VuZ3NvYy51d2F0ZXJsb28u
Y2GCFWVuZ215c3FsLnV3YXRlcmxvby5jYYIaY29ucmFkY29ubmVjdC51d2F0ZXJs
b28uY2GCFHd3dy5lbmcudXdhdGVybG9vLmNhghx3d3cuZW5naW5lZXJpbmcudXdh
dGVybG9vLmNhghlleGFtcy5lbmdzb2MudXdhdGVybG9vLmNhghdlY2Vzb2NpZXR5
LnV3YXRlcmxvby5jYYIRaWVlZS51d2F0ZXJsb28uY2GCG2VuZ29yaWVudGF0aW9u
LnV3YXRlcmxvby5jYYIbd3d3LmVjZXNvY2lldHkudXdhdGVybG9vLmNhghV3d3cu
aWVlZS51d2F0ZXJsb28uY2GCH2Rldi5lbmdvcmllbnRhdGlvbi51d2F0ZXJsb28u
Y2GCF3d3dy5lbmdzb2MudXdhdGVybG9vLmNhghBmZGUudXdhdGVybG9vLmNhghVp
d2Fycmlvci51d2F0ZXJsb28uY2GCFGJpb21lbXMudXdhdGVybG9vLmNhgiBncmVl
bmF1dG9wb3dlcnRyYWluLnV3YXRlcmxvby5jYYIRbWVzcy51d2F0ZXJsb28uY2GC
EGRlbi51d2F0ZXJsb28uY2GCF2Rldi5lbmdzb2MudXdhdGVybG9vLmNhghFuc2Jl
LnV3YXRlcmxvby5jYYISZW5ncnQudXdhdGVybG9vLmNhghtjaGVtZW5ndmlydHVh
bC51d2F0ZXJsb28uY2GCFWVuZ2V2YWxzLnV3YXRlcmxvby5jYYIVZW5kZXZhbHMu
dXdhdGVybG9vLmNhghJlbmdjYy51d2F0ZXJsb28uY2GCEmRldmNjLnV3YXRlcmxv
by5jYYIUdGVtcG1vbi51d2F0ZXJsb28uY2GCF2VuZ2Nvbm5lY3QudXdhdGVybG9v
LmNhghB2aXAudXdhdGVybG9vLmNhghFmbXJsLnV3YXRlcmxvby5jYYIVd3d3LmZt
cmwudXdhdGVybG9vLmNhMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAf
BgNVHSMEGDAWgBT473/yzXhnqN5vjySNiPGHAwKz6zAdBgNVHQ4EFgQUr9pLStJf
hEc1z1wnlILAcIQjO9AwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AD8XS0/X
IkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABjBZgrT8AAAQDAEcwRQIhALaD
ikw1pqvAmxPdJ4MM7zL052pwWOpEjLcQOiwk4uXlAiArmXeb2uk8HH7vkPstpQGy
qplGRbxxjjIdcWeg29KjUwB2AN/hVuuqBa+1nA+GcY2owDJOrlbZbqf1pWoB0cE7
vlJcAAABjBZgrRoAAAQDAEcwRQIhAJJza+VOqT1X4nTRZr1n/d8qKW5khG9HHRej
3Y/9XzzZAiATaVa5BioGkxs1cLIormjbb6S3xETJKRyJKdspMnBm/wB3AO7N0GTV
2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABjBZgrRMAAAQDAEgwRgIhAMM7
v0b2HfYZJMbtJET2+WBQHfHZROPjx5XTPIwF+MT/AiEAhO7zg/t/uJ6kLgg72J+h
nYYvZ4NklP/Wk6cYtECWrocwDQYJKoZIhvcNAQELBQADggEBACU3TEzbmRX2ID75
ZH9FmaoB81k9bTPjZkKubgcTt7gvel/qQJ06z3NRL6VnOdgus/9zcGUDoIrk+R8+
ZGtW1mNXaQln41WXif/HVjmZZ+NgfcgLmvGUl0fcKUXjLM2Fh9RNHvtkRx9f74RD
8NZxxOsoXCunUldKIouEFfx36Xs2cyH9ffbfUKigsavu/am6gAWjaU/NH3BU7Uz3
8FjFvemeGl85U51DQy5kTE9jUm0uHFuIT4Ijwa8hZirfaVLSVYfhvh9uhFEJR+HN
QS9yibTsnbWN0yEHtY88M6eIvR2kzVA76Kggs3WNj00Q31RygOBnzeickXtLEi7T
1T3JeC0=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7rKvtaEABJbBL1LiqpB
1v6Llb7M4wQPUDzQbT4iWxWf7b9RqQpsImo5GqEBVn5WwdJMlA6Bzzk3KxUjaUea
6usMk6895WjE4UdJxk5sVNgXURuTmCqwhC7vKBGDjyX67J5JWFHihKOwYDCT/NMw
4oC0w/5aOfRT4JKeLfisMYi81voVs8JA2Frfc7bEnR+5adAR4Bju4Y5PvVSEETSP
a30Py65lc96OJUZmzsUE7QlzN1mvNLdK9m1qmkRXQgojGRs25X4M1fE5/3ZHAQ03
HqM5LRJwV2bTx5taxsed8IGH0MqNaW1L9SgxtDlaH+TgJ5nLJTAIvjc6sRLMacVg
yQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1913292322671401103838682076
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign RSA OV SSL CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-28 14:41:19 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-29 14:41:18 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Waterloo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of Waterloo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mmm.eng.uwaterloo.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23698673584264661650855954603742220071459923659348701067253648229466782962503676841961605104253570715603401912679380252599262607803917370688818056946005097994509720579319001145927625331625990722374527253223641242904223175372413416712869497090603776257734493355751215457159427861232881992677713979515908809315829206140371971003138319222127876325496003741768088148641162780594013630989650811015680040621305311211359496481469225820637667654037662705408115268603353431954899369087384456858598352409557404254005557891013593986195726623514893461038694465932416820758182900518891473593906102081478359497823667527699185098953
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.globalsign.com/gsrsaovsslca2018'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gsrsaovsslca2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (780 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mmm.eng.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'engsoc.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'engmysql.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'conradconnect.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.eng.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.engineering.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'exams.engsoc.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ecesociety.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ieee.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'engorientation.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ecesociety.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ieee.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.engorientation.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.engsoc.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fde.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iwarrior.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'biomems.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'greenautopowertrain.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mess.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'den.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.engsoc.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nsbe.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'engrt.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chemengvirtual.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'engevals.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'endevals.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'engcc.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'devcc.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tempmon.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'engconnect.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vip.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fmrl.uwaterloo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fmrl.uwaterloo.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f8ef7ff2cd7867a8de6f8f248d88f1870302b3eb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							afda4b4ad25f844735cf5c279482c07084233bd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							01690076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018c1660ad3f0000040300473045022100b6838a4c35a6abc09b13dd27830cef32f4e76a7058ea448cb7103a2c24e2e5e502202b99779bdae93c1c7eef90fb2da501b2aa994645bc718e321d7167a0dbd2a353007600dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018c1660ad1a000004030047304502210092736be54ea93d57e274d166bd67fddf2a296e64846f471d17a3dd8ffd5f3cd90220136956b9062a06931b3570b228ae68db6fa4b7c444c9291c8929db29327066ff007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c1660ad130000040300483046022100c33bbf46f61df61924c6ed2444f6f960501df1d944e3e3c795d33c8c05f8c4ff02210084eef383fb7fb89ea42e083bd89fa19d862f67836494ffd693a718b44096ae87
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0025374c4cdb9915f6203ef9647f4599aa01f3593d6d33e36642ae6e0713b7b82f7a5fea409d3acf73512fa56739d82eb3ff73706503a08ae4f91f3e646b56d66357690967e3559789ffc756399967e3607dc80b9af1949747dc2945e32ccd8587d44d1efb64471f5fef8443f0d671c4eb285c2ba752574a228b8415fc77e97b367321fd7df6df50a8a0b1abeefda9ba8005a3694fcd1f7054ed4cf7f058c5bde99e1a5f39539d43432e644c4f63526d2e1c5b884f8223c1af21662adf6952d25587e1be1f6e84510947e1cd412f7289b4ec9db58dd32107b58f3c33a788bd1da4cd503be8a820b3758d8f4d10df547280e067cde89c917b4b122ed3d53dc9782d