hg.cdlib.org

- Regents of the University of California -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 7b:61:a4:c5:67:0e:52:ed:38:c0:6f:b5:cb:3f:58:a2 was issued on by Internet2.

With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Regents of the University of California

Organization: Regents of the University of California
Organization unit: California Digital Library
Address: 1111 Franklin Street
Postal code: 94607
State / Province: CA
Locality: Oakland
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 7b:61:a4:c5:67:0e:52:ed:38:c0:6f:b5:cb:3f:58:a2
Serial Number (int): 164002038231839817414252238791197546658
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 3c:1e:db:5a:10:7e:4a:63:84:89:a1:7c:24:ca:5f:14:d6:ca:66:81
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 36:a8:f4:df:0f:1f:ee:49:ad:5f:5b:67:a7:56:9f:62:73:8b:0d:49
Fingerprint (sha256): 03:9e:f0:4e:4e:01:98:65:2a:0a:14:76:f8:7c:97:dc:7f:5d:79:e3:fe:3c:c9:fd:73:77:1e:c0:7d:bf:d0:92

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate hg.cdlib.org

8

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for hg.cdlib.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

hg.cdlib.org
builds-tmp.cdlib.org
builds.cdlib.org
hg-tmp.cdlib.org
mvn-tmp.cdlib.org
mvn.cdlib.org
uc3-source-prd.cdlib.org
uc3-source.cdlib.org

Other certificates including the domain name cdlib.org

(limited to 100 certificates)
pub-xtfweb2-prd.cdlib.org
uc3-mrtui03x2-prd.cdlib.org
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
xtf.cdlib.org
datadryad.org
5758048710688768-fe3.pantheonsite.io
www.cdlib.org
5648554290839552-fe1.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
hg.cdlib.org
aspace.cdlib.org
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
uc3-ingest03x2-prd.cdlib.org
registry-stg.cdlib.org
uc3-ingest01x2-stg.cdlib.org
5704837555552256-fe2.pantheonsite.io
hg.cdlib.org
5704837555552256-fe2.pantheonsite.io
registry-dev.cdlib.org
5758048710688768-fe3.pantheonsite.io
cdlib.org
5758048710688768-fe3.pantheonsite.io
registry.cdlib.org
5704837555552256-fe2.pantheonsite.io
nuxeo.cdlib.org
5648554290839552-fe1.pantheonsite.io
massdig.cdlib.org
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
pub-xtfweb2-prd.cdlib.org
5758048710688768-fe3.pantheonsite.io
uc3-ingest01x2-prd.cdlib.org
5758048710688768-fe3.pantheonsite.io
analytics.cdlib.org
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
cdl-aws-nagios.cdlib.org
5758048710688768-fe3.pantheonsite.io
help.oac.cdlib.org
datamirror.org
5758048710688768-fe3.pantheonsite.io
uc3-wasredirectx2-prd.cdlib.org
5653164804014080-fe1.pantheonsite.io
uc3-dryadsolr-stg.cdlib.org
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
oac.cdlib.org
dash.cdlib.org
5758048710688768-fe3.pantheonsite.io
cdlib.org
fdus-31.freshdesk.com
help.oac.cdlib.org
5758048710688768-fe3.pantheonsite.io
ftps-stg.cdlib.org
5758048710688768-fe3.pantheonsite.io
5704837555552256-fe2.pantheonsite.io
agua-stage.cdlib.org
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
d2d-pid2-prd.cdlib.org
redmine.cdlib.org
voro.cdlib.org
uc3-dryaduix2-stg-2c.cdlib.org
5758048710688768-fe3.pantheonsite.io
mylibrary.cdlib.org
5758048710688768-fe3.pantheonsite.io
5648554290839552-fe1.pantheonsite.io
5653164804014080-fe1.pantheonsite.io
5704837555552256-fe2.pantheonsite.io
oac.cdlib.org
libraries.universityofcalifornia.edu
melvyl.cdlib.org
uc3-ezid-ui-prd.cdlib.org
5653164804014080-fe1.pantheonsite.io
help.oac.cdlib.org
uc3-dryad-stg.cdlib.org
help.oac.cdlib.org
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
tls.automattic.com
5648554290839552-fe1.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
uc3-ingest02x2-stg.cdlib.org
5758048710688768-fe3.pantheonsite.io
uc3-dryaduix2-dev.cdlib.org
5648554290839552-fe1.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
help.oac.cdlib.org
5758048710688768-fe3.pantheonsite.io

Certificate

The complete raw certificate details for hg.cdlib.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHnDCCBoSgAwIBAgIQe2GkxWcOUu04wG+1yz9YojANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0xODA1MTAwMDAwMDBaFw0yMDA1MDky
MzU5NTlaMIHJMQswCQYDVQQGEwJVUzEOMAwGA1UEERMFOTQ2MDcxCzAJBgNVBAgT
AkNBMRAwDgYDVQQHEwdPYWtsYW5kMR0wGwYDVQQJExQxMTExIEZyYW5rbGluIFN0
cmVldDEwMC4GA1UEChMnUmVnZW50cyBvZiB0aGUgVW5pdmVyc2l0eSBvZiBDYWxp
Zm9ybmlhMSMwIQYDVQQLExpDYWxpZm9ybmlhIERpZ2l0YWwgTGlicmFyeTEVMBMG
A1UEAxMMaGcuY2RsaWIub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApqsaBPCnjeJbganjOI2c/fNsILO46I3if2DEiLTMJoVLxTzznlzrfzvJQgmQ
0eexEchGgY583AUPl2FN7MCUveN6aQdL8fpqDAweV47Ue1QVVrF4ult6dPMK7PBT
JQBoHKlmpjEpnxI/ExdoEKFbEfqMLzl0aHf/baBZsfTyD+smAKBAeckBo6k/Z3BO
ghlZn891HVsaYMKWMyEjZW4IRjNo37lYUUJgJGJPJsPPc+tUdXQ7fEaZsBHHTmpf
4JZHoAAEy4PqNeX6eqDGhXzy+RGL+21Z0+g+53XRAFJynQ8SlkhLlmB+uwXlu7l3
ZTFSfnp6qLUC1L7zMJrh3J2ugQIDAQABo4ID0DCCA8wwHwYDVR0jBBgwFoAUHgWj
d49sluJbh0umtIascQAM5zgwHQYDVR0OBBYEFDwe21oQfkpjhImhfCTKXxTWymaB
MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjBnBgNVHSAEYDBeMFIGDCsGAQQBriMBBAMBATBCMEAGCCsG
AQUFBwIBFjRodHRwczovL3d3dy5pbmNvbW1vbi5vcmcvY2VydC9yZXBvc2l0b3J5
L2Nwc19zc2wucGRmMAgGBmeBDAECAjBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8v
Y3JsLmluY29tbW9uLXJzYS5vcmcvSW5Db21tb25SU0FTZXJ2ZXJDQS5jcmwwdQYI
KwYBBQUHAQEEaTBnMD4GCCsGAQUFBzAChjJodHRwOi8vY3J0LnVzZXJ0cnVzdC5j
b20vSW5Db21tb25SU0FTZXJ2ZXJDQV8yLmNydDAlBggrBgEFBQcwAYYZaHR0cDov
L29jc3AudXNlcnRydXN0LmNvbTCBpQYDVR0RBIGdMIGaggxoZy5jZGxpYi5vcmeC
FGJ1aWxkcy10bXAuY2RsaWIub3JnghBidWlsZHMuY2RsaWIub3JnghBoZy10bXAu
Y2RsaWIub3JnghFtdm4tdG1wLmNkbGliLm9yZ4INbXZuLmNkbGliLm9yZ4IYdWMz
LXNvdXJjZS1wcmQuY2RsaWIub3JnghR1YzMtc291cmNlLmNkbGliLm9yZzCCAX0G
CisGAQQB1nkCBAIEggFtBIIBaQFnAHYA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiD
AMR7iXqo/csAAAFjS6sKeQAABAMARzBFAiARkDXnp+qV3rXLEA6uMMzl3eP1MBSr
hI3DD9t3LCjWtAIhAMrjbbDRDoMJjwE60UyVw9q/ernfN+cw8qDfb1XF4B0GAHYA
Xqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFjS6sKQAAABAMARzBF
AiEAm5W4NVhpVG7xtEK6Z3yzTKTz58fRqri64uddZS2aF+sCICXGjWRf309ZA07N
/2fVdss8tkkBt1ZCymD0ZHrNDDROAHUAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgX
L6OqHQcT0wwAAAFjS6sKGwAABAMARjBEAiAlkDPW4BDJnsbOxMY0bJHabXhuMun3
btP/fzDzB1NRhwIgMSOtR+nrPOc1UcZ653OuoPUrxRkOJPd8KKSeVaCMD/4wDQYJ
KoZIhvcNAQELBQADggEBAF87h6ygRqqhpKB27DLYo+tIhNqRSvHTUKDgtu9Qnkb6
Ali6VdWDIx2n+6r8gQ6KRpeVogMX8yehcERVmosNW3N5d6MI+uJKvAxOux1E/fRX
HNUQgCVTEVilzEEP0YoOAoiP1jq3aACVZhh6VMzlHRc2x/6RSyiUmm7YjOuHInon
zgLjspg6azuwPfRdeCz3KALqsOTw3h/cNp9mh7vLgzVnEnnHF1GgcsKMQexhBlQM
/4q0e8wSZI+Ka7pkY8xkq6MiBVIEhcIzz6rHvpKu7RwVxAooasyPahwT2AIM7Ln8
COWDZhmRGBq98lOSG0k8X4NrioWnWnGUS/nxXttMkQ4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqsaBPCnjeJbganjOI2c
/fNsILO46I3if2DEiLTMJoVLxTzznlzrfzvJQgmQ0eexEchGgY583AUPl2FN7MCU
veN6aQdL8fpqDAweV47Ue1QVVrF4ult6dPMK7PBTJQBoHKlmpjEpnxI/ExdoEKFb
EfqMLzl0aHf/baBZsfTyD+smAKBAeckBo6k/Z3BOghlZn891HVsaYMKWMyEjZW4I
RjNo37lYUUJgJGJPJsPPc+tUdXQ7fEaZsBHHTmpf4JZHoAAEy4PqNeX6eqDGhXzy
+RGL+21Z0+g+53XRAFJynQ8SlkhLlmB+uwXlu7l3ZTFSfnp6qLUC1L7zMJrh3J2u
gQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 164002038231839817414252238791197546658
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-10 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-09 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '94607'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oakland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1111 Franklin Street'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Regents of the University of California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California Digital Library'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hg.cdlib.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21039931986642282173420862843690812139855107094674533972583049168447601706124164973603817918782426397709234206534254106801765576323639767039340904325586628997366659151394689853132350629123462459744317756321051900360917021202132262194373693715536019233862382328469920024372373336469380616292783523597760651877199681412558994536080567198147127943637085458251646128804073094688825530723742091624225856133130306210652550158056571756999986564477565400277190387011953149493746774489824665030081277547623488370981842110762914417096437916861065550482677577357852293184287593069534169569557721238656606680282960631820174864001
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3c1edb5a107e4a638489a17c24ca5f14d6ca6681
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (157 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hg.cdlib.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'builds-tmp.cdlib.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'builds.cdlib.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hg-tmp.cdlib.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mvn-tmp.cdlib.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mvn.cdlib.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uc3-source-prd.cdlib.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uc3-source.cdlib.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb000001634bab0a7900000403004730450220119035e7a7ea95deb5cb100eae30cce5dde3f53014ab848dc30fdb772c28d6b4022100cae36db0d10e83098f013ad14c95c3dabf7ab9df37e730f2a0df6f55c5e01d060076005ea773f9df56c0e7b536487dd049e0327a919a0c84a112128418759681714558000001634bab0a4000000403004730450221009b95b8355869546ef1b442ba677cb34ca4f3e7c7d1aab8bae2e75d652d9a17eb022025c68d645fdf4f59034ecdff67d576cb3cb64901b75642ca60f4647acd0c344e0075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001634bab0a1b00000403004630440220259033d6e010c99ec6cec4c6346c91da6d786e32e9f76ed3ff7f30f30753518702203123ad47e9eb3ce73551c67ae773aea0f52bc5190e24f77c28a49e55a08c0ffe
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005f3b87aca046aaa1a4a076ec32d8a3eb4884da914af1d350a0e0b6ef509e46fa0258ba55d583231da7fbaafc810e8a469795a20317f327a17044559a8b0d5b737977a308fae24abc0c4ebb1d44fdf4571cd5108025531158a5cc410fd18a0e02888fd63ab768009566187a54cce51d1736c7fe914b28949a6ed88ceb87227a27ce02e3b2983a6b3bb03df45d782cf72802eab0e4f0de1fdc369f6687bbcb8335671279c71751a072c28c41ec6106540cff8ab47bcc12648f8a6bba6463cc64aba32205520485c233cfaac7be92aeed1c15c40a286acc8f6a1c13d8020cecb9fc08e583661991181abdf253921b493c5f836b8a85a75a71944bf9f15edb4c910e