slims.broadinstitute.org

- The Broad Institute of MIT and Harvard -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 10:54:22:69:f7:67:b4:7d:a9:f6:3b:8a:43:22:69:7d was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

The Broad Institute of MIT and Harvard

Organization: The Broad Institute of MIT and Harvard
Organization unit: BITS
Address: 415 Main St.
Postal code: 02142
State / Province: MA
Locality: Cambridge
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 10:54:22:69:f7:67:b4:7d:a9:f6:3b:8a:43:22:69:7d
Serial Number (int): 21704498866127336771156842416345082237
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: 5b:9f:5e:58:2e:89:de:e9:3d:06:62:b8:1d:23:b7:17:19:60:31:a3
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 2a:ae:13:72:be:22:a9:76:6c:c1:3b:1e:86:12:81:00:89:3c:5b:c1
Fingerprint (sha256): 10:4d:91:c4:c3:ac:63:a5:fa:43:24:77:23:5a:6f:74:87:9e:2a:4a:43:e0:25:bb:ac:c0:f9:73:6f:16:2c:78

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate slims.broadinstitute.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for slims.broadinstitute.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

slims.broadinstitute.org

Other certificates including the domain name broadinstitute.org

(limited to 100 certificates)
*.dsde-staging.broadinstitute.org
gpmocha01.broadinstitute.org
suffix.broadinstitute.org
duos.broadinstitute.org
vdesktop.broadinstitute.org
mercury.broadinstitute.org
risteys.broadinstitute.org
abbvie.ukbb.broadinstitute.org
bard.broadinstitute.org
*.dsde-prod.broadinstitute.org
portal.firecloud.org
itdev.broadinstitute.org
disclosure-dev.broadinstitute.org
software.broadinstitute.org
esrs-v3.broadinstitute.org
pan.ukbb.broadinstitute.org
cromwell.gp-cromwell-dev.broadinstitute.org
addrtest.broadinstitute.org
gpdevconfluence.broadinstitute.org
weblb-dev.broadinstitute.org
*.mint-stress.broadinstitute.org
omero.broadinstitute.org
secexplorer.dsp-appsec.broadinstitute.org
*.thescholr.com
*.dsde-prod.broadinstitute.org
radon.broadinstitute.org
*.thescholr.com
*.thescholr.com
mercurydev.broadinstitute.org
cda.cda-dev.broadinstitute.org
internal.ukbb.broadinstitute.org
*.thescholr.com
intranet.broadinstitute.org
gpbroad.broadinstitute.org
giving.broadinstitute.org
tufin.broadinstitute.org
github.broadinstitute.org
identity.broadinstitute.org
tufin.broadinstitute.org
coeus.broadinstitute.org
jujubes.broadinstitute.org
coolidge.broadinstitute.org
duos.broadinstitute.org
bod.broadinstitute.org
*.mint-dev.broadinstitute.org
ora-oemrep.broadinstitute.org
broadies.broadinstitute.org
*.dsde-prod.broadinstitute.org
su2c.broadinstitute.org
zebrafish.dsde-dev.broadinstitute.org
*.d8.theopenscholar.com
ibd-genetics.broadinstitute.org
identity.broadinstitute.org
1sum-701-n1-dwdm-415m.broadinstitute.org
lof.curation.broadinstitute.org
stash.broadinstitute.org
enigma.broadinstitute.org
jade-6.datarepo-integration.broadinstitute.org
sendit.broadinstitute.org
*.thescholr.com
cellstrainer.broadinstitute.org
*.d8.theopenscholar.com
space-dev.broadinstitute.org
bit-qa.broadinstitute.org
agora.dsde-prod.broadinstitute.org
320c-2102-c5-dwdm-415m.broadinstitute.org
bitstore.broadinstitute.org
covid-19-sequencing.broadinstitute.org
beehive.dsp-devops.broadinstitute.org
genomics.broadinstitute.org
confluence.broadinstitute.org
cloudaccounts-dev.broadinstitute.org
www.broadinstitute.org
slims.broadinstitute.org
crowdldap.broadinstitute.org
hscgp.broadinstitute.org
dpa.broadinstitute.org
transfer.broadinstitute.org
solwind.broadinstitute.org
duos.dsp-duos-prod.broadinstitute.org
www.broadinstitute.org
alkesgroup.broadinstitute.org
transfer.broadinstitute.org
gphub.broadinstitute.org
www.broadinstitute.org
firecloud.dsde-alpha.broadinstitute.org
support.terra.bio
firecloud.dsde-staging.broadinstitute.org
ladderstocures.broadinstitute.org
dotmatics-dev.broadinstitute.org
papers-dev.broadinstitute.org
slims-qa.broadinstitute.org
consent.dsde-dev.broadinstitute.org
unity.broadinstitute.org
intranet.broadinstitute.org
help.broadinstitute.org
idp.broadinstitute.org
*.thescholr.com
gatkforums.broadinstitute.org
healthquest.broadinstitute.org

Certificate

The complete raw certificate details for slims.broadinstitute.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGkDCCBXigAwIBAgIQEFQiafdntH2p9juKQyJpfTANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0xODA0MjAwMDAwMDBaFw0xOTA0MjAy
MzU5NTlaMIG4MQswCQYDVQQGEwJVUzEOMAwGA1UEERMFMDIxNDIxCzAJBgNVBAgT
Ak1BMRIwEAYDVQQHEwlDYW1icmlkZ2UxFTATBgNVBAkTDDQxNSBNYWluIFN0LjEv
MC0GA1UEChMmVGhlIEJyb2FkIEluc3RpdHV0ZSBvZiBNSVQgYW5kIEhhcnZhcmQx
DTALBgNVBAsTBEJJVFMxITAfBgNVBAMTGHNsaW1zLmJyb2FkaW5zdGl0dXRlLm9y
ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKzzH/dSTfLPn5bqLi1x
Jh3Ra132zfBqT7SkM8sH5Vuw+c7jMICcBDnmKkZWxd3Nu6dSSm5AMXOZrWpbYg+C
CJpPnfDMSYwdwY25ONDEO3SoK8DV+BeUax1U6rc/eLv2i/6Jp9TQRhPYWeLaLiIn
kx0Q8u+mjn043EvDjpiCK9xQIAubHmsN2dQn/reu0jS6VYbllKCjc2AcOplocF00
7yAxu0TfiUFOPe3mEl9RdLWzfA2NaujznTdfCnhjTR899dS9aR2sIHZrTVPFr+W6
jIaJICacm4rR5FrvYGupF3K5Uscoe7H3bpgm/6F9YuIxRTIwrvgCZ9P4sBeYbhA8
wsMCAwEAAaOCAtUwggLRMB8GA1UdIwQYMBaAFB4Fo3ePbJbiW4dLprSGrHEADOc4
MB0GA1UdDgQWBBRbn15YLone6T0GYrgdI7cXGWAxozAOBgNVHQ8BAf8EBAMCBaAw
DAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwZwYD
VR0gBGAwXjBSBgwrBgEEAa4jAQQDAQEwQjBABggrBgEFBQcCARY0aHR0cHM6Ly93
d3cuaW5jb21tb24ub3JnL2NlcnQvcmVwb3NpdG9yeS9jcHNfc3NsLnBkZjAIBgZn
gQwBAgIwRAYDVR0fBD0wOzA5oDegNYYzaHR0cDovL2NybC5pbmNvbW1vbi1yc2Eu
b3JnL0luQ29tbW9uUlNBU2VydmVyQ0EuY3JsMHUGCCsGAQUFBwEBBGkwZzA+Bggr
BgEFBQcwAoYyaHR0cDovL2NydC51c2VydHJ1c3QuY29tL0luQ29tbW9uUlNBU2Vy
dmVyQ0FfMi5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5j
b20wIwYDVR0RBBwwGoIYc2xpbXMuYnJvYWRpbnN0aXR1dGUub3JnMIIBBQYKKwYB
BAHWeQIEAgSB9gSB8wDxAHcA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo
/csAAAFi4zIIIgAABAMASDBGAiEA6JrAQbz+nNf09K0Cfri6r3RKAKM8Od5HAB1z
qDi/PeECIQD4toUFTSOu/p5mHXwIFITSwBFOt0VLOY74QiNndv4SowB2AHR+2oMx
rTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAABYuMyBowAAAQDAEcwRQIgWBng
iqKFXmZtOwHUc0nhPvQPpiy1QOzE5Qtpo92PEQMCIQD+8jXrFsMC+23avp8buPZS
hG6ShsQ5AeX0mH5akLInKDANBgkqhkiG9w0BAQsFAAOCAQEAkWBar7TbotXs6SPm
RBpPKJo6ur0/AZ+wNJmQGT4CZSrfK3+yq7xwYSkNzSAeUMQ3BnqnfMkRMM5XNrPF
fFH1jV8AEXDIZ8F+LXnD32DFNt9NgfhQS4O/ajI7CKRki3Hf5ONRujoZY7p/cTbY
5MItC+m1SpX4c0+2Fgah/cYrRguKv2dfSc60gILqiZYqppP2wH1/9524xUFi3QOD
OqD1GcQ6VR6OdYCS7ew8EXLtDM72wJZ/UmGok+c8NNhigRC0hekEhbh0RX/ZsQCZ
58lGXAs43HfRw5OaysNhN2nhrTmp3gXT932OsLExqpax38LmmexwknvrkxKA4Upi
jMSVuQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPMf91JN8s+fluouLXEm
HdFrXfbN8GpPtKQzywflW7D5zuMwgJwEOeYqRlbF3c27p1JKbkAxc5mtaltiD4II
mk+d8MxJjB3Bjbk40MQ7dKgrwNX4F5RrHVTqtz94u/aL/omn1NBGE9hZ4touIieT
HRDy76aOfTjcS8OOmIIr3FAgC5seaw3Z1Cf+t67SNLpVhuWUoKNzYBw6mWhwXTTv
IDG7RN+JQU497eYSX1F0tbN8DY1q6POdN18KeGNNHz311L1pHawgdmtNU8Wv5bqM
hokgJpybitHkWu9ga6kXcrlSxyh7sfdumCb/oX1i4jFFMjCu+AJn0/iwF5huEDzC
wwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 21704498866127336771156842416345082237
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-20 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-20 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '02142'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cambridge'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '415 Main St.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Broad Institute of MIT and Harvard'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BITS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'slims.broadinstitute.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21832877794701032235231910530453947538972146808925750759092465922518340719799680182288580115174901761525172996596918686414145111139150325216041572137333617916854902094262159958643838295230479660137810386010746600263102079538415565719351702357720881259062624429153955882454635521418531987552357786444796485936662593874815847781024284123622247704309535759026919442968675490041283813050702550790909844999412314440208470132579040373924930320256462268929685985831132709930421279614532749943588713966240096654382711400327785623736488915112466950745425763816164897799134288280361758855224762756055979701589730086053595628227
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5b9f5e582e89dee93d0662b81d23b717196031a3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'slims.broadinstitute.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000162e33208220000040300483046022100e89ac041bcfe9cd7f4f4ad027eb8baaf744a00a33c39de47001d73a838bf3de1022100f8b685054d23aefe9e661d7c081484d2c0114eb7454b398ef842236776fe12a3007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc5600000162e332068c000004030047304502205819e08aa2855e666d3b01d47349e13ef40fa62cb540ecc4e50b69a3dd8f1103022100fef235eb16c302fb6ddabe9f1bb8f652846e9286c43901e5f4987e5a90b22728
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0091605aafb4dba2d5ece923e6441a4f289a3ababd3f019fb0349990193e02652adf2b7fb2abbc7061290dcd201e50c437067aa77cc91130ce5736b3c57c51f58d5f001170c867c17e2d79c3df60c536df4d81f8504b83bf6a323b08a4648b71dfe4e351ba3a1963ba7f7136d8e4c22d0be9b54a95f8734fb61606a1fdc62b460b8abf675f49ceb48082ea89962aa693f6c07d7ff79db8c54162dd03833aa0f519c43a551e8e758092edec3c1172ed0ccef6c0967f5261a893e73c34d8628110b485e90485b874457fd9b10099e7c9465c0b38dc77d1c3939acac3613769e1ad39a9de05d3f77d8eb0b131aa96b1dfc2e699ec70927beb931280e14a628cc495b9