ehrci.mc.uky.edu

- University of Kentucky -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 92:91:fd:f1:be:cf:58:2e:6e:ee:1d:21:d0:6d:48:df was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of Kentucky

Organization: University of Kentucky
Organization unit: UKHC ITS Server Engineering
Address: 245 Fountain Ct.
Address: ITS Tech Windows Server Department
Postal code: 40509
State / Province: Kentucky
Locality: Lexington
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 92:91:fd:f1:be:cf:58:2e:6e:ee:1d:21:d0:6d:48:df
Serial Number (int): 194825321031754973195925241103322532063
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: e8:01:fb:c9:24:bd:4e:20:84:77:20:ff:bc:c0:c0:9e:bc:d0:cc:44
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): af:ab:44:d5:35:5c:69:d6:dd:91:a0:02:f9:92:86:fb:51:70:93:91
Fingerprint (sha256): 04:48:03:38:eb:61:9c:4d:89:d7:ed:8c:2d:12:93:38:9c:79:5f:13:13:d8:11:8b:f6:6e:14:30:87:ae:bd:33

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate ehrci.mc.uky.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ehrci.mc.uky.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ehrci.mc.uky.edu

Other certificates including the domain name uky.edu

(limited to 100 certificates)
lsv.uky.edu
remote.ca.uky.edu
www.hosp.uky.edu
download.uky.edu
imaps.netlab.uky.edu
5636470266134528-fe2.pantheonsite.io
bbtools.ad.uky.edu
landing.socialworkonline.uky.edu
5700866052980736-fe2.pantheonsite.io
5636470266134528-fe2.pantheonsite.io
scdp.uky.edu
adfs.uky.edu
alumniweb.uky.edu
ukam.uky.edu
lyncpool.ad.uky.edu
cpr.as.uky.edu
kers.ca.uky.edu
uconnectlabs.com
plyits2016svr01.mc.uky.edu
rhelp.ad.uky.edu
5636470266134528-fe2.pantheonsite.io
www.bae.uky.edu
pks2-cas2.net.uky.edu
5649684605435904-fe1.pantheonsite.io
securedns.planmygift.org
timeoffcalendar.uky.edu
ukhcsftpt.mc.uky.edu
tableaupublic.uky.edu
ww-a12.as.uky.edu
uk-pa7080-edge1-pri-mgmt.net.uky.edu
www.etrax.uky.edu
drive.uky.edu
prdukheiixdsrp04.mc.uky.edu
ctrp-dev.uky.edu
spencer.ca.uky.edu
exploreuk.uky.edu
www.hcii.cs.cmu.edu
sfbextweb.uky.edu
ibi-test.uky.edu
ukam.uky.edu
grackle.ecc.engr.uky.edu
its.net.uky.edu
horm.as.uky.edu
*.coe.uky.edu
tstukheiixdsrp02.mc.uky.edu
icmac.rch.uky.edu
mfp.uky.edu
5636470266134528-fe2.pantheonsite.io
pa7080-primary-mgmt.net.uky.edu
5700866052980736-fe2.pantheonsite.io
boonecenter.uky.edu
ra.uky.edu
5700866052980736-fe2.pantheonsite.io
prdltchvc01.mc.uky.edu
www2.ca.uky.edu
plannedgiving.zaytuna.edu
support.ccs.uky.edu
clarity.mc.uky.edu
castle.uky.edu
warehouse.ca.uky.edu
labrea.ecc.engr.uky.edu
fayette.ca.uky.edu
securedns.planmygift.org
*.law.uky.edu
ibi.uky.edu
uconnectlabs.com
sims.uky.edu
ukhcvendorreg.mc.uky.edu
5636470266134528-fe2.pantheonsite.io
athena.uky.edu
ehrci.mc.uky.edu
uconnectlabs.com
prdsprspctu01.mc.uky.edu
plyits2016svr01.mc.uky.edu
boonecenter.uky.edu
comm.uky.edu
*.mc.uky.edu
beckdt.engr.uky.edu
remote.ca.uky.edu
5636470266134528-fe2.pantheonsite.io
libraries.uky.edu
landing.socialworkonline.uky.edu
myukmpx.uky.edu
5700866052980736-fe2.pantheonsite.io
devedwcognapp01.mc.uky.edu
sudepresearch.uky.edu
i2b2ccts.uky.edu
finearts.uky.edu
sweb.uky.edu
prdcteweb01.mc.uky.edu
www.lgcr.com
www.nai.arizona.edu
prdltchvcpsc01.mc.uky.edu
pimser.coe.uky.edu
5636470266134528-fe2.pantheonsite.io
ukitspks2cmx01.net.uky.edu
scriptprorefills.mc.uky.edu
ukhr.uky.edu
5722903798611968-fe3.pantheonsite.io
ehs.uky.edu

Certificate

The complete raw certificate details for ehrci.mc.uky.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgIRAJKR/fG+z1gubu4dIdBtSN8wDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMTgwMzI5MDAwMDAwWhcNMjAwMzI4
MjM1OTU5WjCB7jELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTQwNTA5MREwDwYDVQQI
EwhLZW50dWNreTESMBAGA1UEBxMJTGV4aW5ndG9uMRkwFwYDVQQJExAyNDUgRm91
bnRhaW4gQ3QuMSswKQYDVQQJEyJJVFMgVGVjaCBXaW5kb3dzIFNlcnZlciBEZXBh
cnRtZW50MR8wHQYDVQQKExZVbml2ZXJzaXR5IG9mIEtlbnR1Y2t5MSQwIgYDVQQL
ExtVS0hDIElUUyBTZXJ2ZXIgRW5naW5lZXJpbmcxGTAXBgNVBAMTEGVocmNpLm1j
LnVreS5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClHbYQogZQ
4ony16HMcvb2XvBVK4i/xoRpUn2KKWHYXUjK117cYZsfK8Brz74p0Mx8lFnElYT3
F1DjSB8A+sec0qbz61sc5lQTVJCY5i58t+OA6eJIJMMT8jSeHhUJMTcabNWtHtY3
/owofWHhcd5ZFddsqnX8obENAAeOqzrGrjSGcDGNZC5GjNHyd/OvZ6OLafDco9cm
rRL6rS1xNg32094hu89fFA1/c0B/NItPpOYec3aFaWvXD4fa/rIHUfIaPGsXz5CG
fK3OOiRIAc7aOQhiYAah7I6pUE5I/JStqhh6C6gc6JDauTqU/A051GleavTfycZu
X00US+kofEsVAgMBAAGjggHZMIIB1TAfBgNVHSMEGDAWgBQeBaN3j2yW4luHS6a0
hqxxAAznODAdBgNVHQ4EFgQU6AH7ySS9TiCEdyD/vMDAnrzQzEQwDgYDVR0PAQH/
BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
BwMCMGcGA1UdIARgMF4wUgYMKwYBBAGuIwEEAwEBMEIwQAYIKwYBBQUHAgEWNGh0
dHBzOi8vd3d3LmluY29tbW9uLm9yZy9jZXJ0L3JlcG9zaXRvcnkvY3BzX3NzbC5w
ZGYwCAYGZ4EMAQICMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwuaW5jb21t
b24tcnNhLm9yZy9JbkNvbW1vblJTQVNlcnZlckNBLmNybDB1BggrBgEFBQcBAQRp
MGcwPgYIKwYBBQUHMAKGMmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9JbkNvbW1v
blJTQVNlcnZlckNBXzIuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2Vy
dHJ1c3QuY29tMBsGA1UdEQQUMBKCEGVocmNpLm1jLnVreS5lZHUwEwYKKwYBBAHW
eQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAEDY+gD04GElpuR6mkB9YsXs
vP6R7Soipg8eGfNRgVh+1kWikmnRdwoWWgQ1rHOJOxVl1co0nFY4rbBn4KklvAne
DsRaahmAmwip8pflejo2oHEjJd9BxTc21y/R9HLoztrDJ9bt6pzghoAlNDaSvH4b
uvd0f6rf7xjX5u370RXqZz2f/9N0lGLPAM8MQALf0Nhk5DFyK9vml7LvYzruauy3
pqqod9haJIZawmSnE3kDvea+rMV6PZlY1sRo2UwgSG1o1Xrp9/t7wXE/abaYb8aQ
Uv+6IpEbGCp2so9hw8+OZAzak6+NvDUM6kHhIc/a8C6JN0vSigH50+G1sz66+uI=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR22EKIGUOKJ8tehzHL2
9l7wVSuIv8aEaVJ9iilh2F1Iytde3GGbHyvAa8++KdDMfJRZxJWE9xdQ40gfAPrH
nNKm8+tbHOZUE1SQmOYufLfjgOniSCTDE/I0nh4VCTE3GmzVrR7WN/6MKH1h4XHe
WRXXbKp1/KGxDQAHjqs6xq40hnAxjWQuRozR8nfzr2eji2nw3KPXJq0S+q0tcTYN
9tPeIbvPXxQNf3NAfzSLT6TmHnN2hWlr1w+H2v6yB1HyGjxrF8+QhnytzjokSAHO
2jkIYmAGoeyOqVBOSPyUraoYeguoHOiQ2rk6lPwNOdRpXmr038nGbl9NFEvpKHxL
FQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 194825321031754973195925241103322532063
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-03-29 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-28 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '40509'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Kentucky'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Lexington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '245 Fountain Ct.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ITS Tech Windows Server Department'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of Kentucky'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'UKHC ITS Server Engineering'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ehrci.mc.uky.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20843971453884000372723052894440926394505638826773732532214690149804062073737737078285940660439849217205423958875143126199263678195459974457765543840097787287180163053184624807514749375777075174724279213707149189022378658987596677110372676929003070185131260069937572251860168125826229700002127816258992005041637598211457399086874492712501998105335775774499282810028926147070740895075909055787748179509193152657888180663218466225458675758428431392514006173871224066800825740439566838968272735316419597636162411511448867323765184327965472890693025875667251341757683160301950366618424888593195512669688942025878137490197
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e801fbc924bd4e20847720ffbcc0c09ebcd0cc44
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ehrci.mc.uky.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0040d8fa00f4e06125a6e47a9a407d62c5ecbcfe91ed2a22a60f1e19f35181587ed645a29269d1770a165a0435ac73893b1565d5ca349c5638adb067e0a925bc09de0ec45a6a19809b08a9f297e57a3a36a0712325df41c53736d72fd1f472e8cedac327d6edea9ce0868025343692bc7e1bbaf7747faadfef18d7e6edfbd115ea673d9fffd3749462cf00cf0c4002dfd0d864e431722bdbe697b2ef633aee6aecb7a6aaa877d85a24865ac264a7137903bde6beacc57a3d9958d6c468d94c20486d68d57ae9f7fb7bc1713f69b6986fc69052ffba22911b182a76b28f61c3cf8e640cda93af8dbc350cea41e121cfdaf02e89374bd28a01f9d3e1b5b33ebafae2