*.mint-dev.broadinstitute.org

- The Broad Institute of MIT and Harvard -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number b2:c2:44:88:75:29:a9:29:96:7a:cf:bd:ea:16:2b:2e was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

The Broad Institute of MIT and Harvard

Organization: The Broad Institute of MIT and Harvard
Organization unit: DSP
Address: 415 Main St.
Postal code: 02142
State / Province: MA
Locality: Cambridge
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): b2:c2:44:88:75:29:a9:29:96:7a:cf:bd:ea:16:2b:2e
Serial Number (int): 237611278855414043145148206449360775982
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 24:db:c9:01:8c:e8:c0:0b:23:79:a0:8d:85:95:37:0a:7c:92:37:50
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 6c:19:31:5b:0c:d1:f6:ea:43:4e:04:62:b4:65:23:0e:7d:5b:cf:c7
Fingerprint (sha256): 09:44:de:1a:d8:60:ff:e2:5c:ca:18:75:4e:46:c4:71:79:3d:d5:2d:d1:93:2e:56:39:9b:e8:4c:aa:85:85:4a

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate *.mint-dev.broadinstitute.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.mint-dev.broadinstitute.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.mint-dev.broadinstitute.org

Other certificates including the domain name broadinstitute.org

(limited to 100 certificates)
*.dsde-staging.broadinstitute.org
gpmocha01.broadinstitute.org
suffix.broadinstitute.org
duos.broadinstitute.org
vdesktop.broadinstitute.org
mercury.broadinstitute.org
risteys.broadinstitute.org
abbvie.ukbb.broadinstitute.org
bard.broadinstitute.org
*.dsde-prod.broadinstitute.org
portal.firecloud.org
itdev.broadinstitute.org
disclosure-dev.broadinstitute.org
software.broadinstitute.org
esrs-v3.broadinstitute.org
pan.ukbb.broadinstitute.org
cromwell.gp-cromwell-dev.broadinstitute.org
addrtest.broadinstitute.org
gpdevconfluence.broadinstitute.org
weblb-dev.broadinstitute.org
*.mint-stress.broadinstitute.org
omero.broadinstitute.org
secexplorer.dsp-appsec.broadinstitute.org
*.thescholr.com
*.dsde-prod.broadinstitute.org
radon.broadinstitute.org
*.thescholr.com
*.thescholr.com
mercurydev.broadinstitute.org
cda.cda-dev.broadinstitute.org
internal.ukbb.broadinstitute.org
*.thescholr.com
intranet.broadinstitute.org
gpbroad.broadinstitute.org
giving.broadinstitute.org
tufin.broadinstitute.org
github.broadinstitute.org
identity.broadinstitute.org
tufin.broadinstitute.org
coeus.broadinstitute.org
jujubes.broadinstitute.org
coolidge.broadinstitute.org
duos.broadinstitute.org
bod.broadinstitute.org
*.mint-dev.broadinstitute.org
ora-oemrep.broadinstitute.org
broadies.broadinstitute.org
*.dsde-prod.broadinstitute.org
su2c.broadinstitute.org
zebrafish.dsde-dev.broadinstitute.org
*.d8.theopenscholar.com
ibd-genetics.broadinstitute.org
identity.broadinstitute.org
1sum-701-n1-dwdm-415m.broadinstitute.org
lof.curation.broadinstitute.org
stash.broadinstitute.org
enigma.broadinstitute.org
jade-6.datarepo-integration.broadinstitute.org
sendit.broadinstitute.org
*.thescholr.com
cellstrainer.broadinstitute.org
*.d8.theopenscholar.com
space-dev.broadinstitute.org
bit-qa.broadinstitute.org
agora.dsde-prod.broadinstitute.org
320c-2102-c5-dwdm-415m.broadinstitute.org
bitstore.broadinstitute.org
covid-19-sequencing.broadinstitute.org
beehive.dsp-devops.broadinstitute.org
genomics.broadinstitute.org
confluence.broadinstitute.org
cloudaccounts-dev.broadinstitute.org
www.broadinstitute.org
slims.broadinstitute.org
crowdldap.broadinstitute.org
hscgp.broadinstitute.org
dpa.broadinstitute.org
transfer.broadinstitute.org
solwind.broadinstitute.org
dgx01.broadinstitute.org
duos.dsp-duos-prod.broadinstitute.org
www.broadinstitute.org
alkesgroup.broadinstitute.org
transfer.broadinstitute.org
gphub.broadinstitute.org
www.broadinstitute.org
firecloud.dsde-alpha.broadinstitute.org
support.terra.bio
firecloud.dsde-staging.broadinstitute.org
ladderstocures.broadinstitute.org
dotmatics-dev.broadinstitute.org
papers-dev.broadinstitute.org
slims-qa.broadinstitute.org
consent.dsde-dev.broadinstitute.org
unity.broadinstitute.org
intranet.broadinstitute.org
help.broadinstitute.org
idp.broadinstitute.org
*.thescholr.com
gatkforums.broadinstitute.org

Certificate

The complete raw certificate details for *.mint-dev.broadinstitute.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHEzCCBfugAwIBAgIRALLCRIh1KakplnrPveoWKy4wDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMTgwNzA2MDAwMDAwWhcNMjAwNzA1
MjM1OTU5WjCBvDELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTAyMTQyMQswCQYDVQQI
EwJNQTESMBAGA1UEBxMJQ2FtYnJpZGdlMRUwEwYDVQQJEww0MTUgTWFpbiBTdC4x
LzAtBgNVBAoTJlRoZSBCcm9hZCBJbnN0aXR1dGUgb2YgTUlUIGFuZCBIYXJ2YXJk
MQwwCgYDVQQLEwNEU1AxJjAkBgNVBAMMHSoubWludC1kZXYuYnJvYWRpbnN0aXR1
dGUub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyD61/ygNpd1
JxZ1zlyHew9jZ3hyEtWiCQKPgSF4PEbajG1TugIU4EhryWZ/lm5mpl96pCXKE+Xn
IQ0FNphksvO6idUZi2HanhMYOAu2KTsIwnEuO7mK90ufHia0ojWoA5gnd0J8jqu/
xxyUmyaHGhL0GNzj+Qtj4LvCGfcpqkESJnPkjSZhLX6mZqbRQeQqzJ4a7ePubham
GKyibJtbGEk0qfMct3HSEKNJqbD7qWuu+sIj+WtQSJmY86H+ODGb94FH0DR5zejX
kec5DxNV195XU4Tyf7YPZ42mZFIc3erAPrFDQPuHslC7XpbZEt+ZkhxesNh57T0W
tGh5WGDYeQIDAQABo4IDUzCCA08wHwYDVR0jBBgwFoAUHgWjd49sluJbh0umtIas
cQAM5zgwHQYDVR0OBBYEFCTbyQGM6MALI3mgjYWVNwp8kjdQMA4GA1UdDwEB/wQE
AwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjBnBgNVHSAEYDBeMFIGDCsGAQQBriMBBAMBATBCMEAGCCsGAQUFBwIBFjRodHRw
czovL3d3dy5pbmNvbW1vbi5vcmcvY2VydC9yZXBvc2l0b3J5L2Nwc19zc2wucGRm
MAgGBmeBDAECAjBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLmluY29tbW9u
LXJzYS5vcmcvSW5Db21tb25SU0FTZXJ2ZXJDQS5jcmwwdQYIKwYBBQUHAQEEaTBn
MD4GCCsGAQUFBzAChjJodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vSW5Db21tb25S
U0FTZXJ2ZXJDQV8yLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRy
dXN0LmNvbTAoBgNVHREEITAfgh0qLm1pbnQtZGV2LmJyb2FkaW5zdGl0dXRlLm9y
ZzCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHUA7ku9t3XOYLrhQmkfq+GeZqMP
fl+wctiDAMR7iXqo/csAAAFkcQSrEAAABAMARjBEAiArPc3yyYo+7x/hZtVcZ2/K
oeQJklSSY+wfwvCPn+maJgIgDVV5b2edlAi1pWqwlH3i5vn3jTGcvzp2q5zmWbhT
Y0wAdwBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAWRxBSI7AAAE
AwBIMEYCIQDab/BpmeSmCG+PXTeRHXGl9XxOUcZWTrLBSjEqmCfw6gIhAODAVEoW
UcCW02DLwECLaBoriUfMRn/TPEQI6aGCEZ6rAHYAVYHUwhaQNgFK6gubVzxT8MDk
OHhwJQgXL6OqHQcT0wwAAAFkcQSrNQAABAMARzBFAiBJ3ZcaJgrztdkW/oOTWqNy
JU3i7UbU3YYemDRCbT4LBAIhAM42IG7rl+J9OHMCIxRfb1K+ugmythRlTbVzG4Ph
J0MUMA0GCSqGSIb3DQEBCwUAA4IBAQCLUgjISEHIKLBd6sjJzaW2CW4orIiBHGWZ
jvUPCkt1WBeulQuTKln/1rB/n6O4o6v2x//kFHqUXhEBFjhFcAm3HITumq+UhaAG
cy257X51Wi67F5W6iFB48aHqqcHg8ZHHezxTJfOrV158N5isFY8H8s9NmIrJOKqw
pKyjTSje3g9mGcz0Y/ULNdlDs4O8gopCmt0jSj18XAv+4Y9CGSPeHadjnYidUoaS
qoP51H1CPBQqPTEd6WCjEt2hCbQ5UHG0Jkf2w++ZT5QOlJo8Vz2kHgH9Kf925eSj
tiezeDNKcBGg9esb0I6YgtABGmHielsYV8SKBPvI1WuygZYTxJ6x
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyD61/ygNpd1JxZ1zlyH
ew9jZ3hyEtWiCQKPgSF4PEbajG1TugIU4EhryWZ/lm5mpl96pCXKE+XnIQ0FNphk
svO6idUZi2HanhMYOAu2KTsIwnEuO7mK90ufHia0ojWoA5gnd0J8jqu/xxyUmyaH
GhL0GNzj+Qtj4LvCGfcpqkESJnPkjSZhLX6mZqbRQeQqzJ4a7ePubhamGKyibJtb
GEk0qfMct3HSEKNJqbD7qWuu+sIj+WtQSJmY86H+ODGb94FH0DR5zejXkec5DxNV
195XU4Tyf7YPZ42mZFIc3erAPrFDQPuHslC7XpbZEt+ZkhxesNh57T0WtGh5WGDY
eQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 237611278855414043145148206449360775982
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-07-05 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '02142'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cambridge'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '415 Main St.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Broad Institute of MIT and Harvard'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DSP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.mint-dev.broadinstitute.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23622826002859410944973033730822802273112015235619584274685258165474074980066362315767962670910859155938435059487104642727432454999101263718331595754878533454875241894426586575408008344711481107475486921025756233866363045107025181257838284510913111224344683242526713359952874555162012918459465550619805446891574015310970759102687746125357111389321122316564912513755582242618441126596698065734339327011401420760021675351573088546666108368349104716898656622225650233130303930748038397379532036754086946876835425062999957856210583015341434301431744382157638912171969215872563577249367087294290799477762769785156551104633
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							24dbc9018ce8c00b2379a08d8595370a7c923750
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mint-dev.broadinstitute.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb000001647104ab10000004030046304402202b3dcdf2c98a3eef1fe166d55c676fcaa1e40992549263ec1fc2f08f9fe99a2602200d55796f679d9408b5a56ab0947de2e6f9f78d319cbf3a76ab9ce659b853634c0077005ea773f9df56c0e7b536487dd049e0327a919a0c84a112128418759681714558000001647105223b0000040300483046022100da6ff06999e4a6086f8f5d37911d71a5f57c4e51c6564eb2c14a312a9827f0ea022100e0c0544a1651c096d360cbc0408b681a2b8947cc467fd33c4408e9a182119eab0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001647104ab350000040300473045022049dd971a260af3b5d916fe83935aa372254de2ed46d4dd861e9834426d3e0b04022100ce36206eeb97e27d38730223145f6f52beba09b2b614654db5731b83e1274314
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008b5208c84841c828b05deac8c9cda5b6096e28ac88811c65998ef50f0a4b755817ae950b932a59ffd6b07f9fa3b8a3abf6c7ffe4147a945e11011638457009b71c84ee9aaf9485a006732db9ed7e755a2ebb1795ba885078f1a1eaa9c1e0f191c77b3c5325f3ab575e7c3798ac158f07f2cf4d988ac938aab0a4aca34d28dede0f6619ccf463f50b35d943b383bc828a429add234a3d7c5c0bfee18f421923de1da7639d889d528692aa83f9d47d423c142a3d311de960a312dda109b4395071b42647f6c3ef994f940e949a3c573da41e01fd29ff76e5e4a3b627b378334a7011a0f5eb1bd08e9882d0011a61e27a5b1857c48a04fbc8d56bb2819613c49eb1