okta.colby.edu

- Colby College -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number b6:12:af:f1:d0:ed:ca:7b:cf:93:72:b5:52:c7:bb:1e was issued on by Internet2.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Colby College

Organization: Colby College
State / Province: Maine
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): b6:12:af:f1:d0:ed:ca:7b:cf:93:72:b5:52:c7:bb:1e
Serial Number (int): 242016525156636474409860911772314614558
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: c2:55:cf:db:d3:6f:b8:c4:14:e0:03:9d:f2:c7:d1:d9:e0:c9:46:5c
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): e1:e2:24:57:ef:3b:29:ef:78:75:a4:51:a5:87:db:1f:5b:6c:56:de
Fingerprint (sha256): 1c:cc:57:65:72:4f:d0:ca:26:a8:40:54:4b:57:01:59:b0:d3:9c:56:45:98:e5:f0:ed:3d:73:3e:be:04:00:b3

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate okta.colby.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for okta.colby.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

okta.colby.edu

Other certificates including the domain name colby.edu

(limited to 100 certificates)
sni.cloudflaressl.com
alumni-secure.colby.edu
davisconnects.colby.edu
admissions.colby.edu
its-status.colby.edu
oktapreview.colby.edu
cluster2.technolutions.net
*.colby.edu
bookplates.colby.edu
vrppdt0.colby.edu
librarysearch.colby.edu
idp.colby.edu
dns.sterda.com
web.colby.edu
ems.colby.edu
vrppdt0.colby.edu
sni.cloudflaressl.com
xenapp.colby.edu
moodle.colby.edu
cluster2.technolutions.net
sni.cloudflaressl.com
cluster2.technolutions.net
sni.cloudflaressl.com
schupfarts.colby.edu
its-status.colby.edu
admissions.colby.edu
its-status.colby.edu
vwpsfs0.colby.edu
dns.sterda.com
its-status.colby.edu
its-status.colby.edu
sni.cloudflaressl.com
news.colby.edu
digitalcommons.colby.edu
dns.sterda.com
xen.colby.edu
vwpdevcon1.colby.edu
its-status.colby.edu
pgpserver1.colby.edu
sni.cloudflaressl.com
clearpass.colby.edu
alumni-secure.colby.edu
sni.cloudflaressl.com
view.colby.edu
its-status.colby.edu
cluster2.technolutions.net
sni.cloudflaressl.com
cluster2.technolutions.net
terradotta.colby.edu
moodle.colby.edu
its-status.colby.edu
vwpjira1.colby.edu
its-status.colby.edu
cluster2.technolutions.net
sni.cloudflaressl.com
video.colby.edu
cps.colby.edu
admissions.colby.edu
cluster2.technolutions.net
sni.cloudflaressl.com
okta.colby.edu
personal.colby.edu
cluster2.technolutions.net
digitalcommons.colby.edu
sni.cloudflaressl.com
cluster2.technolutions.net
sni.cloudflaressl.com
idpdev.colby.edu
its-status.colby.edu
moodle.colby.edu
sni.cloudflaressl.com
cxweb.colby.edu
archivesspace.colby.edu
citrix.colby.edu
cluster2.technolutions.net
cluster2.technolutions.net
colby.edu
idp.colby.edu
cxweb.colby.edu
its-status.colby.edu
its-status.colby.edu
its-status.colby.edu
web.colby.edu
personal.colby.edu
cluster2.technolutions.net
its-status.colby.edu
my.colby.edu
its-status.colby.edu
mcmi.colby.edu
ems.colby.edu
its-status.colby.edu
vpn-old.colby.edu
*.pfsnr.colby.edu
sni.cloudflaressl.com
admissions.colby.edu
its-status.colby.edu
dns.sterda.com
its-status.colby.edu
lunderinstitute.colby.edu
web.colby.edu

Certificate

The complete raw certificate details for okta.colby.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGlDCCBXygAwIBAgIRALYSr/HQ7cp7z5NytVLHux4wDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMjMwNjEyMDAwMDAwWhcNMjQwNjMw
MjM1OTU5WjBOMQswCQYDVQQGEwJVUzEOMAwGA1UECBMFTWFpbmUxFjAUBgNVBAoT
DUNvbGJ5IENvbGxlZ2UxFzAVBgNVBAMTDm9rdGEuY29sYnkuZWR1MIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DYtTdMxNwfi1xPwDYviSKP4oG6l0jfY
NWc8ty+DJzxVnqLr/O1w8fshSV1NEr3wgnbs5UqFvkw2G+kX8bciKhjuqU7n8oIi
rMikl13ndIzSZqSRk1MQAFe1/oqtJZFlN+L2Ape7w7nuHTzwEiHApi0Fnq6weQWL
378CWtnYdu42d2NI/wX94WX51v/fUtPLYmCqjRWSjsN4hGLvhn6P+c97KpG/ebN/
xAZ9zUTDbDZ9WSdVRJI5mPT1R4A+dH34JHZhc8J9SqTQmR+SV7aEMZM3HYBKDDui
Cnj7TIIeV3IGXR7W2BwVIwFQcXXDkGyL1BP7PtREwkC2wyUYcKoi9QIDAQABo4ID
QzCCAz8wHwYDVR0jBBgwFoAUHgWjd49sluJbh0umtIascQAM5zgwHQYDVR0OBBYE
FMJVz9vTb7jEFOADnfLH0dngyUZcMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBnBgNVHSAEYDBeMFIG
DCsGAQQBriMBBAMBATBCMEAGCCsGAQUFBwIBFjRodHRwczovL3d3dy5pbmNvbW1v
bi5vcmcvY2VydC9yZXBvc2l0b3J5L2Nwc19zc2wucGRmMAgGBmeBDAECAjBEBgNV
HR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLmluY29tbW9uLXJzYS5vcmcvSW5Db21t
b25SU0FTZXJ2ZXJDQS5jcmwwdQYIKwYBBQUHAQEEaTBnMD4GCCsGAQUFBzAChjJo
dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vSW5Db21tb25SU0FTZXJ2ZXJDQV8yLmNy
dDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAZBgNVHREE
EjAQgg5va3RhLmNvbGJ5LmVkdTCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHUA
dv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGIsL+W6gAABAMARjBE
AiAYoRNN/g+7/JfTxdxuhypoN/6uNgwrz3vXLzl84T2eCQIgSt63ZHL9YyQvzvgF
JDjpfPCVcqCtVVvsrzxwOHhbk1UAdgDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9
pD0wSNf7qwAAAYiwv5dEAAAEAwBHMEUCIFn3QM+YoptJJ+pyJ2i15PHGWPXhG56B
1JlqtSiObt3AAiEAmtupFVCBVCd9cKw9MpzrLzlaTIxHU9oDI6eHd3H3HCsAdgDu
zdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYiwv5cUAAAEAwBHMEUC
IDPqT2pjp0vxh97OcV72Tl7m65nZEiAy3Ur3d5yNXCk2AiEAxkqxvQuW6TvVxa4u
uYvAgR5y09Pa84i2piBneJ32OJ4wDQYJKoZIhvcNAQELBQADggEBAIDkgKKWv89I
Q9WgF6MLqFcrKloYIY64foi3PYG7tgfmxL5CnQ1GWo4t3VtQu/y/fp6PgBbBIuPb
+RGF/RPgduV6B11SS30z1Rh3Els9VJZfyHabVmH1JiWsKKdU3Gij51amqaatBP63
5UL/qi8BNEKG2unz4sVJQZbbANZQ3rgoTgrc+NmhXFXgUxYz5hN4uo43sAKvEQvm
DStoV4CGqOahzuqtH4BPJ6ekq3M96uJ9GR/x08fKNsJn8yaVnjzw3hg5gDH+zH+C
bh5+NjS2aRvg1IiUvHVQCGfjEZxIqNyFWWod1YraPgvn2iqwvA/QkNhR9MohO6NI
op1RmN8GQnA=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DYtTdMxNwfi1xPwDYvi
SKP4oG6l0jfYNWc8ty+DJzxVnqLr/O1w8fshSV1NEr3wgnbs5UqFvkw2G+kX8bci
KhjuqU7n8oIirMikl13ndIzSZqSRk1MQAFe1/oqtJZFlN+L2Ape7w7nuHTzwEiHA
pi0Fnq6weQWL378CWtnYdu42d2NI/wX94WX51v/fUtPLYmCqjRWSjsN4hGLvhn6P
+c97KpG/ebN/xAZ9zUTDbDZ9WSdVRJI5mPT1R4A+dH34JHZhc8J9SqTQmR+SV7aE
MZM3HYBKDDuiCnj7TIIeV3IGXR7W2BwVIwFQcXXDkGyL1BP7PtREwkC2wyUYcKoi
9QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 242016525156636474409860911772314614558
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-12 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-30 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Maine'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Colby College'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'okta.colby.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28809049191265533951383866496870147497089277455374406558503517117833645513199718500793391637019061589546988947088128339980106521397229365646856278685171182747716716405792859421359610177699751481113183682004498473023459318964528886536808557734904768509938395607654115717827964897167316229225659879063392545556134865152780750657888558255761724121250541088571052369825083092048572128380522649078727229466015918999293348322619455126550791539124926495101489086373955915133600956110429148303310535655603853797947215571128446451897773948522248841287409218054426484516484341395356842835650232475021030560466384929735578362613
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c255cfdbd36fb8c414e0039df2c7d1d9e0c9465c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'okta.colby.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							016700750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a7400000188b0bf96ea0000040300463044022018a1134dfe0fbbfc97d3c5dc6e872a6837feae360c2bcf7bd72f397ce13d9e0902204adeb76472fd63242fcef8052438e97cf09572a0ad555becaf3c7038785b9355007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000188b0bf97440000040300473045022059f740cf98a29b4927ea722768b5e4f1c658f5e11b9e81d4996ab5288e6eddc00221009adba915508154277d70ac3d329ceb2f395a4c8c4753da0323a7877771f71c2b007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000188b0bf97140000040300473045022033ea4f6a63a74bf187dece715ef64e5ee6eb99d9122032dd4af7779c8d5c2936022100c64ab1bd0b96e93bd5c5ae2eb98bc0811e72d3d3daf388b6a62067789df6389e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0080e480a296bfcf4843d5a017a30ba8572b2a5a18218eb87e88b73d81bbb607e6c4be429d0d465a8e2ddd5b50bbfcbf7e9e8f8016c122e3dbf91185fd13e076e57a075d524b7d33d51877125b3d54965fc8769b5661f52625ac28a754dc68a3e756a6a9a6ad04feb7e542ffaa2f01344286dae9f3e2c5494196db00d650deb8284e0adcf8d9a15c55e0531633e61378ba8e37b002af110be60d2b68578086a8e6a1ceeaad1f804f27a7a4ab733deae27d191ff1d3c7ca36c267f326959e3cf0de18398031fecc7f826e1e7e3634b6691be0d48894bc75500867e3119c48a8dc85596a1dd58ada3e0be7da2ab0bc0fd090d851f4ca213ba348a29d5198df064270