hybrid.ucop.edu
- The Regents of The University of California -
Issued by InCommon RSA Server CA 2
About this certificate
This digital certificate with serial number db:95:10:31:38:a8:b8:cf:44:b5:e3:95:75:50:e3:06 was issued on by Internet2.
With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
The Regents of The University of California
Organization:
The Regents of The University of California
State / Province:
California
Country: US
Country: US
Internet2
Organization:
Internet2
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): db:95:10:31:38:a8:b8:cf:44:b5:e3:95:75:50:e3:06Serial Number (int): 291874911727087019934814681813079876358
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: a7:80:0d:73:8f:70:c2:c1:70:2c:57:6a:68:bb:34:c4:56:59:24:6e
AuthorityKeyId: ef:4c:00:92:a6:fb:76:2e:5e:95:e2:c9:5f:87:1b:19:d5:4d:e2:d9
Fingerprint (sha1): 66:c1:f6:06:41:0d:2f:20:44:eb:65:3d:90:6a:2f:e4:d6:b4:f3:65
Fingerprint (sha256): 08:b2:3b:a9:75:77:32:93:20:da:75:c2:67:a8:b8:1b:b2:dc:71:2e:e7:e2:24:c7:ee:61:88:c8:7c:ab:87:04
Issuing Certificate URL: http://crt.sectigo.com/InCommonRSAServerCA2.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/InCommonRSAServerCA2.crl
Check the revocation status for certificate hybrid.ucop.edu
7
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for hybrid.ucop.edu
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
hybrid.ucop.edu
autodiscover.ucop.edu
ecp.ucop.edu
owa.ucop.edu
p-its-exhybrid1.ad.ucop.edu
p-its-exhybrid2.ad.ucop.edu
smtp.ucop.edu
autodiscover.ucop.edu
ecp.ucop.edu
owa.ucop.edu
p-its-exhybrid1.ad.ucop.edu
p-its-exhybrid2.ad.ucop.edu
smtp.ucop.edu
Other certificates including the domain name ucop.edu
(limited to 100 certificates)
firm.ucop.edu
ucars.ucop.edu
doscodes.ucop.edu
ucengage2014.ucop.edu
biprod.ucop.edu
ermd.ucop.edu
ajsqa.ucop.edu
danr.ucop.edu
climatechampions.ucop.edu
nartc.fcm.arizona.edu
ottwebapps.ucop.edu
5654831519760384-fe2.pantheonsite.io
5664902681198592-fe4.pantheonsite.io
iws-ucpath.ucop.edu
www.design-engineering.princeton.edu
ucs-ucb-prod.ucop.edu
isedev.ucop.edu
secure.ucop.edu
ucleads.ucop.edu
nxterra.ucop.edu
5737350726418432-fe4.pantheonsite.io
i9complete.ucop.edu
ajsdev.ucop.edu
5738275486564352-fe1.pantheonsite.io
www.blogs.earthjustice.org
cognos-training.ucop.edu
pts.ucop.edu
2021convention.ncte.org
its-skhalil-9.ucop.edu
webdev.colorado.edu
qa.eias.ucop.edu
virtual2.unlv.edu
5688160465977344-fe4.pantheonsite.io
qa.csg.ucop.edu
cognos-training.ucop.edu
keys.ucop.edu
accessqa.ucop.edu
vml.ucop.edu
ucop-system-notification.ucop.edu
dev.wellness.yale.edu
staging-secure.ucop.edu
ucpathmon.ucop.edu
vmp.ucop.edu
csgqa.ucop.edu
info-dev.calperformances.org
agd.nebrwesleyan.edu
timelogdev.ucop.edu
doorways.ucop.edu
dcsstage.ucop.edu
beta.ucop.edu
agd.nebrwesleyan.edu
5688160465977344-fe4.pantheonsite.io
roots.ucop.edu
5684666375864320-fe2.pantheonsite.io
nistmep.blogs.govdelivery.com
5738275486564352-fe1.pantheonsite.io
dev.embody.yale.edu
ucannualwagedev.ucop.edu
policy.ucop.edu
voip-edge.ucop.edu
siteimprove.ucop.edu
dev.wellness.yale.edu
tes.ucop.edu
ugappinfo.ucop.edu
uccoronc2019project.ucop.edu
*.was.devops.ucop.edu
cicsdev-ca-signed.ucop.edu
5737350726418432-fe4.pantheonsite.io
ois.ucop.edu
www.esc.rutgers.edu
safe.ucop.edu
giannini.ucop.edu
5654831519760384-fe2.pantheonsite.io
ise.dev.finapps.aws.ucop.edu
5742387179552768-fe1.pantheonsite.io
www.mesa.ucop.edu
hybrid.ucop.edu
dmsuat.ucop.edu
ca-ecology.ucnrs.org
www.bodywerks-medspa.com
rsamldev.ucop.edu
sp.ucop.edu
giannini.ucop.edu
dev.irapinfocenter.ucop.edu
5742387179552768-fe1.pantheonsite.io
ottwebapps.ucop.edu
*.negotiators-handbook.ucop.edu
sas112.ucop.edu
5738275486564352-fe1.pantheonsite.io
5737350726418432-fe4.pantheonsite.io
pts.ucop.edu
ucimmtoolkit.ucop.edu
itinnovate.ucop.edu
www.extension.ucdavis.edu
2fadmin.govdelivery.com
5742387179552768-fe1.pantheonsite.io
cl.ucop.edu
qa.rgpodonate.ucop.edu
ppsqa.ucop.edu
ugappinfo.ucop.edu
ucars.ucop.edu
doscodes.ucop.edu
ucengage2014.ucop.edu
biprod.ucop.edu
ermd.ucop.edu
ajsqa.ucop.edu
danr.ucop.edu
climatechampions.ucop.edu
nartc.fcm.arizona.edu
ottwebapps.ucop.edu
5654831519760384-fe2.pantheonsite.io
5664902681198592-fe4.pantheonsite.io
iws-ucpath.ucop.edu
www.design-engineering.princeton.edu
ucs-ucb-prod.ucop.edu
isedev.ucop.edu
secure.ucop.edu
ucleads.ucop.edu
nxterra.ucop.edu
5737350726418432-fe4.pantheonsite.io
i9complete.ucop.edu
ajsdev.ucop.edu
5738275486564352-fe1.pantheonsite.io
www.blogs.earthjustice.org
cognos-training.ucop.edu
pts.ucop.edu
2021convention.ncte.org
its-skhalil-9.ucop.edu
webdev.colorado.edu
qa.eias.ucop.edu
virtual2.unlv.edu
5688160465977344-fe4.pantheonsite.io
qa.csg.ucop.edu
cognos-training.ucop.edu
keys.ucop.edu
accessqa.ucop.edu
vml.ucop.edu
ucop-system-notification.ucop.edu
dev.wellness.yale.edu
staging-secure.ucop.edu
ucpathmon.ucop.edu
vmp.ucop.edu
csgqa.ucop.edu
info-dev.calperformances.org
agd.nebrwesleyan.edu
timelogdev.ucop.edu
doorways.ucop.edu
dcsstage.ucop.edu
beta.ucop.edu
agd.nebrwesleyan.edu
5688160465977344-fe4.pantheonsite.io
roots.ucop.edu
5684666375864320-fe2.pantheonsite.io
nistmep.blogs.govdelivery.com
5738275486564352-fe1.pantheonsite.io
dev.embody.yale.edu
ucannualwagedev.ucop.edu
policy.ucop.edu
voip-edge.ucop.edu
siteimprove.ucop.edu
dev.wellness.yale.edu
tes.ucop.edu
ugappinfo.ucop.edu
uccoronc2019project.ucop.edu
*.was.devops.ucop.edu
cicsdev-ca-signed.ucop.edu
5737350726418432-fe4.pantheonsite.io
ois.ucop.edu
www.esc.rutgers.edu
safe.ucop.edu
giannini.ucop.edu
5654831519760384-fe2.pantheonsite.io
ise.dev.finapps.aws.ucop.edu
5742387179552768-fe1.pantheonsite.io
www.mesa.ucop.edu
hybrid.ucop.edu
dmsuat.ucop.edu
ca-ecology.ucnrs.org
www.bodywerks-medspa.com
rsamldev.ucop.edu
sp.ucop.edu
giannini.ucop.edu
dev.irapinfocenter.ucop.edu
5742387179552768-fe1.pantheonsite.io
ottwebapps.ucop.edu
*.negotiators-handbook.ucop.edu
sas112.ucop.edu
5738275486564352-fe1.pantheonsite.io
5737350726418432-fe4.pantheonsite.io
pts.ucop.edu
ucimmtoolkit.ucop.edu
itinnovate.ucop.edu
www.extension.ucdavis.edu
2fadmin.govdelivery.com
5742387179552768-fe1.pantheonsite.io
cl.ucop.edu
qa.rgpodonate.ucop.edu
ppsqa.ucop.edu
ugappinfo.ucop.edu
Certificate
The complete raw certificate details for hybrid.ucop.edu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHXzCCBcegAwIBAgIRANuVEDE4qLjPRLXjlXVQ4wYwDQYJKoZIhvcNAQEMBQAw RDELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCUludGVybmV0MjEhMB8GA1UEAxMYSW5D b21tb24gUlNBIFNlcnZlciBDQSAyMB4XDTI0MDEwNTAwMDAwMFoXDTI1MDEwNDIz NTk1OVowcjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExNDAyBgNV BAoTK1RoZSBSZWdlbnRzIG9mIFRoZSBVbml2ZXJzaXR5IG9mIENhbGlmb3JuaWEx GDAWBgNVBAMTD2h5YnJpZC51Y29wLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMP3TCrGTzTZ69/gVB0Q7J5SqThlDfCsQ0p0X2ZGDIUW4+yu5MKw 3+9YgQ3DxRBvDL1IfhR2yflBlPAfIZ/wdR+AIrw4Ah/2D5QdA/90P1i9ju93/3zo PvS0i52XU+sST+HCJFDZCCMucwAd5qNpgMKteC2JQkpxY5bOiqUk7CsdQLPOIshs Q1aBh3KRQ381+g4LLugo+wMeYty1XjEw1vsd9MLzmrT1KqSEZ+zOx/7WAzn2oduY 8UcOhvSXQatw9lATEpK95RcOhlcRiS8yo3wiSmlRlTPbQOlYx7dFStvPk+ip4cZy qdp+9U6x1eXMwolcqnv9e2Q23CaBfWvgmLECAwEAAaOCA5wwggOYMB8GA1UdIwQY MBaAFO9MAJKm+3YuXpXiyV+HGxnVTeLZMB0GA1UdDgQWBBSngA1zj3DCwXAsV2po uzTEVlkkbjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICZzAl MCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIw QAYDVR0fBDkwNzA1oDOgMYYvaHR0cDovL2NybC5zZWN0aWdvLmNvbS9JbkNvbW1v blJTQVNlcnZlckNBMi5jcmwwcAYIKwYBBQUHAQEEZDBiMDsGCCsGAQUFBzAChi9o dHRwOi8vY3J0LnNlY3RpZ28uY29tL0luQ29tbW9uUlNBU2VydmVyQ0EyLmNydDAj BggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wggF9BgorBgEEAdZ5 AgQCBIIBbQSCAWkBZwB2AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsI AAABjNcbEkcAAAQDAEcwRQIhANHrPmeZfSciif7QA0+EDvaccyPdUsjQJD8eCzGt orw3AiAtWo1guXNOeULqh5DZQkH00ys4HKDiiLqyswjPLr5WiQB1AKLjCuRF772t m3447Udnd1PXgluElNcrXhssxLlQpEfnAAABjNcbEgkAAAQDAEYwRAIgFkmwNcwD TWh2F6Xy5bd77oF6QckH/TriQ9xSDM8mbEYCIBKH3pS9/PLhmNs9pDcEc0ZJ4aZm V/NDGoBbtLZPv7qVAHYATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8A AAGM1xsR2wAABAMARzBFAiAXmUvUn5JFwWFh0tpesrSVsF09ir4Pef2JQpM5Ez8P KAIhAP6ce2kERFCxl44mOv6hpz+MrxrkXYHYB5BCPEfHeWahMIGYBgNVHREEgZAw gY2CD2h5YnJpZC51Y29wLmVkdYIVYXV0b2Rpc2NvdmVyLnVjb3AuZWR1ggxlY3Au dWNvcC5lZHWCDG93YS51Y29wLmVkdYIbcC1pdHMtZXhoeWJyaWQxLmFkLnVjb3Au ZWR1ghtwLWl0cy1leGh5YnJpZDIuYWQudWNvcC5lZHWCDXNtdHAudWNvcC5lZHUw DQYJKoZIhvcNAQEMBQADggGBAITenrLNPBItVeu/4q8QgGmfRcYXCDSztwRVPnd1 RToybh0/Qn18kLgrypcTwaiABD69O55HLU4cj/0dd8H6lffX4/3ycQTxgw+fjPZd B9DZS514vi1gR+6zIaknEN/RuegDZNEn2BCZiYtgjR3ozCK7OeWBINDLCeK+kKdI xdUU59YnXWTdnv78ZwH07LEU04f3jJTfJBiF6YX67l1qRBEhb1ze2a3FU2xeghdF PImknrCsdc7hJUb+NkzMQhyrGitmlO9CSPJlwP0qyQypm5ybLv6jNXfALpDdsmyT dZT8V80qp0KUAyUEy46IB9ZMp2C0guyt9lzXlE2xm4/48ihmnrxwhRPRVlt3RQXp wsqXbTxdQiF0uNhRyvvkrmpiApPQGeqjPbdpP0YRpqcOF0l+QfSgZW3kKEO1uh1t B6dUwbuENe/Z/w8bZ1zG8X5u/WmHYn+iMa6rAJntbnS/7nsXPS9sLt8YZg9MlnTA iRfQDh3gboNuZW8SQWoLRCE9Zw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/dMKsZPNNnr3+BUHRDs nlKpOGUN8KxDSnRfZkYMhRbj7K7kwrDf71iBDcPFEG8MvUh+FHbJ+UGU8B8hn/B1 H4AivDgCH/YPlB0D/3Q/WL2O73f/fOg+9LSLnZdT6xJP4cIkUNkIIy5zAB3mo2mA wq14LYlCSnFjls6KpSTsKx1As84iyGxDVoGHcpFDfzX6Dgsu6Cj7Ax5i3LVeMTDW +x30wvOatPUqpIRn7M7H/tYDOfah25jxRw6G9JdBq3D2UBMSkr3lFw6GVxGJLzKj fCJKaVGVM9tA6VjHt0VK28+T6KnhxnKp2n71TrHV5czCiVyqe/17ZDbcJoF9a+CY sQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 291874911727087019934814681813079876358 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA 2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-04 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Regents of The University of California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hybrid.ucop.edu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24738416424310315833365632157073190604536135309952624464981336849490113027255767707454658891947400786738406944119479395523266559019487351913439631040598422169907312497582176029898534726307136457612852784912117710267544294111684168585675769259502834488278290119349219020954483331775291157807060357969406062667216893290317063334068470211053565430478706118660500176565866936232920848999811754825351470919643594148513216905785242890603140772031211301528041111912042867299939813778862666854921724012886179321831297080253021532514723097513100921642835077004365500397393176005413683071765087065402479555279574422547823892657 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ef4c0092a6fb762e5e95e2c95f871b19d54de2d9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a7800d738f70c2c1702c576a68bb34c45659246e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.103 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/InCommonRSAServerCA2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/InCommonRSAServerCA2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018cd71b12470000040300473045022100d1eb3e67997d272289fed0034f840ef69c7323dd52c8d0243f1e0b31ada2bc3702202d5a8d60b9734e7942ea8790d94241f4d32b381ca0e288bab2b308cf2ebe5689007500a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018cd71b1209000004030046304402201649b035cc034d687617a5f2e5b77bee817a41c907fd3ae243dc520ccf266c4602201287de94bdfcf2e198db3da43704734649e1a66657f3431a805bb4b64fbfba950076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018cd71b11db0000040300473045022017994bd49f9245c16161d2da5eb2b495b05d3d8abe0f79fd89429339133f0f28022100fe9c7b69044450b1978e263afea1a73f8caf1ae45d81d80790423c47c77966a1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (144 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hybrid.ucop.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.ucop.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ecp.ucop.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'owa.ucop.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'p-its-exhybrid1.ad.ucop.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'p-its-exhybrid2.ad.ucop.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'smtp.ucop.edu' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (3072 bits) 0084de9eb2cd3c122d55ebbfe2af1080699f45c6170834b3b704553e7775453a326e1d3f427d7c90b82bca9713c1a880043ebd3b9e472d4e1c8ffd1d77c1fa95f7d7e3fdf27104f1830f9f8cf65d07d0d94b9d78be2d6047eeb321a92710dfd1b9e80364d127d81099898b608d1de8cc22bb39e58120d0cb09e2be90a748c5d514e7d6275d64dd9efefc6701f4ecb114d387f78c94df241885e985faee5d6a4411216f5cded9adc5536c5e8217453c89a49eb0ac75cee12546fe364ccc421cab1a2b6694ef4248f265c0fd2ac90ca99b9c9b2efea33577c02e90ddb26c937594fc57cd2aa74294032504cb8e8807d64ca760b482ecadf65cd7944db19b8ff8f228669ebc708513d1565b774505e9c2ca976d3c5d422174b8d851cafbe4ae6a620293d019eaa33db7693f4611a6a70e17497e41f4a0656de42843b5ba1d6d07a754c1bb8435efd9ff0f1b675cc6f17e6efd6987627fa231aeab0099ed6e74bfee7b173d2f6c2edf18660f4c9674c08917d00e1de06e836e656f12416a0b44213d67