riels.northeastern.edu

- Northeastern University -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 16:30:7d:1f:4e:2c:6a:e7:8e:5c:48:41:85:c9:6f was issued on by Internet2.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Northeastern University

Organization: Northeastern University
Organization unit: ITS-SPS-System Services
Address: 360 Huntington Ave.
Postal code: 02115
State / Province: MA
Locality: Boston
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 16:30:7d:1f:4e:2c:6a:e7:8e:5c:48:41:85:c9:6f
Serial Number (int): 115213999757597045607350998856485231
Serial Number lenght: 117 bits, 15 octets

SubjectKeyId: ab:8b:47:26:87:93:af:91:20:6d:ed:4a:38:a4:c3:15:5a:2e:52:1e
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 29:e3:b2:ec:93:94:90:14:bf:e7:c9:5b:f3:34:78:0c:1b:42:2e:22
Fingerprint (sha256): 09:29:48:46:2f:ec:a7:25:09:1e:ac:c7:0d:0b:97:33:4d:f9:17:e3:f7:f5:61:dd:a1:dd:27:f5:23:90:b9:3c

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate riels.northeastern.edu

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for riels.northeastern.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

riels.northeastern.edu
riels.neu.edu

Other certificates including the domain name northeastern.edu

(limited to 100 certificates)
damore-mckim.northeastern.edu
blackactivism.library.northeastern.edu
bouve.northeastern.edu
securedns2.planmygift.org
express.northeastern.edu
5640082467848192-fe3.pantheonsite.io
5640082467848192-fe3.pantheonsite.io
eventregistration.northeastern.edu
academicplan.northeastern.edu
llmonline.northeastern.edu
absn.northeastern.edu
5640082467848192-fe3.pantheonsite.io
5635949232914432-fe1.pantheonsite.io
amploadvance.com
express.northeastern.edu
cio.northeastern.edu
cancurecancer.northeastern.edu
arader.library.northeastern.edu
moniotrlab.ccis.northeastern.edu
sslvs06.igloosoftware.com
news.northeastern.edu
5640082467848192-fe3.pantheonsite.io
express.northeastern.edu
5640082467848192-fe3.pantheonsite.io
camd.northeastern.edu
servicedesk.gerkencompanies.com
c3helpdesk.c3insurance.com
kb.northeastern.edu
5725851488354304-fe3.pantheonsite.io
securedns2.planmygift.org
huskychat.northeastern.edu
5640082467848192-fe3.pantheonsite.io
communityimpact.northeastern.edu
accomplishments.northeastern.edu
5635949232914432-fe1.pantheonsite.io
ecda.northeastern.edu
n002.offcampuspartners.com
n002.offcampuspartners.com
www.academicplan.northeastern.edu
web.offcampuspartners.com
facilities.northeastern.edu
5635949232914432-fe1.pantheonsite.io
bishop.ccs.neu.edu
sslvs06.igloosoftware.com
ats.northeastern.edu
snpl.northeastern.edu
api.sail.northeastern.edu
ecda.northeastern.edu
plusone.northeastern.edu
5727270706610176-fe1.pantheonsite.io
alteryx.northeastern.edu
n002.offcampuspartners.com
testweb.neu.edu
myvisa.northeastern.edu
*.pearson-navigator.com
5725851488354304-fe3.pantheonsite.io
5725851488354304-fe3.pantheonsite.io
faculty.northeastern.edu
status.library.northeastern.edu
offcampus.northeastern.edu
news.northeastern.edu
amploadvance.com
5640082467848192-fe3.pantheonsite.io
pool02.nunet.neu.edu
nb4775.neu.edu
givingday.northeastern.edu
neche.northeastern.edu
magazine.northeastern.edu
amploadvance.com
careers.hrm.northeastern.edu
faculty.northeastern.edu
sslvs06.igloosoftware.com
5640082467848192-fe3.pantheonsite.io
huskyhelper.northeastern.edu
5640082467848192-fe3.pantheonsite.io
integrate.sail-demo.northeastern.edu
5725851488354304-fe3.pantheonsite.io
express.northeastern.edu
5640082467848192-fe3.pantheonsite.io
news.northeastern.edu
riels.northeastern.edu
ill.lib.neu.edu
5727270706610176-fe1.pantheonsite.io
5640082467848192-fe3.pantheonsite.io
nahant.northeastern.edu
5725851488354304-fe3.pantheonsite.io
geo.northeastern.edu
resdev.northeastern.edu
helpdesk.rdek.bc.ca
studentsupportinitiative.northeastern.edu
spectrumarchive.northeastern.edu
news.northeastern.edu
n002.offcampuspartners.com
n002.offcampuspartners.com
5727270706610176-fe1.pantheonsite.io
5635949232914432-fe1.pantheonsite.io
5725851488354304-fe3.pantheonsite.io
5727270706610176-fe1.pantheonsite.io
graduatecertsonline.northeastern.edu
securedns2.planmygift.org

Certificate

The complete raw certificate details for riels.northeastern.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHGzCCBgOgAwIBAgIPFjB9H04saueOXEhBhclvMA0GCSqGSIb3DQEBCwUAMHYx
CzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNSTESMBAGA1UEBxMJQW5uIEFyYm9yMRIw
EAYDVQQKEwlJbnRlcm5ldDIxETAPBgNVBAsTCEluQ29tbW9uMR8wHQYDVQQDExZJ
bkNvbW1vbiBSU0EgU2VydmVyIENBMB4XDTE5MDUzMDAwMDAwMFoXDTIxMDUyOTIz
NTk1OVowgb4xCzAJBgNVBAYTAlVTMQ4wDAYDVQQREwUwMjExNTELMAkGA1UECBMC
TUExDzANBgNVBAcTBkJvc3RvbjEcMBoGA1UECRMTMzYwIEh1bnRpbmd0b24gQXZl
LjEgMB4GA1UEChMXTm9ydGhlYXN0ZXJuIFVuaXZlcnNpdHkxIDAeBgNVBAsTF0lU
Uy1TUFMtU3lzdGVtIFNlcnZpY2VzMR8wHQYDVQQDExZyaWVscy5ub3J0aGVhc3Rl
cm4uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUHdpIO2+DhC
ZQH8LbR30eBCaer3CQf+6VqD3ozRMv82uY+lSJCASxl67ynOG2uTbIB8yKFnhzQ6
yy8qmholdKczaT7C6KiMV/umufj+e5No2y8Y/u3A/DFvm8cQ3zoJpdO06625nbIa
A3mMFAWOyAG0eDHgDqW5++vVMneLMLwG2r1608YRxRlIBj6AVm+p3EGE58MA+DXB
i2skAYlUebl/Xn3g30kUWC0DdLeRy2CmvMvpEjEJvVAfJ46ML6snC0orDFW4G+xP
BpYms+2aVHDcY7BWMZ84aBlIdM1vmqPKnv6zkU8dExBWTFJdoONv2VyLEeksi+n+
wHL4x+576wIDAQABo4IDWzCCA1cwHwYDVR0jBBgwFoAUHgWjd49sluJbh0umtIas
cQAM5zgwHQYDVR0OBBYEFKuLRyaHk6+RIG3tSjikwxVaLlIeMA4GA1UdDwEB/wQE
AwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjBnBgNVHSAEYDBeMFIGDCsGAQQBriMBBAMBATBCMEAGCCsGAQUFBwIBFjRodHRw
czovL3d3dy5pbmNvbW1vbi5vcmcvY2VydC9yZXBvc2l0b3J5L2Nwc19zc2wucGRm
MAgGBmeBDAECAjBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLmluY29tbW9u
LXJzYS5vcmcvSW5Db21tb25SU0FTZXJ2ZXJDQS5jcmwwdQYIKwYBBQUHAQEEaTBn
MD4GCCsGAQUFBzAChjJodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vSW5Db21tb25S
U0FTZXJ2ZXJDQV8yLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRy
dXN0LmNvbTAwBgNVHREEKTAnghZyaWVscy5ub3J0aGVhc3Rlcm4uZWR1gg1yaWVs
cy5uZXUuZWR1MIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdQC72d+8H4pxtZOU
I5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWsKbocrAAAEAwBGMEQCICVhvb9P2iFT
f7rpZtCBCoM7JFUuiyrwGT3F74zoYmkRAiABu3LZFl4LfMMQA7lyR7Nm0Qlodv2i
Ldq1M/tCBLL9VAB2AESUZS6w7s6vxEAH2Kj+KMDa5oK+2MsxtT/TM5a1toGoAAAB
awpuh00AAAQDAEcwRQIgcFGtdhHbsFCo89C1Gc2BSzXZwy9g9bQ7yLDG12QqV5wC
IQCjlJYbMnIc27hafqOQNcSJE3F52JMj1km7sfMw3SVOTwB3AG9Tdqwx8DEZ2JkA
pFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABawpuh0oAAAQDAEgwRgIhAMw/lkX2l6f0
Q2NYaVjvYAK/YDjWdawSUHnqyVFWXvQ4AiEA63c9f6/wnnpvd0Q40ArUZmEyynaA
LnTPxZ5PzXAyqAcwDQYJKoZIhvcNAQELBQADggEBABnFaONGceH0lPOeWjNuDj0E
cRyDnTtDChMUr+HBt4iFx6fHdS+LZqxb3cdd6AamF/Xv5VlULtqRzaA8sQ5hNc82
a5l/7oGpd10N/VJ/H6vgaZiDYPeXd5MjbIoRjKi8bXZ+dzEnak7Md6mx7mJlEWDh
zLGXY9M9VsUvBTqkpcoezRzNe2FNIAf2U0th8gGfee7vnEl1+d1vka5dRftqzkTb
vWaZMlf30nHxpWmBKkNExfrmv9AvPaZMRgEfoxg2YzUKiXv81/ZOUvAIovBatIPj
mcskTy6h46iYS/oZHYDNsq8NF5qzoDL2ZTnSJtDs6giHLFJFLYosUZSeh0gg7EQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUHdpIO2+DhCZQH8LbR3
0eBCaer3CQf+6VqD3ozRMv82uY+lSJCASxl67ynOG2uTbIB8yKFnhzQ6yy8qmhol
dKczaT7C6KiMV/umufj+e5No2y8Y/u3A/DFvm8cQ3zoJpdO06625nbIaA3mMFAWO
yAG0eDHgDqW5++vVMneLMLwG2r1608YRxRlIBj6AVm+p3EGE58MA+DXBi2skAYlU
ebl/Xn3g30kUWC0DdLeRy2CmvMvpEjEJvVAfJ46ML6snC0orDFW4G+xPBpYms+2a
VHDcY7BWMZ84aBlIdM1vmqPKnv6zkU8dExBWTFJdoONv2VyLEeksi+n+wHL4x+57
6wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 115213999757597045607350998856485231
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-30 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-05-29 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '02115'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Boston'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '360 Huntington Ave.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Northeastern University'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ITS-SPS-System Services'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'riels.northeastern.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21871706391470083306916130395998648978961595658756766293316076021414409211300782511384275977612637166457063200106228241115002530323746377781406302903844477459388925201307582767760640411612778885314815645494803957201707606469112109047436028212253243279894045133938880312364858731199075813503425165331283124952545547428713489747517506055471884538671457589511270625106063673536275779571102244652007132495465690731332549899801024081942077449874763474877255204835127130202865820031373111223295365930280085567353556915083720039191842380371984254407576088481966833224748042434472599308144410206714779992675416530241658452971
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ab8b47268793af91206ded4a38a4c3155a2e521e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (41 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'riels.northeastern.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'riels.neu.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007500bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016b0a6e872b000004030046304402202561bdbf4fda21537fbae966d0810a833b24552e8b2af0193dc5ef8ce8626911022001bb72d9165e0b7cc31003b97247b366d1096876fda22ddab533fb4204b2fd540076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016b0a6e874d000004030047304502207051ad7611dbb050a8f3d0b519cd814b35d9c32f60f5b43bc8b0c6d7642a579c022100a394961b32721cdbb85a7ea39035c489137179d89323d649bbb1f330dd254e4f0077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016b0a6e874a0000040300483046022100cc3f9645f697a7f44363586958ef6002bf6038d675ac125079eac951565ef438022100eb773d7faff09e7a6f774438d00ad4666132ca76802e74cfc59e4fcd7032a807
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0019c568e34671e1f494f39e5a336e0e3d04711c839d3b430a1314afe1c1b78885c7a7c7752f8b66ac5bddc75de806a617f5efe559542eda91cda03cb10e6135cf366b997fee81a9775d0dfd527f1fabe069988360f7977793236c8a118ca8bc6d767e7731276a4ecc77a9b1ee62651160e1ccb19763d33d56c52f053aa4a5ca1ecd1ccd7b614d2007f6534b61f2019f79eeef9c4975f9dd6f91ae5d45fb6ace44dbbd66993257f7d271f1a569812a4344c5fae6bfd02f3da64c46011fa3183663350a897bfcd7f64e52f008a2f05ab483e399cb244f2ea1e3a8984bfa191d80cdb2af0d179ab3a032f66539d226d0ecea08872c52452d8a2c51949e874820ec44