gev.uchicago.edu

- University of Chicago -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 49:2a:7b:a6:79:23:fa:a4:63:03:54:3f:3c:cb:8e:f9 was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of Chicago

Organization: University of Chicago
Organization unit: IT Services
State / Province: IL
Locality: Chicago
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 49:2a:7b:a6:79:23:fa:a4:63:03:54:3f:3c:cb:8e:f9
Serial Number (int): 97254228086104730221809031988244090617
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: b5:b7:67:96:c1:bf:5e:ec:d8:82:08:96:fa:2b:8e:77:ec:86:93:f6
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 5a:7a:63:1c:6f:ad:72:33:53:92:cd:a9:12:9f:1d:44:39:69:0e:d2
Fingerprint (sha256): 02:2b:f3:41:73:56:20:d6:ce:3e:17:6e:34:06:40:82:3e:c8:3a:4b:70:97:0b:7d:32:c3:36:0d:41:c7:0f:1d

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate gev.uchicago.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for gev.uchicago.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gev.uchicago.edu

Other certificates including the domain name uchicago.edu

(limited to 100 certificates)
iic.uchicago.edu
online.professional.uchicago.edu
paretosolutions.uchicago.edu
www.alemsegedlab.uchicago.edu
cdis.uchicago.edu
5695872079757312-fe3.pantheonsite.io
5690145009303552-fe2.pantheonsite.io
www.dickinsonlab.uchicago.edu
biotime.uchicago.edu
accredible.tutor.com
cobeylab.uchicago.edu
cmb-s4.org
statuspage.io
artflx.uchicago.edu
hbpl.uchicago.edu
5695872079757312-fe3.pantheonsite.io
*.uchicago.edu
cri-kaaiismtp2.cri.uchicago.edu
stagingcatalog.uchicago.edu
cluster.technolutions.net
mirabeau.lib.uchicago.edu
uchicago-main.edge.bluestate.digital
5681717746597888-fe4.pantheonsite.io
loop.lib.uchicago.edu
isa.uchicago.edu
uofcsurveylab.uchicago.edu
sw.src.uchicago.edu
5690145009303552-fe2.pantheonsite.io
amploadvance.com
tls.automattic.com
aonhrlearningcenter.credentials.aon.com
www.cef.uchicago.edu
mh.uchicago.edu
www.ec.uchicago.edu
statuspage.io
grahamschoolinfo.uchicago.edu
incapsula.com
statuspage.io
chicagounbound.uchicago.edu
donatetocancer.uchicago.edu
ucwn.uchicago.edu
5695872079757312-fe3.pantheonsite.io
akamai-san108.exacttarget.com
clelandchat.uchicago.edu
smlnj.org
wg-gleacher.uchicago.edu
erairb-prod.uchicago.edu
academy-achievements.gong.io
www.mychoice.uchicago.edu
simswuat23.uchicago.edu
5764640680181760-fe4.pantheonsite.io
player.cs.uchicago.edu
rsna.staging.rcc.uchicago.edu
pyrite.lib.uchicago.edu
gargantua.lib.uchicago.edu
uei-dviz.uchicago.edu
1155-vcenter.uchicago.edu
ability.uchicago.edu
achieve.escoffier.edu
ul-rdg1.ad.uchicago.edu
reserve.staging.chicagobooth.edu
joyeuse.uchicago.edu
athletics.uchicago.edu
myaccount.uchicago.edu
hosted-ce29.grid.uchicago.edu
lists.ci.uchicago.edu
cri-ksqlinsd2.cri.uchicago.edu
minuet.cs.uchicago.edu
www.cdis.uchicago.edu
apply-harris.uchicago.edu
statuspage.io
spt.uchicago.edu
gev.uchicago.edu
whypolicy.uchicago.edu
cobeylab.uchicago.edu
blueprint.uchicago.edu
parkwait.uchicago.edu
academy-achievements.gong.io
www.urban.uchicago.edu
hbpl.uchicago.edu
tls.automattic.com
ulysses.uchicago.edu
tbc.uchicago.edu
cobeylab.uchicago.edu
encyclopedie.uchicago.edu
cobeylab.uchicago.edu
mpcs-courses.cs.uchicago.edu
webchat.uchicago.edu
www.placelab.uchicago.edu
eggplant.uchicago.edu
lbcnet.uchicago.edu
klab.ci.uchicago.edu
jupyterhub.grid.uchicago.edu
guides.lib.uchicago.edu
stream2.uchicago.edu
www-dev.cs.uchicago.edu
cluster.technolutions.net
rdmi.uchicago.edu
dvlf.uchicago.edu
mpml.uchicago.edu

Certificate

The complete raw certificate details for gev.uchicago.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIQSSp7pnkj+qRjA1Q/PMuO+TANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0xNDExMDQwMDAwMDBaFw0xNzExMDMy
MzU5NTlaMH0xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJJTDEQMA4GA1UEBxMHQ2hp
Y2FnbzEeMBwGA1UEChMVVW5pdmVyc2l0eSBvZiBDaGljYWdvMRQwEgYDVQQLEwtJ
VCBTZXJ2aWNlczEZMBcGA1UEAxMQZ2V2LnVjaGljYWdvLmVkdTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAPar/yA2CG6vvLjtDsAFHsphFtXwqPpEkPXy
TbXh3B7z6M2vDvVj32i8sNsagqZrA8GSwk0nygCO8KVw/755RSmnRMhTKdL0jYB4
Vldll5mU3VJew4SSYPaCqudjJbLFEfyTQfqEDOKl/qtvjH58/aw+bjdUu4si7HIX
TSc2CPD9DyaFiaGFOcvGV4HYatjyje9+u+UxdaIYpBOieksWGG/bgnsrf3/VicoL
WtxcYWw1TTWi0pdLRF6D7tA8tBGWl/4FQiSUqFfIQ/NoXMffa6X/KDA+LO+EVwhD
BlgS/RYcZHu3yj8jJ7ZHUrDt2pb1lmxnjF4e1UOrTKMC8QMvLu8CAwEAAaOCAcQw
ggHAMB8GA1UdIwQYMBaAFB4Fo3ePbJbiW4dLprSGrHEADOc4MB0GA1UdDgQWBBS1
t2eWwb9e7NiCCJb6K4537IaT9jAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwZwYDVR0gBGAwXjBSBgwr
BgEEAa4jAQQDAQEwQjBABggrBgEFBQcCARY0aHR0cHM6Ly93d3cuaW5jb21tb24u
b3JnL2NlcnQvcmVwb3NpdG9yeS9jcHNfc3NsLnBkZjAIBgZngQwBAgIwRAYDVR0f
BD0wOzA5oDegNYYzaHR0cDovL2NybC5pbmNvbW1vbi1yc2Eub3JnL0luQ29tbW9u
UlNBU2VydmVyQ0EuY3JsMHUGCCsGAQUFBwEBBGkwZzA+BggrBgEFBQcwAoYyaHR0
cDovL2NydC51c2VydHJ1c3QuY29tL0luQ29tbW9uUlNBU2VydmVyQ0FfMi5jcnQw
JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wGwYDVR0RBBQw
EoIQZ2V2LnVjaGljYWdvLmVkdTANBgkqhkiG9w0BAQsFAAOCAQEAlGVDa418DYm+
Pe3kbbAykKsbMiLUm705YspO78rXr2GPNOiE//VK5TPAjShrd+8tb0mt3ZUZTZUh
1/zgnZ4rG2Eb+ub/XOD0dC/BluasLskVTN7RSQ0mtL20/6chykuHQUGm/yq6wBcm
BEuFelhBYtVVHxMHSH9VVFDUbWLy9AzL35zxhhiLeel8uWaeQ/VLppC7az39je6r
8Moh5KNakGQsq1+Lp9QnQc1ea+zd6b7STo+IfrAcsY2kc2ZxQhG9Eoxg1Vqfm4aq
cX9eouMHk/r2A0u+i9mgs77L3zOSxHwp045v4ngPSPVO0JGwIZbEk1Oy41r3zvTa
aWr5PGpJwg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9qv/IDYIbq+8uO0OwAUe
ymEW1fCo+kSQ9fJNteHcHvPoza8O9WPfaLyw2xqCpmsDwZLCTSfKAI7wpXD/vnlF
KadEyFMp0vSNgHhWV2WXmZTdUl7DhJJg9oKq52MlssUR/JNB+oQM4qX+q2+Mfnz9
rD5uN1S7iyLschdNJzYI8P0PJoWJoYU5y8ZXgdhq2PKN73675TF1ohikE6J6SxYY
b9uCeyt/f9WJygta3FxhbDVNNaLSl0tEXoPu0Dy0EZaX/gVCJJSoV8hD82hcx99r
pf8oMD4s74RXCEMGWBL9Fhxke7fKPyMntkdSsO3alvWWbGeMXh7VQ6tMowLxAy8u
7wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 97254228086104730221809031988244090617
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-11-04 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-03 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chicago'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of Chicago'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT Services'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gev.uchicago.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 31139437698924427035131532287344477828160131043023472239569422364152706254755091910191566960168644653818390981666377903620545924629778206351683024159605385141407910539431259984734320931790908363474673961293516630644937180466985898997361318836466845875495736727376110081989797000568861230561704696513397176813341864396081660038458308810208990975614176349162685849798514631874289606731373358058652649585547609051624002409226983686800279346616675439974038476182684979920536995079884969269551490505361472051329907501963613020017280842020280302932068877519857519667093013060747435345658052478407820061260459458751791836911
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b5b76796c1bf5eecd8820896fa2b8e77ec8693f6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gev.uchicago.edu'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009465436b8d7c0d89be3dede46db03290ab1b3222d49bbd3962ca4eefcad7af618f34e884fff54ae533c08d286b77ef2d6f49addd95194d9521d7fce09d9e2b1b611bfae6ff5ce0f4742fc196e6ac2ec9154cded1490d26b4bdb4ffa721ca4b874141a6ff2abac01726044b857a584162d5551f1307487f555450d46d62f2f40ccbdf9cf186188b79e97cb9669e43f54ba690bb6b3dfd8deeabf0ca21e4a35a90642cab5f8ba7d42741cd5e6becdde9bed24e8f887eb01cb18da47366714211bd128c60d55a9f9b86aa717f5ea2e30793faf6034bbe8bd9a0b3becbdf3392c47c29d38e6fe2780f48f54ed091b02196c49353b2e35af7cef4da696af93c6a49c2