cmseos517.fnal.gov
- Fermi Research Alliance -
Issued by InCommon IGTF Server CA
About this certificate
This digital certificate with serial number ec:dd:fe:0f:62:f2:09:2d:ab:0a:55:b3:38:d3:f8:2c was issued on by Internet2.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Fermi Research Alliance
Organization:
Fermi Research Alliance
Organization unit: Fermilab
Organization unit: Fermilab
State / Province:
Illinois
Country: US
Country: US
Internet2
Organization:
Internet2
Organization unit: InCommon
Organization unit: InCommon
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): ec:dd:fe:0f:62:f2:09:2d:ab:0a:55:b3:38:d3:f8:2cSerial Number (int): 314850457562060242504021596117442754604
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 47:5d:84:df:2d:d2:89:03:29:fb:ed:df:ce:14:7d:58:1f:82:7b:50
AuthorityKeyId: 61:e6:5f:c9:27:ba:40:f8:ec:28:06:f3:89:32:5a:56:5f:e2:8e:d1
Fingerprint (sha1): b9:80:4a:20:22:9b:31:da:ea:55:2f:d8:24:fb:09:0a:08:62:b5:b2
Fingerprint (sha256): 0a:31:7a:ab:6b:fc:07:47:f4:9c:e8:9d:09:69:71:10:8c:6d:f7:fe:cc:1d:86:cf:70:db:98:f7:e3:10:ff:ad
Issuing Certificate URL: http://crt.incommon-igtf.org/InCommonIGTFServerCA.crt
Revocation information
OCSP Server: http://ocsp.incommon-igtf.orgCRL Distribution Point: http://crl.incommon-igtf.org/InCommonIGTFServerCA.crl
Check the revocation status for certificate cmseos517.fnal.gov
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cmseos517.fnal.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Data Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cmseos517.fnal.gov
Other certificates including the domain name fnal.gov
(limited to 100 certificates)
uboonepro-uboonegpvm01.fnal.gov
gpce03.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
stkendca71a.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
lpcschedd3.fnal.gov
samwebgpvm03.fnal.gov
ftdc2.fermitest.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
pubstor2231.fnal.gov
*.fnal.gov
nsexpe2.fnal.gov
cmsstor341.fnal.gov
*.fnal.gov
uhosts.fnal.gov
www-bss.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmssi-factory02.fnal.gov
*.fnal.gov
uhosts.fnal.gov
fermi-rsa-2.fnal.gov
*.fnal.gov
cmseos-tf1103.fnal.gov
rcds01.fnal.gov
*.fnal.gov
*.fnal.gov
ssiadmin3.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos511.fnal.gov
uhosts.fnal.gov
fcdfcache122.fnal.gov
*.fnal.gov
*.fnal.gov
cmssrv628.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
cmseos1144.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
icaruspro-icarusgpvm01.fnal.gov
cmsstor907.fnal.gov
*.fnal.gov
*.fnal.gov
fifeutilgpvm01.fnal.gov
fermicloud527.fnal.gov
*.fnal.gov
*.fnal.gov
fndcaitb1.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos-if1102.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
fermicloud363.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos517.fnal.gov
rcodegpvm02.fnal.gov
cmseos56.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
accelaipro-accelaigpvm01.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos34.fnal.gov
fndca5b.fnal.gov
*.fnal.gov
lariatpro-lariatsamgpvm01.fnal.gov
*.fnal.gov
gpce03.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
stkendca71a.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
lpcschedd3.fnal.gov
samwebgpvm03.fnal.gov
ftdc2.fermitest.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
pubstor2231.fnal.gov
*.fnal.gov
nsexpe2.fnal.gov
cmsstor341.fnal.gov
*.fnal.gov
uhosts.fnal.gov
www-bss.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmssi-factory02.fnal.gov
*.fnal.gov
uhosts.fnal.gov
fermi-rsa-2.fnal.gov
*.fnal.gov
cmseos-tf1103.fnal.gov
rcds01.fnal.gov
*.fnal.gov
*.fnal.gov
ssiadmin3.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos511.fnal.gov
uhosts.fnal.gov
fcdfcache122.fnal.gov
*.fnal.gov
*.fnal.gov
cmssrv628.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
cmseos1144.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
icaruspro-icarusgpvm01.fnal.gov
cmsstor907.fnal.gov
*.fnal.gov
*.fnal.gov
fifeutilgpvm01.fnal.gov
fermicloud527.fnal.gov
*.fnal.gov
*.fnal.gov
fndcaitb1.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos-if1102.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
fermicloud363.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos517.fnal.gov
rcodegpvm02.fnal.gov
cmseos56.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
accelaipro-accelaigpvm01.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos34.fnal.gov
fndca5b.fnal.gov
*.fnal.gov
lariatpro-lariatsamgpvm01.fnal.gov
*.fnal.gov
Certificate
The complete raw certificate details for cmseos517.fnal.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGozCCBYugAwIBAgIRAOzd/g9i8gktqwpVszjT+CwwDQYJKoZIhvcNAQELBQAw VjELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5D b21tb24xIDAeBgNVBAMTF0luQ29tbW9uIElHVEYgU2VydmVyIENBMB4XDTIxMTIx NDAwMDAwMFoXDTIzMDExMzIzNTk1OVowgaExEzARBgoJkiaJk/IsZAEZFgNvcmcx GDAWBgoJkiaJk/IsZAEZFghpbmNvbW1vbjELMAkGA1UEBhMCVVMxETAPBgNVBAgT CElsbGlub2lzMSAwHgYDVQQKExdGZXJtaSBSZXNlYXJjaCBBbGxpYW5jZTERMA8G A1UECxMIRmVybWlsYWIxGzAZBgNVBAMTEmNtc2VvczUxNy5mbmFsLmdvdjCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK0FXRE+d5mWrSb2WJqqWxan21aW di27swaAQ6OC2DiNsw2D03YRKhtjVxcXsjR3Ltjz5yv9BMDW3qxlGH0w6wPy7uia EfqrG5ZcMF249AfhJeB+OCulwaPxT3qnvTWSn0XW5a28W9p+NoL3+M5X/ZCAaggL SpiG6A0i7nmv9E6mB2liir3zHPpP1uXJgTPlzMpbNib5Jf6itjt5MBHNTt0SCS8d 8ULjUBSvgmUnQzAclgQMd4dwWo/TrN/zADaVJayioL/dyNiQ6g3NHkr4MCeDlWSt ov0E1kCz9RhuFJ3PExIs2JPiqzdMDXmNMQKitMPdFa8XcWNqOmoathJIhyMCAwEA AaOCAx4wggMaMB8GA1UdIwQYMBaAFGHmX8knukD47CgG84kyWlZf4o7RMB0GA1Ud DgQWBBRHXYTfLdKJAyn77d/OFH1YH4J7UDAOBgNVHQ8BAf8EBAMCBLAwDAYDVR0T AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwMgYDVR0gBCsw KTAPBg0rBgEEAa4jAQQDBAEBMAwGCiqGSIb3TAUCAgEwCAYGZ4EMAQICMEYGA1Ud HwQ/MD0wO6A5oDeGNWh0dHA6Ly9jcmwuaW5jb21tb24taWd0Zi5vcmcvSW5Db21t b25JR1RGU2VydmVyQ0EuY3JsMHwGCCsGAQUFBwEBBHAwbjBBBggrBgEFBQcwAoY1 aHR0cDovL2NydC5pbmNvbW1vbi1pZ3RmLm9yZy9JbkNvbW1vbklHVEZTZXJ2ZXJD QS5jcnQwKQYIKwYBBQUHMAGGHWh0dHA6Ly9vY3NwLmluY29tbW9uLWlndGYub3Jn MIIBgAYKKwYBBAHWeQIEAgSCAXAEggFsAWoAdgCt9776fP8QyIudPZwePhhqtGcp Xc+xDCTKhYY069yCigAAAX26hw0iAAAEAwBHMEUCIQCQttukGVXqTQ86tRVFirBh Xfrxl+ptDJQrxkOpCb4azAIgJQcYPYmbivMMYxEKbwBgQlc6a3DEhp8WLWKu1844 MA4AdwB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAX26hwzXAAAE AwBIMEYCIQDnxhk030Xr/ih64UpDsMEzvYK2jbuTJwhCxNmqvigEawIhAOzKCPsb luLcP/TgPjN7o6V8cPw73+qKGUOKJkMePXKGAHcA6D7Q2j71BjUy51covIlryQPT y9ERa+zraeF3fW0GvW4AAAF9uocMugAABAMASDBGAiEA+4kmsitEdI1mzChDRi6h ihgno3wrBcqeqFe++euidUsCIQCzs/b1uIwNMKHP4QXSAhvpG+A3PIEzlAi5ioq6 vvKpyzAdBgNVHREEFjAUghJjbXNlb3M1MTcuZm5hbC5nb3YwDQYJKoZIhvcNAQEL BQADggEBACifwNJdF8gWc/bTqFcD/9H0tIx9EyuBkW85Zkl5ewjWoPRXicPfndIf FVeVVAnTIeT4Q5ZfZuLM3m3N6xLhq4PfD4uLZhrFRaxkrlgmu0QjvLKUN60OJzVd Ep2LzbumMnfwO0zMTX2TtTXCH/mGYbq/Q63Oz5UC8WMn7mZIaTWbIJK9byxhclgn Vt+tj4yblQ3GxlhcdSB1ky19++UITuwFlhPw+Jp3KiM0Le+i1+RSy5lllAgQEyIN 7NkxuDKawgzHbeB6C0rLDHbaw6kC8z2307h1fWQBbaSL8p3RxWXqtLA6sGYavsrk sPMIWFwfUQIsq88Ekn3tE9WZUo+XWOY= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQVdET53mZatJvZYmqpb FqfbVpZ2LbuzBoBDo4LYOI2zDYPTdhEqG2NXFxeyNHcu2PPnK/0EwNberGUYfTDr A/Lu6JoR+qsbllwwXbj0B+El4H44K6XBo/FPeqe9NZKfRdblrbxb2n42gvf4zlf9 kIBqCAtKmIboDSLuea/0TqYHaWKKvfMc+k/W5cmBM+XMyls2Jvkl/qK2O3kwEc1O 3RIJLx3xQuNQFK+CZSdDMByWBAx3h3Baj9Os3/MANpUlrKKgv93I2JDqDc0eSvgw J4OVZK2i/QTWQLP1GG4Unc8TEizYk+KrN0wNeY0xAqK0w90VrxdxY2o6ahq2EkiH IwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 314850457562060242504021596117442754604 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon IGTF Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-14 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-13 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'org' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'incommon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Illinois' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Fermi Research Alliance' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Fermilab' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cmseos517.fnal.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21841871621433712050805031819731684930183777850937985676458114932214070208791626566539599938471002654485826931067439412811808149723232020373471826536064464228293029454878724234883929579125782223383456742683464400082657742119894987832910026301313770623212378299376793550603610681116044991460994738152858380698499343679888715375172131931463519736155993999317910922254471048937958673351440317969755428129058453714550948800400712392589534756853184466424242119675707825845758979230222632237039227421189431841805219072434346966192169161982086935829534800793884817415031402786721287163584373296847146917703269332114335106851 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 61e65fc927ba40f8ec2806f389325a565fe28ed1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 475d84df2dd2890329fbeddfce147d581f827b50 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits) 04b0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (43 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.4.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113612.5.2.2.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (63 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-igtf.org/InCommonIGTFServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.incommon-igtf.org/InCommonIGTFServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.incommon-igtf.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017dba870d22000004030047304502210090b6dba41955ea4d0f3ab515458ab0615dfaf197ea6d0c942bc643a909be1acc02202507183d899b8af30c63110a6f006042573a6b70c4869f162d62aed7ce38300e0077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000017dba870cd70000040300483046022100e7c61934df45ebfe287ae14a43b0c133bd82b68dbb93270842c4d9aabe28046b022100ecca08fb1b96e2dc3ff4e03e337ba3a57c70fc3bdfea8a19438a26431e3d7286007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017dba870cba0000040300483046022100fb8926b22b44748d66cc2843462ea18a1827a37c2b05ca9ea857bef9eba2754b022100b3b3f6f5b88c0d30a1cfe105d2021be91be0373c81339408b98a8ababef2a9cb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmseos517.fnal.gov' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00289fc0d25d17c81673f6d3a85703ffd1f4b48c7d132b81916f396649797b08d6a0f45789c3df9dd21f1557955409d321e4f843965f66e2ccde6dcdeb12e1ab83df0f8b8b661ac545ac64ae5826bb4423bcb29437ad0e27355d129d8bcdbba63277f03b4ccc4d7d93b535c21ff98661babf43adcecf9502f16327ee664869359b2092bd6f2c6172582756dfad8f8c9b950dc6c6585c752075932d7dfbe5084eec059613f0f89a772a23342defa2d7e452cb996594081013220decd931b8329ac20cc76de07a0b4acb0c76dac3a902f33db7d3b8757d64016da48bf29dd1c565eab4b03ab0661abecae4b0f308585c1f51022cabcf04927ded13d599528f9758e6