ctms-trn.acsu.buffalo.edu

- SUNY, University at Buffalo -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number e1:4b:9b:82:43:0e:b5:e4:88:3b:1b:32:54:dd:53:16 was issued on by Internet2.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

SUNY, University at Buffalo

Organization: SUNY, University at Buffalo
Organization unit: UB
Address: 501 Capen Hall
Postal code: 14260
State / Province: NY
Locality: Buffalo
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): e1:4b:9b:82:43:0e:b5:e4:88:3b:1b:32:54:dd:53:16
Serial Number (int): 299468875409899155922288217112769811222
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 65:40:f3:48:11:d2:e5:88:30:3b:5d:22:49:2a:b0:45:db:92:91:0f
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 1b:5d:9f:62:cc:c7:19:92:eb:f2:b9:ce:f1:43:48:b1:3b:e8:98:17
Fingerprint (sha256): 06:3a:cb:2b:73:00:31:d4:79:f2:b8:f2:9f:4d:5a:ca:a5:ce:43:2a:25:36:db:ae:08:46:5d:38:88:f4:db:35

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate ctms-trn.acsu.buffalo.edu

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ctms-trn.acsu.buffalo.edu

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ctms-trn.acsu.buffalo.edu
ctms-trn.buffalo.edu

Other certificates including the domain name buffalo.edu

(limited to 100 certificates)
law-clinics.law.buffalo.edu
roomview-app1d.acsu.buffalo.edu
timeline.cse.buffalo.edu
vpls.buffalo.edu
geowepp.geog.buffalo.edu
www.caset.buffalo.edu
cse.buffalo.edu
ubfoundation.buffalo.edu
cluster3.technolutions.net
cluster3.technolutions.net
learning.buffalo.edu
blogs.curca.buffalo.edu
xdmod.ccr.buffalo.edu
MAIL4.BUFFALO.EDU
ubithelp.shibboleth.buffalo.edu
gseweb.gse.buffalo.edu
fate.eng.shibboleth.buffalo.edu
ubisss.buffalo.edu
enrollmentmanagement.buffalo.edu
audit-prod1.acsu.buffalo.edu
honors.buffalo.edu
cluster3.technolutions.net
cmprod.shibboleth.buffalo.edu
helpdesk.sdm.buffalo.edu
hlpdsk1.shibboleth.buffalo.edu
parking.buffalo.edu
ubvpn.buffalo.edu
prv-apps.sens.buffalo.edu
www.africanamericanstudies.buffalo.edu
learning.buffalo.edu
insocialwork.ssw.buffalo.edu
expr-c-conn01prod.acsu.buffalo.edu
json.webservices.buffalo.edu
sfunder7cert.net
odin.cse.buffalo.edu
listserv-prd.acsu.buffalo.edu
mgt.buffalo.edu
sfunder18cert.net
healthinsurance.buffalo.edu
blogs.webservices.buffalo.edu
gbcrt.ccr.buffalo.edu
subboard.com
publisher-ec-ms.cit.buffalo.edu
stats.ccr.buffalo.edu
tsmserver-b.acsu.buffalo.edu
psdev-app1.acsu.buffalo.edu
metrics.ccr.buffalo.edu
mailfilters.shibboleth.buffalo.edu
cluster3.technolutions.net
uconnectlabs.com
patientportal.buffalo.edu
invenst.cse.buffalo.edu
stream.buffalo.edu
ubcms-author.buffalo.edu
ubwins.cse.buffalo.edu
wci.med.buffalo.edu
advancement.buffalo.edu
lesami.geog.buffalo.edu
riagate2.ria.buffalo.edu
mercury.urh.buffalo.edu
smbswebs.med.buffalo.edu
cluster3.technolutions.net
www.globalgenderstudies.buffalo.edu
cloudmed.med.buffalo.edu
tracker.cbi.buffalo.edu
ccwebdev1.acsu.buffalo.edu
tesserae.caset.buffalo.edu
ubconnect.buffalo.edu
studentaccounts.buffalo.edu
tickets.sa.buffalo.edu
cluster3.technolutions.net
blogs.curca.buffalo.edu
prv-web.eng.buffalo.edu
gdw.ccr.buffalo.edu
psych174a.psy.buffalo.edu
ipeer.caset.buffalo.edu
ctms-trn.acsu.buffalo.edu
ubseasconnect.buffalo.edu
ubstream-upload.buffalo.edu
wiki.cse.buffalo.edu
owa.hwi.buffalo.edu
zinc.cse.buffalo.edu
helpdesk.sdm.buffalo.edu
ja01.chem.buffalo.edu
prv-web.eng.buffalo.edu
prv-apps.sens.buffalo.edu
dooracc-dev.acsu.buffalo.edu
www.acsu.buffalo.edu
exploratory-advising.buffalo.edu
wise.buffalo.edu
cluster3.technolutions.net
mobility.card.buffalo.edu
autosys-prd.acsu.buffalo.edu
www.vpls.buffalo.edu
tesserae.caset.buffalo.edu
dirtydeeds.cse.buffalo.edu
dirtydeeds.cse.buffalo.edu
www.ccr.buffalo.edu
smbssyn2.med.buffalo.edu
rt.caset.buffalo.edu

Certificate

The complete raw certificate details for ctms-trn.acsu.buffalo.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIFjCCBv6gAwIBAgIRAOFLm4JDDrXkiDsbMlTdUxYwDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMTgxMTI3MDAwMDAwWhcNMjAxMTI2
MjM1OTU5WjCBrDELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTE0MjYwMQswCQYDVQQI
EwJOWTEQMA4GA1UEBxMHQnVmZmFsbzEXMBUGA1UECRMONTAxIENhcGVuIEhhbGwx
JDAiBgNVBAoTG1NVTlksIFVuaXZlcnNpdHkgYXQgQnVmZmFsbzELMAkGA1UECxMC
VUIxIjAgBgNVBAMTGWN0bXMtdHJuLmFjc3UuYnVmZmFsby5lZHUwggIiMA0GCSqG
SIb3DQEBAQUAA4ICDwAwggIKAoICAQDUOlFGG8Nrn9qrsh06ItS9pMAlnWp1SdOf
2YhSJMs+xCk26qXVUKniIe04ckIWnaMQM6Fs5ojUpiuZzRsHiArquCvSp6Tk8DHp
YLDliggkpwUFLIC61wo25VO3OEjNyKgP3vMOGvoyTeGO2qF9fURHI0xL0yfuhIV6
Nn1+cHfb3QN3ObBRN4agSyEkzw13bHBoPtwGojLAih1sgnr5GLDgWRIgmNqQyjLq
14M7cVI52fe9PmpNqjFwRutpJGVaneB/lMKeqlhjVCmnSIgWZb4mkqb3tAyvg54E
Y0nv8UQyJbS+P5QLMLkMRuErFhM2f0fhiQNMB/KRYj9DjjFLKzvsSi3jRBWDARu4
eH3wCryy/RqaWEy3UbwJUtIHZXVbdJ2mitYxrW637gYFEE+I0O8MFTtgNESXMX+i
Vbq9LC7fpOc8OvgNLkB3bNL9OAymVRnp5GEj9dw4RP05WPtIhgAMNJ4cQmYihIkz
ZiOl/yy1mqQgPoztf2DD4OwlFFUM0vfwIs4GVm43cTIIOrdQiOTJYKafFK+JY1MG
HLmgH6QZoOIoonNGS+TZdmnP2epbNkRTLXB77QJoirmapD9Off8A27jQwW7RKTI8
Huu2lZAxQ8nnl5CPEZNdOgsc7B/g9SnTU8VIKUJ+BCOE0fpXuuzxO7F6Za9tJxzP
g0gJcbx6KwIDAQABo4IDZjCCA2IwHwYDVR0jBBgwFoAUHgWjd49sluJbh0umtIas
cQAM5zgwHQYDVR0OBBYEFGVA80gR0uWIMDtdIkkqsEXbkpEPMA4GA1UdDwEB/wQE
AwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjBnBgNVHSAEYDBeMFIGDCsGAQQBriMBBAMBATBCMEAGCCsGAQUFBwIBFjRodHRw
czovL3d3dy5pbmNvbW1vbi5vcmcvY2VydC9yZXBvc2l0b3J5L2Nwc19zc2wucGRm
MAgGBmeBDAECAjBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLmluY29tbW9u
LXJzYS5vcmcvSW5Db21tb25SU0FTZXJ2ZXJDQS5jcmwwdQYIKwYBBQUHAQEEaTBn
MD4GCCsGAQUFBzAChjJodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vSW5Db21tb25S
U0FTZXJ2ZXJDQV8yLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRy
dXN0LmNvbTA6BgNVHREEMzAxghljdG1zLXRybi5hY3N1LmJ1ZmZhbG8uZWR1ghRj
dG1zLXRybi5idWZmYWxvLmVkdTCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHYA
u9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFnVZtRXAAABAMARzBF
AiEAyF6tVkVIZ+5WJCqFNgQzMEp97YLe9YLRPNswVSMTlKQCIBbwgoqDgAP8A0tV
sttTajWUth8xLjx3GqXfUhSdn53YAHcAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIS
hBh1loFxRVgAAAFnVZtRuAAABAMASDBGAiEAgzsMQ5Xpz9IJR0kx1M9amlnxFzrB
lQZxGdn+J0lFAV8CIQC5XwIWP9ae0LV6OKg4z8fnpjs4lq2enXm/sdMdp/w8bgB2
APCVpFnyANGCQBAtL5OIjq1L/h1H45nh0DSmsKiqjrJzAAABZ1WbUacAAAQDAEcw
RQIgfSLx6GE+FvkgTMvpIW4YYqsba1TEkkp2lwwQOoV5pyYCIQCW7DWI4tDaIfkl
Haubvm1kU1VFbNyveVZ7R9ezJ230VDANBgkqhkiG9w0BAQsFAAOCAQEAh0O9cPUN
UuAU4q7AHwacv2Q2+0H3Y5OnK1PT4ZNQ5jPmkPmqHDhy6YS06/iyji6lc/7cI0ob
LW14Qdi75Kyo132q24eJ0ysYsOsuuQqe22pgkcuKbLwaCy1deVkIu9OJ/hjz+imK
o29FXRmOYyZduM9TaHh4HI8Kgk2w+j2QiO4WHZEEWuMmIDFUFe+nL6610bPd+6Dm
o+/znAWTJK+vIdRW+wnNWJuUGlhpXTyLPJVtt6FNyaHY0eH6fy9OQYjFe5ZGVBeP
Kvt4YYC/6kqerwa+Nmpnpd5CJ4er62JK7ZxmO+A8HzXw0TaaChdhGE7LMYJvJdA9
sSxrFJbgfAJBUA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1DpRRhvDa5/aq7IdOiLU
vaTAJZ1qdUnTn9mIUiTLPsQpNuql1VCp4iHtOHJCFp2jEDOhbOaI1KYrmc0bB4gK
6rgr0qek5PAx6WCw5YoIJKcFBSyAutcKNuVTtzhIzcioD97zDhr6Mk3hjtqhfX1E
RyNMS9Mn7oSFejZ9fnB3290DdzmwUTeGoEshJM8Nd2xwaD7cBqIywIodbIJ6+Riw
4FkSIJjakMoy6teDO3FSOdn3vT5qTaoxcEbraSRlWp3gf5TCnqpYY1Qpp0iIFmW+
JpKm97QMr4OeBGNJ7/FEMiW0vj+UCzC5DEbhKxYTNn9H4YkDTAfykWI/Q44xSys7
7Eot40QVgwEbuHh98Aq8sv0amlhMt1G8CVLSB2V1W3SdporWMa1ut+4GBRBPiNDv
DBU7YDRElzF/olW6vSwu36TnPDr4DS5Ad2zS/TgMplUZ6eRhI/XcOET9OVj7SIYA
DDSeHEJmIoSJM2Yjpf8stZqkID6M7X9gw+DsJRRVDNL38CLOBlZuN3EyCDq3UIjk
yWCmnxSviWNTBhy5oB+kGaDiKKJzRkvk2XZpz9nqWzZEUy1we+0CaIq5mqQ/Tn3/
ANu40MFu0SkyPB7rtpWQMUPJ55eQjxGTXToLHOwf4PUp01PFSClCfgQjhNH6V7rs
8TuxemWvbSccz4NICXG8eisCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 299468875409899155922288217112769811222
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-27 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-11-26 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '14260'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NY'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Buffalo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '501 Capen Hall'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SUNY, University at Buffalo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'UB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ctms-trn.acsu.buffalo.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 865813896112091694320570890564252643658485068530679749488657094419534353289143106371299511563528553105171847550006552313201448947867676137835559411856252844102714850854676081459595983383961617732761274977256319947058639219402596384084968342427908232222475782826892259988148541193895119764342059198092381756939287676612611090993544004765307564023965243545714635243095702651767622348016042426674747285378887883959805841270316687006439249749501628330139100293590526834765510683313506927214628028538888176589311090930479785409038196235221797246979500129238070137295771803875043129681205002558625328043786733070843943611272563419931751130828792470049642750223228880191304230550061751996506778940713348043295980968506078176330741862101551098386390175397273640703736428686526189283812196887566646889660326045748887320080295987153965279454406325149376353025350105387410608561503826644685681327086966967142020512542027501340371728553555291180731043454033857082999400046228350951717838829394978022511098932251269537321251418175397477712471035499706716379181829579701254718938513834766190392907428952215736061743361565386996934392224064870637608824545777922172331176255130795009328499012997047042810281998922947907190414377785581878814900517419
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6540f34811d2e588303b5d22492ab045db92910f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ctms-trn.acsu.buffalo.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ctms-trn.buffalo.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000167559b515c0000040300473045022100c85ead56454867ee56242a85360433304a7ded82def582d13cdb3055231394a4022016f0828a838003fc034b55b2db536a3594b61f312e3c771aa5df52149d9f9dd80077005ea773f9df56c0e7b536487dd049e0327a919a0c84a11212841875968171455800000167559b51b80000040300483046022100833b0c4395e9cfd209474931d4cf5a9a59f1173ac195067119d9fe274945015f022100b95f02163fd69ed0b57a38a838cfc7e7a63b3896ad9e9d79bfb1d31da7fc3c6e007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb27300000167559b51a7000004030047304502207d22f1e8613e16f9204ccbe9216e1862ab1b6b54c4924a76970c103a8579a72602210096ec3588e2d0da21f9251dab9bbe6d645355456cdcaf79567b47d7b3276df454
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008743bd70f50d52e014e2aec01f069cbf6436fb41f76393a72b53d3e19350e633e690f9aa1c3872e984b4ebf8b28e2ea573fedc234a1b2d6d7841d8bbe4aca8d77daadb8789d32b18b0eb2eb90a9edb6a6091cb8a6cbc1a0b2d5d795908bbd389fe18f3fa298aa36f455d198e63265db8cf536878781c8f0a824db0fa3d9088ee161d91045ae32620315415efa72faeb5d1b3ddfba0e6a3eff39c059324afaf21d456fb09cd589b941a58695d3c8b3c956db7a14dc9a1d8d1e1fa7f2f4e4188c57b964654178f2afb786180bfea4a9eaf06be366a67a5de422787abeb624aed9c663be03c1f35f0d1369a0a1761184ecb31826f25d03db12c6b1496e07c024150