*.gsas.columbia.edu
- Columbia University -
Issued by InCommon RSA Server CA
About this certificate
This digital certificate with serial number ab:d0:3a:25:a0:65:61:15:3d:31:bc:cf:6a:b3:79:95 was issued on by Internet2.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Columbia University
Organization:
Columbia University
Organization unit: Information Technology
Organization unit: Information Technology
State / Province:
NY
Locality: New York
Country: US
Locality: New York
Country: US
Internet2
Organization:
Internet2
Organization unit: InCommon
Organization unit: InCommon
State / Province:
MI
Locality: Ann Arbor
Country: US
Locality: Ann Arbor
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): ab:d0:3a:25:a0:65:61:15:3d:31:bc:cf:6a:b3:79:95Serial Number (int): 228379164386635044778486696001420884373
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: ca:cc:eb:2d:8d:9f:e4:cd:44:80:21:ae:41:81:77:a5:0c:c7:52:1c
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38
Fingerprint (sha1): 55:35:e5:42:e4:75:a0:68:44:d8:bc:d9:68:b0:eb:77:b6:35:d4:a0
Fingerprint (sha256): 02:0f:80:3f:a8:61:12:86:56:b4:d8:b7:a5:1f:ab:47:78:85:b9:e5:b1:6c:bb:fe:c7:3f:fc:52:81:16:e7:d4
Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt
Revocation information
OCSP Server: http://ocsp.usertrust.comCRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl
Check the revocation status for certificate *.gsas.columbia.edu
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.gsas.columbia.edu
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.gsas.columbia.edu
Other certificates including the domain name columbia.edu
(limited to 100 certificates)
coursewebs.law.columbia.edu
mcftp.mc.cumc.columbia.edu
diamond.law.columbia.edu
classics.columbia.edu
tsividis.ee.columbia.edu
frontend.sisfrontend-uat.sis-r53.cuit.columbia.edu
povertycenter.columbia.edu
invest-serv2.ooi.columbia.edu
test-web-lws.edu.help
exprodmail01.cuit.columbia.edu
ssl.procurement.columbia.edu
nursingvolunteer.givingday.columbia.edu
*.hr.columbia.edu
5697124062724096-fe2.pantheonsite.io
us.prod.campusgroups.com
unleashing.tc.columbia.edu
www.mailman.columbia.edu
secure5bb5ec4d4764e8eaa9667dce.nationbuilder.com
wikischolars.columbia.edu
incapsula.com
nano.columbia.edu
emeritus.gsb.columbia.edu
courseworks2.columbia.edu
admissions.emeritus.org
video.engineering.columbia.edu
cluster3.technolutions.net
aspirerefugees.columbia.edu
cluster.technolutions.net
cluster3.technolutions.net
globalreports.columbia.edu
wwws-db.law.columbia.edu
us.prod.campusgroups.com
5691420614590464-fe3.pantheonsite.io
califano.c2b2.columbia.edu
dev.cumc.columbia.edu
amploadvance.com
www.icap.columbia.edu
icccr.tc.columbia.edu
guestaccess.law.columbia.edu
giving.columbia.edu
www.incite.columbia.edu
ad01.gsb.columbia.edu
thelowdown.alumni.columbia.edu
mail.biology.columbia.edu
*.isso.columbia.edu
digitaltutorials.jrn.columbia.edu
pawprtprodmprt1.cuit.columbia.edu
incapsula.com
5727389891952640-fe2.pantheonsite.io
columbia.edu
stat.columbia.edu
palestine.mei.columbia.edu
m.lawnet.law.columbia.edu
abate-shen.cumc.columbia.edu
jira.columbia.edu
incite.columbia.edu
portal.neuro.columbia.edu
idmapp.cc.columbia.edu
incapsula.com
haywire.college.columbia.edu
sustainability.ei.columbia.edu
lockers-dev.paas.cc.columbia.edu
connect.woodstockacademy.org
indianeconomy.columbia.edu
ias-drupal6-test.cc.columbia.edu
mail-in.cc.columbia.edu
beisdev1.tc.columbia.edu
www.design-engineering.princeton.edu
5753050442498048-fe1.pantheonsite.io
tls.automattic.com
chagall.tc.columbia.edu
prod.25.slot.cdn.salesforce-communities.com
5691420614590464-fe3.pantheonsite.io
act.dbmi.columbia.edu
www.cser.columbia.edu
5703702744662016-fe4.pantheonsite.io
soc.cs.columbia.edu
sni.cloudflaressl.com
amploadvance.com
sslvs03.igloosoftware.com
cluster3.technolutions.net
sustainability.ei.columbia.edu
stat.columbia.edu
library.columbia.edu
pistars1.cpmc.columbia.edu
nxterra.ucop.edu
portal.studenthealth.cuimc.columbia.edu
cice-dev.paas.cc.columbia.edu
www.ffworkshop.columbia.edu
shoreline.ncdp.columbia.edu
hudson.jrn.columbia.edu
enhants.ee.columbia.edu
p-ctx-dc-02.mc.cumc.columbia.edu
admissions.nursing.columbia.edu
realrisks.dbmi.columbia.edu
*.gsas.columbia.edu
cluster2.technolutions.net
www.make.columbia.edu
lawnetportal.law.columbia.edu
sy-cvl-vcs-p02.college.columbia.edu
mcftp.mc.cumc.columbia.edu
diamond.law.columbia.edu
classics.columbia.edu
tsividis.ee.columbia.edu
frontend.sisfrontend-uat.sis-r53.cuit.columbia.edu
povertycenter.columbia.edu
invest-serv2.ooi.columbia.edu
test-web-lws.edu.help
exprodmail01.cuit.columbia.edu
ssl.procurement.columbia.edu
nursingvolunteer.givingday.columbia.edu
*.hr.columbia.edu
5697124062724096-fe2.pantheonsite.io
us.prod.campusgroups.com
unleashing.tc.columbia.edu
www.mailman.columbia.edu
secure5bb5ec4d4764e8eaa9667dce.nationbuilder.com
wikischolars.columbia.edu
incapsula.com
nano.columbia.edu
emeritus.gsb.columbia.edu
courseworks2.columbia.edu
admissions.emeritus.org
video.engineering.columbia.edu
cluster3.technolutions.net
aspirerefugees.columbia.edu
cluster.technolutions.net
cluster3.technolutions.net
globalreports.columbia.edu
wwws-db.law.columbia.edu
us.prod.campusgroups.com
5691420614590464-fe3.pantheonsite.io
califano.c2b2.columbia.edu
dev.cumc.columbia.edu
amploadvance.com
www.icap.columbia.edu
icccr.tc.columbia.edu
guestaccess.law.columbia.edu
giving.columbia.edu
www.incite.columbia.edu
ad01.gsb.columbia.edu
thelowdown.alumni.columbia.edu
mail.biology.columbia.edu
*.isso.columbia.edu
digitaltutorials.jrn.columbia.edu
pawprtprodmprt1.cuit.columbia.edu
incapsula.com
5727389891952640-fe2.pantheonsite.io
columbia.edu
stat.columbia.edu
palestine.mei.columbia.edu
m.lawnet.law.columbia.edu
abate-shen.cumc.columbia.edu
jira.columbia.edu
incite.columbia.edu
portal.neuro.columbia.edu
idmapp.cc.columbia.edu
incapsula.com
haywire.college.columbia.edu
sustainability.ei.columbia.edu
lockers-dev.paas.cc.columbia.edu
connect.woodstockacademy.org
indianeconomy.columbia.edu
ias-drupal6-test.cc.columbia.edu
mail-in.cc.columbia.edu
beisdev1.tc.columbia.edu
www.design-engineering.princeton.edu
5753050442498048-fe1.pantheonsite.io
tls.automattic.com
chagall.tc.columbia.edu
prod.25.slot.cdn.salesforce-communities.com
5691420614590464-fe3.pantheonsite.io
act.dbmi.columbia.edu
www.cser.columbia.edu
5703702744662016-fe4.pantheonsite.io
soc.cs.columbia.edu
sni.cloudflaressl.com
amploadvance.com
sslvs03.igloosoftware.com
cluster3.technolutions.net
sustainability.ei.columbia.edu
stat.columbia.edu
library.columbia.edu
pistars1.cpmc.columbia.edu
nxterra.ucop.edu
portal.studenthealth.cuimc.columbia.edu
cice-dev.paas.cc.columbia.edu
www.ffworkshop.columbia.edu
shoreline.ncdp.columbia.edu
hudson.jrn.columbia.edu
enhants.ee.columbia.edu
p-ctx-dc-02.mc.cumc.columbia.edu
admissions.nursing.columbia.edu
realrisks.dbmi.columbia.edu
*.gsas.columbia.edu
cluster2.technolutions.net
www.make.columbia.edu
lawnetportal.law.columbia.edu
sy-cvl-vcs-p02.college.columbia.edu
Certificate
The complete raw certificate details for *.gsas.columbia.edu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFVTCCBD2gAwIBAgIRAKvQOiWgZWEVPTG8z2qzeZUwDQYJKoZIhvcNAQELBQAw djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMTUxMTEwMDAwMDAwWhcNMTcxMTE2 MjM1OTU5WjCBijELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5ZMREwDwYDVQQHEwhO ZXcgWW9yazEcMBoGA1UEChMTQ29sdW1iaWEgVW5pdmVyc2l0eTEfMB0GA1UECxMW SW5mb3JtYXRpb24gVGVjaG5vbG9neTEcMBoGA1UEAwwTKi5nc2FzLmNvbHVtYmlh LmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMD8/KV/MDTqEZyh 8OaLJOV0fn3EJYmkzpblYngmkbmCILOeLVh/V8PT4CKZVeoQOx1V2RwGYUgLeucr aCVkPF1QtWlTVne9C1RgLlUSvHZ7UThO3hHjHaI/d6+JqBUacmqqwCrCAuE0SKUq FZ0iCa/MqPP1wwv/HX2aCceSji9he6CLAh4l/Jrv85DuMy+l+/z4YkQosuEVXpPw 495eWobozvWfHMwB58OLn3jtCFG6JT87uqnbIifxaaZtpeMkDbKfdaKAR4iI4QFv 9Ki07jJ8ZVENtFiDiCP9tc+/GHtGf+anTEWOf0PpbVLLHzZjQCPZ046NDUqfCuy8 gPymXGsCAwEAAaOCAccwggHDMB8GA1UdIwQYMBaAFB4Fo3ePbJbiW4dLprSGrHEA DOc4MB0GA1UdDgQWBBTKzOstjZ/kzUSAIa5BgXelDMdSHDAOBgNVHQ8BAf8EBAMC BaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw ZwYDVR0gBGAwXjBSBgwrBgEEAa4jAQQDAQEwQjBABggrBgEFBQcCARY0aHR0cHM6 Ly93d3cuaW5jb21tb24ub3JnL2NlcnQvcmVwb3NpdG9yeS9jcHNfc3NsLnBkZjAI BgZngQwBAgIwRAYDVR0fBD0wOzA5oDegNYYzaHR0cDovL2NybC5pbmNvbW1vbi1y c2Eub3JnL0luQ29tbW9uUlNBU2VydmVyQ0EuY3JsMHUGCCsGAQUFBwEBBGkwZzA+ BggrBgEFBQcwAoYyaHR0cDovL2NydC51c2VydHJ1c3QuY29tL0luQ29tbW9uUlNB U2VydmVyQ0FfMi5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVz dC5jb20wHgYDVR0RBBcwFYITKi5nc2FzLmNvbHVtYmlhLmVkdTANBgkqhkiG9w0B AQsFAAOCAQEAOqSZPm+hyI+b6Uyq+4S/rwKbvff9j7xgvG6lXD1ct41M1QSGBjxj vPSBYmzWyKhY98gEBUlsTYEpE24ExXaT1xOQhMnl474KIoGP9btyP9iLm259KV7H jBaCOBEkmsEaKWfggmFMaR+Srd9jcLE2cNswCmvZB4KG75e3Zzs5MbdBfadN9b3p lR8Rm36F/0WbAhqSl1mnKo9xio/TKAKQI/w20or8EVvq1Xn+OAj3J1CpxMnc+NsV q4oSofDkiADEQmEKVGBPhNdH4ZjpHeaChsXOFw4/U3jIrAFNtfMBFM/+j4Z9l6+q hCNjeLqpgNorNF3Ot1mXN5CwxlmcC99Whg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPz8pX8wNOoRnKHw5osk 5XR+fcQliaTOluVieCaRuYIgs54tWH9Xw9PgIplV6hA7HVXZHAZhSAt65ytoJWQ8 XVC1aVNWd70LVGAuVRK8dntROE7eEeMdoj93r4moFRpyaqrAKsIC4TRIpSoVnSIJ r8yo8/XDC/8dfZoJx5KOL2F7oIsCHiX8mu/zkO4zL6X7/PhiRCiy4RVek/Dj3l5a hujO9Z8czAHnw4ufeO0IUbolPzu6qdsiJ/Fppm2l4yQNsp91ooBHiIjhAW/0qLTu MnxlUQ20WIOII/21z78Ye0Z/5qdMRY5/Q+ltUssfNmNAI9nTjo0NSp8K7LyA/KZc awIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 228379164386635044778486696001420884373 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-11-10 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-16 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NY' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Columbia University' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Information Technology' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.gsas.columbia.edu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24362507043600900585714207516608026467599759423077474689220627932360046104488059840674015570076946135376980771707842632458766039562599290894691232281244173359599404870836751453059164268870571852906895044125521913323334701493572854679936769006474640246089472911596253821138046208673560067418212413880014947697611536291229398953091672649475445119271577084466154361387666886528812204934152762840184710970520839162307340095356930724247115272786912140138122268026635246168195066646055225223247606345431843017872555054759595717900909978803174126399166336754878726561103545096655806651235670286277491956615883782241625988203 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) cacceb2d8d9fe4cd448021ae418177a50cc7521c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.gsas.columbia.edu' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003aa4993e6fa1c88f9be94caafb84bfaf029bbdf7fd8fbc60bc6ea55c3d5cb78d4cd50486063c63bcf481626cd6c8a858f7c80405496c4d8129136e04c57693d7139084c9e5e3be0a22818ff5bb723fd88b9b6e7d295ec78c16823811249ac11a2967e082614c691f92addf6370b13670db300a6bd9078286ef97b7673b3931b7417da74df5bde9951f119b7e85ff459b021a929759a72a8f718a8fd328029023fc36d28afc115bead579fe3808f72750a9c4c9dcf8db15ab8a12a1f0e48800c442610a54604f84d747e198e91de68286c5ce170e3f5378c8ac014db5f30114cffe8f867d97afaa84236378baa980da2b345dceb759973790b0c6599c0bdf5686