applecore.sr.unh.edu

- University of New Hampshire -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 77:41:d8:17:43:d2:cd:89:da:e0:d7:3f:05:01:58:ff was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of New Hampshire

Organization: University of New Hampshire
Organization unit: Research Computing
Address: 105 Main Street
Postal code: 03824
State / Province: NH
Locality: Durham
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 77:41:d8:17:43:d2:cd:89:da:e0:d7:3f:05:01:58:ff
Serial Number (int): 158520013637922219968552820359993317631
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 48:7e:b9:e9:d1:ec:81:36:cd:79:1f:f6:32:84:9b:b1:6f:25:dd:01
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): f9:65:f7:5d:ba:37:49:81:8d:6d:0f:88:58:f1:29:e4:bc:7c:22:f3
Fingerprint (sha256): 06:18:f1:81:1c:8e:d9:c7:e9:cd:74:ac:2b:7e:f1:90:d7:49:cf:6f:16:e7:0c:c1:56:93:d2:7b:ff:7f:ea:38

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate applecore.sr.unh.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for applecore.sr.unh.edu

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

applecore.sr.unh.edu

Other certificates including the domain name unh.edu

(limited to 100 certificates)
oak.cs.unh.edu
law.unh.edu
graddevserver.unh.edu
prominence.unh.edu
dpdkdashboard.iol.unh.edu
fammob-test1.unh.edu
media.unh.edu
zeke.sr.unh.edu
leaf.sr.unh.edu
klima.sr.unh.edu
zeke.sr.unh.edu
atcirculation.unh.edu
q.sr.unh.edu
nicldb.unh.edu
ddc.unh.edu
cipher2.unh.edu
wwdrii.sr.unh.edu
*.libproxy.unh.edu
webapps.unh.edu
hcgs.unh.edu
library.unh.edu
apply.unh.edu
wintermute.sr.unh.edu
litwebsitedev.unh.edu
webauthdev.unh.edu
jointagencyvm.sr.unh.edu
tcpalo4-1-mgmt.unh.edu
idmdev.unh.edu
collegiatelink.studentvoice.com
at-training.unh.edu
phenocam.sr.unh.edu
mylogin.law.unh.edu
pacapp.cs.unh.edu
operations.onecampus.com
sirs-actutest.sr.unh.edu
kato.unh.edu
foss.unh.edu
owl.sr.unh.edu
applecore.sr.unh.edu
networking.unh.edu
place.sr.unh.edu
clusters.unh.edu
collegiatelink.studentvoice.com
ea-poe-cert.iol.unh.edu
icebridge.sr.unh.edu
fishercat.sr.unh.edu
rcc.sr.unh.edu
blackstar.sr.unh.edu
unity.unh.edu
idmdev.unh.edu
herculesdome.org
*.ccom.unh.edu
webmail.eos.sr.unh.edu
wsdev.unh.edu
posters.unh.edu
ddc.sr.unh.edu
owl.sr.unh.edu
scholars.unh.edu
bootcamp.unh.edu
nhihpp-backups.sr.unh.edu
appropriations.unh.edu
waterviz.org
nuclear.unh.edu
law.unh.edu
*.libproxy.unh.edu
posters.unh.edu
bootcamp.unh.edu
clockwork.unh.edu
alumni.law.unh.edu
*.iol.unh.edu
admissions.unh.edu
apexdev.unh.edu
marco2.unh.edu
admissions.unh.edu
dawn.sr.unh.edu
www.iol.unh.edu
bugzilla.sr.unh.edu
www.library.unh.edu
www.transfer.unh.edu
ww.vpn.unh.edu
unhconnect.unh.edu
dawn.sr.unh.edu
hastings.unh.edu
akamai-san192.exacttarget.com
mycourses.unh.edu
enterprise.vpn.unh.edu
prc.unh.edu
gradschool.unh.edu
contracts.unh.edu
housingonline.unh.edu
co-gen-gw.unh.edu
lists.unh.edu
ipmall.info
ciceet.unh.edu
saip2.unh.edu
exchange.unh.edu
blackbaudfrogprod.unh.edu
leaf.sr.unh.edu
connect.vpn.unh.edu
www.unh.edu

Certificate

The complete raw certificate details for applecore.sr.unh.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIBTCCBu2gAwIBAgIQd0HYF0PSzYna4Nc/BQFY/zANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0xODEwMDQwMDAwMDBaFw0yMDEwMDMy
MzU5NTlaMIG3MQswCQYDVQQGEwJVUzEOMAwGA1UEERMFMDM4MjQxCzAJBgNVBAgT
Ak5IMQ8wDQYDVQQHEwZEdXJoYW0xGDAWBgNVBAkTDzEwNSBNYWluIFN0cmVldDEk
MCIGA1UEChMbVW5pdmVyc2l0eSBvZiBOZXcgSGFtcHNoaXJlMRswGQYDVQQLExJS
ZXNlYXJjaCBDb21wdXRpbmcxHTAbBgNVBAMTFGFwcGxlY29yZS5zci51bmguZWR1
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsavCVL88BV060gJuoLiR
uhPV+E4Fh7LvYdpqhkHV1nizJqyU0d0TmMAIFj8gUzY/1Bc2281XGX9E4L376Alp
ktYCpNMh/qbXQoSneO2gLqWf8ptxdFN1Zk/Sk3maV7i+ZJTU3gJ211O6OzEmor9h
A9UqUzVZXAdaYyzkptwyIq/x7IwkrO4TIRpCGibfQ0bjaKAtKciQr+jH0pvSpugy
FPrFvtNjP+3mGi3vYI9R3rjZ7D1xrrt/SH/M96aZ+WYHJFL64JB3lPXP4zIJSUiV
crsluFjTsl62xHAzk58atj8xv90v2LkuKFijwgc9QwikR+ni9mvCNc7tfRbc5N79
DVWaYdMTzs2AML81q/Oy/0Jxb5tgz4IeeMILTCssnsGa6UMe/GZgCUzC29DEbAJf
jsaHGidg387+2HWJa+AK2nWwXhZYUIyIMxkwD9MgsUz1PqiZSZtT9ogVqyyJX1Em
NU1yE3nc4WI8fiTtnmDxp1eHP6yUcFcKhKStEp+JOnNpEAk9uFaggkSfUhkXx2vE
cos3RUFQGUTXyeVCn0PGYcBfMEm2IUzKvTF2oYQxsOhYJcrQLpb+dY69UMKqT0e9
bJ+Aw5FxJ0QdF3e1cJhFwBxyTPRcxFhjs5bcPlP11prWxskyZCKrt25+WtyOpdq3
i3IeQQzJFPOWkfSBI+WDXh8CAwEAAaOCA0swggNHMB8GA1UdIwQYMBaAFB4Fo3eP
bJbiW4dLprSGrHEADOc4MB0GA1UdDgQWBBRIfrnp0eyBNs15H/YyhJuxbyXdATAO
BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwZwYDVR0gBGAwXjBSBgwrBgEEAa4jAQQDAQEwQjBABggrBgEF
BQcCARY0aHR0cHM6Ly93d3cuaW5jb21tb24ub3JnL2NlcnQvcmVwb3NpdG9yeS9j
cHNfc3NsLnBkZjAIBgZngQwBAgIwRAYDVR0fBD0wOzA5oDegNYYzaHR0cDovL2Ny
bC5pbmNvbW1vbi1yc2Eub3JnL0luQ29tbW9uUlNBU2VydmVyQ0EuY3JsMHUGCCsG
AQUFBwEBBGkwZzA+BggrBgEFBQcwAoYyaHR0cDovL2NydC51c2VydHJ1c3QuY29t
L0luQ29tbW9uUlNBU2VydmVyQ0FfMi5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9v
Y3NwLnVzZXJ0cnVzdC5jb20wHwYDVR0RBBgwFoIUYXBwbGVjb3JlLnNyLnVuaC5l
ZHUwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB3AO5Lvbd1zmC64UJpH6vhnmaj
D35fsHLYgwDEe4l6qP3LAAABZj9EMGEAAAQDAEgwRgIhAI2e+lXnZ4+YCXELxaSS
zkN5o2b9wod//5WMJAgDJOeBAiEAsGlaMHrfYIAXw5MWoiPTlVfNoiO6kYJqFV94
ij0ZfNcAdwBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAWY/RDCe
AAAEAwBIMEYCIQD4XM6wxUkul0Q98oza1AWQOJ/6eNvuJen8acCP5rDRWwIhAMll
KyXjxsA72xVAA2vuRyVDBBTLvQyTw/rc8tK0eWuwAHUAVYHUwhaQNgFK6gubVzxT
8MDkOHhwJQgXL6OqHQcT0wwAAAFmP0QwgQAABAMARjBEAiBT5s/DAVM17fjesMZg
S9J0zSTqhQcvrIBkLNsrl3RTaAIgYY+FmkB9HN66hNtSFe6cFCqCPbPVWnyQBv/8
S7W46OQwDQYJKoZIhvcNAQELBQADggEBACI5yQX6JxHb8+0fRNcwWOnI5W3sfSfX
XAQxy9Ha7o+u1Ceo7t+fsKRAukoI2LczRXdAEGR4HpuRQ9UwrKbe6mmOAfbmGpux
fu4k7PXbRa+Apdk7kM/26+GAcH7c+KQGfRHxIrZMgRhjLBh7HcEpP4HkjmplQ688
bcbC75vR9ezydGLVwGoSJdAYX7YBBMvFmumuNpRBysYp3Vdxri9pC1iY4fB99C67
GKzR26a3oiWLfa9M69T1IMSLTJmco5T+P8og1XwcLrMKhwleTiqMBt7aSybX47H0
xPrJcxlmQPVtzwa2DYJTuFjMSsSe/Z5FALEmLqqzL9H4ULZV4L6Nz7E=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsavCVL88BV060gJuoLiR
uhPV+E4Fh7LvYdpqhkHV1nizJqyU0d0TmMAIFj8gUzY/1Bc2281XGX9E4L376Alp
ktYCpNMh/qbXQoSneO2gLqWf8ptxdFN1Zk/Sk3maV7i+ZJTU3gJ211O6OzEmor9h
A9UqUzVZXAdaYyzkptwyIq/x7IwkrO4TIRpCGibfQ0bjaKAtKciQr+jH0pvSpugy
FPrFvtNjP+3mGi3vYI9R3rjZ7D1xrrt/SH/M96aZ+WYHJFL64JB3lPXP4zIJSUiV
crsluFjTsl62xHAzk58atj8xv90v2LkuKFijwgc9QwikR+ni9mvCNc7tfRbc5N79
DVWaYdMTzs2AML81q/Oy/0Jxb5tgz4IeeMILTCssnsGa6UMe/GZgCUzC29DEbAJf
jsaHGidg387+2HWJa+AK2nWwXhZYUIyIMxkwD9MgsUz1PqiZSZtT9ogVqyyJX1Em
NU1yE3nc4WI8fiTtnmDxp1eHP6yUcFcKhKStEp+JOnNpEAk9uFaggkSfUhkXx2vE
cos3RUFQGUTXyeVCn0PGYcBfMEm2IUzKvTF2oYQxsOhYJcrQLpb+dY69UMKqT0e9
bJ+Aw5FxJ0QdF3e1cJhFwBxyTPRcxFhjs5bcPlP11prWxskyZCKrt25+WtyOpdq3
i3IeQQzJFPOWkfSBI+WDXh8CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 158520013637922219968552820359993317631
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-04 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-10-03 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '03824'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Durham'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '105 Main Street'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of New Hampshire'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Research Computing'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'applecore.sr.unh.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 724834171978778809009151858274528212242399346653053021338485114351351525553157029558938411063757471752850232570930961289557734302878085047013759699570153393436384399532660060317087042006681797116775368937533145359912403412256206738254751852677503354995705057888858224220730871757086745746229410921981366681916682128652187551488662773238060028752918756534082286883007355454457885297864038699110564096959144261234644461510567909485829660722493462005412657379403247336003317659223002709902745640837063903495271877964338696814304307050782413349714227972992072008576017328973819431942160592390108824698061453169049191568364681085614484523474277325007948535796913579754704297895576202715241017858986992596273051457441013616606294988637374125468756246586541362377659549073795793276938141207677671625483875184097298262845124321690475089798203475659902519038145159552919367697971978007611908752965886042970325900953082218910647490689518689891685811992443298781716164846430419291698937102773226808249925014189504744772804154160527210202964882551165103458672688254596422263382514013091212296209315361921549103886556695043449511444336485479532927649383716958381227679509548510807400280485749290686050822063645406294821802550489276944322845171231
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							487eb9e9d1ec8136cd791ff632849bb16f25dd01
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'applecore.sr.unh.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb000001663f44306100000403004830460221008d9efa55e7678f9809710bc5a492ce4379a366fdc2877fff958c24080324e781022100b0695a307adf608017c39316a223d39557cda223ba91826a155f788a3d197cd70077005ea773f9df56c0e7b536487dd049e0327a919a0c84a112128418759681714558000001663f44309e0000040300483046022100f85cceb0c5492e97443df28cdad40590389ffa78dbee25e9fc69c08fe6b0d15b022100c9652b25e3c6c03bdb1540036bee4725430414cbbd0c93c3fadcf2d2b4796bb00075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001663f4430810000040300463044022053e6cfc3015335edf8deb0c6604bd274cd24ea85072fac80642cdb2b977453680220618f859a407d1cdeba84db5215ee9c142a823db3d55a7c9006fffc4bb5b8e8e4
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002239c905fa2711dbf3ed1f44d73058e9c8e56dec7d27d75c0431cbd1daee8faed427a8eedf9fb0a440ba4a08d8b7334577401064781e9b9143d530aca6deea698e01f6e61a9bb17eee24ecf5db45af80a5d93b90cff6ebe180707edcf8a4067d11f122b64c8118632c187b1dc1293f81e48e6a6543af3c6dc6c2ef9bd1f5ecf27462d5c06a1225d0185fb60104cbc59ae9ae369441cac629dd5771ae2f690b5898e1f07df42ebb18acd1dba6b7a2258b7daf4cebd4f520c48b4c999ca394fe3fca20d57c1c2eb30a87095e4e2a8c06deda4b26d7e3b1f4c4fac973196640f56dcf06b60d8253b858cc4ac49efd9e4500b1262eaab32fd1f850b655e0be8dcfb1