fifeutilgpvm01.fnal.gov
- Fermi Research Alliance -
Issued by InCommon RSA IGTF Server CA 3
About this certificate
This digital certificate with serial number ca:84:92:76:c2:70:25:45:32:b5:c9:c9:6b:b3:28:48 was issued on by Internet2.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Fermi Research Alliance
Organization:
Fermi Research Alliance
State / Province:
Illinois
Country: US
Country: US
Internet2
Organization:
Internet2
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): ca:84:92:76:c2:70:25:45:32:b5:c9:c9:6b:b3:28:48Serial Number (int): 269192408974780581001785821631580678216
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 1c:33:ba:64:6a:bd:5f:95:3f:ec:6b:47:a7:89:5d:2f:b4:08:3f:3c
AuthorityKeyId: 16:36:a5:e3:31:7b:bf:67:f6:b2:b7:e7:ea:54:ef:57:30:be:c7:e5
Fingerprint (sha1): 06:ac:dc:c7:98:df:27:75:fa:e0:4f:93:01:f2:0c:5f:75:49:87:dd
Fingerprint (sha256): 07:77:5d:c4:8a:f9:43:bf:3a:fe:0f:9c:c9:fb:8d:35:36:05:b9:7f:78:9a:4f:66:e0:8f:b5:6b:be:67:22:55
Issuing Certificate URL: http://crt.sectigo.com/InCommonRSAIGTFServerCA3.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/InCommonRSAIGTFServerCA3.crl
Check the revocation status for certificate fifeutilgpvm01.fnal.gov
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for fifeutilgpvm01.fnal.gov
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
fifeutilgpvm01.fnal.gov
Other certificates including the domain name fnal.gov
(limited to 100 certificates)
uboonepro-uboonegpvm01.fnal.gov
gpce03.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
stkendca71a.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
lpcschedd3.fnal.gov
samwebgpvm03.fnal.gov
ftdc2.fermitest.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
pubstor2231.fnal.gov
*.fnal.gov
nsexpe2.fnal.gov
cmsstor341.fnal.gov
*.fnal.gov
uhosts.fnal.gov
www-bss.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmssi-factory02.fnal.gov
*.fnal.gov
uhosts.fnal.gov
fermi-rsa-2.fnal.gov
*.fnal.gov
cmseos-tf1103.fnal.gov
rcds01.fnal.gov
*.fnal.gov
*.fnal.gov
ssiadmin3.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos511.fnal.gov
uhosts.fnal.gov
fcdfcache122.fnal.gov
*.fnal.gov
*.fnal.gov
cmssrv628.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
cmseos1144.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
icaruspro-icarusgpvm01.fnal.gov
cmsstor907.fnal.gov
*.fnal.gov
*.fnal.gov
fifeutilgpvm01.fnal.gov
fermicloud527.fnal.gov
*.fnal.gov
*.fnal.gov
fndcaitb1.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos-if1102.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
fermicloud363.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos517.fnal.gov
rcodegpvm02.fnal.gov
cmseos56.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmsdcadiskitb03.fnal.gov
*.fnal.gov
accelaipro-accelaigpvm01.fnal.gov
*.fnal.gov
*.fnal.gov
cmsdcadiskitb04.fnal.gov
cmseos34.fnal.gov
fndca5b.fnal.gov
*.fnal.gov
gpce03.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
stkendca71a.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
lpcschedd3.fnal.gov
samwebgpvm03.fnal.gov
ftdc2.fermitest.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
pubstor2231.fnal.gov
*.fnal.gov
nsexpe2.fnal.gov
cmsstor341.fnal.gov
*.fnal.gov
uhosts.fnal.gov
www-bss.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmssi-factory02.fnal.gov
*.fnal.gov
uhosts.fnal.gov
fermi-rsa-2.fnal.gov
*.fnal.gov
cmseos-tf1103.fnal.gov
rcds01.fnal.gov
*.fnal.gov
*.fnal.gov
ssiadmin3.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos511.fnal.gov
uhosts.fnal.gov
fcdfcache122.fnal.gov
*.fnal.gov
*.fnal.gov
cmssrv628.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
cmseos1144.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
icaruspro-icarusgpvm01.fnal.gov
cmsstor907.fnal.gov
*.fnal.gov
*.fnal.gov
fifeutilgpvm01.fnal.gov
fermicloud527.fnal.gov
*.fnal.gov
*.fnal.gov
fndcaitb1.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos-if1102.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
fermicloud363.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos517.fnal.gov
rcodegpvm02.fnal.gov
cmseos56.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmsdcadiskitb03.fnal.gov
*.fnal.gov
accelaipro-accelaigpvm01.fnal.gov
*.fnal.gov
*.fnal.gov
cmsdcadiskitb04.fnal.gov
cmseos34.fnal.gov
fndca5b.fnal.gov
*.fnal.gov
Certificate
The complete raw certificate details for fifeutilgpvm01.fnal.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGujCCBSKgAwIBAgIRAMqEknbCcCVFMrXJyWuzKEgwDQYJKoZIhvcNAQEMBQAw STELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCUludGVybmV0MjEmMCQGA1UEAxMdSW5D b21tb24gUlNBIElHVEYgU2VydmVyIENBIDMwHhcNMjMxMjA1MDAwMDAwWhcNMjUw MTAzMjM1OTU5WjCBkzETMBEGCgmSJomT8ixkARkWA29yZzEYMBYGCgmSJomT8ixk ARkWCGluY29tbW9uMQswCQYDVQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxIDAe BgNVBAoTF0Zlcm1pIFJlc2VhcmNoIEFsbGlhbmNlMSAwHgYDVQQDExdmaWZldXRp bGdwdm0wMS5mbmFsLmdvdjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB ALTn7HUibt0w09QDJvhBp8jOSVoF93bMkkegs2n7yp7wXAxyEQjN2FqgU3or4Pn3 VB7+Y+xN8LfSAibAeqAMkqN7lDLG0V+M14IaMq35CuEaoKCN++raKRBd5laCOSXN R8YgPzchE2mjF8EcoQkdxDgKluhp/rDyOIGYusXTg20UXJSF2MT4pMqAmDLmPb++ YxJpm+E04Xbo8Rxl+sadAntoDs6O9/eGmn5ppQBkXAOPIInyyzpgsSbGQrghPl4b f38SoxQM4VmMFSIEiCJtxXaEzk/8TcBLT1UVJrXbVAYTN3Yq02nhofvDAEWYtTl9 T/Yc8dRwSeHp2GDaIzZdJG54E8cJLvUDET5QVYc4fkA/epdmjhhA1XAOHugPdqWO gc6AMEK+JfcUCNsshVZRjpDDL1YuuPzS9uS6+EXhoMFHEr/GTndmtKenOQA8hOb4 BssxW9U3oCfXxNle2ZM+0/Ezy+B0QCDfrBWatpJESoN8TFUjqizLaYDL8we7uuYJ EMYsE5ZO7redIkafrlkLXIP+4RjYExg/uyh0MvftCMTftaP9ShCRGUfj+V82b9XH Eemi5cDgH9w+Z3KPIDL/J42a54KdJub+UhHyJE/1DaH8qyti9i62o3flif1CkIpA i3zCBGedzPoMcebMMPQ1r+qzl/8GQaGhKTeyVfnsk6RvAgMBAAGjggHQMIIBzDAf BgNVHSMEGDAWgBQWNqXjMXu/Z/ayt+fqVO9XML7H5TAdBgNVHQ4EFgQUHDO6ZGq9 X5U/7GtHp4ldL7QIPzwwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFgGA1UdIARRME8wNQYMKwYBBAGu IwEEAwQCMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAwG CiqGSIb3TAUCAgEwCAYGZ4EMAQICMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9j cmwuc2VjdGlnby5jb20vSW5Db21tb25SU0FJR1RGU2VydmVyQ0EzLmNybDB0Bggr BgEFBQcBAQRoMGYwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQuc2VjdGlnby5jb20v SW5Db21tb25SU0FJR1RGU2VydmVyQ0EzLmNydDAjBggrBgEFBQcwAYYXaHR0cDov L29jc3Auc2VjdGlnby5jb20wEwYKKwYBBAHWeQIEAwEB/wQCBQAwIgYDVR0RBBsw GYIXZmlmZXV0aWxncHZtMDEuZm5hbC5nb3YwDQYJKoZIhvcNAQEMBQADggGBABAA IbujQqh8EjDKWlZRU3CTBgZW7cYWxGsRB4q5bfCoW+j+NvIP2Z8iE48CS+Xw2FP+ gNNZewA6AN37q98jbY6uHjn1TNH2hIL8oXCDzGkXvLuaHJzB3dniyXDt5H+oQx3P tyna25+kb/SirK71QRgsfdGyDb651Sy9ZCMypMfCZKemyLplW/2BiqZXB+6DXXYl 7nkb4wHDpOj5Bm6wZEwXRk8S7uEagaF3E4mtB5wWDb/bSUmZysTcVEVWSZRIIiaL hddgNhZZXuh+aTTLjRJwSe+16588vQr5IgEdSas27TP0N2MR4YBM/piAuGo68vdH 5YM8egNhUTSEfteQgZTqSrI6leDsDA4fEuioi5qisIpKv43UWs87jROp5BPzIxQB bb6oO37OTlZDksAMSW3F/98Mg5UDQSLhZmHb2/WY7yLnckmiyyr0h6DSQ0Ck+snF QyUQdUNrjoKz9rkfGojkbMKCiUEiGUTVIRMBFm5YgdnloLQapB8beoYjQfsXPw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtOfsdSJu3TDT1AMm+EGn yM5JWgX3dsySR6CzafvKnvBcDHIRCM3YWqBTeivg+fdUHv5j7E3wt9ICJsB6oAyS o3uUMsbRX4zXghoyrfkK4RqgoI376topEF3mVoI5Jc1HxiA/NyETaaMXwRyhCR3E OAqW6Gn+sPI4gZi6xdODbRRclIXYxPikyoCYMuY9v75jEmmb4TThdujxHGX6xp0C e2gOzo7394aafmmlAGRcA48gifLLOmCxJsZCuCE+Xht/fxKjFAzhWYwVIgSIIm3F doTOT/xNwEtPVRUmtdtUBhM3dirTaeGh+8MARZi1OX1P9hzx1HBJ4enYYNojNl0k bngTxwku9QMRPlBVhzh+QD96l2aOGEDVcA4e6A92pY6BzoAwQr4l9xQI2yyFVlGO kMMvVi64/NL25Lr4ReGgwUcSv8ZOd2a0p6c5ADyE5vgGyzFb1TegJ9fE2V7Zkz7T 8TPL4HRAIN+sFZq2kkRKg3xMVSOqLMtpgMvzB7u65gkQxiwTlk7ut50iRp+uWQtc g/7hGNgTGD+7KHQy9+0IxN+1o/1KEJEZR+P5XzZv1ccR6aLlwOAf3D5nco8gMv8n jZrngp0m5v5SEfIkT/UNofyrK2L2Lrajd+WJ/UKQikCLfMIEZ53M+gxx5sww9DWv 6rOX/wZBoaEpN7JV+eyTpG8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 269192408974780581001785821631580678216 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA IGTF Server CA 3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'org' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'incommon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Illinois' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Fermi Research Alliance' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'fifeutilgpvm01.fnal.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 738031893154798268796416347816449416092462005753914082215773853617749236373268032181351845772439983876861465827092611163516696011572067887977885598184463245831606547341257755532101088854404793656171559713457030692879262430077572950515208075355987814743301611505495267591133474953692408122715746949562107553923112681066066068014486384206077014429054308500567460107336123657451250061838101631432114870498144761318587326921291207560934796003189903707661511539527096593062365939415289346686024612644805066402214694779154386950484570603177145587424591525890175712894748412509777507710043031350739644205201864573282140507884441392800767776717191060513005297685257738105738772581030344349038609354725596422401116690441665653739842022208514905262369720816961268281481729129506930605870072982781778968010628829102727347389958792463227857435088870666683756840801489426631395113892831227405345097128583838843782199182171797279661326735806116346334312305922063143985839277208201516762564992323404555475192639378276785394908397440251641387274287262769770850919101216711258188017175130991849066874426645768367903155317822732811759340221105612732109117219051657578838571192785367101775202631417344769821208644543769476638375416714416132119671841903 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1636a5e3317bbf67f6b2b7e7ea54ef5730bec7e5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1c33ba646abd5f953fec6b47a7895d2fb4083f3c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (81 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.4.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113612.5.2.2.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/InCommonRSAIGTFServerCA3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/InCommonRSAIGTFServerCA3.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fifeutilgpvm01.fnal.gov' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (3072 bits) 00100021bba342a87c1230ca5a5651537093060656edc616c46b11078ab96df0a85be8fe36f20fd99f22138f024be5f0d853fe80d3597b003a00ddfbabdf236d8eae1e39f54cd1f68482fca17083cc6917bcbb9a1c9cc1ddd9e2c970ede47fa8431dcfb729dadb9fa46ff4a2acaef541182c7dd1b20dbeb9d52cbd642332a4c7c264a7a6c8ba655bfd818aa65707ee835d7625ee791be301c3a4e8f9066eb0644c17464f12eee11a81a1771389ad079c160dbfdb494999cac4dc54455649944822268b85d7603616595ee87e6934cb8d127049efb5eb9f3cbd0af922011d49ab36ed33f4376311e1804cfe9880b86a3af2f747e5833c7a03615134847ed7908194ea4ab23a95e0ec0c0e1f12e8a88b9aa2b08a4abf8dd45acf3b8d13a9e413f32314016dbea83b7ece4e564392c00c496dc5ffdf0c8395034122e16661dbdbf598ef22e77249a2cb2af487a0d24340a4fac9c543251075436b8e82b3f6b91f1a88e46cc2828941221944d5211301166e5881d9e5a0b41aa41f1b7a862341fb173f