offwebapps.johnshopkins.edu

- Johns Hopkins University -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number c7:67:b0:ee:83:70:eb:ed:72:fc:1c:13:9c:63:b3:88 was issued on by Internet2.

With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Johns Hopkins University

Organization: Johns Hopkins University
Organization unit: JH
Address: 5801 Smith Avenue
Postal code: 21209
State / Province: Maryland
Locality: Baltimore
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): c7:67:b0:ee:83:70:eb:ed:72:fc:1c:13:9c:63:b3:88
Serial Number (int): 265054766338699317157183598688695726984
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 12:be:46:80:e6:fa:6b:ed:40:48:24:59:15:26:13:8e:07:b9:f3:43
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 33:02:d4:97:56:ed:1f:4e:0c:c1:f7:4c:7d:0f:5e:ee:f1:42:3c:c5
Fingerprint (sha256): 13:64:65:40:25:57:1a:c3:a8:70:a7:e8:2e:c3:bb:34:00:98:d9:6d:17:86:09:59:3f:13:ae:0f:5b:a6:22:87

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate offwebapps.johnshopkins.edu

10

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for offwebapps.johnshopkins.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

offwebapps.johnshopkins.edu
esgoffwebapp1.johnshopkins.edu
esgoffwebapp1.win.ad.jhu.edu
esgoffwebapp2.johnshopkins.edu
esgoffwebapp2.win.ad.jhu.edu
esgoffwebapp3.johnshopkins.edu
esgoffwebapp3.win.ad.jhu.edu
esgoffwebapp4.johnshopkins.edu
esgoffwebapp4.win.ad.jhu.edu
offwebapps.jh.edu

Other certificates including the domain name johnshopkins.edu

(limited to 100 certificates)
e210.johnshopkins.edu
devreotes.johnshopkins.edu
kasslab.johnshopkins.edu
connectdev.johnshopkins.edu
kasslab.johnshopkins.edu
kasslab.johnshopkins.edu
devrpad.jhu.edu
devrpad.jhu.edu
operations.onecampus.com
ssltest.johnshopkins.edu
esmepiciconnnp.esm.johnshopkins.edu
idp.jh.edu
esmepicmonnp1.esm.johnshopkins.edu
it.johnshopkins.edu
connectweb4.johnshopkins.edu
esgndestest2.johnshopkins.edu
it.johnshopkins.edu
kasslab.johnshopkins.edu
cloudapps.johnshopkins.edu
epicmobile.johnshopkins.edu
ndestest2.johnshopkins.edu
jhbcaweb.johnshopkins.edu
myit.jh.edu
search.johnshopkins.edu
esmepicmmcnp.esm.johnshopkins.edu
esgbloxtest.johnshopkins.edu
mobiletest.johnshopkins.edu
mobile.johnshopkins.edu
esgbloxtest.johnshopkins.edu
jhcred.esm.johnshopkins.edu
jhcred.esm.johnshopkins.edu
hdaidev.esm.johnshopkins.edu
mobile.johnshopkins.edu
e210.johnshopkins.edu
kasslab.johnshopkins.edu
esmepicepseinp.esm.johnshopkins.edu
offwebapps.johnshopkins.edu
jhcredtst.esm.johnshopkins.edu
operations.onecampus.com
idp.jh.edu
mdmtst.johnshopkins.edu
gssbcaweb.johnshopkins.edu
webct.jhu.edu
onmyway.johnshopkins.edu
smtptest.johnshopkins.edu
connectweb3.johnshopkins.edu
mobiletestmail.johnshopkins.edu
freefood.johnshopkins.edu
mobile.johnshopkins.edu
epicshib.johnshopkins.edu
esmepiciconnnp.esm.johnshopkins.edu
idp.jh.edu
devvirtualvisit.jhmi.edu
logindev.johnshopkins.edu
adfs.johnshopkins.edu
digital.pathology.johnshopkins.edu
stage.johnshopkins.edu
srvmgr.johnshopkins.edu
devrpad.jhu.edu
adfstest.johnshopkins.edu
esmepicmmcnp.esm.johnshopkins.edu
freefood.johnshopkins.edu
connect.johnshopkins.edu
mobile.johnshopkins.edu
*.johnshopkins.edu
ebaccess.jhu.edu
mysite.johnshopkins.edu
kasslab.johnshopkins.edu
hpo.johnshopkins.edu
kasslab.johnshopkins.edu
trcoeus.johnshopkins.edu
hdaiqa.esm.johnshopkins.edu
e210.johnshopkins.edu
mobile.johnshopkins.edu
testidp.jh.edu
jhcred.esm.johnshopkins.edu
mobiletestmail.johnshopkins.edu
mobiletestmail.johnshopkins.edu
jhbomgarprod1.hosts.jhmi.edu
enterpriseauth.johnshopkins.edu
operations.onecampus.com
kasslab.johnshopkins.edu
logintest.johnshopkins.edu
operations.onecampus.com
prcoeus.johnshopkins.edu
devreotes.johnshopkins.edu
testidp.jh.edu
*.erp.johnshopkins.edu
esmepicmmcpnp.esm.johnshopkins.edu
jhepicsoaptst.esm.johnshopkins.edu
kasslab.johnshopkins.edu
wmsscale.esm.johnshopkins.edu
ipmtwspamq.johnshopkins.edu
kasslab.johnshopkins.edu
idp.jh.edu
e210.johnshopkins.edu
ictr.johnshopkins.edu
jhepicsoaphtst.esm.johnshopkins.edu
mobile.johnshopkins.edu
mysupportbeta.jh.edu

Certificate

The complete raw certificate details for offwebapps.johnshopkins.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGmjCCBYKgAwIBAgIRAMdnsO6DcOvtcvwcE5xjs4gwDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMTUwMjEwMDAwMDAwWhcNMTgwMjA5
MjM1OTU5WjCBtjELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTIxMjA5MREwDwYDVQQI
EwhNYXJ5bGFuZDESMBAGA1UEBxMJQmFsdGltb3JlMRowGAYDVQQJExE1ODAxIFNt
aXRoIEF2ZW51ZTEhMB8GA1UEChMYSm9obnMgSG9wa2lucyBVbml2ZXJzaXR5MQsw
CQYDVQQLEwJKSDEkMCIGA1UEAxMbb2Zmd2ViYXBwcy5qb2huc2hvcGtpbnMuZWR1
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTHWeBPqEvD+/2tWNmA8
j/0yywB+VPB1k5TY2bqe5PRbbdW0RDgFoJzgnZMkuMHqlYSO3CD/SoQUFVk+ROKk
B2gyfn1rshUYkPurfi5Qd5KKbVLcrXmbmQkVFAyJOBjZ5BZ55DXn5O5q94Hqv/Nh
88zl3tww1OtpIOiLdsjFjXuZPnkYOqThKA1EVjA704W8i/ecSiQReggNlJ9EbEvl
ka0J3ATcRUOl0AgQFrS9azX0lHckXYYHdiYOEjFoEnTxZEZBWqpgxxEbmblGIdfh
HNAsGem7lm6vi2dxVZAo5tRTzE7QHnHBGDOQy5116/IzFB20N8OSHNnTSpKdflKk
nQIDAQABo4IC4DCCAtwwHwYDVR0jBBgwFoAUHgWjd49sluJbh0umtIascQAM5zgw
HQYDVR0OBBYEFBK+RoDm+mvtQEgkWRUmE44HufNDMA4GA1UdDwEB/wQEAwIFoDAM
BgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBnBgNV
HSAEYDBeMFIGDCsGAQQBriMBBAMBATBCMEAGCCsGAQUFBwIBFjRodHRwczovL3d3
dy5pbmNvbW1vbi5vcmcvY2VydC9yZXBvc2l0b3J5L2Nwc19zc2wucGRmMAgGBmeB
DAECAjBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLmluY29tbW9uLXJzYS5v
cmcvSW5Db21tb25SU0FTZXJ2ZXJDQS5jcmwwdQYIKwYBBQUHAQEEaTBnMD4GCCsG
AQUFBzAChjJodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vSW5Db21tb25SU0FTZXJ2
ZXJDQV8yLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNv
bTCCATUGA1UdEQSCASwwggEoghtvZmZ3ZWJhcHBzLmpvaG5zaG9wa2lucy5lZHWC
HmVzZ29mZndlYmFwcDEuam9obnNob3BraW5zLmVkdYIcZXNnb2Zmd2ViYXBwMS53
aW4uYWQuamh1LmVkdYIeZXNnb2Zmd2ViYXBwMi5qb2huc2hvcGtpbnMuZWR1ghxl
c2dvZmZ3ZWJhcHAyLndpbi5hZC5qaHUuZWR1gh5lc2dvZmZ3ZWJhcHAzLmpvaG5z
aG9wa2lucy5lZHWCHGVzZ29mZndlYmFwcDMud2luLmFkLmpodS5lZHWCHmVzZ29m
ZndlYmFwcDQuam9obnNob3BraW5zLmVkdYIcZXNnb2Zmd2ViYXBwNC53aW4uYWQu
amh1LmVkdYIRb2Zmd2ViYXBwcy5qaC5lZHUwDQYJKoZIhvcNAQELBQADggEBAGl4
XPmIAXZjfCNJdk3BsQ4UqJ2GGrYRlZWhQ4GHPG0/t/cfkLwbridma18aaKQGtbXY
hl9X2/ZZ+ky5imMpQBEyoaWvRroepLOosZ7r2JrSBzSwmtZiAMmbI5OWlWMbxICS
0e1wR3GwS0yRXR0Gb+aMc+OmSrXjXOM6XckKU8jp0fZOMsGHE46xr+j80z6oZQaz
tVPbD7ncnGEjlmVee2QYV50R4kKbPqAjg8e6rDQ0fvNtHdNQ/I8g5fipW+hyxHNz
JCi/FHg1j6sHmP+DmCi1qqh2Q0ghYgL7brB9lkYKUbixTqDJ74yYja3a6bXhrjhV
vIZaWQwLv8DYYAjCeSg=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTHWeBPqEvD+/2tWNmA8
j/0yywB+VPB1k5TY2bqe5PRbbdW0RDgFoJzgnZMkuMHqlYSO3CD/SoQUFVk+ROKk
B2gyfn1rshUYkPurfi5Qd5KKbVLcrXmbmQkVFAyJOBjZ5BZ55DXn5O5q94Hqv/Nh
88zl3tww1OtpIOiLdsjFjXuZPnkYOqThKA1EVjA704W8i/ecSiQReggNlJ9EbEvl
ka0J3ATcRUOl0AgQFrS9azX0lHckXYYHdiYOEjFoEnTxZEZBWqpgxxEbmblGIdfh
HNAsGem7lm6vi2dxVZAo5tRTzE7QHnHBGDOQy5116/IzFB20N8OSHNnTSpKdflKk
nQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 265054766338699317157183598688695726984
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-02-10 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-02-09 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '21209'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Maryland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Baltimore'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '5801 Smith Avenue'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Johns Hopkins University'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'offwebapps.johnshopkins.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21863802679344851891809346908066059238469989159406474008924164822854573509911159058702475665215890932725799025763342969612398557631666345463049088382744694643305222538901184536563688099050785275729099046825751569351820579549915928543701827126547854893887058638988895960652644641691616573254394958729378524141067979034796995365406772938552476211132201574972495097192897969460389735145233746169268968225974643106056493561112605705470111505653403178147678130902436946496006678007011157646906305763105063584311179943893302868944795030327325939256186840279700727835954648318963935578024804647664430038229429384011540767901
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							12be4680e6fa6bed404824591526138e07b9f343
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (300 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'offwebapps.johnshopkins.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esgoffwebapp1.johnshopkins.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esgoffwebapp1.win.ad.jhu.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esgoffwebapp2.johnshopkins.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esgoffwebapp2.win.ad.jhu.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esgoffwebapp3.johnshopkins.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esgoffwebapp3.win.ad.jhu.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esgoffwebapp4.johnshopkins.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esgoffwebapp4.win.ad.jhu.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'offwebapps.jh.edu'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0069785cf9880176637c2349764dc1b10e14a89d861ab6119595a14381873c6d3fb7f71f90bc1bae27666b5f1a68a406b5b5d8865f57dbf659fa4cb98a6329401132a1a5af46ba1ea4b3a8b19eebd89ad20734b09ad66200c99b23939695631bc48092d1ed704771b04b4c915d1d066fe68c73e3a64ab5e35ce33a5dc90a53c8e9d1f64e32c187138eb1afe8fcd33ea86506b3b553db0fb9dc9c612396655e7b6418579d11e2429b3ea02383c7baac34347ef36d1dd350fc8f20e5f8a95be872c473732428bf1478358fab0798ff839828b5aaa8764348216202fb6eb07d96460a51b8b14ea0c9ef8c988daddae9b5e1ae3855bc865a590c0bbfc0d86008c27928