retiree-info.usg.edu
- University System of Georgia -
Issued by InCommon RSA Server CA
About this certificate
This digital certificate with serial number 5b:11:61:22:0e:a0:30:40:fc:c0:dd:27:04:63:cc:5c was issued on by Internet2.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
University System of Georgia
Organization:
University System of Georgia
Organization unit: Information Technology Services
Organization unit: Information Technology Services
Address:
270 Washington Street, S.W.
Postal code: 30334
State / Province: Geogia
Locality: Atlanta
Country: US
Postal code: 30334
State / Province: Geogia
Locality: Atlanta
Country: US
Internet2
Organization:
Internet2
Organization unit: InCommon
Organization unit: InCommon
State / Province:
MI
Locality: Ann Arbor
Country: US
Locality: Ann Arbor
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): 5b:11:61:22:0e:a0:30:40:fc:c0:dd:27:04:63:cc:5cSerial Number (int): 121049986755037962341982832130192034908
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 79:62:7a:6c:22:ff:6d:7d:15:60:6d:54:c9:42:e8:c4:80:f9:77:bb
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38
Fingerprint (sha1): c0:fb:00:75:39:ff:35:94:e3:75:c7:6e:db:69:e5:87:ca:84:13:47
Fingerprint (sha256): 09:10:8e:01:b7:7e:a2:36:0e:7b:62:f0:67:09:47:fa:77:6d:ef:f4:45:54:52:64:0f:a3:69:c8:f6:17:7b:da
Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt
Revocation information
OCSP Server: http://ocsp.usertrust.comCRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl
Check the revocation status for certificate retiree-info.usg.edu
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for retiree-info.usg.edu
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
retiree-info.usg.edu
dev.retiree-info-faq.usg.edu
test.retiree-info.usg.edu
dev.retiree-info-faq.usg.edu
test.retiree-info.usg.edu
Other certificates including the domain name usg.edu
(limited to 100 certificates)
statuspage.io
apistatus.pitneybowes.com
statuspage.io
statuspage.io
statuspage.io
gil.uga.edu
spexternal.bor.usg.edu
*.proxygsu-sbul.galileo.usg.edu
epay.usg.edu
filestest.usg.edu
ap1.bor.usg.edu
statuspage.io
idp-demo-prod.bor.usg.edu
gil.uga.edu
jirafeau.galileo.usg.edu
*.hprod.onehcm.usg.edu
www.usg.edu
elver.adm.usg.edu
giluc.usg.edu
gitlab.usg.edu
*.proxygsu-dal1.galileo.usg.edu
ocs-prod-cwa.uso.bor.usg.edu
statuspage.io
statuspage.io
statuspage.io
asurams.gabest.usg.edu
statuspage.io
statuspage.io
*.onehcm.usg.edu
blog.dlg.galileo.usg.edu
oer.galileo.usg.edu
statuspage.io
*.proxygsu-psnd.galileo.usg.edu
dlg.usg.edu
*.proxygsu-gwt1.galileo.usg.edu
statuspage.io
gil.usg.edu
*.fprod.gafirst.usg.edu
statuspage.io
pauth.usg.edu
pauth.usg.edu
adfs.ssc.usg.edu
statuspage.io
statuspage.io
apistatus.pitneybowes.com
apistatus.pitneybowes.com
statuspage.io
bi123.usg.edu
*.dev.usg.edu
*.proxygsu-seff.galileo.usg.edu
ftp.ssc.usg.edu
statuspage.io
statuspage.io
statuspage.io
*.proxygsu-sgai.galileo.usg.edu
statuspage.io
tlsv12-only.bor.usg.edu
exchcas-prod.uso.bor.usg.edu
*.aufdev2.gafirst.usg.edu
*.proxygsu-mac2.galileo.usg.edu
analytics.usg.edu
retiree-info.usg.edu
apps.usg.edu
statuspage.io
ftp.ssc.usg.edu
statuspage.io
www.bor.usg.edu
*.proxygsu-nega.galileo.usg.edu
*.view.usg.edu
apistatus.pitneybowes.com
statuspage.io
www.ssc.usg.edu
statuspage.io
app.usg.edu
ssl.ssc.usg.edu
statuspage.io
access.ssc.usg.edu
sharepoint.ssc.usg.edu
*.gafirst.usg.edu
statuspage.io
apistatus.pitneybowes.com
statuspage.io
emajor.usg.edu
statuspage.io
statuspage.io
gsw.gabest.usg.edu
*.proxygsu-sfor.galileo.usg.edu
statuspage.io
statuspage.io
statuspage.io
apistatus.pitneybowes.com
*.proxygsu-pswf.galileo.usg.edu
statuspage.io
dataviz.usg.edu
statuspage.io
ducs-con.adm.usg.edu
statuspage.io
statuspage.io
statuspage.io
usgtrackit.bor.usg.edu
apistatus.pitneybowes.com
statuspage.io
statuspage.io
statuspage.io
gil.uga.edu
spexternal.bor.usg.edu
*.proxygsu-sbul.galileo.usg.edu
epay.usg.edu
filestest.usg.edu
ap1.bor.usg.edu
statuspage.io
idp-demo-prod.bor.usg.edu
gil.uga.edu
jirafeau.galileo.usg.edu
*.hprod.onehcm.usg.edu
www.usg.edu
elver.adm.usg.edu
giluc.usg.edu
gitlab.usg.edu
*.proxygsu-dal1.galileo.usg.edu
ocs-prod-cwa.uso.bor.usg.edu
statuspage.io
statuspage.io
statuspage.io
asurams.gabest.usg.edu
statuspage.io
statuspage.io
*.onehcm.usg.edu
blog.dlg.galileo.usg.edu
oer.galileo.usg.edu
statuspage.io
*.proxygsu-psnd.galileo.usg.edu
dlg.usg.edu
*.proxygsu-gwt1.galileo.usg.edu
statuspage.io
gil.usg.edu
*.fprod.gafirst.usg.edu
statuspage.io
pauth.usg.edu
pauth.usg.edu
adfs.ssc.usg.edu
statuspage.io
statuspage.io
apistatus.pitneybowes.com
apistatus.pitneybowes.com
statuspage.io
bi123.usg.edu
*.dev.usg.edu
*.proxygsu-seff.galileo.usg.edu
ftp.ssc.usg.edu
statuspage.io
statuspage.io
statuspage.io
*.proxygsu-sgai.galileo.usg.edu
statuspage.io
tlsv12-only.bor.usg.edu
exchcas-prod.uso.bor.usg.edu
*.aufdev2.gafirst.usg.edu
*.proxygsu-mac2.galileo.usg.edu
analytics.usg.edu
retiree-info.usg.edu
apps.usg.edu
statuspage.io
ftp.ssc.usg.edu
statuspage.io
www.bor.usg.edu
*.proxygsu-nega.galileo.usg.edu
*.view.usg.edu
apistatus.pitneybowes.com
statuspage.io
www.ssc.usg.edu
statuspage.io
app.usg.edu
ssl.ssc.usg.edu
statuspage.io
access.ssc.usg.edu
sharepoint.ssc.usg.edu
*.gafirst.usg.edu
statuspage.io
apistatus.pitneybowes.com
statuspage.io
emajor.usg.edu
statuspage.io
statuspage.io
gsw.gabest.usg.edu
*.proxygsu-sfor.galileo.usg.edu
statuspage.io
statuspage.io
statuspage.io
apistatus.pitneybowes.com
*.proxygsu-pswf.galileo.usg.edu
statuspage.io
dataviz.usg.edu
statuspage.io
ducs-con.adm.usg.edu
statuspage.io
statuspage.io
statuspage.io
usgtrackit.bor.usg.edu
Certificate
The complete raw certificate details for retiree-info.usg.edu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG4jCCBcqgAwIBAgIQWxFhIg6gMED8wN0nBGPMXDANBgkqhkiG9w0BAQsFADB2 MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0xODEyMjAwMDAwMDBaFw0xOTEyMjAy MzU5NTlaMIHWMQswCQYDVQQGEwJVUzEOMAwGA1UEERMFMzAzMzQxDzANBgNVBAgT Bkdlb2dpYTEQMA4GA1UEBxMHQXRsYW50YTEkMCIGA1UECRMbMjcwIFdhc2hpbmd0 b24gU3RyZWV0LCBTLlcuMSUwIwYDVQQKExxVbml2ZXJzaXR5IFN5c3RlbSBvZiBH ZW9yZ2lhMSgwJgYDVQQLEx9JbmZvcm1hdGlvbiBUZWNobm9sb2d5IFNlcnZpY2Vz MR0wGwYDVQQDExRyZXRpcmVlLWluZm8udXNnLmVkdTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAMzkT4yN1aXrKibmLhn2nT2OmKe+qppkZhfSFownDi+l srZjXIWptgEJCIsI36Qjxzsxtr5ArLYYbuicApN9M4F1zCsscVMoRTaSoJy9wjn1 2998J5JNbfNEoVKYBlK+vRBU54i2sGNvit8xQlomcJHCs9r6TB415E7zZpS2Q2GK hy9Wp3TAFOZMLQtSj3hAxVD6U86hIZqORkTZwcjvmt+zncAvle9iZhDl5b46jlpY UsMLphUewiv8QYvaTNg+9edhvn9QEZL4IDSYtOkEJNwD9ILGCbSgjf6DTeQM63K4 q0K5VKkEexTDyKgU6z5lC7w/wEW2cu8POofRtYpuxbUCAwEAAaOCAwkwggMFMB8G A1UdIwQYMBaAFB4Fo3ePbJbiW4dLprSGrHEADOc4MB0GA1UdDgQWBBR5YnpsIv9t fRVgbVTJQujEgPl3uzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwZwYDVR0gBGAwXjBSBgwrBgEEAa4j AQQDAQEwQjBABggrBgEFBQcCARY0aHR0cHM6Ly93d3cuaW5jb21tb24ub3JnL2Nl cnQvcmVwb3NpdG9yeS9jcHNfc3NsLnBkZjAIBgZngQwBAgIwRAYDVR0fBD0wOzA5 oDegNYYzaHR0cDovL2NybC5pbmNvbW1vbi1yc2Eub3JnL0luQ29tbW9uUlNBU2Vy dmVyQ0EuY3JsMHUGCCsGAQUFBwEBBGkwZzA+BggrBgEFBQcwAoYyaHR0cDovL2Ny dC51c2VydHJ1c3QuY29tL0luQ29tbW9uUlNBU2VydmVyQ0FfMi5jcnQwJQYIKwYB BQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wWAYDVR0RBFEwT4IUcmV0 aXJlZS1pbmZvLnVzZy5lZHWCHGRldi5yZXRpcmVlLWluZm8tZmFxLnVzZy5lZHWC GXRlc3QucmV0aXJlZS1pbmZvLnVzZy5lZHUwggEEBgorBgEEAdZ5AgQCBIH1BIHy APAAdgC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWfNyqFnAAAE AwBHMEUCIA5gMNYW0Ue3QdD9nFmJv/qBYezoBnqm6kSKvsTzCXTQAiEAzW/4ab2J HbC5nwky0PNqiBvROaW5LUoh2VKOrb1CAWoAdgB0ftqDMa0zEJEhnM4lT0Jwwr/9 XkIgCMY3NXnmEHvMVgAAAWfNyqGwAAAEAwBHMEUCIQDDIS6S8fnE2yWXstqvqXo9 hFoIhElN/OVV4K2PQyR/8AIgKXbjhJpautGRw0Yn6juXvHiyOmDckO9s4DlUHmMh l4MwDQYJKoZIhvcNAQELBQADggEBAIcav9TIWVQ9QMIckMIQwSrTRd0/Tfknppuc kRt6pdQtxjvjj8hOaUL4aAwFekyLBlY+8dYU/kP3N0CI2aiDrMCi26hzstWu+VXK U2DxenBNsEEIB4PvP3DDHOa017qoneYp0xz4sF0561AjZiszZILT9YXr7brVMHzU BJJPlKJYZ2G+kI+jHsFff/tRolBmD88TDqILr26lBK7NY4Xl1acfk3RxhLgq2gnQ 9rGlbn/RlaK7FeSAg55++fdqqDOzldFhOuUKuK6adWGqVpSWznkUHXU9DgLNm2ks JpDmm+GjObOboTEXOwkDrInjLl5R9ErmPuHofR+iV3D4kNBHQjY= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzORPjI3VpesqJuYuGfad PY6Yp76qmmRmF9IWjCcOL6WytmNcham2AQkIiwjfpCPHOzG2vkCsthhu6JwCk30z gXXMKyxxUyhFNpKgnL3COfXb33wnkk1t80ShUpgGUr69EFTniLawY2+K3zFCWiZw kcKz2vpMHjXkTvNmlLZDYYqHL1andMAU5kwtC1KPeEDFUPpTzqEhmo5GRNnByO+a 37OdwC+V72JmEOXlvjqOWlhSwwumFR7CK/xBi9pM2D7152G+f1ARkvggNJi06QQk 3AP0gsYJtKCN/oNN5AzrcrirQrlUqQR7FMPIqBTrPmULvD/ARbZy7w86h9G1im7F tQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 121049986755037962341982832130192034908 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-20 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-20 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '30334' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geogia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Atlanta' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '270 Washington Street, S.W.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University System of Georgia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Information Technology Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'retiree-info.usg.edu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25865198434269382180338444903099004350837093531690425753692765397595251301792638959778391015888797852322421271951180521109652978282591151563234471256003330088714081159150565117262274844508030125746764860014994190285669342055344909131294230188193312013187130542625060317716139390724556522089010599884880894336123102880701437844358039755728773043902188443008200008440849487780640292212605749793050820365892682864043770530073770548523869076335825085904654421785309077598217985860453013801696301310444374808627703285325955265215234751098780278323578189517689044742294531453921206967462904161306342676039721718962268849589 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 79627a6c22ff6d7d15606d54c942e8c480f977bb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (81 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'retiree-info.usg.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.retiree-info-faq.usg.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.retiree-info.usg.edu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000167cdcaa167000004030047304502200e6030d616d147b741d0fd9c5989bffa8161ece8067aa6ea448abec4f30974d0022100cd6ff869bd891db0b99f0932d0f36a881bd139a5b92d4a21d9528eadbd42016a007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc5600000167cdcaa1b00000040300473045022100c3212e92f1f9c4db2597b2daafa97a3d845a0884494dfce555e0ad8f43247ff002202976e3849a5abad191c34627ea3b97bc78b23a60dc90ef6ce039541e63219783 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00871abfd4c859543d40c21c90c210c12ad345dd3f4df927a69b9c911b7aa5d42dc63be38fc84e6942f8680c057a4c8b06563ef1d614fe43f7374088d9a883acc0a2dba873b2d5aef955ca5360f17a704db041080783ef3f70c31ce6b4d7baa89de629d31cf8b05d39eb5023662b336482d3f585ebedbad5307cd404924f94a2586761be908fa31ec15f7ffb51a250660fcf130ea20baf6ea504aecd6385e5d5a71f93747184b82ada09d0f6b1a56e7fd195a2bb15e480839e7ef9f76aa833b395d1613ae50ab8ae9a7561aa569496ce79141d753d0e02cd9b692c2690e69be1a339b39ba131173b0903ac89e32e5e51f44ae63ee1e87d1fa25770f890d0474236