UC-UCXN-01-ms.ad.lafchicago.org

Issued by Sectigo RSA Domain Validation Secure Server CA

About this certificate

This digital certificate with serial number e7:fb:fb:a6:04:28:78:fa:68:af:66:79:d2:d0:23:62 was issued on by Sectigo Limited.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=UC-UCXN-01-ms.ad.lafchicago.org

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): e7:fb:fb:a6:04:28:78:fa:68:af:66:79:d2:d0:23:62
Serial Number (int): 308360037575780170687974325592746107746
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: c3:1a:a4:6e:62:9f:41:50:25:4e:26:0e:67:32:a4:19:80:6e:40:41
AuthorityKeyId: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1

Fingerprint (sha1): 77:fa:3d:b9:5f:e9:d4:d2:01:66:15:c7:48:00:d3:9b:7e:53:b8:2a
Fingerprint (sha256): 12:2c:56:ea:28:94:2a:b8:4a:c0:56:de:7f:94:74:27:77:b5:49:4e:a2:61:a2:83:0e:b6:9f:b0:3e:0c:d1:04

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate UC-UCXN-01-ms.ad.lafchicago.org

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for UC-UCXN-01-ms.ad.lafchicago.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

UC-UCXN-01-ms.ad.lafchicago.org
UC-UCXN-01.ad.lafchicago.org
UC-UCXN-02.ad.lafchicago.org
ad.lafchicago.org
unity.ad.lafchicago.org

Other certificates including the domain name lafchicago.org

(limited to 100 certificates)
officeonlineserver.lafchicago.org
officewebapps.ad.lafchicago.org
lafchicago.org
lync.lafchicago.org
webremote.lafchicago.org
UC-CUCM-01-ms.ad.lafchicago.org
UC-UCXN-01-ms.ad.lafchicago.org
lafchicago.org
lafchicago.org
uc-exp-e01.ad.lafchicago.org
lync.lafchicago.org
www.lafchicago.org
uc-exp-c01.ad.lafchicago.org
lafchicago.org
officeonlineserver.lafchicago.org
file.lafchicago.org
file.lafchicago.org
lync.lafchicago.org
UC-UCCX-02.ad.lafchicago.org
lafchicago.org
mail.lafchicago.org
uc-exp-e01.ad.lafchicago.org
lafchicago.org
file.lafchicago.org
file.lafchicago.org
UC-CUCM-01-ms.ad.lafchicago.org
lafchicago.org
lafchicago.org
lafchicago.org
lafchicago.org
file.lafchicago.org
www.lafchicago.org
mail.lafchicago.org
file.lafchicago.org
uc-exp-c01.ad.lafchicago.org
mail1.ad.lafchicago.org
mail.lafchicago.org
file.lafchicago.org
file.lafchicago.org
file.lafchicago.org
lafchicago.org
lafchicago.org
mail.lafchicago.org
mail1.ad.lafchicago.org
lafchicago.org
mail.lafchicago.org
lafchicago.org
lync.lafchicago.org
mail.lafchicago.org
mail1.lafchicago.org
mail.lafchicago.org
mail.lafchicago.org
lafchicago.org
officeonlineserver.lafchicago.org
mail.lafchicago.org
lafchicago.org
mail.lafchicago.org
lync.ad.lafchicago.org
UC-UCXN-01-ms.ad.lafchicago.org
lafchicago.org
lafchicago.org
file.lafchicago.org
lafchicago.org
UC-UCCX-01.ad.lafchicago.org
file.lafchicago.org
lafchicago.org
mail1.lafchicago.org
mail.lafchicago.org
lync.lafchicago.org
lafchicago.org
mail1.ad.lafchicago.org
lafpoint.lafchicago.org
lync.ad.lafchicago.org
mail2.lafchicago.org
mail.lafchicago.org
UC-UCCX-01.ad.lafchicago.org
file.lafchicago.org
lync.lafchicago.org
lafchicago.org
lync.ad.lafchicago.org
mail.lafchicago.org
lafchicago.org
UC-UCCX-02.ad.lafchicago.org
lafchicago.org
mail.lafchicago.org
lafchicago.org
lync.lafchicago.org
officeonlineserver.ad.lafchicago.org
www.lafchicago.org

Certificate

The complete raw certificate details for UC-UCXN-01-ms.ad.lafchicago.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGsjCCBZqgAwIBAgIRAOf7+6YEKHj6aK9medLQI2IwDQYJKoZIhvcNAQELBQAw
gY8xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UE
AxMuU2VjdGlnbyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD
QTAeFw0yMTEyMDEwMDAwMDBaFw0yMzAxMDEyMzU5NTlaMCoxKDAmBgNVBAMTH1VD
LVVDWE4tMDEtbXMuYWQubGFmY2hpY2Fnby5vcmcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfjexzATMbsQddcXZdBbgQMGis4b1JHSGmZV3yx/fZy8ra
x5Xf7wDBO5PuUhXjTWf9UxU3AtEiXYTwAuNhj5Iz3gApsk7hyiNyZNQrBv7Jcyls
V7fMVPzPRJiuE5lVPkRjWMQuGDY9JECeS5CZVimS6wIdkLKCF9qRYM7rAYs0mceK
6RMGzViaiTg713Vee/l3d7bXRf192Xy5VOJbOh1yRHuuh2oFlvKWn9yoBdHnYjnn
Dlq88SRFcMrZRR+qnbhAdJRezaRov/AK7puKwCUAeMDV52GCp2LgsuknlmC2WPbq
IVFCInC6+nIzaWDrtz4LxPAPPGB8gqx/m03vYK73AgMBAAGjggNrMIIDZzAfBgNV
HSMEGDAWgBSNjF7EVK2K4Xfpm/mbBeG4AY1h4TAdBgNVHQ4EFgQUwxqkbmKfQVAl
TiYOZzKkGYBuQEEwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQEC
AgcwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EM
AQIBMIGEBggrBgEFBQcBAQR4MHYwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9jcnQuc2Vj
dGlnby5jb20vU2VjdGlnb1JTQURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJD
QS5jcnQwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMIIBfQYK
KwYBBAHWeQIEAgSCAW0EggFpAWcAdQCt9776fP8QyIudPZwePhhqtGcpXc+xDCTK
hYY069yCigAAAX14RLtlAAAEAwBGMEQCIBCP30GrbdbrwaAgIDnz+SEseTvH3Y0A
PFQc66DvT5kpAiAYOpDR2054aIHDFFuOx4tkTgB/W84O13Nl9yAqL+xGoAB3AHoy
jFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABfXhEuz8AAAQDAEgwRgIh
AOnfjKwfpXL/JDyfZJH8n9Ly2JXJIwP4SQjbHDGAdj84AiEA2dT3xK0I8Scj01lj
zAaUTVvW3rZxkvac/WrxoUVaAyAAdQDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp
4Xd9bQa9bgAAAX14RLr+AAAEAwBGMEQCIH0uFJSffJZ3MPjxOAN4iCaBn0J0mwF0
HFdNCAbE8Q3GAiB3PSrnDB1lEdAUFg5JqjEHRXX6ha+d/wzhBUhqKhy/AjCBlAYD
VR0RBIGMMIGJgh9VQy1VQ1hOLTAxLW1zLmFkLmxhZmNoaWNhZ28ub3JnghxVQy1V
Q1hOLTAxLmFkLmxhZmNoaWNhZ28ub3JnghxVQy1VQ1hOLTAyLmFkLmxhZmNoaWNh
Z28ub3JnghFhZC5sYWZjaGljYWdvLm9yZ4IXdW5pdHkuYWQubGFmY2hpY2Fnby5v
cmcwDQYJKoZIhvcNAQELBQADggEBAB4qYvxLPwIMb7OAKwyywcwPwT7xzHwy44eP
VwOmKLOA7L5ldk6moXxr2aOoXdclhRmG5/nW71CPmduAUx52tptHyTiSOxmZGwMl
LleC4Y5COeTawY7WFWjUy+zhzIIjgR8ZG9hV1f7fELwyvbDepKukXSpsUOyJKcYy
bjB84A2uwIsRSmKdVlA1m6ime7IY1cKb7lMIZjDHdMwWWhvDMG8Ob+FB4/iciXLD
pJI7aM0mnSChhS02Pknx4Nn45ZP7GhEX7BY1IRevHLb2lyXYtRvGXIGMw7is3Dsl
yZ/HRq/r3ZxE/tR7AaN8o0kBQ2Oi4OS6gx9xWguH/d/WfgqNY7A=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn43scwEzG7EHXXF2XQW4
EDBorOG9SR0hpmVd8sf32cvK2seV3+8AwTuT7lIV401n/VMVNwLRIl2E8ALjYY+S
M94AKbJO4cojcmTUKwb+yXMpbFe3zFT8z0SYrhOZVT5EY1jELhg2PSRAnkuQmVYp
kusCHZCyghfakWDO6wGLNJnHiukTBs1Ymok4O9d1Xnv5d3e210X9fdl8uVTiWzod
ckR7rodqBZbylp/cqAXR52I55w5avPEkRXDK2UUfqp24QHSUXs2kaL/wCu6bisAl
AHjA1edhgqdi4LLpJ5Zgtlj26iFRQiJwuvpyM2lg67c+C8TwDzxgfIKsf5tN72Cu
9wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 308360037575780170687974325592746107746
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-01 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-01 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'UC-UCXN-01-ms.ad.lafchicago.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20141875639855872244872907448897005274210725775251564663496739573222416429307073757303101997888236932128093585546958491635453785954204459861577189624973215995283735608070859799777443788506179510508563713792765954792389774478397141735967395368359581070813965095842680410989871860145219489904855795103371126081727884980845066199854104758426784869248490548761347403555403825967562484016609998178665463083593366660602176513534350576497507906254838579525093501482898014390567545840746977418149980795553586033197992236592524634077946833500346320599854416229689965925032960865391262292520791802334393600904096021036411170551
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c31aa46e629f4150254e260e6732a419806e4041
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017d7844bb6500000403004630440220108fdf41ab6dd6ebc1a0202039f3f9212c793bc7dd8d003c541ceba0ef4f99290220183a90d1db4e786881c3145b8ec78b644e007f5bce0ed77365f7202a2fec46a00077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000017d7844bb3f0000040300483046022100e9df8cac1fa572ff243c9f6491fc9fd2f2d895c92303f84908db1c3180763f38022100d9d4f7c4ad08f12723d35963cc06944d5bd6deb67192f69cfd6af1a1455a0320007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017d7844bafe000004030046304402207d2e14949f7c967730f8f13803788826819f42749b01741c574d0806c4f10dc60220773d2ae70c1d6511d014160e49aa31074575fa85af9dff0ce105486a2a1cbf02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (140 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'UC-UCXN-01-ms.ad.lafchicago.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'UC-UCXN-01.ad.lafchicago.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'UC-UCXN-02.ad.lafchicago.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ad.lafchicago.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'unity.ad.lafchicago.org'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001e2a62fc4b3f020c6fb3802b0cb2c1cc0fc13ef1cc7c32e3878f5703a628b380ecbe65764ea6a17c6bd9a3a85dd725851986e7f9d6ef508f99db80531e76b69b47c938923b19991b03252e5782e18e4239e4dac18ed61568d4cbece1cc8223811f191bd855d5fedf10bc32bdb0dea4aba45d2a6c50ec8929c6326e307ce00daec08b114a629d5650359ba8a67bb218d5c29bee53086630c774cc165a1bc3306f0e6fe141e3f89c8972c3a4923b68cd269d20a1852d363e49f1e0d9f8e593fb1a1117ec16352117af1cb6f69725d8b51bc65c818cc3b8acdc3b25c99fc746afebdd9c44fed47b01a37ca349014363a2e0e4ba831f715a0b87fddfd67e0a8d63b0