remote-vpn.berklee.edu

- Berklee College of Music -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 21:3d:66:bd:66:b9:6e:ff:2b:92:4b:33:08:22:d7:c2 was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Berklee College of Music

Organization: Berklee College of Music
Organization unit: ITOPS
Address: 1140 Boylston Street
Postal code: 02215
State / Province: MA
Locality: Boston
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 21:3d:66:bd:66:b9:6e:ff:2b:92:4b:33:08:22:d7:c2
Serial Number (int): 44183337780966782403287453501711636418
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 24:6b:44:29:b5:70:b9:3d:a5:b1:bc:bf:36:f9:a3:71:9b:1a:a3:f9
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 6d:09:ab:91:92:8d:71:f7:86:29:13:8f:f1:fd:e8:f0:24:b3:98:1a
Fingerprint (sha256): 0e:d0:02:21:a2:51:a9:fc:43:d6:4a:09:e0:29:95:05:32:44:e3:d3:23:4f:0a:fe:8b:0b:60:25:25:f2:c8:cf

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate remote-vpn.berklee.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for remote-vpn.berklee.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

remote-vpn.berklee.edu

Other certificates including the domain name berklee.edu

(limited to 100 certificates)
informer.berklee.edu
5674069752020992-fe1.pantheonsite.io
ucdc.edu
amploadvance.com
ask.library.berklee.edu
test.eis.uw.edu
ol.berklee.edu
guides.library.berklee.edu
development.moodlerooms.com
development.moodlerooms.com
acquia-sites.com
remix.berklee.edu
archives.berklee.edu
apsprd108.berklee.edu
development.moodlerooms.com
5674069752020992-fe1.pantheonsite.io
remote-vpn.berklee.edu
n002.offcampuspartners.com
san-14-s12.tlsprovisioning.exacttarget.com
n002.offcampuspartners.com
development.moodlerooms.com
acquia-sites.com
development.moodlerooms.com
n002.offcampuspartners.com
library-stage.berklee.edu
ol.berklee.edu
5674069752020992-fe1.pantheonsite.io
hub.berklee.edu
5674069752020992-fe1.pantheonsite.io
development.moodlerooms.com
5674069752020992-fe1.pantheonsite.io
offcampushousing.fau.edu
5674069752020992-fe1.pantheonsite.io
amploadvance.com
givingday.berklee.edu
apsprd014.berklee.edu
admissions.berklee.edu
welcome.online.berklee.edu
demo.canvas.online.berklee.edu
fts.berklee.edu
lrmedia.berklee.edu
development.moodlerooms.com
5674069752020992-fe1.pantheonsite.io
development.moodlerooms.com
centralnicstatus.com
san-14-s12.tlsprovisioning.exacttarget.com
ask.library.berklee.edu
5674069752020992-fe1.pantheonsite.io
208.lsnc.net
n002.offcampuspartners.com
n002.offcampuspartners.com
development.moodlerooms.com
development.moodlerooms.com
development.moodlerooms.com
development.moodlerooms.com
5674069752020992-fe1.pantheonsite.io
development.moodlerooms.com
acquia-sites.com
development.moodlerooms.com
n002.offcampuspartners.com
5674069752020992-fe1.pantheonsite.io
online.berklee.edu
acquia-sites.com
developer.blackboardopenlms.com
bos-isepan1.berklee.edu
scsc-casper.berklee.edu
offcampushousing.fau.edu
*.genesis.k8s.online.berklee.edu
remote-vpn.berklee.edu
development.moodlerooms.com
ask.library.berklee.edu
online.berklee.edu
development.moodlerooms.com
5674069752020992-fe1.pantheonsite.io
acquia-sites.com
development.moodlerooms.com
5674069752020992-fe1.pantheonsite.io
5674069752020992-fe1.pantheonsite.io
online.berklee.edu
opcpostback.berklee.edu
5674069752020992-fe1.pantheonsite.io
amploadvance.com
5674069752020992-fe1.pantheonsite.io
developer.blackboardopenlms.com
learningcenter-stage.berklee.edu
wbstst004.berklee.edu
learningcenter.berklee.edu
5674069752020992-fe1.pantheonsite.io
development.moodlerooms.com
5674069752020992-fe1.pantheonsite.io
*.online.berklee.edu
5674069752020992-fe1.pantheonsite.io
cms.online.berklee.edu
offcampushousing.fau.edu
5674069752020992-fe1.pantheonsite.io
5674069752020992-fe1.pantheonsite.io
demo.canvas.online.berklee.edu
guides.library.berklee.edu
development.moodlerooms.com
development.moodlerooms.com

Certificate

The complete raw certificate details for remote-vpn.berklee.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIQIT1mvWa5bv8rkkszCCLXwjANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0xODA5MDUwMDAwMDBaFw0yMDA4MzAy
MzU5NTlaMIHVMQswCQYDVQQGEwJVUzEOMAwGA1UEERMFMDIyMTUxCzAJBgNVBAgT
Ak1BMQ8wDQYDVQQHEwZCb3N0b24xHTAbBgNVBAkTFDExNDAgQm95bHN0b24gU3Ry
ZWV0MSEwHwYDVQQKExhCZXJrbGVlIENvbGxlZ2Ugb2YgTXVzaWMxDjAMBgNVBAsT
BUlUT1BTMR8wHQYDVQQDExZyZW1vdGUtdnBuLmJlcmtsZWUuZWR1MSUwIwYJKoZI
hvcNAQkCFhZyZW1vdGUtdnBuLmJlcmtsZWUuZWR1MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA40Ah2ca4391LdbgKyMI5MyzAXU1J5hbCxiEVc65Ao71l
tYZ/09QvvR4j4eFx1fDSOfsC1OEFDQgvZu5HD18a80ChNbGJgd2KDLeR7pWsAq3x
3ZEH+tJAdnPZFYpicImimLXoo2Z3p4hiTXPRzVHvI9i8AQMuKsMdwXLUqGyUKjpU
pyesMIdg26j62jyBHgKY5GaK1uYyZAQfJBQoDRInwxz2y1HyiGhudi+FG/tHK0zb
vCdtqrRqLKeyJO7RgTZIPD+PXafcICWMNYviKot15gwr1w9WI39GOP6sVS9ZKKPb
X6slHEdStu6agmxfQ8NdTjIP9d1TwLmMaa1YlpOWiwIDAQABo4IDTjCCA0owHwYD
VR0jBBgwFoAUHgWjd49sluJbh0umtIascQAM5zgwHQYDVR0OBBYEFCRrRCm1cLk9
pbG8vzb5o3GbGqP5MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBnBgNVHSAEYDBeMFIGDCsGAQQBriMB
BAMBATBCMEAGCCsGAQUFBwIBFjRodHRwczovL3d3dy5pbmNvbW1vbi5vcmcvY2Vy
dC9yZXBvc2l0b3J5L2Nwc19zc2wucGRmMAgGBmeBDAECAjBEBgNVHR8EPTA7MDmg
N6A1hjNodHRwOi8vY3JsLmluY29tbW9uLXJzYS5vcmcvSW5Db21tb25SU0FTZXJ2
ZXJDQS5jcmwwdQYIKwYBBQUHAQEEaTBnMD4GCCsGAQUFBzAChjJodHRwOi8vY3J0
LnVzZXJ0cnVzdC5jb20vSW5Db21tb25SU0FTZXJ2ZXJDQV8yLmNydDAlBggrBgEF
BQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAhBgNVHREEGjAYghZyZW1v
dGUtdnBuLmJlcmtsZWUuZWR1MIIBgAYKKwYBBAHWeQIEAgSCAXAEggFsAWoAdwDu
S723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAWWqDyo5AAAEAwBIMEYC
IQDrmNTlEE8byYu4jnbfon3amG/rMROjgvnI6Ti0criGewIhAOzhFeAHYBwnmtBr
yOgZxSnbRE1PuFFNHk8IodqOfx2IAHcAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIS
hBh1loFxRVgAAAFlqg8qdAAABAMASDBGAiEA4hFo7oWCHgUrzUHp31jg/RaWM1O7
J2OIVsPgGau1CEUCIQDmB89A2vsovsvp2Q06ukVeMEUZJHXPwiKWKZhgZ0KToQB2
AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZaoPKlQAAAQDAEcw
RQIhAKNJozHtJfTWdtcbbjypt9+0hp54FqJ3Zk4UAPWuveKlAiA5yuu+UOF+AvMR
dNN/oOjFZBPnCWMe6xku2Q0CYiTYwDANBgkqhkiG9w0BAQsFAAOCAQEAOwMYQKI7
nt5bKvjaVeJVhKOzQkB+vnW8C9eXPJd5i3/7jpO0uXCK+nbWQ5kpZiQ77lGgrhTn
Sc27UW7RQXnJVrsOjNDkQbvcquq73HarFe5HYSmibMvYGwitXS9SabXviqXvECR9
E7+MfGwCiiWU1STFxtTtqwjEGGrAVy4D1v8+QjMUbgR1HLXrbR5PU1C8Opa4orTa
kYqabnCGP/4LQJL1Vcx2VFRZB1viYC4Iab6vXE/nxtkxVmIozljG4H9xsrMlLWsv
aIQ2BH5gHP3mrMpSwq92fHHIrB6CBwHO5UBv7gbWRWj86pSxjfWbztbgWxh78aM1
TqcZP4JNR72VTQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40Ah2ca4391LdbgKyMI5
MyzAXU1J5hbCxiEVc65Ao71ltYZ/09QvvR4j4eFx1fDSOfsC1OEFDQgvZu5HD18a
80ChNbGJgd2KDLeR7pWsAq3x3ZEH+tJAdnPZFYpicImimLXoo2Z3p4hiTXPRzVHv
I9i8AQMuKsMdwXLUqGyUKjpUpyesMIdg26j62jyBHgKY5GaK1uYyZAQfJBQoDRIn
wxz2y1HyiGhudi+FG/tHK0zbvCdtqrRqLKeyJO7RgTZIPD+PXafcICWMNYviKot1
5gwr1w9WI39GOP6sVS9ZKKPbX6slHEdStu6agmxfQ8NdTjIP9d1TwLmMaa1YlpOW
iwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 44183337780966782403287453501711636418
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-05 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-30 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '02215'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Boston'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1140 Boylston Street'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Berklee College of Music'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ITOPS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'remote-vpn.berklee.edu'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.2 (unstructuredName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'remote-vpn.berklee.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28687720008211190004288814350222121548573884569873137124219198975651946840938647363758799714264074911273681875386190453417408146054919029411924680023182307459705344751838489082555829994734922177222148262955452815160822906536005349057072248910896992090738410224119700292604280367045280442616187568479042932789799847828257962786878751999765132142007604857635137507826218932961690847720587804388253255692263740483991523026790638714722796655948743176397743966813372871470517899415977372435867934647525629514695536705111301317312136636172823699399608719356424394137854113240183767041491984237525472379653188293153594250891
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							246b4429b570b93da5b1bcbf36f9a3719b1aa3f9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'remote-vpn.berklee.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000165aa0f2a390000040300483046022100eb98d4e5104f1bc98bb88e76dfa27dda986feb3113a382f9c8e938b472b8867b022100ece115e007601c279ad06bc8e819c529db444d4fb8514d1e4f08a1da8e7f1d880077005ea773f9df56c0e7b536487dd049e0327a919a0c84a11212841875968171455800000165aa0f2a740000040300483046022100e21168ee85821e052bcd41e9df58e0fd16963353bb27638856c3e019abb50845022100e607cf40dafb28becbe9d90d3aba455e3045192475cfc22296299860674293a10076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000165aa0f2a540000040300473045022100a349a331ed25f4d676d71b6e3ca9b7dfb4869e7816a277664e1400f5aebde2a5022039caebbe50e17e02f31174d37fa0e8c56413e709631eeb192ed90d026224d8c0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003b031840a23b9ede5b2af8da55e25584a3b342407ebe75bc0bd7973c97798b7ffb8e93b4b9708afa76d643992966243bee51a0ae14e749cdbb516ed14179c956bb0e8cd0e441bbdcaaeabbdc76ab15ee476129a26ccbd81b08ad5d2f5269b5ef8aa5ef10247d13bf8c7c6c028a2594d524c5c6d4edab08c4186ac0572e03d6ff3e4233146e04751cb5eb6d1e4f5350bc3a96b8a2b4da918a9a6e70863ffe0b4092f555cc76545459075be2602e0869beaf5c4fe7c6d931566228ce58c6e07f71b2b3252d6b2f688436047e601cfde6acca52c2af767c71c8ac1e820701cee5406fee06d64568fcea94b18df59bced6e05b187bf1a3354ea7193f824d47bd954d