eggplant.uchicago.edu

- University of Chicago -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 49:0b:0d:76:cb:0a:fd:9e:03:0c:52:bf:6d:f9:72:ba was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of Chicago

Organization: University of Chicago
Organization unit: IT Security
Address: 5801 South Ellis Avenue
Postal code: 60637
State / Province: IL
Locality: Chicago
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 49:0b:0d:76:cb:0a:fd:9e:03:0c:52:bf:6d:f9:72:ba
Serial Number (int): 97091032040829509906253664585736876730
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 93:27:3d:1e:b8:70:36:59:54:59:5a:b4:cd:1c:27:22:ff:f5:b8:7c
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 89:37:16:a3:a3:0e:e2:51:73:53:50:6c:e0:5c:92:28:35:99:39:63
Fingerprint (sha256): 02:e3:69:b5:e8:93:50:41:9d:9a:b1:ff:e4:88:f1:15:64:78:5b:f7:78:0f:d3:c9:ff:f3:ce:67:f3:91:2a:ae

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate eggplant.uchicago.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for eggplant.uchicago.edu

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

eggplant.uchicago.edu

Other certificates including the domain name uchicago.edu

(limited to 100 certificates)
iic.uchicago.edu
online.professional.uchicago.edu
paretosolutions.uchicago.edu
www.alemsegedlab.uchicago.edu
cdis.uchicago.edu
5695872079757312-fe3.pantheonsite.io
5690145009303552-fe2.pantheonsite.io
www.dickinsonlab.uchicago.edu
biotime.uchicago.edu
accredible.tutor.com
cobeylab.uchicago.edu
cmb-s4.org
statuspage.io
artflx.uchicago.edu
hbpl.uchicago.edu
5695872079757312-fe3.pantheonsite.io
*.uchicago.edu
cri-kaaiismtp2.cri.uchicago.edu
stagingcatalog.uchicago.edu
cluster.technolutions.net
mirabeau.lib.uchicago.edu
uchicago-main.edge.bluestate.digital
5681717746597888-fe4.pantheonsite.io
loop.lib.uchicago.edu
isa.uchicago.edu
uofcsurveylab.uchicago.edu
sw.src.uchicago.edu
5690145009303552-fe2.pantheonsite.io
amploadvance.com
tls.automattic.com
aonhrlearningcenter.credentials.aon.com
www.cef.uchicago.edu
mh.uchicago.edu
www.ec.uchicago.edu
statuspage.io
grahamschoolinfo.uchicago.edu
incapsula.com
statuspage.io
chicagounbound.uchicago.edu
donatetocancer.uchicago.edu
ucwn.uchicago.edu
5695872079757312-fe3.pantheonsite.io
akamai-san108.exacttarget.com
clelandchat.uchicago.edu
smlnj.org
wg-gleacher.uchicago.edu
erairb-prod.uchicago.edu
academy-achievements.gong.io
www.mychoice.uchicago.edu
simswuat23.uchicago.edu
5764640680181760-fe4.pantheonsite.io
player.cs.uchicago.edu
rsna.staging.rcc.uchicago.edu
pyrite.lib.uchicago.edu
gargantua.lib.uchicago.edu
uei-dviz.uchicago.edu
1155-vcenter.uchicago.edu
ability.uchicago.edu
achieve.escoffier.edu
ul-rdg1.ad.uchicago.edu
reserve.staging.chicagobooth.edu
joyeuse.uchicago.edu
athletics.uchicago.edu
myaccount.uchicago.edu
hosted-ce29.grid.uchicago.edu
lists.ci.uchicago.edu
cri-ksqlinsd2.cri.uchicago.edu
minuet.cs.uchicago.edu
www.cdis.uchicago.edu
apply-harris.uchicago.edu
statuspage.io
spt.uchicago.edu
gev.uchicago.edu
whypolicy.uchicago.edu
cobeylab.uchicago.edu
blueprint.uchicago.edu
parkwait.uchicago.edu
academy-achievements.gong.io
www.urban.uchicago.edu
hbpl.uchicago.edu
tls.automattic.com
ulysses.uchicago.edu
tbc.uchicago.edu
cobeylab.uchicago.edu
encyclopedie.uchicago.edu
cobeylab.uchicago.edu
mpcs-courses.cs.uchicago.edu
webchat.uchicago.edu
www.placelab.uchicago.edu
eggplant.uchicago.edu
lbcnet.uchicago.edu
klab.ci.uchicago.edu
jupyterhub.grid.uchicago.edu
guides.lib.uchicago.edu
stream2.uchicago.edu
www-dev.cs.uchicago.edu
cluster.technolutions.net
rdmi.uchicago.edu
dvlf.uchicago.edu
mpml.uchicago.edu

Certificate

The complete raw certificate details for eggplant.uchicago.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGlTCCBX2gAwIBAgIQSQsNdssK/Z4DDFK/bflyujANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0xODA5MTgwMDAwMDBaFw0yMDA5MTQy
MzU5NTlaMIG0MQswCQYDVQQGEwJVUzEOMAwGA1UEERMFNjA2MzcxCzAJBgNVBAgT
AklMMRAwDgYDVQQHEwdDaGljYWdvMSAwHgYDVQQJExc1ODAxIFNvdXRoIEVsbGlz
IEF2ZW51ZTEeMBwGA1UEChMVVW5pdmVyc2l0eSBvZiBDaGljYWdvMRQwEgYDVQQL
EwtJVCBTZWN1cml0eTEeMBwGA1UEAxMVZWdncGxhbnQudWNoaWNhZ28uZWR1MIIC
IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtWekBTJCy2e6hnkDCqP9OrfA
ImtKHMGz4o6y7SBTXm5Z/KoaL39X79oT7/Ld3PCi0v8gz5APNl1cUBUEdQyPAMuY
wicHi2V5aUJGrUkB37C14O+o2RNHZvDvHFPM/e2UB7SPxNzcwo1/fcms1S0nDm/q
NABP/SBDLFA90IjbEhZpZFH6dDnQwfDMo7M6es5YK3dPoCwkRpCgL01/2Ph4e+3S
RUga7BTJ+b2/kTYR+kKYwcZgB93etbRP+3arwujLjLefJNaJ+yolfQQlqWAqY+BQ
elipuT38OkzWD/dbKFMR0aaiP6Tl0gYu5Jfi/7mAoUF+sAkdGr9qViNIOMIMX0uI
LXaY9L3OWDQVFG0bOzpwWSjJGMB3CWiSJ+b2Zy7p7H8RM58vSOuFHVMQFDqnmYXg
yoro32nL0uejWCshTjPxh8Ez5CDB+N7LSAMk/9Twnqy4IhjKMMqktpZGaX4LF/oi
C9iGihvNGDAAlFp6VHditpu7+D+4RIj3zAzRgNPjl04wd2GGAMS0ZYFGAW2vhjU5
7AtDH5GUcuxPUgVblXkk4X+wM4hWCSXAplMraUZXQXbP0bknpcogl7goMGGvitGV
VxQQBenZp0KvqfPyw6+prYJS+6+uwH02GvR3dm95fAaG/CUNwzT3xMSR3rbvQ6N8
Dp9DCmcO3AWWHKUNawUCAwEAAaOCAd4wggHaMB8GA1UdIwQYMBaAFB4Fo3ePbJbi
W4dLprSGrHEADOc4MB0GA1UdDgQWBBSTJz0euHA2WVRZWrTNHCci//W4fDAOBgNV
HQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwZwYDVR0gBGAwXjBSBgwrBgEEAa4jAQQDAQEwQjBABggrBgEFBQcC
ARY0aHR0cHM6Ly93d3cuaW5jb21tb24ub3JnL2NlcnQvcmVwb3NpdG9yeS9jcHNf
c3NsLnBkZjAIBgZngQwBAgIwRAYDVR0fBD0wOzA5oDegNYYzaHR0cDovL2NybC5p
bmNvbW1vbi1yc2Eub3JnL0luQ29tbW9uUlNBU2VydmVyQ0EuY3JsMHUGCCsGAQUF
BwEBBGkwZzA+BggrBgEFBQcwAoYyaHR0cDovL2NydC51c2VydHJ1c3QuY29tL0lu
Q29tbW9uUlNBU2VydmVyQ0FfMi5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3Nw
LnVzZXJ0cnVzdC5jb20wIAYDVR0RBBkwF4IVZWdncGxhbnQudWNoaWNhZ28uZWR1
MBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQARsaEjZzXK
4Y+/BxCSxnwE+GJZa4cnuA22ike8/WAsKGyC2JL6nIEgxR2zkJMuHCm5ttMcZbpx
6jdve2HkV53FeqRR3S+EG1gjTLT7bq87IaA2zS9KYptNS0IIsg1PdwMi3Mayg82V
sxWPklXILIrk9i22PorhWEZmSE/zRzLT5FDwyuPtd1lt5dl9anjacWuwY1JGVvDS
vr5YElC3nrCvfQ48fvI5MabKRpTPPuqMawigrTxVizWkj7CbNKnao4hwUJmhfX04
cYfntFEEfuGXdPly4KyG3v7aSB5kV1ZQkLzu8smhXWWb9AT55oELFeCkpH15L46a
Ss61AKG4qLZS
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtWekBTJCy2e6hnkDCqP9
OrfAImtKHMGz4o6y7SBTXm5Z/KoaL39X79oT7/Ld3PCi0v8gz5APNl1cUBUEdQyP
AMuYwicHi2V5aUJGrUkB37C14O+o2RNHZvDvHFPM/e2UB7SPxNzcwo1/fcms1S0n
Dm/qNABP/SBDLFA90IjbEhZpZFH6dDnQwfDMo7M6es5YK3dPoCwkRpCgL01/2Ph4
e+3SRUga7BTJ+b2/kTYR+kKYwcZgB93etbRP+3arwujLjLefJNaJ+yolfQQlqWAq
Y+BQelipuT38OkzWD/dbKFMR0aaiP6Tl0gYu5Jfi/7mAoUF+sAkdGr9qViNIOMIM
X0uILXaY9L3OWDQVFG0bOzpwWSjJGMB3CWiSJ+b2Zy7p7H8RM58vSOuFHVMQFDqn
mYXgyoro32nL0uejWCshTjPxh8Ez5CDB+N7LSAMk/9Twnqy4IhjKMMqktpZGaX4L
F/oiC9iGihvNGDAAlFp6VHditpu7+D+4RIj3zAzRgNPjl04wd2GGAMS0ZYFGAW2v
hjU57AtDH5GUcuxPUgVblXkk4X+wM4hWCSXAplMraUZXQXbP0bknpcogl7goMGGv
itGVVxQQBenZp0KvqfPyw6+prYJS+6+uwH02GvR3dm95fAaG/CUNwzT3xMSR3rbv
Q6N8Dp9DCmcO3AWWHKUNawUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 97091032040829509906253664585736876730
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-18 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-14 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '60637'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chicago'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '5801 South Ellis Avenue'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of Chicago'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT Security'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'eggplant.uchicago.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 740067205938443852585577161139408225677244144776517042660135810212069031926040690153878609705697536321445663476940863726334990636933279794108689785021615616932032572922478733001996526403273648524000998396856198799687345950340959493639386903566140000455311262537425377057119826966616354092146401777177092657583428451025911057451017850608169088810260918529165475420944091237291567773345749531944309192390333525888587604077964960667558863541917520362215680943139518462372340177050534371767201044601418876061223448571346518602375089872552815499455470524579892878618348767653019841283537411379438461560778776038028306767443339570956215260374101424225514057802341472567838204602295709464585841094964720945971596532886030357745665796490355283466031234485133888724329996545640717170603793252776696088784663676641428689517655699434207406094343742646162480708990650117183384030767870705758265353274432720781638858489218231162635754533740865400822404865525836210829146719156015107243764812199161324252005870196082741957791551515357746475924566487248578398291220450946439220935003465897130296510627620146033474764604719224065593217531392770982471957694592433260204084330934693824448678000761169049223374751708228959736061546771532757495465208581
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							93273d1eb870365954595ab4cd1c2722fff5b87c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eggplant.uchicago.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0011b1a1236735cae18fbf071092c67c04f862596b8727b80db68a47bcfd602c286c82d892fa9c8120c51db390932e1c29b9b6d31c65ba71ea376f7b61e4579dc57aa451dd2f841b58234cb4fb6eaf3b21a036cd2f4a629b4d4b4208b20d4f770322dcc6b283cd95b3158f9255c82c8ae4f62db63e8ae1584666484ff34732d3e450f0cae3ed77596de5d97d6a78da716bb063524656f0d2bebe581250b79eb0af7d0e3c7ef23931a6ca4694cf3eea8c6b08a0ad3c558b35a48fb09b34a9daa388705099a17d7d387187e7b451047ee19774f972e0ac86defeda481e6457565090bceef2c9a15d659bf404f9e6810b15e0a4a47d792f8e9a4aceb500a1b8a8b652