bmb.uchospitals.edu

- University of Chicago -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number e5:93:0f:40:85:2c:87:d1:45:64:10:a0:68:dc:a6:e2 was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of Chicago

Organization: University of Chicago
Organization unit: The University of Chicago Medical Center
Address: 5801 South Ellis Avenue
Postal code: 60637
State / Province: IL
Locality: Chicago
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): e5:93:0f:40:85:2c:87:d1:45:64:10:a0:68:dc:a6:e2
Serial Number (int): 305156788020912150666486541359087658722
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 3a:88:19:e6:e8:8a:1f:32:17:c1:14:91:c1:3d:ad:07:6f:95:40:af
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): ba:85:ab:ca:04:7b:71:4d:34:f8:86:6a:91:ca:86:13:52:5f:6f:7d
Fingerprint (sha256): 0d:d6:95:0e:ec:40:20:d2:10:3f:56:d7:cb:06:12:5a:d4:db:56:f3:94:6f:3c:c6:b0:e9:6e:46:5d:c3:f9:d1

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate bmb.uchospitals.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for bmb.uchospitals.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bmb.uchospitals.edu

Other certificates including the domain name uchospitals.edu

(limited to 100 certificates)
tls.automattic.com
interconapps-test.uchospitals.edu
incapsula.com
social.learning.uchospitals.edu
ocps.uchospitals.edu
gatekeeper4.uchospitals.edu
uchapps.uchad.uchospitals.edu
mail.uchospitals.edu
identity.uchospitals.edu
vsp.uchospitals.edu
wdprd6a.uchospitals.edu
tls.automattic.com
dw7epint02.uchad.uchospitals.edu
nids-qip.uchospitals.edu
carelinktest.uchospitals.edu
apidb02drn.uchad.uchospitals.edu
tls.automattic.com
dw2cccweb01.uchad.uchospitals.edu
interconapps.uchospitals.edu
tls.automattic.com
soagateway.uchospitals.edu
www-test.uchospitals.edu
expressionengine.uchicago.edu
dw4epcla01.uchad.uchospitals.edu
bmb.uchospitals.edu
tls.automattic.com
incapsula.com
inteconapps-test.uchospitals.edu
mail.uchospitals.edu
securemail.uchospitals.edu
mycharttst.uchospitals.edu
www.uchospitals.edu
dw4bxap01.uchad.uchospitals.edu
uchicagoapps.uchad.uchospitals.edu
bsc.uchad.uchospitals.edu
bsdsentry.uchospitals.edu
mail.uchospitals.edu
interconprod.ha.uchospitals.edu
expressionengine.uchicago.edu
mycharttest.uchospitals.edu
dl2lms01.uchospitals.edu
spwfepr01dar.uchad.uchospitals.edu
tls.automattic.com
sciencelife.uchospitals.edu
radpics.uchad.uchospitals.edu
tls.automattic.com
cw4mpall.uchad.uchospitals.edu
dw2epcla01.uchad.uchospitals.edu
jss.uchospitals.edu
ccdd1w9enf01.uchad.uchospitals.edu
uchicagoapps.uchad.uchospitals.edu
obixappts01ccd.uchad.uchospitals.edu
webapps.uchospitals.edu
honestbroker.uchospitals.edu
molbio.uchospitals.edu
intercondev.uchad.uchospitals.edu
cw2iscvcsql01.uchad.uchospitals.edu
bsdsentry.uchospitals.edu
wordpress.uchospitals.edu
webapps.uchospitals.edu
mail.uchospitals.edu
incapsula.com
bsdsentry.uchospitals.edu
incapsula.com
tls.automattic.com
sciencelife.uchospitals.edu
kuiper.uchad.uchospitals.edu
incapsula.com
webapps.uchospitals.edu
www.uchospitals.edu
identitydev.uchospitals.edu
nursing.uchospitals.edu
www.uchicagomedicine.org
incapsula.com
tls.automattic.com
icdmzpr01dar.uchad.uchospitals.edu
ca2trap01.uchospitals.edu
bcstest.uchad.uchospitals.edu
www.uchospitals.edu
incapsula.com
www.uchospitals.edu
incapsula.com
wordpress.uchospitals.edu
tls.automattic.com
incapsula.com
mail.uchospitals.edu
incapsula.com
ccdd1w9enf01.uchad.uchospitals.edu
dw4epcla01.uchad.uchospitals.edu
dw4bxap01.uchad.uchospitals.edu
d169l1trbo01.uchospitals.edu
incapsula.com
expressionengine.uchicago.edu
interconapps-test.uchospitals.edu
ca2trap01.uchospitals.edu
incapsula.com
mail.uchospitals.edu
ingallsestubtest.uchospitals.edu
obixfmdmts01ccd.uchad.uchospitals.edu
dw2cccweb01.uchad.uchospitals.edu

Certificate

The complete raw certificate details for bmb.uchospitals.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHGzCCBgOgAwIBAgIRAOWTD0CFLIfRRWQQoGjcpuIwDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMTkwNTI4MDAwMDAwWhcNMjEwNTI3
MjM1OTU5WjCBzzELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTYwNjM3MQswCQYDVQQI
EwJJTDEQMA4GA1UEBxMHQ2hpY2FnbzEgMB4GA1UECRMXNTgwMSBTb3V0aCBFbGxp
cyBBdmVudWUxHjAcBgNVBAoTFVVuaXZlcnNpdHkgb2YgQ2hpY2FnbzExMC8GA1UE
CxMoVGhlIFVuaXZlcnNpdHkgb2YgQ2hpY2FnbyBNZWRpY2FsIENlbnRlcjEcMBoG
A1UEAxMTYm1iLnVjaG9zcGl0YWxzLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANr+WTjw0jnWSzT8o4zI4XsZUTM2836C8eWhgahUpFFMkPSxVnur
JGuIi5V/UPV5qkEI8ojtyl57YPwSLr7mFFT5XKlqRL7neCY4UCthOHExvz2rltDe
N5vdPSPckDaszchKOJgeCxuP1YbdVhtIe1QP97FL4mN1DdrtDWkD/LD0OZVATxxu
zyAhNqG1kUOvX38q13xJr6E6qsnuFbIOUYdbFEyndCl+sKgLtwdHNm/2cRhUIWS5
CUs+CGmzVX+0GDnz9L1PtJBNIbpVrCEMgS/s6nkd2Q6KKiViv8MyvopI4erEi8JX
tBX+YjIpvJBSHHFg/cgM4WwGvPx7q4QqOZsCAwEAAaOCA0gwggNEMB8GA1UdIwQY
MBaAFB4Fo3ePbJbiW4dLprSGrHEADOc4MB0GA1UdDgQWBBQ6iBnm6IofMhfBFJHB
Pa0Hb5VArzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwZwYDVR0gBGAwXjBSBgwrBgEEAa4jAQQDAQEw
QjBABggrBgEFBQcCARY0aHR0cHM6Ly93d3cuaW5jb21tb24ub3JnL2NlcnQvcmVw
b3NpdG9yeS9jcHNfc3NsLnBkZjAIBgZngQwBAgIwRAYDVR0fBD0wOzA5oDegNYYz
aHR0cDovL2NybC5pbmNvbW1vbi1yc2Eub3JnL0luQ29tbW9uUlNBU2VydmVyQ0Eu
Y3JsMHUGCCsGAQUFBwEBBGkwZzA+BggrBgEFBQcwAoYyaHR0cDovL2NydC51c2Vy
dHJ1c3QuY29tL0luQ29tbW9uUlNBU2VydmVyQ0FfMi5jcnQwJQYIKwYBBQUHMAGG
GWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wHgYDVR0RBBcwFYITYm1iLnVjaG9z
cGl0YWxzLmVkdTCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHUAu9nfvB+KcbWT
lCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFq/uZ8SwAABAMARjBEAiACxyE2onNs
SfTWdyDcHi6HOLy4lTdgy1os5P3ApBWDXwIgNIFUTeakoW5cbvmPKsx+KG8GGKSz
pn/Tk3APOG42YFwAdQBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/0zOWtbaBqAAA
AWr+5nx5AAAEAwBGMEQCIBNvijIKe4k8s1gCYoVmhwUN6heIEnjELf5H0Jc138nG
AiB6sAGdDaUGf3Q5aHcBVmCrSyo1ZXL6ZoU36EVACOCeGAB3AG9Tdqwx8DEZ2JkA
pFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABav7mfL0AAAQDAEgwRgIhAJ9QRYiTSJvF
bt94338QbOMsQnmaMsYJ5cZMmOOIXDYwAiEA1c/rcbNJuM3RuYPchAA/AbFUwwU/
vGclaKwnS4/r0uQwDQYJKoZIhvcNAQELBQADggEBADwa5pO2E2v/VIY6zx2WVCFR
zd9FI56L4H8Jkd9BqPJ6GhopBIHoz5pEyTU2ZxThfSH8PhcC0GPsBKVzeH/LAe2V
mRx7B5ZaN15TIn62PIb/e12E4cdRsGJHdEL+N8zv196c501MswfTEPugumB9C1yD
dMuoxtvJsLEFUm3yzvIlkzdsoKFopadYtD/pSNMGbCJCOCMUlyizD1TtIZNdkrAo
IY6nEjBqe6RFVG8P9pTo59beObkofJF/H738hd3FcFCQwj14GLMG1FI1bDmYu6UL
MKlNJHLz0ybjBA13U/2/Iyt5rW9Pq64jQ/lDTA5cZ8DWGDQRY2XM90KdX4nXB+c=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2v5ZOPDSOdZLNPyjjMjh
exlRMzbzfoLx5aGBqFSkUUyQ9LFWe6ska4iLlX9Q9XmqQQjyiO3KXntg/BIuvuYU
VPlcqWpEvud4JjhQK2E4cTG/PauW0N43m909I9yQNqzNyEo4mB4LG4/Vht1WG0h7
VA/3sUviY3UN2u0NaQP8sPQ5lUBPHG7PICE2obWRQ69ffyrXfEmvoTqqye4Vsg5R
h1sUTKd0KX6wqAu3B0c2b/ZxGFQhZLkJSz4IabNVf7QYOfP0vU+0kE0hulWsIQyB
L+zqeR3ZDooqJWK/wzK+ikjh6sSLwle0Ff5iMim8kFIccWD9yAzhbAa8/HurhCo5
mwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 305156788020912150666486541359087658722
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-28 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-05-27 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '60637'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chicago'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '5801 South Ellis Avenue'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of Chicago'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The University of Chicago Medical Center'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bmb.uchospitals.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27645374414939715326688957547068209596992199347497433108893185921662564144648660998061461801191984754050320106534304316235204421394742965843406391467313104276723746823278759740239961280679307435097693541452469036709675104187380614287410800606016803075521671682122980601267686782323354876142491890799724560257884228929165239494708126131110777459330910586369097706019124776430996600342390701126098537056336588754338844486094779329098501630584732128145915195868517779607965782012527664402400963003690378034496065952259899953675600708212973238130477150861788156402264506062203162862697700796539897245761672394362734655899
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3a8819e6e88a1f3217c11491c13dad076f9540af
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bmb.uchospitals.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016afee67c4b0000040300463044022002c72136a2736c49f4d67720dc1e2e8738bcb8953760cb5a2ce4fdc0a415835f02203481544de6a4a16e5c6ef98f2acc7e286f0618a4b3a67fd393700f386e36605c0075004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016afee67c7900000403004630440220136f8a320a7b893cb3580262856687050dea17881278c42dfe47d09735dfc9c602207ab0019d0da5067f74396877015660ab4b2a356572fa668537e8454008e09e180077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016afee67cbd00000403004830460221009f50458893489bc56edf78df7f106ce32c42799a32c609e5c64c98e3885c3630022100d5cfeb71b349b8cdd1b983dc84003f01b154c3053fbc672568ac274b8febd2e4
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003c1ae693b6136bff54863acf1d96542151cddf45239e8be07f0991df41a8f27a1a1a290481e8cf9a44c935366714e17d21fc3e1702d063ec04a573787fcb01ed95991c7b07965a375e53227eb63c86ff7b5d84e1c751b062477442fe37ccefd7de9ce74d4cb307d310fba0ba607d0b5c8374cba8c6dbc9b0b105526df2cef22593376ca0a168a5a758b43fe948d3066c22423823149728b30f54ed21935d92b028218ea712306a7ba445546f0ff694e8e7d6de39b9287c917f1fbdfc85ddc5705090c23d7818b306d452356c3998bba50b30a94d2472f3d326e3040d7753fdbf232b79ad6f4fabae2343f9434c0e5c67c0d61834116365ccf7429d5f89d707e7