iisredir.american.edu

- American University -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 6b:91:d4:f4:28:5f:51:87:7c:f3:e7:65:10:f6:6d:aa was issued on by Internet2.

With 41 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

American University

Organization: American University
State / Province: District of Columbia
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 6b:91:d4:f4:28:5f:51:87:7c:f3:e7:65:10:f6:6d:aa
Serial Number (int): 142984597808475809398189076473676459434
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: de:c1:43:8d:10:1e:eb:41:fc:a3:6d:f7:f6:31:20:37:b4:31:f6:7a
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 2b:9e:f6:e8:9c:4d:93:de:a8:76:ec:9a:a4:c1:1e:47:61:66:3e:04
Fingerprint (sha256): 0f:6e:a0:44:2b:e3:73:15:29:76:72:72:18:72:24:3a:4a:2b:db:89:70:43:dd:e9:f2:f5:df:41:c4:b5:b2:7b

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate iisredir.american.edu

41

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for iisredir.american.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

iisredir.american.edu
alumnibenefits.american.edu
alumnivolunteer.american.edu
apps.american.edu
appstest.american.edu
campustv.american.edu
canvas.american.edu
eaglefinances.american.edu
fs2.american.edu
gartner.american.edu
giving.american.edu
givingday.american.edu
helpdesk.american.edu
iisredir3.american.edu
iisredir4.american.edu
incircle.alumni.american.edu
its.american.edu
jobs.american.edu
justask.american.edu
madisonprizes.giving.american.edu
mail.american.edu
maintenancepage.american.edu
my.american.edu
mypassword.american.edu
ogc.american.edu
onecard.american.edu
onlinebusiness.american.edu
open.american.edu
printing.american.edu
prod.dwreports.american.edu
r25.american.edu
set.american.edu
smmbdaily.american.edu
spam.american.edu
starrez.american.edu
statcrunch.american.edu
status.american.edu
strategyimplementation.american.edu
ucm.american.edu
vapps.american.edu
vcl.american.edu

Other certificates including the domain name american.edu

(limited to 100 certificates)
titaniumcc.american.edu
2factor.american.edu
dra.american.edu
digitalcommons.wcl.american.edu
dra.american.edu
statcrunch.american.edu
biapp-qa.american.edu
mobileapp.american.edu
landing.online.american.edu
biapp-qa.american.edu
research.american.edu
intern.blogs.american.edu
dra.american.edu
wwwredirects.american.edu
au.blogs.american.edu
domino.american.edu
jobs.american.edu
programs.online.american.edu
papercut-test.american.edu
n002.offcampuspartners.com
n002.offcampuspartners.com
subversion.american.edu
alumni.blogs.american.edu
goed.american.edu
offcampushousing.fau.edu
recfit.blogs.american.edu
spdev-sivakumar.american.edu
onlinebusiness.american.edu
wipar.blogs.american.edu
apply.soeonline.american.edu
recruiterprodapp.american.edu
listserv.american.edu
n002.offcampuspartners.com
www.american.edu
americanmag.blogs.american.edu
auinfra.american.edu
offcampushousing.fau.edu
clockwork.american.edu
vcsandbox.american.edu
spam.american.edu
offcampushousing.fau.edu
webwork.american.edu
calendar.library.american.edu
*.american.edu
openbooks.american.edu
fsmigrateorch.american.edu
privacybasics.american.edu
online-orientation.american.edu
niwaplibrary.wcl.american.edu
aumail7.american.edu
informer.american.edu
us-east-1-san3.blackboard.com
socdeansintern.blogs.american.edu
keysystems.american.edu
informerbidev.american.edu
aumail3.american.edu
blogs.american.edu
*.ironline.american.edu
library.wcl.american.edu
n002.offcampuspartners.com
n002.offcampuspartners.com
www.american.edu
auaccess.american.edu
desigoems.american.edu
bbts.american.edu
*.ironline.american.edu
spweb201.american.edu
vpn.american.edu
careeradvisor.blogs.american.edu
soeonline.american.edu
rctugtst19sqlag.american.edu
incircle.alumni.american.edu
ems.cas.american.edu
webnow.american.edu
cloudfront.american.edu
sccmwks.american.edu
landing.online.american.edu
mediaspace.american.edu
ufund.american.edu
n002.offcampuspartners.com
sccmwksdp1.american.edu
aumail6.american.edu
ironline.american.edu
offcampushousing.fau.edu
digitalcommons.wcl.american.edu
jamfproxy.american.edu
iisredir.american.edu
digitalcommons.wcl.american.edu
colprdapi.american.edu
*.onlinelaw.wcl.american.edu
iisredir.american.edu
2factor.american.edu
intern.blogs.american.edu
offcampushousing.fau.edu
online.american.edu
auadfs.american.edu
colprdssweb1.american.edu
offcampushousing.fau.edu
splunkprdjs.american.edu
*.ironline.american.edu

Certificate

The complete raw certificate details for iisredir.american.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJ3jCCCMagAwIBAgIQa5HU9ChfUYd88+dlEPZtqjANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0yMzAzMzAwMDAwMDBaFw0yMzA5MDQy
MzU5NTlaMGoxCzAJBgNVBAYTAlVTMR0wGwYDVQQIExREaXN0cmljdCBvZiBDb2x1
bWJpYTEcMBoGA1UEChMTQW1lcmljYW4gVW5pdmVyc2l0eTEeMBwGA1UEAxMVaWlz
cmVkaXIuYW1lcmljYW4uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2uMa17pyfqHIMKJuaVBt40g8bg7L9G4MKaUqq22BY80XxyHiAamnlliSkMEt
h1LM8x1qXXOE0ZJHY9c/NJaT2X5Rt9lowsill8Li/obKh0wKKVEmimUxEBa4sEo6
rnWAAcgPe0ebnRlZpeIusfGIU26bSPlnHLgqjBcAglZer8maq314PZOT1ffmFAgQ
YC17qMd4O7OL1qkuYjbkkKkdv80OaOU7yAKmdaJL/RuYjL0Cbz0VuLPQYIEBMdJO
50gwWqwbd55P+5uRyeYPOfzOebpidi5i0lRRQ/1prFoxBA1uKuEg6tVPiW6xwhAi
lr7qBf6nJzE/PnZjZaLCR/lnOQIDAQABo4IGcjCCBm4wHwYDVR0jBBgwFoAUHgWj
d49sluJbh0umtIascQAM5zgwHQYDVR0OBBYEFN7BQ40QHutB/KNt9/YxIDe0MfZ6
MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjBnBgNVHSAEYDBeMFIGDCsGAQQBriMBBAMBATBCMEAGCCsG
AQUFBwIBFjRodHRwczovL3d3dy5pbmNvbW1vbi5vcmcvY2VydC9yZXBvc2l0b3J5
L2Nwc19zc2wucGRmMAgGBmeBDAECAjBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8v
Y3JsLmluY29tbW9uLXJzYS5vcmcvSW5Db21tb25SU0FTZXJ2ZXJDQS5jcmwwdQYI
KwYBBQUHAQEEaTBnMD4GCCsGAQUFBzAChjJodHRwOi8vY3J0LnVzZXJ0cnVzdC5j
b20vSW5Db21tb25SU0FTZXJ2ZXJDQV8yLmNydDAlBggrBgEFBQcwAYYZaHR0cDov
L29jc3AudXNlcnRydXN0LmNvbTCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1AK33
vvp8/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABhzN/pIEAAAQDAEYwRAIg
TjyxwPOk7IvSv6hvrKnQ1ontpVq0ZBGI5yKvKKypMtACICjQXMVQj6i9Ms72niYU
w7/3ZG+Xd/s5hCxM1O6p/800AHYAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6
V6NS61IAAAGHM3+k0wAABAMARzBFAiEAvk2g+5nO+O3UfnXsIa76PqnCE/2PxONA
YysMzzKLzg0CIE2G4FLfOMd5BaR4Q83vI2ucKTfCoyOLjkXpU1/vEMIFMIIDwAYD
VR0RBIIDtzCCA7OCFWlpc3JlZGlyLmFtZXJpY2FuLmVkdYIbYWx1bW5pYmVuZWZp
dHMuYW1lcmljYW4uZWR1ghxhbHVtbml2b2x1bnRlZXIuYW1lcmljYW4uZWR1ghFh
cHBzLmFtZXJpY2FuLmVkdYIVYXBwc3Rlc3QuYW1lcmljYW4uZWR1ghVjYW1wdXN0
di5hbWVyaWNhbi5lZHWCE2NhbnZhcy5hbWVyaWNhbi5lZHWCGmVhZ2xlZmluYW5j
ZXMuYW1lcmljYW4uZWR1ghBmczIuYW1lcmljYW4uZWR1ghRnYXJ0bmVyLmFtZXJp
Y2FuLmVkdYITZ2l2aW5nLmFtZXJpY2FuLmVkdYIWZ2l2aW5nZGF5LmFtZXJpY2Fu
LmVkdYIVaGVscGRlc2suYW1lcmljYW4uZWR1ghZpaXNyZWRpcjMuYW1lcmljYW4u
ZWR1ghZpaXNyZWRpcjQuYW1lcmljYW4uZWR1ghxpbmNpcmNsZS5hbHVtbmkuYW1l
cmljYW4uZWR1ghBpdHMuYW1lcmljYW4uZWR1ghFqb2JzLmFtZXJpY2FuLmVkdYIU
anVzdGFzay5hbWVyaWNhbi5lZHWCIW1hZGlzb25wcml6ZXMuZ2l2aW5nLmFtZXJp
Y2FuLmVkdYIRbWFpbC5hbWVyaWNhbi5lZHWCHG1haW50ZW5hbmNlcGFnZS5hbWVy
aWNhbi5lZHWCD215LmFtZXJpY2FuLmVkdYIXbXlwYXNzd29yZC5hbWVyaWNhbi5l
ZHWCEG9nYy5hbWVyaWNhbi5lZHWCFG9uZWNhcmQuYW1lcmljYW4uZWR1ghtvbmxp
bmVidXNpbmVzcy5hbWVyaWNhbi5lZHWCEW9wZW4uYW1lcmljYW4uZWR1ghVwcmlu
dGluZy5hbWVyaWNhbi5lZHWCG3Byb2QuZHdyZXBvcnRzLmFtZXJpY2FuLmVkdYIQ
cjI1LmFtZXJpY2FuLmVkdYIQc2V0LmFtZXJpY2FuLmVkdYIWc21tYmRhaWx5LmFt
ZXJpY2FuLmVkdYIRc3BhbS5hbWVyaWNhbi5lZHWCFHN0YXJyZXouYW1lcmljYW4u
ZWR1ghdzdGF0Y3J1bmNoLmFtZXJpY2FuLmVkdYITc3RhdHVzLmFtZXJpY2FuLmVk
dYIjc3RyYXRlZ3lpbXBsZW1lbnRhdGlvbi5hbWVyaWNhbi5lZHWCEHVjbS5hbWVy
aWNhbi5lZHWCEnZhcHBzLmFtZXJpY2FuLmVkdYIQdmNsLmFtZXJpY2FuLmVkdTAN
BgkqhkiG9w0BAQsFAAOCAQEAV7Ffu1OcPx+y/Z6qWzUaKoGRMKOibCLU3wrF7YvN
414TH3USi5cYXZN76oi0ByZj388oe77RDet5q5KPucvz3INwsZ9FX0iUz6KpcQRe
Z/gc9vZzn6qyOq4+FHLLSl58mLfmtApJTOQOv1AT4XHxNOjP29D+ckFSZZn7apmm
Vqq9zgoC8obaG9RZzW6xXxnX5xc66B5GDD5JWHY7X56YIm7Z6JmBU6RUIPrKMhut
+gcTJBgq1b0UwmCv7fkRz6ae8+fm5i+/crzCf4uXkoOAkqDC7XTbzNoGhZMy5Rxo
Q/uJaWPIr03e28NNM+w+EVNe6hfIsjqJqnyNq5rWt7OB4g==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uMa17pyfqHIMKJuaVBt
40g8bg7L9G4MKaUqq22BY80XxyHiAamnlliSkMEth1LM8x1qXXOE0ZJHY9c/NJaT
2X5Rt9lowsill8Li/obKh0wKKVEmimUxEBa4sEo6rnWAAcgPe0ebnRlZpeIusfGI
U26bSPlnHLgqjBcAglZer8maq314PZOT1ffmFAgQYC17qMd4O7OL1qkuYjbkkKkd
v80OaOU7yAKmdaJL/RuYjL0Cbz0VuLPQYIEBMdJO50gwWqwbd55P+5uRyeYPOfzO
ebpidi5i0lRRQ/1prFoxBA1uKuEg6tVPiW6xwhAilr7qBf6nJzE/PnZjZaLCR/ln
OQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 142984597808475809398189076473676459434
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-30 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-04 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'District of Columbia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'American University'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'iisredir.american.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27631940060141535528622918885017821643588403711019543705280183037243561562906478135544141804550105833135288648922471864092849049410972936362865325234929627768737601040764082810317988698856794457386008093152753149038225626885582049489570804621125062173766964829516072301058567897954429953319501547981954587234406816441107785700877972392894885882424295918277747350345140062773380852439305686895109361214991756880082707903613747861490415616100231424303291731935935214477097903910825129251400954463680536666070263821987249057971650566749149885984890013791290342471849738627018906174083159954460791296042263022395194959673
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							dec1438d101eeb41fca36df7f6312037b431f67a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000187337fa481000004030046304402204e3cb1c0f3a4ec8bd2bfa86faca9d0d689eda55ab4641188e722af28aca932d0022028d05cc5508fa8bd32cef69e2614c3bff7646f9777fb39842c4cd4eea9ffcd340076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000187337fa4d30000040300473045022100be4da0fb99cef8edd47e75ec21aefa3ea9c213fd8fc4e340632b0ccf328bce0d02204d86e052df38c77905a47843cdef236b9c2937c2a3238b8e45e9535fef10c205
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (951 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iisredir.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alumnibenefits.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alumnivolunteer.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apps.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'appstest.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'campustv.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canvas.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eaglefinances.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fs2.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gartner.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giving.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'givingday.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'helpdesk.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iisredir3.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iisredir4.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'incircle.alumni.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'its.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jobs.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'justask.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'madisonprizes.giving.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maintenancepage.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'my.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mypassword.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ogc.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'onecard.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'onlinebusiness.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'open.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'printing.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.dwreports.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'r25.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'set.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'smmbdaily.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spam.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'starrez.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'statcrunch.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'status.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'strategyimplementation.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ucm.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vapps.american.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vcl.american.edu'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0057b15fbb539c3f1fb2fd9eaa5b351a2a819130a3a26c22d4df0ac5ed8bcde35e131f75128b97185d937bea88b4072663dfcf287bbed10deb79ab928fb9cbf3dc8370b19f455f4894cfa2a971045e67f81cf6f6739faab23aae3e1472cb4a5e7c98b7e6b40a494ce40ebf5013e171f134e8cfdbd0fe7241526599fb6a99a656aabdce0a02f286da1bd459cd6eb15f19d7e7173ae81e460c3e4958763b5f9e98226ed9e8998153a45420faca321badfa071324182ad5bd14c260afedf911cfa69ef3e7e6e62fbf72bcc27f8b9792838092a0c2ed74dbccda06859332e51c6843fb896963c8af4ddedbc34d33ec3e11535eea17c8b23a89aa7c8dab9ad6b7b381e2