www.rit.edu

- Rochester Institute of Technology -

Issued by InCommon RSA Server CA 2

About this certificate

This digital certificate with serial number 42:81:dc:24:92:31:c9:99:20:79:62:e1:2a:11:02:73 was issued on by Internet2.

With 51 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Rochester Institute of Technology

Organization: Rochester Institute of Technology
State / Province: New York
Country: US

Internet2

Organization: Internet2
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 42:81:dc:24:92:31:c9:99:20:79:62:e1:2a:11:02:73
Serial Number (int): 88403319044127095076173528908073861747
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 47:4b:1e:fb:e8:c1:9a:2e:d3:ba:1c:e3:35:6a:6e:f2:1f:23:5c:1a
AuthorityKeyId: ef:4c:00:92:a6:fb:76:2e:5e:95:e2:c9:5f:87:1b:19:d5:4d:e2:d9

Fingerprint (sha1): bc:d8:d2:57:6f:04:ac:db:30:a5:b7:58:c8:ec:d0:58:1f:76:b1:98
Fingerprint (sha256): 04:a4:0f:ed:b0:22:d9:5b:cc:82:1d:37:c3:51:4b:64:e4:9c:9d:7a:66:94:29:af:0f:5b:ea:8d:fd:6e:71:77

Issuing Certificate URL: http://crt.sectigo.com/InCommonRSAServerCA2.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/InCommonRSAServerCA2.crl

Check the revocation status for certificate www.rit.edu

51

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.rit.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.rit.edu
aaup.rit.edu
ace.rit.edu
acis.rit.edu
acm.rit.edu
activatingthearchive.rit.edu
adec.rit.edu
adiml.rit.edu
admissions.rit.edu
advance.rit.edu
advancedemo.rit.edu
advancefrozen.rit.edu
advancepbtf.rit.edu
advancetest.rit.edu
advweb.rit.edu
aero.rit.edu
afrotc.rit.edu
aim.rit.edu
alumni.rit.edu
ambassador.rit.edu
ambulance.rit.edu
amgweb.rit.edu
andysgi.rit.edu
apply.rit.edu
appointment.rit.edu
appointments.rit.edu
apps.rit.edu
appture.rit.edu
architecture.rit.edu
artesano.rit.edu
arthouse.rit.edu
as.rit.edu
asc.rit.edu
asconline.rit.edu
askhr.rit.edu
askit.rit.edu
askits.rit.edu
asl.rit.edu
ast.rit.edu
astronomy.rit.edu
astroreu.rit.edu
auk.rit.edu
auxiliaryservices.rit.edu
awslogin.rit.edu
badminton.rit.edu
baja.rit.edu
bajasae.rit.edu
betterme.rit.edu
bikeshop.rit.edu
bioinformatics.rit.edu
biology.rit.edu

Other certificates including the domain name rit.edu

(limited to 100 certificates)
3dprint.csh.rit.edu
elkmoose.student.rit.edu
us.prod.campusgroups.com
ezproxy.rit.edu
arthouse.rit.edu
www.rit.edu
michaelfrancis.me
cluster3.technolutions.net
spam.rit.edu
us.prod.campusgroups.com
dbadmin.istlabs.rit.edu
bcc1.talentera.com
vems.main.ad.rit.edu
cs.rit.edu
hvz.rit.edu
afsabre.rit.edu
kdcproxy.ad.rit.edu
www.rit.edu
print02.main.ad.rit.edu
game.csh.rit.edu
inspirationalshitposts.a.csh.rit.edu
fma.rit.edu
apps-alpha.scb.rit.edu
www.rit.edu
cluster3.technolutions.net
astrodance.rit.edu
nga.scb.rit.edu
git.csh.rit.edu
myportal.rit.edu
www.rit.edu
oops.rit.edu
git.csh.rit.edu
croatia.rit.edu
hogs.rit.edu
us.prod.campusgroups.com
grapeape.se.rit.edu
spiritpass.rit.edu
openevals.rit.edu
reports.ntid.rit.edu
kgcoe-msdpics.rit.edu
crmstage-des.rit.edu
vpr-sandbox.rc.rit.edu
cias-jira.rit.edu
sites.sg.rit.edu
pawprints.rit.edu
cias-confluence.rit.edu
samurai.csh.rit.edu
www.ist.rit.edu
bcc1.talentera.com
moonbounce.rit.edu
myupktest.rit.edu
castnet.rit.edu
cadetsrv.main.ad.rit.edu
crmprod-des.rit.edu
filedump.se.rit.edu
api.rit.edu
www.rit.edu
reslab.rit.edu
rit.edu
myportaladmin.rit.edu
ritmailtest.rit.edu
evt.rit.edu
us.prod.campusgroups.com
rlescloud.main.ad.rit.edu
jenky.csh.rit.edu
www.rit.edu
www.rit.edu
headcount.se.rit.edu
monitor.istlabs.rit.edu
argo.csh.rit.edu
people.rit.edu
purple.student.rit.edu
infoguides.rit.edu
msdnaa.rit.edu
mabl.rit.edu
us.prod.campusgroups.com
croatia.rit.edu
appsdev.ntid.rit.edu
www.rit.edu
bcc1.talentera.com
twcosxserver01.main.ad.rit.edu
scholarworks.rit.edu
www2.rit.edu
myinfographicsd.main.ad.rit.edu
*.ce.rit.edu
careerservices.rit.edu
ritanime.rit.edu
witr.rit.edu
ntidwb01d.ntid.rit.edu
ccserv.rit.edu
aod.rit.edu
swen-ads.igm.rit.edu
mabl.rit.edu
taco.student.rit.edu
myinfo.rit.edu
vm344c.se.rit.edu
imap.se.rit.edu
openbsd.se.rit.edu
*.ce.rit.edu
cluster3.technolutions.net

Certificate

The complete raw certificate details for www.rit.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIKNDCCCJygAwIBAgIQQoHcJJIxyZkgeWLhKhECczANBgkqhkiG9w0BAQwFADBE
MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSW50ZXJuZXQyMSEwHwYDVQQDExhJbkNv
bW1vbiBSU0EgU2VydmVyIENBIDIwHhcNMjMxMTE3MDAwMDAwWhcNMjQxMjE3MjM1
OTU5WjBiMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxKjAoBgNVBAoT
IVJvY2hlc3RlciBJbnN0aXR1dGUgb2YgVGVjaG5vbG9neTEUMBIGA1UEAxMLd3d3
LnJpdC5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1A8Z/WqfM
dJMV9EVimJ7zbzEvOgiM2SzW1ZQStvdCGk9IGnznyptsp7J6DBmNMNeEn0SleNIq
JI1NPSg7x1kjFjjfoc1y9y4ak90U1E/RcdAluHH2VhTJVaAhhtATbmjB2m58MgwR
+KhL/kpD4nGl9wqbz8K7EJvz5GJpFwhnxb6eCz00MRRejlAeoAjg5GQMBWOd+64b
iIeIRE620wexM7moG6NlfEDXRdsPWDNu5ZnnuFXeZ2f2zn8NIgvQtLEW6d09NT19
9EwDlS8H0/09oCisDolTe0Z7TtAnRQ6F+b9WKXWEEs3WRNdB0nsp8USSZmeFk+c0
zX7KkYBaZQTTAgMBAAGjggaCMIIGfjAfBgNVHSMEGDAWgBTvTACSpvt2Ll6V4slf
hxsZ1U3i2TAdBgNVHQ4EFgQUR0se++jBmi7TuhzjNWpu8h8jXBowDgYDVR0PAQH/
BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
BwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAmcwJTAjBggrBgEFBQcCARYXaHR0
cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQICMEAGA1UdHwQ5MDcwNaAzoDGG
L2h0dHA6Ly9jcmwuc2VjdGlnby5jb20vSW5Db21tb25SU0FTZXJ2ZXJDQTIuY3Js
MHAGCCsGAQUFBwEBBGQwYjA7BggrBgEFBQcwAoYvaHR0cDovL2NydC5zZWN0aWdv
LmNvbS9JbkNvbW1vblJTQVNlcnZlckNBMi5jcnQwIwYIKwYBBQUHMAGGF2h0dHA6
Ly9vY3NwLnNlY3RpZ28uY29tMIIBfAYKKwYBBAHWeQIEAgSCAWwEggFoAWYAdQB2
/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYveeL7eAAAEAwBGMEQC
IEOapuUA59wG7qYiNZwf1wcIzRLBicpDBIgugImJCy2iAiAbDo9psv7dU6/YbXKk
MQ2yozmSvwTSehvwDyggWnXm2QB1AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/
KIXs+GRuAAABi954wC8AAAQDAEYwRAIgDtNwbqv/ZqCm6Pvv6W3pTDrVCRy12wwt
kkHJxCCGUHcCIGPoZ3WXX5Rh5GOwSXDcEuWv2WCoZQnwH3u9QViDZz7SAHYA7s3Q
ZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGL3ni/DAAABAMARzBFAiEA
+E9kxFRTQJfkYC7eVR0BL5j9F6P3E9O8H+26JjJO+O8CIC4VZpZ/A4T6FxIQk0n3
k4gOBOBHFyvWq+1p3PvBALCZMIIDfgYDVR0RBIIDdTCCA3GCC3d3dy5yaXQuZWR1
ggxhYXVwLnJpdC5lZHWCC2FjZS5yaXQuZWR1ggxhY2lzLnJpdC5lZHWCC2FjbS5y
aXQuZWR1ghxhY3RpdmF0aW5ndGhlYXJjaGl2ZS5yaXQuZWR1ggxhZGVjLnJpdC5l
ZHWCDWFkaW1sLnJpdC5lZHWCEmFkbWlzc2lvbnMucml0LmVkdYIPYWR2YW5jZS5y
aXQuZWR1ghNhZHZhbmNlZGVtby5yaXQuZWR1ghVhZHZhbmNlZnJvemVuLnJpdC5l
ZHWCE2FkdmFuY2VwYnRmLnJpdC5lZHWCE2FkdmFuY2V0ZXN0LnJpdC5lZHWCDmFk
dndlYi5yaXQuZWR1ggxhZXJvLnJpdC5lZHWCDmFmcm90Yy5yaXQuZWR1ggthaW0u
cml0LmVkdYIOYWx1bW5pLnJpdC5lZHWCEmFtYmFzc2Fkb3Iucml0LmVkdYIRYW1i
dWxhbmNlLnJpdC5lZHWCDmFtZ3dlYi5yaXQuZWR1gg9hbmR5c2dpLnJpdC5lZHWC
DWFwcGx5LnJpdC5lZHWCE2FwcG9pbnRtZW50LnJpdC5lZHWCFGFwcG9pbnRtZW50
cy5yaXQuZWR1ggxhcHBzLnJpdC5lZHWCD2FwcHR1cmUucml0LmVkdYIUYXJjaGl0
ZWN0dXJlLnJpdC5lZHWCEGFydGVzYW5vLnJpdC5lZHWCEGFydGhvdXNlLnJpdC5l
ZHWCCmFzLnJpdC5lZHWCC2FzYy5yaXQuZWR1ghFhc2NvbmxpbmUucml0LmVkdYIN
YXNraHIucml0LmVkdYINYXNraXQucml0LmVkdYIOYXNraXRzLnJpdC5lZHWCC2Fz
bC5yaXQuZWR1ggthc3Qucml0LmVkdYIRYXN0cm9ub215LnJpdC5lZHWCEGFzdHJv
cmV1LnJpdC5lZHWCC2F1ay5yaXQuZWR1ghlhdXhpbGlhcnlzZXJ2aWNlcy5yaXQu
ZWR1ghBhd3Nsb2dpbi5yaXQuZWR1ghFiYWRtaW50b24ucml0LmVkdYIMYmFqYS5y
aXQuZWR1gg9iYWphc2FlLnJpdC5lZHWCEGJldHRlcm1lLnJpdC5lZHWCEGJpa2Vz
aG9wLnJpdC5lZHWCFmJpb2luZm9ybWF0aWNzLnJpdC5lZHWCD2Jpb2xvZ3kucml0
LmVkdTANBgkqhkiG9w0BAQwFAAOCAYEAdRkb6CnTjRjUdSCysxS2Fnit+xXJYeYH
fhqc+89KBQKtZ2ZpNLrEwMo9C/dSJ4jac2NUPlJMSwexSQvaRUrG5SlP88urLN23
ftqZ5PFem5Scyk28BHz/FbcKaLPfwhWZRzvNMDO37Z3WkerMuqNtYNOn+xPi1AcK
HcZoJ+qJ1yZeDbZtItqQ1Qkuy43MVt6LdaXW4R4hevrlIkcbi2ODsnJU2c1sKj9C
6LEaDg/xEqvuV7LDVjpEDK32qinnDcWbMYPiBjYbrnc51sxjVDzazSi1x7r98OPn
vCNtMC/lUXuf3we6rWyIl1Z6Z5yANWUn6K++NY6EIHqfpUoh+6CDYKBUomxCnc2d
HLyyer+HZeBqSt0Lth7hles5WvnICBpvuZCh2tJTitjgDlfs81DUhbDN+ZykjvrG
cg45hB7olTiSWqWS7W2/aDS+jbOzuTG7NUL/5nBl8dMUA++OXT8JM38Tz39mGHo6
Xapm5RGE7jW5yeGoWhlkPzMMz9F6A+VC
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQPGf1qnzHSTFfRFYpie
828xLzoIjNks1tWUErb3QhpPSBp858qbbKeyegwZjTDXhJ9EpXjSKiSNTT0oO8dZ
IxY436HNcvcuGpPdFNRP0XHQJbhx9lYUyVWgIYbQE25owdpufDIMEfioS/5KQ+Jx
pfcKm8/CuxCb8+RiaRcIZ8W+ngs9NDEUXo5QHqAI4ORkDAVjnfuuG4iHiEROttMH
sTO5qBujZXxA10XbD1gzbuWZ57hV3mdn9s5/DSIL0LSxFundPTU9ffRMA5UvB9P9
PaAorA6JU3tGe07QJ0UOhfm/Vil1hBLN1kTXQdJ7KfFEkmZnhZPnNM1+ypGAWmUE
0wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 88403319044127095076173528908073861747
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA 2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-17 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-17 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rochester Institute of Technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.rit.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22850994908501017205925333735166577350445811426874141423877503862507541064854577289542526646952735862592837887698716490843895640961980003553870715905160672755922164168947000955580537447751584386070274034057464693582046848398864885044785713815920368336130183873857294465565809340666607754054953116854644166659835676344361203101261254336112581519217073701737589802753160754355551925870358794991284763228675271088364506353909804865558594053456879244643421035079248338710587061310637167060336122339222794573289162589438851473849634622766532715260275037120986746903993433446505066781240252361822225146054970951962504529107
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ef4c0092a6fb762e5e95e2c95f871b19d54de2d9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							474b1efbe8c19a2ed3ba1ce3356a6ef21f235c1a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.103
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/InCommonRSAServerCA2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/InCommonRSAServerCA2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							016600750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018bde78bede00000403004630440220439aa6e500e7dc06eea622359c1fd70708cd12c189ca4304882e8089890b2da202201b0e8f69b2fedd53afd86d72a4310db2a33992bf04d27a1bf00f28205a75e6d90075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018bde78c02f000004030046304402200ed3706eabff66a0a6e8fbefe96de94c3ad5091cb5db0c2d9241c9c420865077022063e86775975f9461e463b04970dc12e5afd960a86509f01f7bbd415883673ed2007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bde78bf0c0000040300473045022100f84f64c454534097e4602ede551d012f98fd17a3f713d3bc1fedba26324ef8ef02202e1566967f0384fa1712109349f793880e04e047172bd6abed69dcfbc100b099
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (885 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aaup.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ace.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'acis.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'acm.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'activatingthearchive.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'adec.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'adiml.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'admissions.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advance.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advancedemo.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advancefrozen.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advancepbtf.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advancetest.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advweb.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aero.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'afrotc.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aim.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alumni.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ambassador.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ambulance.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'amgweb.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'andysgi.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apply.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'appointment.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'appointments.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apps.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'appture.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'architecture.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'artesano.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arthouse.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'as.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'asc.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'asconline.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'askhr.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'askit.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'askits.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'asl.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ast.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'astronomy.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'astroreu.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auk.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auxiliaryservices.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'awslogin.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'badminton.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'baja.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bajasae.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'betterme.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bikeshop.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bioinformatics.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'biology.rit.edu'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (3072 bits)
		0075191be829d38d18d47520b2b314b61678adfb15c961e6077e1a9cfbcf4a0502ad67666934bac4c0ca3d0bf7522788da7363543e524c4b07b1490bda454ac6e5294ff3cbab2cddb77eda99e4f15e9b949cca4dbc047cff15b70a68b3dfc21599473bcd3033b7ed9dd691eaccbaa36d60d3a7fb13e2d4070a1dc66827ea89d7265e0db66d22da90d5092ecb8dcc56de8b75a5d6e11e217afae522471b8b6383b27254d9cd6c2a3f42e8b11a0e0ff112abee57b2c3563a440cadf6aa29e70dc59b3183e206361bae7739d6cc63543cdacd28b5c7bafdf0e3e7bc236d302fe5517b9fdf07baad6c8897567a679c80356527e8afbe358e84207a9fa54a21fba08360a054a26c429dcd9d1cbcb27abf8765e06a4add0bb61ee195eb395af9c8081a6fb990a1dad2538ad8e00e57ecf350d485b0cdf99ca48efac6720e39841ee89538925aa592ed6dbf6834be8db3b3b931bb3542ffe67065f1d31403ef8e5d3f09337f13cf7f66187a3a5daa66e51184ee35b9c9e1a85a19643f330ccfd17a03e542