www.rit.edu

- Rochester Institute of Technology -

Issued by InCommon RSA Server CA 2

About this certificate

This digital certificate with serial number ae:d8:43:41:6e:eb:4a:34:3a:85:c4:71:03:3d:9e:e4 was issued on by Internet2.

With 51 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Rochester Institute of Technology

Organization: Rochester Institute of Technology
State / Province: New York
Country: US

Internet2

Organization: Internet2
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): ae:d8:43:41:6e:eb:4a:34:3a:85:c4:71:03:3d:9e:e4
Serial Number (int): 232408571493620691808650175960275853028
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: a0:a8:df:9b:cd:d2:7e:49:a1:db:fe:bd:45:5d:14:cc:bb:42:59:c9
AuthorityKeyId: ef:4c:00:92:a6:fb:76:2e:5e:95:e2:c9:5f:87:1b:19:d5:4d:e2:d9

Fingerprint (sha1): 25:13:94:87:de:bb:af:a1:09:d4:37:e5:67:1c:02:54:bf:a8:03:db
Fingerprint (sha256): 09:17:f3:13:f5:71:b7:c7:14:b0:06:af:9b:1f:56:a6:34:aa:4c:b9:af:9a:6e:71:e9:dd:46:3c:53:d6:cd:bd

Issuing Certificate URL: http://crt.sectigo.com/InCommonRSAServerCA2.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/InCommonRSAServerCA2.crl

Check the revocation status for certificate www.rit.edu

51

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.rit.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.rit.edu
biotech.rit.edu
birds.rit.edu
bookbag.rit.edu
c4.rit.edu
cab.rit.edu
cacm.rit.edu
campuslife.rit.edu
car-ia.gccis.rit.edu
care-ia.gccis.rit.edu
care-ia.rit.edu
careers.rit.edu
careerservices3.rit.edu
careerservicesapps.rit.edu
carepackages.rit.edu
casci.rit.edu
cast.rit.edu
castfead.rit.edu
castle.rit.edu
cat.rit.edu
cdn.rit.edu
cema.rit.edu
cenr.rit.edu
cet.rit.edu
checkin.rit.edu
chemclub.rit.edu
chemistry.rit.edu
chemresc.rit.edu
ci.rit.edu
cims.rit.edu
clipboard.rit.edu
cmmc.rit.edu
cmse.rit.edu
color.rit.edu
colorscience.rit.edu
concerncenter.rit.edu
contenta.rit.edu
cosplay.rit.edu
cossab.rit.edu
covidref.rit.edu
cprint.rit.edu
creativity.rit.edu
crowdfunding.rit.edu
csec.rit.edu
csgold.finance.rit.edu
csgold.rit.edu
csm.rit.edu
cyber.rit.edu
cybercorps.rit.edu
cybersecurity.rit.edu
dailyhealthaudit.rit.edu

Other certificates including the domain name rit.edu

(limited to 100 certificates)
3dprint.csh.rit.edu
elkmoose.student.rit.edu
us.prod.campusgroups.com
ezproxy.rit.edu
arthouse.rit.edu
www.rit.edu
michaelfrancis.me
cluster3.technolutions.net
spam.rit.edu
us.prod.campusgroups.com
dbadmin.istlabs.rit.edu
bcc1.talentera.com
vems.main.ad.rit.edu
cs.rit.edu
hvz.rit.edu
afsabre.rit.edu
kdcproxy.ad.rit.edu
www.rit.edu
print02.main.ad.rit.edu
game.csh.rit.edu
inspirationalshitposts.a.csh.rit.edu
fma.rit.edu
apps-alpha.scb.rit.edu
www.rit.edu
cluster3.technolutions.net
astrodance.rit.edu
nga.scb.rit.edu
git.csh.rit.edu
myportal.rit.edu
oops.rit.edu
git.csh.rit.edu
croatia.rit.edu
hogs.rit.edu
us.prod.campusgroups.com
grapeape.se.rit.edu
spiritpass.rit.edu
openevals.rit.edu
reports.ntid.rit.edu
kgcoe-msdpics.rit.edu
crmstage-des.rit.edu
vpr-sandbox.rc.rit.edu
cias-jira.rit.edu
sites.sg.rit.edu
cias-confluence.rit.edu
samurai.csh.rit.edu
www.ist.rit.edu
bcc1.talentera.com
moonbounce.rit.edu
myupktest.rit.edu
castnet.rit.edu
cadetsrv.main.ad.rit.edu
crmprod-des.rit.edu
filedump.se.rit.edu
api.rit.edu
www.rit.edu
reslab.rit.edu
rit.edu
myportaladmin.rit.edu
ritmailtest.rit.edu
evt.rit.edu
us.prod.campusgroups.com
rlescloud.main.ad.rit.edu
jenky.csh.rit.edu
www.rit.edu
www.rit.edu
headcount.se.rit.edu
monitor.istlabs.rit.edu
argo.csh.rit.edu
people.rit.edu
purple.student.rit.edu
infoguides.rit.edu
msdnaa.rit.edu
mabl.rit.edu
us.prod.campusgroups.com
croatia.rit.edu
appsdev.ntid.rit.edu
www.rit.edu
bcc1.talentera.com
twcosxserver01.main.ad.rit.edu
scholarworks.rit.edu
www2.rit.edu
myinfographicsd.main.ad.rit.edu
*.ce.rit.edu
careerservices.rit.edu
ritanime.rit.edu
witr.rit.edu
ntidwb01d.ntid.rit.edu
ccserv.rit.edu
aod.rit.edu
swen-ads.igm.rit.edu
mabl.rit.edu
taco.student.rit.edu
myinfo.rit.edu
vm344c.se.rit.edu
imap.se.rit.edu
openbsd.se.rit.edu
*.ce.rit.edu
cluster3.technolutions.net
san-8-s10.tlsprovisioning.exacttarget.com
www.rit.edu

Certificate

The complete raw certificate details for www.rit.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIKPjCCCKagAwIBAgIRAK7YQ0Fu60o0OoXEcQM9nuQwDQYJKoZIhvcNAQEMBQAw
RDELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCUludGVybmV0MjEhMB8GA1UEAxMYSW5D
b21tb24gUlNBIFNlcnZlciBDQSAyMB4XDTIzMTExNzAwMDAwMFoXDTI0MTIxNzIz
NTk1OVowYjELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE5ldyBZb3JrMSowKAYDVQQK
EyFSb2NoZXN0ZXIgSW5zdGl0dXRlIG9mIFRlY2hub2xvZ3kxFDASBgNVBAMTC3d3
dy5yaXQuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ajaDmuG
3R0es4nb1OxZmG/y9QEU5tPTg2Pf8uz7LQEN021o/h1a6xCGvygisygp+a+6L+WI
CqlOpKMbRCfh4ebdrxBkMsoi7L4nPiv5Ga/R/LhiF2uOdVdCoF2j6WBHfvCdCICs
CiPPmLKPhOyFk2nx2o8f/LClcTwaSrL//2EdbhY53HwPO4hW7d8wA0rNsShFvAhw
hEIAd4iB3Mtbo2EGxfmIMX9W4nPPLNESGxuCcX1MPGSvYpiyHay8MWNE4DuntsSl
Y/91hXA+OY/lWpqPw9PHmJl2VnTt8zmcqiYO8ulZjc520wLT2/Mv8Xnu7J1SKTPK
eQEsPRdrMSAwmwIDAQABo4IGizCCBocwHwYDVR0jBBgwFoAU70wAkqb7di5eleLJ
X4cbGdVN4tkwHQYDVR0OBBYEFKCo35vN0n5Jodv+vUVdFMy7QlnJMA4GA1UdDwEB
/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
BQcDAjBJBgNVHSAEQjBAMDQGCysGAQQBsjEBAgJnMCUwIwYIKwYBBQUHAgEWF2h0
dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECAjBABgNVHR8EOTA3MDWgM6Ax
hi9odHRwOi8vY3JsLnNlY3RpZ28uY29tL0luQ29tbW9uUlNBU2VydmVyQ0EyLmNy
bDBwBggrBgEFBQcBAQRkMGIwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuc2VjdGln
by5jb20vSW5Db21tb25SU0FTZXJ2ZXJDQTIuY3J0MCMGCCsGAQUFBzABhhdodHRw
Oi8vb2NzcC5zZWN0aWdvLmNvbTCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHUA
dv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGL3nlhSwAABAMARjBE
AiAyBGhjTqUjIRbjkdt5JUqzsDM4pXZp6NS/XN9NVP81JAIgfvizVJsgaHvIlPkR
kS/QjX3EHJVoNhiBXI1dl8uRJMMAdwA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvB
vyiF7PhkbgAAAYveeWITAAAEAwBIMEYCIQCNh1pFIIESx0+zaGJbOmhWwwgdmjwo
HDghdq4l8+ur/wIhAKAQSlDlilvRmamLt39x9NcNapDLfnec/z1ZFPR6Q05PAHYA
7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGL3nlhxAAABAMARzBF
AiEAyoNlPxAZq//z+Vsbzl7dcH3Z9CKLwswgTOz8tMNhHDUCIG3MFqsnfz2my8j2
yo50mq+snCMVlurNAGvz6jIlponYMIIDhQYDVR0RBIIDfDCCA3iCC3d3dy5yaXQu
ZWR1gg9iaW90ZWNoLnJpdC5lZHWCDWJpcmRzLnJpdC5lZHWCD2Jvb2tiYWcucml0
LmVkdYIKYzQucml0LmVkdYILY2FiLnJpdC5lZHWCDGNhY20ucml0LmVkdYISY2Ft
cHVzbGlmZS5yaXQuZWR1ghRjYXItaWEuZ2NjaXMucml0LmVkdYIVY2FyZS1pYS5n
Y2Npcy5yaXQuZWR1gg9jYXJlLWlhLnJpdC5lZHWCD2NhcmVlcnMucml0LmVkdYIX
Y2FyZWVyc2VydmljZXMzLnJpdC5lZHWCGmNhcmVlcnNlcnZpY2VzYXBwcy5yaXQu
ZWR1ghRjYXJlcGFja2FnZXMucml0LmVkdYINY2FzY2kucml0LmVkdYIMY2FzdC5y
aXQuZWR1ghBjYXN0ZmVhZC5yaXQuZWR1gg5jYXN0bGUucml0LmVkdYILY2F0LnJp
dC5lZHWCC2Nkbi5yaXQuZWR1ggxjZW1hLnJpdC5lZHWCDGNlbnIucml0LmVkdYIL
Y2V0LnJpdC5lZHWCD2NoZWNraW4ucml0LmVkdYIQY2hlbWNsdWIucml0LmVkdYIR
Y2hlbWlzdHJ5LnJpdC5lZHWCEGNoZW1yZXNjLnJpdC5lZHWCCmNpLnJpdC5lZHWC
DGNpbXMucml0LmVkdYIRY2xpcGJvYXJkLnJpdC5lZHWCDGNtbWMucml0LmVkdYIM
Y21zZS5yaXQuZWR1gg1jb2xvci5yaXQuZWR1ghRjb2xvcnNjaWVuY2Uucml0LmVk
dYIVY29uY2VybmNlbnRlci5yaXQuZWR1ghBjb250ZW50YS5yaXQuZWR1gg9jb3Nw
bGF5LnJpdC5lZHWCDmNvc3NhYi5yaXQuZWR1ghBjb3ZpZHJlZi5yaXQuZWR1gg5j
cHJpbnQucml0LmVkdYISY3JlYXRpdml0eS5yaXQuZWR1ghRjcm93ZGZ1bmRpbmcu
cml0LmVkdYIMY3NlYy5yaXQuZWR1ghZjc2dvbGQuZmluYW5jZS5yaXQuZWR1gg5j
c2dvbGQucml0LmVkdYILY3NtLnJpdC5lZHWCDWN5YmVyLnJpdC5lZHWCEmN5YmVy
Y29ycHMucml0LmVkdYIVY3liZXJzZWN1cml0eS5yaXQuZWR1ghhkYWlseWhlYWx0
aGF1ZGl0LnJpdC5lZHUwDQYJKoZIhvcNAQEMBQADggGBAHyAZy7l6EZLmkWW24LD
AhCBCGlIq/x5PuOgxh6LPSwaHo9cbmyxz8d458KPCwWwAAJd8mAm8QwNUqtfAova
u7rovteYDNYyxHJ4on1quy9V8hp8CgpIMEVX/a825tH2o46U7/x0oai0BP+fWb0y
exPBpc7htZFqWubYAmQizhID57h1PBMNyyr62KjCJ7U7xcPRvwHBGRhBu2MN+FqT
AUVg/IzKRmsKeHdqlonnhbFDfqHTil7NRnQd/bjVOv8QqC41ZTDBGuLxdWd3hH62
XIx4T8FmSSeZQgBI0RtVq3jTS/N/he3saxIujfqPYCd70gaqFbGHVv84mqdlhVXf
c1EMXUDUEdaIhYYCZjzEflO5ywyif6dyg8D/UKi19DucfXBCa/pPfpHWYsundWLc
D2Zl1oaTXUSKh1++hbuSWohw+GMmvqS5bkynYTotMpyHprJhPtM2ndsKMGh7gcgB
10cthPojkg2w1huS3mFZ3CYvwBiG6u8soMqoaXdnIoBnZg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ajaDmuG3R0es4nb1OxZ
mG/y9QEU5tPTg2Pf8uz7LQEN021o/h1a6xCGvygisygp+a+6L+WICqlOpKMbRCfh
4ebdrxBkMsoi7L4nPiv5Ga/R/LhiF2uOdVdCoF2j6WBHfvCdCICsCiPPmLKPhOyF
k2nx2o8f/LClcTwaSrL//2EdbhY53HwPO4hW7d8wA0rNsShFvAhwhEIAd4iB3Mtb
o2EGxfmIMX9W4nPPLNESGxuCcX1MPGSvYpiyHay8MWNE4DuntsSlY/91hXA+OY/l
WpqPw9PHmJl2VnTt8zmcqiYO8ulZjc520wLT2/Mv8Xnu7J1SKTPKeQEsPRdrMSAw
mwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 232408571493620691808650175960275853028
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA 2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-17 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-17 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rochester Institute of Technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.rit.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26467069655161546737824548401964678905784048012894376599114410753441655835822337319591779435357951807228211571978652930643605855818269548133981552350630023876820434382944650280107046114246065776489698047412641651806538840467455553668688184861872332266073591688327185152972905745702094370680293135465056327736071281990595748833197337352799702068582715710213546578997573998129792991955434558158364479937487014407650572108280993799275337463527937229757337088519634396465773081304906314780769457697068771090231722243944416114570179377560931179507976710282237556646619918716951086099253137441555277764862704351120455643291
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ef4c0092a6fb762e5e95e2c95f871b19d54de2d9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a0a8df9bcdd27e49a1dbfebd455d14ccbb4259c9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.103
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/InCommonRSAServerCA2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/InCommonRSAServerCA2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							016800750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018bde79614b00000403004630440220320468634ea5232116e391db79254ab3b03338a57669e8d4bf5cdf4d54ff352402207ef8b3549b20687bc894f911912fd08d7dc41c95683618815c8d5d97cb9124c30077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018bde79621300000403004830460221008d875a45208112c74fb368625b3a6856c3081d9a3c281c382176ae25f3ebabff022100a0104a50e58a5bd199a98bb77f71f4d70d6a90cb7e779cff3d5914f47a434e4f007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bde7961c40000040300473045022100ca83653f1019abfff3f95b1bce5edd707dd9f4228bc2cc204cecfcb4c3611c3502206dcc16ab277f3da6cbc8f6ca8e749aafac9c231596eacd006bf3ea3225a689d8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (892 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'biotech.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'birds.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bookbag.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'c4.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cab.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cacm.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'campuslife.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'car-ia.gccis.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'care-ia.gccis.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'care-ia.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'careers.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'careerservices3.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'careerservicesapps.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'carepackages.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'casci.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cast.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'castfead.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'castle.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cat.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cema.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cenr.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cet.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'checkin.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chemclub.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chemistry.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chemresc.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cims.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clipboard.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmmc.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmse.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'color.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'colorscience.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'concerncenter.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'contenta.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cosplay.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cossab.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'covidref.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cprint.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'creativity.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'crowdfunding.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'csec.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'csgold.finance.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'csgold.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'csm.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cyber.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cybercorps.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cybersecurity.rit.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dailyhealthaudit.rit.edu'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (3072 bits)
		007c80672ee5e8464b9a4596db82c3021081086948abfc793ee3a0c61e8b3d2c1a1e8f5c6e6cb1cfc778e7c28f0b05b000025df26026f10c0d52ab5f028bdabbbae8bed7980cd632c47278a27d6abb2f55f21a7c0a0a48304557fdaf36e6d1f6a38e94effc74a1a8b404ff9f59bd327b13c1a5cee1b5916a5ae6d8026422ce1203e7b8753c130dcb2afad8a8c227b53bc5c3d1bf01c1191841bb630df85a93014560fc8cca466b0a78776a9689e785b1437ea1d38a5ecd46741dfdb8d53aff10a82e356530c11ae2f1756777847eb65c8c784fc166492799420048d11b55ab78d34bf37f85edec6b122e8dfa8f60277bd206aa15b18756ff389aa7658555df73510c5d40d411d688858602663cc47e53b9cb0ca27fa77283c0ff50a8b5f43b9c7d70426bfa4f7e91d662cba77562dc0f6665d686935d448a875fbe85bb925a8870f86326bea4b96e4ca7613a2d329c87a6b2613ed3369ddb0a30687b81c801d7472d84fa23920db0d61b92de6159dc262fc01886eaef2ca0caa869776722806766