enterprise.vpn.unh.edu

- University of New Hampshire -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 1e:7e:4b:b2:5c:28:14:1e:1f:5b:77:2f:c0:da:73:cd was issued on by Internet2.

With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of New Hampshire

Organization: University of New Hampshire
Organization unit: IT Telecommunications
Address: 105 Main Street
Postal code: 03824
State / Province: New Hampshire
Locality: Durham
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 1e:7e:4b:b2:5c:28:14:1e:1f:5b:77:2f:c0:da:73:cd
Serial Number (int): 40532604589577138821982783819459752909
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: 41:a1:85:e3:45:b7:79:21:8a:f1:7c:6a:a6:ab:08:4e:51:69:b0:38
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 16:b7:b6:40:66:eb:0f:fa:67:c6:b2:cb:ad:c3:ec:12:6a:a7:53:5c
Fingerprint (sha256): 0d:f6:fc:e0:a2:ca:6f:0e:47:a3:b3:1b:0b:e2:97:3d:b7:9b:27:ed:d1:30:9a:12:4b:ae:54:0e:73:43:fd:02

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate enterprise.vpn.unh.edu

8

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for enterprise.vpn.unh.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

enterprise.vpn.unh.edu
operations.vpn.unh.edu
venture1-40.vpn.unh.edu
venture1-control.vpn.unh.edu
venture1.vpn.unh.edu
venture2-40.vpn.unh.edu
venture2-control.vpn.unh.edu
venture2.vpn.unh.edu

Other certificates including the domain name unh.edu

(limited to 100 certificates)
oak.cs.unh.edu
law.unh.edu
graddevserver.unh.edu
prominence.unh.edu
dpdkdashboard.iol.unh.edu
fammob-test1.unh.edu
media.unh.edu
zeke.sr.unh.edu
leaf.sr.unh.edu
klima.sr.unh.edu
zeke.sr.unh.edu
atcirculation.unh.edu
q.sr.unh.edu
nicldb.unh.edu
ddc.unh.edu
cipher2.unh.edu
wwdrii.sr.unh.edu
*.libproxy.unh.edu
webapps.unh.edu
hcgs.unh.edu
library.unh.edu
apply.unh.edu
wintermute.sr.unh.edu
litwebsitedev.unh.edu
webauthdev.unh.edu
jointagencyvm.sr.unh.edu
tcpalo4-1-mgmt.unh.edu
idmdev.unh.edu
collegiatelink.studentvoice.com
at-training.unh.edu
phenocam.sr.unh.edu
mylogin.law.unh.edu
pacapp.cs.unh.edu
operations.onecampus.com
sirs-actutest.sr.unh.edu
kato.unh.edu
foss.unh.edu
owl.sr.unh.edu
applecore.sr.unh.edu
networking.unh.edu
place.sr.unh.edu
clusters.unh.edu
collegiatelink.studentvoice.com
ea-poe-cert.iol.unh.edu
icebridge.sr.unh.edu
fishercat.sr.unh.edu
rcc.sr.unh.edu
blackstar.sr.unh.edu
unity.unh.edu
idmdev.unh.edu
herculesdome.org
*.ccom.unh.edu
webmail.eos.sr.unh.edu
wsdev.unh.edu
posters.unh.edu
ddc.sr.unh.edu
owl.sr.unh.edu
scholars.unh.edu
bootcamp.unh.edu
nhihpp-backups.sr.unh.edu
appropriations.unh.edu
waterviz.org
nuclear.unh.edu
law.unh.edu
*.libproxy.unh.edu
posters.unh.edu
bootcamp.unh.edu
clockwork.unh.edu
alumni.law.unh.edu
*.iol.unh.edu
admissions.unh.edu
apexdev.unh.edu
marco2.unh.edu
admissions.unh.edu
dawn.sr.unh.edu
www.iol.unh.edu
bugzilla.sr.unh.edu
www.library.unh.edu
www.transfer.unh.edu
ww.vpn.unh.edu
unhconnect.unh.edu
dawn.sr.unh.edu
hastings.unh.edu
akamai-san192.exacttarget.com
mycourses.unh.edu
enterprise.vpn.unh.edu
prc.unh.edu
gradschool.unh.edu
contracts.unh.edu
housingonline.unh.edu
co-gen-gw.unh.edu
lists.unh.edu
ipmall.info
ciceet.unh.edu
saip2.unh.edu
exchange.unh.edu
blackbaudfrogprod.unh.edu
leaf.sr.unh.edu
connect.vpn.unh.edu
www.unh.edu

Certificate

The complete raw certificate details for enterprise.vpn.unh.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHyjCCBrKgAwIBAgIQHn5LslwoFB4fW3cvwNpzzTANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0xOTA5MjUwMDAwMDBaFw0yMTA5MjQy
MzU5NTlaMIHHMQswCQYDVQQGEwJVUzEOMAwGA1UEERMFMDM4MjQxFjAUBgNVBAgT
DU5ldyBIYW1wc2hpcmUxDzANBgNVBAcTBkR1cmhhbTEYMBYGA1UECRMPMTA1IE1h
aW4gU3RyZWV0MSQwIgYDVQQKExtVbml2ZXJzaXR5IG9mIE5ldyBIYW1wc2hpcmUx
HjAcBgNVBAsTFUlUIFRlbGVjb21tdW5pY2F0aW9uczEfMB0GA1UEAxMWZW50ZXJw
cmlzZS52cG4udW5oLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANYUsJCGqR/LRJXmlEqHDxlcvAb3geDbR4BSi3akRSECH5B3timZdQfzFfxFfZ5b
cM2wN0h2KzRzIKuokL0zwQ/46PcDIAxHzPFsquSWFbyASzfiDAwIvDKw32oOdCo1
88Vqh4FYhIdpuIBSRFficoaoWebAHJbz6pf9qaWvGtDVozMMddRCCtJfPcXn1ZPW
bGR7+aAUKB8zcHVUZm4Y3uvaZnvDx+4711/K63Ujbhv719wGwNFIJ8OCGUtDPY+y
FS+Ekygje26y+A/CZfbKJ/pRhM7d86/VmQZ2DGaJPPwlT7O4YZCSkBK7+JX56Lli
KMsrxYOkIS2lTIuPBX8LOekCAwEAAaOCBAAwggP8MB8GA1UdIwQYMBaAFB4Fo3eP
bJbiW4dLprSGrHEADOc4MB0GA1UdDgQWBBRBoYXjRbd5IYrxfGqmqwhOUWmwODAO
BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwZwYDVR0gBGAwXjBSBgwrBgEEAa4jAQQDAQEwQjBABggrBgEF
BQcCARY0aHR0cHM6Ly93d3cuaW5jb21tb24ub3JnL2NlcnQvcmVwb3NpdG9yeS9j
cHNfc3NsLnBkZjAIBgZngQwBAgIwRAYDVR0fBD0wOzA5oDegNYYzaHR0cDovL2Ny
bC5pbmNvbW1vbi1yc2Eub3JnL0luQ29tbW9uUlNBU2VydmVyQ0EuY3JsMHUGCCsG
AQUFBwEBBGkwZzA+BggrBgEFBQcwAoYyaHR0cDovL2NydC51c2VydHJ1c3QuY29t
L0luQ29tbW9uUlNBU2VydmVyQ0FfMi5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9v
Y3NwLnVzZXJ0cnVzdC5jb20wgdUGA1UdEQSBzTCByoIWZW50ZXJwcmlzZS52cG4u
dW5oLmVkdYIWb3BlcmF0aW9ucy52cG4udW5oLmVkdYIXdmVudHVyZTEtNDAudnBu
LnVuaC5lZHWCHHZlbnR1cmUxLWNvbnRyb2wudnBuLnVuaC5lZHWCFHZlbnR1cmUx
LnZwbi51bmguZWR1ghd2ZW50dXJlMi00MC52cG4udW5oLmVkdYIcdmVudHVyZTIt
Y29udHJvbC52cG4udW5oLmVkdYIUdmVudHVyZTIudnBuLnVuaC5lZHUwggF9Bgor
BgEEAdZ5AgQCBIIBbQSCAWkBZwB1APZclC/RdzAiFFQYCDCUVo7jTRMZM7/fDC8g
C8xO8WTjAAABbWlrgXUAAAQDAEYwRAIgNjILdwXU2tWHjB058LZhH5nIkG79hw1r
572LEYDb57cCICqOlmpY7TWY4gJu5U4mgdIn96w7LIil1EkGKhHCdhoLAHYARJRl
LrDuzq/EQAfYqP4owNrmgr7YyzG1P9MzlrW2gagAAAFtaWuBkwAABAMARzBFAiEA
okJG2h26f1bszvfr9WyupIVIWwcxJHN/cqAVKpuW2MgCIBiM6EEGMP6iSBvJQBzW
IutkvaZTs0bAKmivgvm7XxnMAHYAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6Oq
HQcT0wwAAAFtaWuCcwAABAMARzBFAiEAii59vT3ac8gMA3ZoE2aMIA3EMN/dA8X3
fd5W3eifPAUCIBG+VwbkTqHOsDV0v8/yIJP9bI4H4eXwjtX3IOQx4UZlMA0GCSqG
SIb3DQEBCwUAA4IBAQCWPYMQfMYgYOxJrG4jMhCN7GNnGO+6kPY7M3EOp4C8IOVY
1E0zGmgUBy2O5irO/s77LodmVriSHbzCXSVDFUi7Y3Th1Sc9vxigsb9XMqHUaYCo
ojii4FzjYDN2gq7T7fxiEBj89HIwXPXURuiORzWo51hDbGhG02pImre5lT/m61uI
TeCfr4HM//Zutdejq/N4a6hEur5m5DZtmfZwgQh5cpWUZ9Mib1v1nofoPvdj57KV
PItHTD7uIC2+wQSa1k+aRNgcytd2uDYo1E31UOA07y9TJCYeKDpJHy8f/kqaEJVl
BFCOrP3PKnzxbu+v47T9PpJCfFFX41T9yH9bG/Z5
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hSwkIapH8tEleaUSocP
GVy8BveB4NtHgFKLdqRFIQIfkHe2KZl1B/MV/EV9nltwzbA3SHYrNHMgq6iQvTPB
D/jo9wMgDEfM8Wyq5JYVvIBLN+IMDAi8MrDfag50KjXzxWqHgViEh2m4gFJEV+Jy
hqhZ5sAclvPql/2ppa8a0NWjMwx11EIK0l89xefVk9ZsZHv5oBQoHzNwdVRmbhje
69pme8PH7jvXX8rrdSNuG/vX3AbA0Ugnw4IZS0M9j7IVL4STKCN7brL4D8Jl9son
+lGEzt3zr9WZBnYMZok8/CVPs7hhkJKQErv4lfnouWIoyyvFg6QhLaVMi48Ffws5
6QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 40532604589577138821982783819459752909
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-25 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-09-24 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '03824'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Hampshire'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Durham'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '105 Main Street'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of New Hampshire'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT Telecommunications'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'enterprise.vpn.unh.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27025199736667453331198043564911387248820648553535386368410331920660234577645892264057702109668923606398937540929506652339148545267934887068627447433286964227662468073539478468656822194645569861298084573108879103365564843703730768514334387689552606511340546306402256066021053283464761132832379389931129035637433597740502798472744325938085600059668040661400288585773812173943352333661396226252314778746849759377874224071913720267682599389917906364527139497218354723925034913910996413973679834753340487904230170851630083319746871145634003443443512292981875706475603401011324627353092474392185000123339720357769844046313
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							41a185e345b779218af17c6aa6ab084e5169b038
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (205 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'enterprise.vpn.unh.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'operations.vpn.unh.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'venture1-40.vpn.unh.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'venture1-control.vpn.unh.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'venture1.vpn.unh.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'venture2-40.vpn.unh.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'venture2-control.vpn.unh.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'venture2.vpn.unh.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500f65c942fd1773022145418083094568ee34d131933bfdf0c2f200bcc4ef164e30000016d696b81750000040300463044022036320b7705d4dad5878c1d39f0b6611f99c8906efd870d6be7bd8b1180dbe7b702202a8e966a58ed3598e2026ee54e2681d227f7ac3b2c88a5d449062a11c2761a0b0076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016d696b81930000040300473045022100a24246da1dba7f56eccef7ebf56caea485485b073124737f72a0152a9b96d8c80220188ce8410630fea2481bc9401cd622eb64bda653b346c02a68af82f9bb5f19cc0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016d696b827300000403004730450221008a2e7dbd3dda73c80c03766813668c200dc430dfdd03c5f77dde56dde89f3c05022011be5706e44ea1ceb03574bfcff22093fd6c8e07e1e5f08ed5f720e431e14665
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00963d83107cc62060ec49ac6e2332108dec636718efba90f63b33710ea780bc20e558d44d331a6814072d8ee62acefecefb2e876656b8921dbcc25d25431548bb6374e1d5273dbf18a0b1bf5732a1d46980a8a238a2e05ce360337682aed3edfc621018fcf472305cf5d446e88e4735a8e758436c6846d36a489ab7b9953fe6eb5b884de09faf81ccfff66eb5d7a3abf3786ba844babe66e4366d99f67081087972959467d3226f5bf59e87e83ef763e7b2953c8b474c3eee202dbec1049ad64f9a44d81ccad776b83628d44df550e034ef2f5324261e283a491f2f1ffe4a9a10956504508eacfdcf2a7cf16eefafe3b4fd3e92427c5157e354fdc87f5b1bf679