blackstar.sr.unh.edu

- University of New Hampshire -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 1d:df:76:85:05:53:3e:83:65:b1:7d:f9:ad:9f:40:36 was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of New Hampshire

Organization: University of New Hampshire
Organization unit: Research Computing
Address: 105 Main Street
Postal code: 03824
State / Province: NH
Locality: Durham
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 1d:df:76:85:05:53:3e:83:65:b1:7d:f9:ad:9f:40:36
Serial Number (int): 39707897940542733272347558865643978806
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: 48:8c:0b:c6:c5:ef:92:b7:ad:77:95:f8:44:37:e5:df:9d:6e:98:f9
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): de:81:07:c8:55:9c:98:98:04:47:0d:19:b2:12:ce:df:5f:5a:37:41
Fingerprint (sha256): 07:44:6c:ab:e7:38:ef:4c:44:04:fe:1c:71:ea:bd:a0:25:62:47:4d:01:3d:94:30:70:3a:bd:ce:0b:5a:cd:f7

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate blackstar.sr.unh.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for blackstar.sr.unh.edu

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

blackstar.sr.unh.edu

Other certificates including the domain name unh.edu

(limited to 100 certificates)
oak.cs.unh.edu
law.unh.edu
graddevserver.unh.edu
prominence.unh.edu
dpdkdashboard.iol.unh.edu
fammob-test1.unh.edu
media.unh.edu
zeke.sr.unh.edu
leaf.sr.unh.edu
klima.sr.unh.edu
zeke.sr.unh.edu
enterprise.vpn.unh.edu
atcirculation.unh.edu
q.sr.unh.edu
nicldb.unh.edu
ddc.unh.edu
cipher2.unh.edu
wwdrii.sr.unh.edu
*.libproxy.unh.edu
webapps.unh.edu
hcgs.unh.edu
library.unh.edu
apply.unh.edu
wintermute.sr.unh.edu
litwebsitedev.unh.edu
webauthdev.unh.edu
jointagencyvm.sr.unh.edu
tcpalo4-1-mgmt.unh.edu
idmdev.unh.edu
collegiatelink.studentvoice.com
at-training.unh.edu
phenocam.sr.unh.edu
mylogin.law.unh.edu
pacapp.cs.unh.edu
operations.onecampus.com
sirs-actutest.sr.unh.edu
kato.unh.edu
foss.unh.edu
owl.sr.unh.edu
applecore.sr.unh.edu
networking.unh.edu
place.sr.unh.edu
clusters.unh.edu
collegiatelink.studentvoice.com
ea-poe-cert.iol.unh.edu
icebridge.sr.unh.edu
fishercat.sr.unh.edu
rcc.sr.unh.edu
blackstar.sr.unh.edu
unity.unh.edu
idmdev.unh.edu
herculesdome.org
*.ccom.unh.edu
webmail.eos.sr.unh.edu
wsdev.unh.edu
posters.unh.edu
ddc.sr.unh.edu
owl.sr.unh.edu
scholars.unh.edu
bootcamp.unh.edu
nhihpp-backups.sr.unh.edu
appropriations.unh.edu
waterviz.org
nuclear.unh.edu
law.unh.edu
*.libproxy.unh.edu
posters.unh.edu
bootcamp.unh.edu
clockwork.unh.edu
alumni.law.unh.edu
*.iol.unh.edu
admissions.unh.edu
apexdev.unh.edu
marco2.unh.edu
admissions.unh.edu
dawn.sr.unh.edu
www.iol.unh.edu
bugzilla.sr.unh.edu
www.library.unh.edu
www.transfer.unh.edu
ww.vpn.unh.edu
unhconnect.unh.edu
dawn.sr.unh.edu
hastings.unh.edu
akamai-san192.exacttarget.com
mycourses.unh.edu
enterprise.vpn.unh.edu
prc.unh.edu
gradschool.unh.edu
contracts.unh.edu
housingonline.unh.edu
co-gen-gw.unh.edu
lists.unh.edu
ipmall.info
ciceet.unh.edu
saip2.unh.edu
exchange.unh.edu
blackbaudfrogprod.unh.edu
leaf.sr.unh.edu
connect.vpn.unh.edu

Certificate

The complete raw certificate details for blackstar.sr.unh.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIBTCCBu2gAwIBAgIQHd92hQVTPoNlsX35rZ9ANjANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0xOTA0MTIwMDAwMDBaFw0yMTA0MTEy
MzU5NTlaMIG3MQswCQYDVQQGEwJVUzEOMAwGA1UEERMFMDM4MjQxCzAJBgNVBAgT
Ak5IMQ8wDQYDVQQHEwZEdXJoYW0xGDAWBgNVBAkTDzEwNSBNYWluIFN0cmVldDEk
MCIGA1UEChMbVW5pdmVyc2l0eSBvZiBOZXcgSGFtcHNoaXJlMRswGQYDVQQLExJS
ZXNlYXJjaCBDb21wdXRpbmcxHTAbBgNVBAMTFGJsYWNrc3Rhci5zci51bmguZWR1
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArMNopHyzB2QsitcMZ3hm
fdp+eb8kHuShNYQ1w5HBBZhaeNO6LjuAP+VA/MGiriUFmKVtyqK7lOflNRd2gm6Z
AaLAsntmbrwAcZgfjuk7jyO12ymgyYrpmY1JYtJBg8+7YsUKWdS63cbx6b5Lrn5n
YCOaoyiyR1nybf3LfG5NY8B54MP2dWxlll14Vgsafku1IhHGdlDLbYNkQGf7g29t
DeFypcrq0vH1RFfESvPlz+g5N4rPWE2n3WNfPwwaakVRh/RR37qUC4XgMS18b4N5
/UUXpEOBpVTeXJ09o9jz7cx7zBOd9lSscbR/UU5LN7O3OtSwdS79cGbqKCUTlEol
lP51WNm2RTE3CeQLQ5QvhYEVS8Oy2cNMU57VcmSbtfQKRu8sWVgCNyweA6V8/VnB
vvXWp4puCU8pBUPUbCGhf5P+9B+51aS0d+tU35RnH4uSV41Dg5E6sEBsRVquSt90
+vLnscyJ6VcVaUra6t3spSfGG9Ds4IgdjRiNNktV90yni+ru4R3ZIV6fwAc/AOmg
+eg/xOscQ9fqJQMGMm1OBDwVyB2YFJjYPsHcC7F3Tmpl8ss8spGbRMAwSEJ5m1ep
E5ZpdHxVGiJ7e4paMUgiACGMleZ/GdbOSfdrrMtqFz7OY6BFo5VPGt8Qf5xlPkjS
82Lmf/yoijU9BOSCJ4IKLuUCAwEAAaOCA0swggNHMB8GA1UdIwQYMBaAFB4Fo3eP
bJbiW4dLprSGrHEADOc4MB0GA1UdDgQWBBRIjAvGxe+St613lfhEN+XfnW6Y+TAO
BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwZwYDVR0gBGAwXjBSBgwrBgEEAa4jAQQDAQEwQjBABggrBgEF
BQcCARY0aHR0cHM6Ly93d3cuaW5jb21tb24ub3JnL2NlcnQvcmVwb3NpdG9yeS9j
cHNfc3NsLnBkZjAIBgZngQwBAgIwRAYDVR0fBD0wOzA5oDegNYYzaHR0cDovL2Ny
bC5pbmNvbW1vbi1yc2Eub3JnL0luQ29tbW9uUlNBU2VydmVyQ0EuY3JsMHUGCCsG
AQUFBwEBBGkwZzA+BggrBgEFBQcwAoYyaHR0cDovL2NydC51c2VydHJ1c3QuY29t
L0luQ29tbW9uUlNBU2VydmVyQ0FfMi5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9v
Y3NwLnVzZXJ0cnVzdC5jb20wHwYDVR0RBBgwFoIUYmxhY2tzdGFyLnNyLnVuaC5l
ZHUwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2ALvZ37wfinG1k5Qjl6qSe0c4
V5UKq1LoGpCWZDaOHtGFAAABahGjv4YAAAQDAEcwRQIhAJoBN3idjSu3g3YWA0TB
92OVnL4ya4nra+EwlnrY2IDVAiButvqASjzFw53xmEMd4S/LsX/k4xgVUR6YD1Kd
Y7cx3QB3AESUZS6w7s6vxEAH2Kj+KMDa5oK+2MsxtT/TM5a1toGoAAABahGjv58A
AAQDAEgwRgIhAJwkNcxQqvmZDs9go0WVfGg5xNpdwSMSIHXTx/V2lG8NAiEAufrG
t4pcAhxkXf9a4FOgosr8CnJ/8eUm408sJufIPqQAdgBc3EOS/uarRUSxXprUVuYQ
N/vV+kfcoXOUsl7m9scOygAAAWoRo7+wAAAEAwBHMEUCIQC9qeH+x6PBoZyP/Edi
ZIWwQMZxv2fz5ScUbclcHuepZQIgSNFquzBraP3tPEvb/4LXNIzWXuY4Bt5SBvS2
meke1IowDQYJKoZIhvcNAQELBQADggEBACm0QgtCxUgpkVewLGgsnSAGw4HhqpBs
xH9ib1MDzXa6VZlxX8aVb+2JIkigMJYHlWoE4p3diMN1UGJDGNuc8xBDhRWX0EA4
lN6twoT3S/K2wwLispsVXvAMnwAEbbSATwrTIzVxCSiktigiv0l8eeSzMBrc4O8u
6cbwoQnje2hpT30wNwK/0PialdVAwKBcuPjWDMNu0TQ5MugRV51EX8tig9QLa4yi
AjGxIs1enxWILnlW3aklg5Qxcl2bQHxnPbc+SDms99HwTDx2rdLNsqfoM5AHlN+Q
SE2iKJEBba1gX+8GFq22Z2bWVHI9LOgdRmzvFl1NtXfnA3lZQmXqckI=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArMNopHyzB2QsitcMZ3hm
fdp+eb8kHuShNYQ1w5HBBZhaeNO6LjuAP+VA/MGiriUFmKVtyqK7lOflNRd2gm6Z
AaLAsntmbrwAcZgfjuk7jyO12ymgyYrpmY1JYtJBg8+7YsUKWdS63cbx6b5Lrn5n
YCOaoyiyR1nybf3LfG5NY8B54MP2dWxlll14Vgsafku1IhHGdlDLbYNkQGf7g29t
DeFypcrq0vH1RFfESvPlz+g5N4rPWE2n3WNfPwwaakVRh/RR37qUC4XgMS18b4N5
/UUXpEOBpVTeXJ09o9jz7cx7zBOd9lSscbR/UU5LN7O3OtSwdS79cGbqKCUTlEol
lP51WNm2RTE3CeQLQ5QvhYEVS8Oy2cNMU57VcmSbtfQKRu8sWVgCNyweA6V8/VnB
vvXWp4puCU8pBUPUbCGhf5P+9B+51aS0d+tU35RnH4uSV41Dg5E6sEBsRVquSt90
+vLnscyJ6VcVaUra6t3spSfGG9Ds4IgdjRiNNktV90yni+ru4R3ZIV6fwAc/AOmg
+eg/xOscQ9fqJQMGMm1OBDwVyB2YFJjYPsHcC7F3Tmpl8ss8spGbRMAwSEJ5m1ep
E5ZpdHxVGiJ7e4paMUgiACGMleZ/GdbOSfdrrMtqFz7OY6BFo5VPGt8Qf5xlPkjS
82Lmf/yoijU9BOSCJ4IKLuUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 39707897940542733272347558865643978806
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-12 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-11 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '03824'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Durham'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '105 Main Street'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of New Hampshire'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Research Computing'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'blackstar.sr.unh.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 704812835121568876292014916504452259605893465109786941980865999944485964037840460887802832224671328215126813913785168990077653257439766975460211864754389289452555757688382866712079031700637387384969396617510027831135578446365207589514670725084053847411173233210446329793414218858112364811317183550357346545413118623993066338005013831284755486508566379635298973960177152375188347894051963013852534449770591079581677856804918341366054426337790339768835323296201125768776141681516918205395259136847335452236136529098324669984385091319749644254128149427931691298159637903058729877525447598851276310374074969957197299316860620752535548845656093866757571076898225128667540774529013419658507128356248560963086910889043657862981407748652646858436140300119575591337549414063297837754718437564893089528212624217400523219646671864984227140550514587048211222697020224928105681907337957314769288257072951458672077880303251463653528599451684971897752363420891821867350650799824771837581065308534498588018581224418361525603895713580726955014979776292114498644058092229725717903386716228661296281857427958891040272600115982789380984863028159881839734766251755219870911281093106357871211668158166050992510100114252254658242256941824766112869795901157
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							488c0bc6c5ef92b7ad7795f84437e5df9d6e98f9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blackstar.sr.unh.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016a11a3bf8600000403004730450221009a0137789d8d2bb78376160344c1f763959cbe326b89eb6be130967ad8d880d502206eb6fa804a3cc5c39df198431de12fcbb17fe4e31815511e980f529d63b731dd0077004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016a11a3bf9f00000403004830460221009c2435cc50aaf9990ecf60a345957c6839c4da5dc123122075d3c7f576946f0d022100b9fac6b78a5c021c645dff5ae053a0a2cafc0a727ff1e526e34f2c26e7c83ea40076005cdc4392fee6ab4544b15e9ad456e61037fbd5fa47dca17394b25ee6f6c70eca0000016a11a3bfb00000040300473045022100bda9e1fec7a3c1a19c8ffc47626485b040c671bf67f3e527146dc95c1ee7a965022048d16abb306b68fded3c4bdbff82d7348cd65ee63806de5206f4b699e91ed48a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0029b4420b42c548299157b02c682c9d2006c381e1aa906cc47f626f5303cd76ba5599715fc6956fed892248a0309607956a04e29ddd88c37550624318db9cf31043851597d0403894deadc284f74bf2b6c302e2b29b155ef00c9f00046db4804f0ad32335710928a4b62822bf497c79e4b3301adce0ef2ee9c6f0a109e37b68694f7d303702bfd0f89a95d540c0a05cb8f8d60cc36ed1343932e811579d445fcb6283d40b6b8ca20231b122cd5e9f15882e7956dda925839431725d9b407c673db73e4839acf7d1f04c3c76add2cdb2a7e833900794df90484da22891016dad605fef0616adb66766d654723d2ce81d466cef165d4db577e70379594265ea7242