bridges.rockefeller.edu

- The Rockefeller University -

Issued by COMODO RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number 56:b8:b2:05:dd:02:f5:1d:56:d1:f9:ea:85:ad:8d:b6 was issued on by COMODO CA Limited.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber Certificate: extKeyUsage values other than id-kp-serverAuth, id-kp-clientAuth, and id-kp-emailProtection SHOULD NOT be present. (BRs: 7.1.2.3)

The Rockefeller University

Organization: The Rockefeller University
Organization unit: Hosted by The Rockefeller University
Organization unit: PlatinumSSL SGC
Address: 1230 York Ave.
Postal code: 10065
State / Province: New York
Locality: New York
Country: US

COMODO CA Limited

Organization: COMODO CA Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 56:b8:b2:05:dd:02:f5:1d:56:d1:f9:ea:85:ad:8d:b6
Serial Number (int): 115272600992923198465190595877369908662
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 2c:2d:95:19:65:12:5e:48:b9:e3:c8:b4:4c:a5:55:af:d5:f9:40:d0
AuthorityKeyId: 9a:f3:2b:da:cf:ad:4f:b6:2f:bb:2a:48:48:2a:12:b7:1b:42:c1:24

Fingerprint (sha1): 87:00:77:2f:b0:14:95:7e:65:ae:89:16:42:c6:27:6d:f4:99:7a:7a
Fingerprint (sha256): 07:60:60:7c:fd:41:1a:c1:af:ed:32:61:92:81:cb:fe:a5:77:42:ef:d9:18:cf:75:7d:2b:8c:a7:ff:0d:c4:bb

Issuing Certificate URL: http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.comodoca.com
CRL Distribution Point: http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate bridges.rockefeller.edu

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for bridges.rockefeller.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication
Microsoft Server-Gated Cryptography
Netscape Server-Gated Cryptography

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bridges.rockefeller.edu
www.bridges.rockefeller.edu

Other certificates including the domain name rockefeller.edu

(limited to 100 certificates)
courses.rockefeller.edu
pubsubmit.rockefeller.edu
phe.rockefeller.edu
rubbdb2.rockefeller.edu
stage.rockedu.rockefeller.edu
mchc.rockefeller.edu
www.rockefeller.edu
phe.rockefeller.edu
parclip.rockefeller.edu
rushib.rockefeller.edu
formspolicies.rockefeller.edu
rocklab.rockefeller.edu
sopstudentapplication.rockefeller.edu
hgidlabredcap.rockefeller.edu
academicseminars.rockefeller.edu
ldaptest.rockefeller.edu
incubator.rockefeller.edu
formspolicies.rockefeller.edu
cctscertificate.rockefeller.edu
giveandjoin.rockefeller.edu
womenandscience.rockefeller.edu
oas.rockefeller.edu
cctscertificate.rockefeller.edu
phe.rockefeller.edu
vosshall-intra.rockefeller.edu
rumail.rockefeller.edu
appext.rockefeller.edu
bridges.rockefeller.edu
labapps.rockefeller.edu
cp.rockefeller.edu
pilotprojectsreview.rockefeller.edu
rumail.rockefeller.edu
netstat.rockefeller.edu
surfapplication.rockefeller.edu
cctscertificate.rockefeller.edu
go.rockefeller.edu
notifyru.rockefeller.edu
pubsubmit.rockefeller.edu
webmail.rockefeller.edu
reeke-pubdata.rockefeller.edu
eventreg.rockefeller.edu
elf.rockefeller.edu
virtualroom-graduate.rockefeller.edu
bh.rockefeller.edu
postdocalumni.rockefeller.edu
scholarapplication.rockefeller.edu
em.rockefeller.edu
itservices.rockefeller.edu
cchi.rockefeller.edu
virtualroom.rockefeller.edu
ruauth2.rockefeller.edu
bh.rockefeller.edu
pdf-files-test.rockefeller.edu
sopstudentapplication.rockefeller.edu
postdochousingwaitlist.rockefeller.edu
www.rockefeller.edu
xenopus.rockefeller.edu
giveandjoin.rockefeller.edu
maimonlab.rockefeller.edu
ruifar.rockefeller.edu
images.rockefeller.edu
www.rockefeller.edu
test4.rockedu.rockefeller.edu
rumail.rockefeller.edu
appintpl.rockefeller.edu
lab.rockefeller.edu
sees.rockefeller.edu
phe.rockefeller.edu
test19.rockedu.rockefeller.edu
plutus.rockefeller.edu
housinglottery.rockefeller.edu
hospitalhelpdesk.rockefeller.edu
biorhythm.rockefeller.edu
netstat.rockefeller.edu
cctscertificate.rockefeller.edu
itmd.rockefeller.edu
cctscertificate.rockefeller.edu
test22.rockedu.rockefeller.edu
zhao.labapps.rockefeller.edu
giveandjoin.rockefeller.edu
elf.rockefeller.edu
webmail.rockefeller.edu
darwin.rockefeller.edu
gradrecruitment.rockefeller.edu
mchc.rockefeller.edu
ruifar.rockefeller.edu
phe.rockefeller.edu
peggy.rockefeller.edu
sslvpntest.rockefeller.edu
rumail.rockefeller.edu
rufirst.rockefeller.edu
virtualroom.rockefeller.edu
housinglottery.rockefeller.edu
courseevaluations.rockefeller.edu
digitalcommons.rockefeller.edu
ias4web.rockefeller.edu
macromolecule.rockefeller.edu
anvesana.rockefeller.edu
sopstudentapplication.rockefeller.edu
graduateapplication.rockefeller.edu

Certificate

The complete raw certificate details for bridges.rockefeller.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgIQVriyBd0C9R1W0fnqha2NtjANBgkqhkiG9w0BAQsFADCB
ljELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPDA6BgNV
BAMTM0NPTU9ETyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl
cnZlciBDQTAeFw0xNDA4MDEwMDAwMDBaFw0xNzA3MzEyMzU5NTlaMIHsMQswCQYD
VQQGEwJVUzEOMAwGA1UEERMFMTAwNjUxETAPBgNVBAgTCE5ldyBZb3JrMREwDwYD
VQQHEwhOZXcgWW9yazEXMBUGA1UECRMOMTIzMCBZb3JrIEF2ZS4xIzAhBgNVBAoT
GlRoZSBSb2NrZWZlbGxlciBVbml2ZXJzaXR5MS0wKwYDVQQLEyRIb3N0ZWQgYnkg
VGhlIFJvY2tlZmVsbGVyIFVuaXZlcnNpdHkxGDAWBgNVBAsTD1BsYXRpbnVtU1NM
IFNHQzEgMB4GA1UEAxMXYnJpZGdlcy5yb2NrZWZlbGxlci5lZHUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzCO7H7fLM29OPzXLFh3OafclBqH4V1VEu
L/WHW7U2rbLW6RN9XGVGZyJrauYwzDvEDwNlfxUNN+IHEvNhgoEtOhbGyz7BgZrg
87vaTiQhBuVgrsXOCGw17NI3/q+bGn8zf8Cl1ikutX8uhT/ag+qKqitilE/lIuJq
WyVgqlEV1cHilttQC/s2a62Xs9J8X30U3TG0N4jiPPblRzqU0WUKYHOC7EpkgAnN
GscwJ27NfD34cLkGat+VOXGs+eemmg0jwSOU5UklVLr7B7ok3yEJ76rw7RxtQ9fO
eTEyj8bRXCYgwjVLNmRChPm20ar1HMqciszvPbx5kSvw0q+uHTnDAgMBAAGjggIV
MIICETAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQU
LC2VGWUSXki548i0TKVVr9X5QNAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
MAAwNAYDVR0lBC0wKwYIKwYBBQUHAwEGCCsGAQUFBwMCBgorBgEEAYI3CgMDBglg
hkgBhvhCBAEwUAYDVR0gBEkwRzA7BgwrBgEEAbIxAQIBAwQwKzApBggrBgEFBQcC
ARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQICMFoGA1Ud
HwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9y
Z2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYsGCCsGAQUF
BwEBBH8wfTBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09N
T0RPUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAk
BggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMD8GA1UdEQQ4MDaC
F2JyaWRnZXMucm9ja2VmZWxsZXIuZWR1ght3d3cuYnJpZGdlcy5yb2NrZWZlbGxl
ci5lZHUwDQYJKoZIhvcNAQELBQADggEBAGhJTdyDP4IBTqZsUfiQBO5+gvC5c2IZ
f7+7DCWvJlwqYt5yQSC5BWwq2AI3nAWYwWerez2T5ijeFm2hw76ssFfgonWoNVLp
niqvFgkiyn0dSVSXGZcPGJquAhjBwHQdnslMy7ErKNZARxYZhQ16NZb5A1s0NaaO
zvK8LxJCfKNv2nQku1yGb02hHnhEnF7kBUQY2U2qkte92QIFJssM7t5z+D/6Trw4
wHSqzk64x7kO2B9uEE9FSeO4Qq/StRkcIB0+8uTUAzsTld1ls6/Wk9jqChgYTFi2
R5HORCuK4HivmqvbGY0DoN4gBZSoQaC/QwGgNkj6NxAM+q8zsEgOLZc=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswjux+3yzNvTj81yxYdz
mn3JQah+FdVRLi/1h1u1Nq2y1ukTfVxlRmcia2rmMMw7xA8DZX8VDTfiBxLzYYKB
LToWxss+wYGa4PO72k4kIQblYK7FzghsNezSN/6vmxp/M3/ApdYpLrV/LoU/2oPq
iqorYpRP5SLialslYKpRFdXB4pbbUAv7Nmutl7PSfF99FN0xtDeI4jz25Uc6lNFl
CmBzguxKZIAJzRrHMCduzXw9+HC5BmrflTlxrPnnppoNI8EjlOVJJVS6+we6JN8h
Ce+q8O0cbUPXznkxMo/G0VwmIMI1SzZkQoT5ttGq9RzKnIrM7z28eZEr8NKvrh05
wwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 115272600992923198465190595877369908662
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-08-01 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-07-31 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '10065'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1230 York Ave.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Rockefeller University'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hosted by The Rockefeller University'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PlatinumSSL SGC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bridges.rockefeller.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22601061486294739640356199386273973869808965642796890498586855344434483308922479692173152481812830509493174268441757940160474924344280785356447352738636879657366637566415224396916426515241106822314520481697577126671490114536619840926905610774006772102084228775146080582839468771260840391031863738923909715303914302949122858625163516864342496711741158828977293537341358996215134813754715833213580064861429401933490574086363778369846052105934715126281532292984919687011765031050245396725911203142664959998897760921896763523683991737418399568134519155601640902691085014632474547459775272689554049968684380763258273741251
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9af32bdacfad4fb62fbb2a48482a12b71b42c124
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							2c2d951965125e48b9e3c8b44ca555afd5f940d0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (45 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.10.3.3 (serverGatedCrypto)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113730.4.1 (serverGatedCrypto)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (127 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bridges.rockefeller.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bridges.rockefeller.edu'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0068494ddc833f82014ea66c51f89004ee7e82f0b97362197fbfbb0c25af265c2a62de724120b9056c2ad802379c0598c167ab7b3d93e628de166da1c3beacb057e0a275a83552e99e2aaf160922ca7d1d49549719970f189aae0218c1c0741d9ec94ccbb12b28d640471619850d7a3596f9035b3435a68ecef2bc2f12427ca36fda7424bb5c866f4da11e78449c5ee4054418d94daa92d7bdd9020526cb0ceede73f83ffa4ebc38c074aace4eb8c7b90ed81f6e104f4549e3b842afd2b5191c201d3ef2e4d4033b1395dd65b3afd693d8ea0a18184c58b64791ce442b8ae078af9aabdb198d03a0de200594a841a0bf4301a03648fa37100cfaaf33b0480e2d97