www.arch.virginia.edu

- University of Virginia -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number e2:44:54:89:4d:b3:97:2e:97:49:34:18:01:32:ef:a0 was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of Virginia

Organization: University of Virginia
Organization unit: Information Technology and Communication
Address: 1827 University Avenue
Postal code: 22904
State / Province: VA
Locality: Charlottesville
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): e2:44:54:89:4d:b3:97:2e:97:49:34:18:01:32:ef:a0
Serial Number (int): 300760317834483784164275362530252222368
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 32:90:8b:89:68:e5:3c:9f:58:a8:d3:56:1c:fa:50:f5:06:69:8c:70
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): de:82:67:09:7a:1e:bf:92:84:91:12:0c:4c:8b:d4:9b:46:2d:59:ce
Fingerprint (sha256): 02:90:a6:2c:c6:e2:b2:dd:56:39:8b:e8:84:a1:77:4b:74:6d:12:e7:b7:81:0b:0c:a1:ba:62:52:58:8d:68:0e

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate www.arch.virginia.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.arch.virginia.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.arch.virginia.edu

Other certificates including the domain name virginia.edu

(limited to 100 certificates)
5654645158445056-fe4.pantheonsite.io
5754903989321728-fe2.pantheonsite.io
gracula.psyc.virginia.edu
ei-mon2.its.virginia.edu
www.berg.evsc.virginia.edu
5654645158445056-fe4.pantheonsite.io
blog.radiology.virginia.edu
5645914630782976-fe1.pantheonsite.io
andvari.org
blogs.darden.virginia.edu
5641826627223552-fe3.pantheonsite.io
*.jiveon.com
clearpass.hscs.virginia.edu
schedule.hscs.virginia.edu
cluster3.technolutions.net
wtdc11.wintest.virginia.edu
mygroups.virginia.edu
cluster.technolutions.net
tammlab.medicine.virginia.edu
*.mail.virginia.edu
video.comm.virginia.edu
vanity7.jiveon.com
cluster3.technolutions.net
stacey-aruba-7240-1.hscs.virginia.edu
uvaclubs.virginia.edu
atmos.evsc.virginia.edu
csc.virginia.edu
jagienka.med.virginia.edu
religionlab.virginia.edu
calendar.virginia.edu
realestate.virginia.edu
satellite01.its.virginia.edu
blogs.darden.virginia.edu
mdm.healthsystem.virginia.edu
evscta.evsc.virginia.edu
climate.evsc.virginia.edu
falmouth.lib.virginia.edu
helpdesk.evsc.virginia.edu
uconnectlabs.com
hstsbitableau1.hscs.virginia.edu
eso.evsc.virginia.edu
banking-business-review.com
tableau.admin.virginia.edu
staffsenate.virginia.edu
securemail.healthsystem.virginia.edu
www.uva2021.virginia.edu
apply.darden.virginia.edu
HSTSXCONT2.HSCS.VIRGINIA.EDU
advancement.virginia.edu
hsts3parmgt.hscs.virginia.edu
hstsmdaudithosp.hscs.virginia.edu
uconnectlabs.com
proteindiffraction.org
network-setup.itc.virginia.edu
5645914630782976-fe1.pantheonsite.io
cluster3.technolutions.net
learn.med.virginia.edu
vanity22.jiveon.com
ascs10.clas.virginia.edu
tams.nursing.virginia.edu
HSCSEBLOB.HSCS.VIRGINIA.EDU
5754903989321728-fe2.pantheonsite.io
devhub.virginia.edu
guides.lib.virginia.edu
5754903989321728-fe2.pantheonsite.io
erode.evsc.virginia.edu
findtrees.blandy.virginia.edu
apply.darden.virginia.edu
apply.undergradadmission.virginia.edu
*.cs.virginia.edu
wsx.lab.voice.virginia.edu
208.lsnc.net
falmouth.internal.lib.virginia.edu
hstsepiccaret.hscs.virginia.edu
hstsscrubip1.hscs.virginia.edu
5641826627223552-fe3.pantheonsite.io
www.arch.virginia.edu
acs.evsc.virginia.edu
ships.internal.lib.virginia.edu
xsp-cs.lab.voice.virginia.edu
*.jiveon.com
www.apps.studyabroad.virginia.edu
at.virginia.edu
hydrology.evsc.virginia.edu
gembaadmittedqc2.darden.virginia.edu
helpdesk.evsc.virginia.edu
vmssqlrp.eservices.virginia.edu
equityatlas.lib.virginia.edu
bioreproducibility.org
libanswers.law.virginia.edu
learningtech.virginia.edu
madcap.virginia.edu
epiccarelink.healthsystem.virginia.edu
apply.darden.virginia.edu
vdi-vcenter-s.eservices.virginia.edu
gracula.psyc.virginia.edu
cluster.technolutions.net
gwpapers.virginia.edu
panopto.eservices.virginia.edu
upenn-it.asc.upenn.edu

Certificate

The complete raw certificate details for www.arch.virginia.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIRAOJEVIlNs5cul0k0GAEy76AwDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMTgwOTIxMDAwMDAwWhcNMjAwOTIw
MjM1OTU5WjCB2TELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTIyOTA0MQswCQYDVQQI
EwJWQTEYMBYGA1UEBxMPQ2hhcmxvdHRlc3ZpbGxlMR8wHQYDVQQJExYxODI3IFVu
aXZlcnNpdHkgQXZlbnVlMR8wHQYDVQQKExZVbml2ZXJzaXR5IG9mIFZpcmdpbmlh
MTEwLwYDVQQLEyhJbmZvcm1hdGlvbiBUZWNobm9sb2d5IGFuZCBDb21tdW5pY2F0
aW9uMR4wHAYDVQQDExV3d3cuYXJjaC52aXJnaW5pYS5lZHUwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDGmFsNWHIRnvG5KfJdKnHfloVmgO9epfm+9GBX
NkcJHaOQ0cURKDwnreoCLShMoPGfcPU0MnlazQBwa2CJxe7wrDzezmXD7sXcw+92
dvmMUmKGZ1KgEVanWTcWOxFcfBVah+dqhpDh41R0eUnYJC99VM/qMP5Ufm4BYzyu
PqdSq4/5mASJCowXQ0CtLYeEsfciThSGUCGvW4dRJK7v8JeoVJ40QwMEMksah81T
/9dWeb79ieXaEOlJzWfE53lZ28RsASPYwDoQCo0Sz9Jn08rteScNJs0QN36COxds
gSpsDfheKcpRwOZxQHJQrLN7FVmF4umHRIKG4MHRYkzceCaFAgMBAAGjggHeMIIB
2jAfBgNVHSMEGDAWgBQeBaN3j2yW4luHS6a0hqxxAAznODAdBgNVHQ4EFgQUMpCL
iWjlPJ9YqNNWHPpQ9QZpjHAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGcGA1UdIARgMF4wUgYMKwYB
BAGuIwEEAwEBMEIwQAYIKwYBBQUHAgEWNGh0dHBzOi8vd3d3LmluY29tbW9uLm9y
Zy9jZXJ0L3JlcG9zaXRvcnkvY3BzX3NzbC5wZGYwCAYGZ4EMAQICMEQGA1UdHwQ9
MDswOaA3oDWGM2h0dHA6Ly9jcmwuaW5jb21tb24tcnNhLm9yZy9JbkNvbW1vblJT
QVNlcnZlckNBLmNybDB1BggrBgEFBQcBAQRpMGcwPgYIKwYBBQUHMAKGMmh0dHA6
Ly9jcnQudXNlcnRydXN0LmNvbS9JbkNvbW1vblJTQVNlcnZlckNBXzIuY3J0MCUG
CCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMCAGA1UdEQQZMBeC
FXd3dy5hcmNoLnZpcmdpbmlhLmVkdTATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkq
hkiG9w0BAQsFAAOCAQEAGc8Ejfm9r0w0DqiFm81v7MdzZF9qbdDdIs1SePp7TQut
2nVCukTY5/APOSZB7tjaUUHj+skewrcHeT0TxYYXWCJtK/f/uFC0btT3MrYloOB+
pq/cmm6964tmX8Pv1tddZtXaO2mVEPjL1FFzEl5W8hB1Mp1UwRLPVfTMyolW2Fe+
s63IZFYuuyshCfveqzvp8DcWdiM/D+U3XBBe37sAQ7rnsOH6bH61cD6A9YMuKb7f
LcVrWOU79JNkm6JwL54etRm8jQ2R+hqGiVfWADg1oU52llgijV7Oz+nU5oTchkFs
WJY5C6yymLvXjOiX2Ewkcn0mpT4zWTwf83VBFp8O5Q==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxphbDVhyEZ7xuSnyXSpx
35aFZoDvXqX5vvRgVzZHCR2jkNHFESg8J63qAi0oTKDxn3D1NDJ5Ws0AcGtgicXu
8Kw83s5lw+7F3MPvdnb5jFJihmdSoBFWp1k3FjsRXHwVWofnaoaQ4eNUdHlJ2CQv
fVTP6jD+VH5uAWM8rj6nUquP+ZgEiQqMF0NArS2HhLH3Ik4UhlAhr1uHUSSu7/CX
qFSeNEMDBDJLGofNU//XVnm+/Ynl2hDpSc1nxOd5WdvEbAEj2MA6EAqNEs/SZ9PK
7XknDSbNEDd+gjsXbIEqbA34XinKUcDmcUByUKyzexVZheLph0SChuDB0WJM3Hgm
hQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 300760317834483784164275362530252222368
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-21 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-20 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '22904'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'VA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Charlottesville'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1827 University Avenue'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of Virginia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Information Technology and Communication'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.arch.virginia.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25070313765443575860022512091154004482187530482547020975061909078286707122384295879391404802108946761349962501780963484757618338559767217512292698853429283344024906699434260172896293280081632622070859633208352420567983367513489615882521689311396085280283272450198627570173475019735565413037555784513523381379783050782343668021926786635893243405083107579657484477550265867394820312754019516991423256215839074610195538001631897734316844969417149967047941269157074680861688124684417907332074155995935330669214955261817215747569240594637481951287352687549955880864798684306417338720636302181289346986255180886313981716101
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							32908b8968e53c9f58a8d3561cfa50f506698c70
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.arch.virginia.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0019cf048df9bdaf4c340ea8859bcd6fecc773645f6a6dd0dd22cd5278fa7b4d0badda7542ba44d8e7f00f392641eed8da5141e3fac91ec2b707793d13c5861758226d2bf7ffb850b46ed4f732b625a0e07ea6afdc9a6ebdeb8b665fc3efd6d75d66d5da3b699510f8cbd45173125e56f21075329d54c112cf55f4ccca8956d857beb3adc864562ebb2b2109fbdeab3be9f0371676233f0fe5375c105edfbb0043bae7b0e1fa6c7eb5703e80f5832e29bedf2dc56b58e53bf493649ba2702f9e1eb519bc8d0d91fa1a868957d6003835a14e769658228d5ececfe9d4e684dc86416c5896390bacb298bbd78ce897d84c24727d26a53e33593c1ff37541169f0ee5