access-amfc1.amf.arm.gov
- Oak Ridge National Laboratory -
Issued by InCommon RSA Server CA
About this certificate
This digital certificate with serial number 7d:52:b0:ac:49:1f:c6:73:af:2a:3e:09:0b:19:e8:76 was issued on by Internet2.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Oak Ridge National Laboratory
Organization:
Oak Ridge National Laboratory
State / Province:
Tennessee
Locality: Oak Ridge
Country: US
Locality: Oak Ridge
Country: US
Internet2
Organization:
Internet2
Organization unit: InCommon
Organization unit: InCommon
State / Province:
MI
Locality: Ann Arbor
Country: US
Locality: Ann Arbor
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): 7d:52:b0:ac:49:1f:c6:73:af:2a:3e:09:0b:19:e8:76Serial Number (int): 166582851169479354705903453341721684086
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 48:77:b4:6d:4b:21:18:dd:ad:ba:3d:46:68:68:78:86:4e:ff:a1:cb
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38
Fingerprint (sha1): 02:7c:58:ab:0e:fd:31:c9:3b:1f:fc:1c:5a:14:47:fb:88:b3:38:b2
Fingerprint (sha256): 1e:96:d9:bd:2e:13:a6:d4:b1:bd:0c:41:93:b8:50:71:5a:c0:5a:e4:c0:e5:74:8b:8f:22:6e:b1:3d:a5:a3:2c
Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt
Revocation information
OCSP Server: http://ocsp.usertrust.comCRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl
Check the revocation status for certificate access-amfc1.amf.arm.gov
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for access-amfc1.amf.arm.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
access-amfc1.amf.arm.gov
Other certificates including the domain name arm.gov
(limited to 100 certificates)
iop.archive.arm.gov
www.arm.gov
yum.arm.gov
dev-armflow.arm.gov
opsweb-sgpc1.sgp.arm.gov
dqwiki.arm.gov
devoss.arm.gov
devoss.arm.gov
dsview-nsac1.nsa.arm.gov
cmdb.arm.gov
plot.dmf.arm.gov
cmdb.arm.gov
dq-amfc1.amf.arm.gov
prod-web4.adc.arm.gov
adams.arm.gov
www.dmf.arm.gov
rainier.arm.gov
access-enac1.ena.arm.gov
dq-amfc1.amf.arm.gov
ldap-nsac1.nsa.arm.gov
wiki.arm.gov
app0.arm.gov
rainier.arm.gov
www.ops.sgp.arm.gov
adcmonitor.ornl.gov
dev.www.db.arm.gov
dev-web3.adc.arm.gov
ecr.arm.gov
dev.arm.gov
www.arm.gov
dis.arm.gov
www.arm.gov
adcmonitor.ornl.gov
dq.arm.gov
i.arm.gov
dev.arm.gov
dq.arm.gov
iop.archive.arm.gov
kiosk.arm.gov
dsview.arm.gov
campaign.arm.gov
iop.archive.arm.gov
cmdb.arm.gov
www.xdc.arm.gov
dq-api.arm.gov
adc.arm.gov
pcm.arm.gov
opsweb-sgpc1.sgp.arm.gov
adc.arm.gov
dqwiki.arm.gov
adfsproxy.arm.gov
www.dmf.arm.gov
jenkins.adc.arm.gov
discourse.arm.gov
kiosk.arm.gov
www.xdc.arm.gov
armsso.ornl.gov
*.archive.arm.gov
web-amfc1.amf.arm.gov
dq-api.arm.gov
radar.arm.gov
access-amfc1.amf.arm.gov
engineering.arm.gov
adfsproxy.arm.gov
pcm.arm.gov
dsview-sgpc1.sgp.arm.gov
yum.arm.gov
oss.arm.gov
armsso.ornl.gov
campaign.arm.gov
warno.arm.gov
www.arm.gov
grafana.svcs.arm.gov
keycloakx.svcs.arm.gov
adc.arm.gov
access-amfc3.amf.arm.gov
wiki.arm.gov
wiki.arm.gov
armsso.ornl.gov
prodweb7.arm.gov
www.arm.gov
dq-amfc1.amf.arm.gov
www.arm.gov
prodweb7.arm.gov
pearl.dmf.arm.gov
www.arm.gov
code.arm.gov
www.archive.arm.gov
access.vsn.arm.gov
task.arm.gov
bcr.arm.gov
www.arm.gov
access-nsac1.nsa.arm.gov
opsweb-sgpc1.sgp.arm.gov
ecr.arm.gov
www.arm.gov
iop.archive.arm.gov
plot.dmf.arm.gov
www.db.arm.gov
opsweb-sgpc1.sgp.arm.gov
www.arm.gov
yum.arm.gov
dev-armflow.arm.gov
opsweb-sgpc1.sgp.arm.gov
dqwiki.arm.gov
devoss.arm.gov
devoss.arm.gov
dsview-nsac1.nsa.arm.gov
cmdb.arm.gov
plot.dmf.arm.gov
cmdb.arm.gov
dq-amfc1.amf.arm.gov
prod-web4.adc.arm.gov
adams.arm.gov
www.dmf.arm.gov
rainier.arm.gov
access-enac1.ena.arm.gov
dq-amfc1.amf.arm.gov
ldap-nsac1.nsa.arm.gov
wiki.arm.gov
app0.arm.gov
rainier.arm.gov
www.ops.sgp.arm.gov
adcmonitor.ornl.gov
dev.www.db.arm.gov
dev-web3.adc.arm.gov
ecr.arm.gov
dev.arm.gov
www.arm.gov
dis.arm.gov
www.arm.gov
adcmonitor.ornl.gov
dq.arm.gov
i.arm.gov
dev.arm.gov
dq.arm.gov
iop.archive.arm.gov
kiosk.arm.gov
dsview.arm.gov
campaign.arm.gov
iop.archive.arm.gov
cmdb.arm.gov
www.xdc.arm.gov
dq-api.arm.gov
adc.arm.gov
pcm.arm.gov
opsweb-sgpc1.sgp.arm.gov
adc.arm.gov
dqwiki.arm.gov
adfsproxy.arm.gov
www.dmf.arm.gov
jenkins.adc.arm.gov
discourse.arm.gov
kiosk.arm.gov
www.xdc.arm.gov
armsso.ornl.gov
*.archive.arm.gov
web-amfc1.amf.arm.gov
dq-api.arm.gov
radar.arm.gov
access-amfc1.amf.arm.gov
engineering.arm.gov
adfsproxy.arm.gov
pcm.arm.gov
dsview-sgpc1.sgp.arm.gov
yum.arm.gov
oss.arm.gov
armsso.ornl.gov
campaign.arm.gov
warno.arm.gov
www.arm.gov
grafana.svcs.arm.gov
keycloakx.svcs.arm.gov
adc.arm.gov
access-amfc3.amf.arm.gov
wiki.arm.gov
wiki.arm.gov
armsso.ornl.gov
prodweb7.arm.gov
www.arm.gov
dq-amfc1.amf.arm.gov
www.arm.gov
prodweb7.arm.gov
pearl.dmf.arm.gov
www.arm.gov
code.arm.gov
www.archive.arm.gov
access.vsn.arm.gov
task.arm.gov
bcr.arm.gov
www.arm.gov
access-nsac1.nsa.arm.gov
opsweb-sgpc1.sgp.arm.gov
ecr.arm.gov
www.arm.gov
iop.archive.arm.gov
plot.dmf.arm.gov
www.db.arm.gov
opsweb-sgpc1.sgp.arm.gov
Certificate
The complete raw certificate details for access-amfc1.amf.arm.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG0jCCBbqgAwIBAgIQfVKwrEkfxnOvKj4JCxnodjANBgkqhkiG9w0BAQsFADB2 MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0yMTEyMDcwMDAwMDBaFw0yMzAxMDcy MzU5NTlaMIGAMQswCQYDVQQGEwJVUzESMBAGA1UECBMJVGVubmVzc2VlMRIwEAYD VQQHEwlPYWsgUmlkZ2UxJjAkBgNVBAoTHU9hayBSaWRnZSBOYXRpb25hbCBMYWJv cmF0b3J5MSEwHwYDVQQDExhhY2Nlc3MtYW1mYzEuYW1mLmFybS5nb3YwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLwb6V60Bbxh9ssrSKe+rgR1/o6lsG IkMVXr7/AvOltOg1l+4S4vPyBrIhmEtCuIF/ytj/OZC3T9BOl69xVn1hTfbo3cmT X71EqTQIXRlEgzYUNn2yFIEV+rVtVFIMBVWZjrmUFJAnLfXVwMMexsPqo7pvWwRB JKzltP5U7o1V5TKz8RKpkXIf1aKDwJlHvpvmwQUAnRBOkUG45c4RoZypqUh3NoTB ylLbqU0Vn4j1Xi7v9fzxPec4zvO0Kqj6YpCA/mu2DdTqW3Qp7pQUR7j5BXziEH/0 ka+WGjVtGxQ+hd2sm2yxCKlKVRSLRFZ8FfwECpCkBwweZAD6Rm6y13lhAgMBAAGj ggNPMIIDSzAfBgNVHSMEGDAWgBQeBaN3j2yW4luHS6a0hqxxAAznODAdBgNVHQ4E FgQUSHe0bUshGN2tuj1GaGh4hk7/ocswDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB /wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGcGA1UdIARgMF4w UgYMKwYBBAGuIwEEAwEBMEIwQAYIKwYBBQUHAgEWNGh0dHBzOi8vd3d3LmluY29t bW9uLm9yZy9jZXJ0L3JlcG9zaXRvcnkvY3BzX3NzbC5wZGYwCAYGZ4EMAQICMEQG A1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwuaW5jb21tb24tcnNhLm9yZy9JbkNv bW1vblJTQVNlcnZlckNBLmNybDB1BggrBgEFBQcBAQRpMGcwPgYIKwYBBQUHMAKG Mmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9JbkNvbW1vblJTQVNlcnZlckNBXzIu Y3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMCMGA1Ud EQQcMBqCGGFjY2Vzcy1hbWZjMS5hbWYuYXJtLmdvdjCCAX8GCisGAQQB1nkCBAIE ggFvBIIBawFpAHYArfe++nz/EMiLnT2cHj4YarRnKV3PsQwkyoWGNOvcgooAAAF9 lWOTpQAABAMARzBFAiBa8I36iVIFGb7AJ93gub12ZY3cO4ri4hbZFkEKs/tOtwIh ANlnIojAIGM7zNxs0fYZzEXgbTMkL69u/S8KmSoERjWDAHcAejKMVNi3LbYg6jjg Uh7phBZwMhOFTTvSK8E6V6NS61IAAAF9lWOTZAAABAMASDBGAiEAxzmJoa9hfT/k M9lYyjnZYGpwXLSVv9n+UseKaLBpdrYCIQD3zueGmQc6BdIQJzWbluOQl7u0G0VV YQMBSsW6Pno1kQB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAAB fZVjkzgAAAQDAEcwRQIgUBr2DOggNNwh1qCFrM2XvgUCK7qFAYH+oUtuQ/zV8D0C IQCLZUw2NIcsZXcZPdpDrCQZ8zsv0ZLrK8JUCpK7II9NjTANBgkqhkiG9w0BAQsF AAOCAQEAKe7P1sqO9z6NqD+DuvO/xiyUzfQfp4G7kHvImCRTDOxsRSZ5D/vMuNee BEJe3yHQk4hWlmjQdtDAm0otF3OBkuj8R++T5HhNynwa3xVDpQY63xTImSYEd3Yl l6QLGiE1thUl43QhiKEQVMEQgjO7q+v/dZnYBZvnKEtuRszkezDStcHRSq8DP762 KDg/XH8Bxter6u+nQhRo8tEQUnPcBJhHGfARUgZA5nrrKzAHJdfV1AnAOC3cBscH I2btdSb12s4PWxdm4XMiwQmWPSSySS27QvK0koAV3QDVCVShfjTO/VgVNZntEeDD PXWeLIKct9oVG8siFFLmlNbpCorZcw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8G+letAW8YfbLK0invq 4Edf6OpbBiJDFV6+/wLzpbToNZfuEuLz8gayIZhLQriBf8rY/zmQt0/QTpevcVZ9 YU326N3Jk1+9RKk0CF0ZRIM2FDZ9shSBFfq1bVRSDAVVmY65lBSQJy311cDDHsbD 6qO6b1sEQSSs5bT+VO6NVeUys/ESqZFyH9Wig8CZR76b5sEFAJ0QTpFBuOXOEaGc qalIdzaEwcpS26lNFZ+I9V4u7/X88T3nOM7ztCqo+mKQgP5rtg3U6lt0Ke6UFEe4 +QV84hB/9JGvlho1bRsUPoXdrJtssQipSlUUi0RWfBX8BAqQpAcMHmQA+kZustd5 YQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 166582851169479354705903453341721684086 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-07 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-07 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tennessee' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oak Ridge' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oak Ridge National Laboratory' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'access-amfc1.amf.arm.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25721914869558516850908455633126748611527807949946415655267922622345037024785938544798949508159616271792834589072882050921247505999147947996669298211495809767305698951309378845356812035417362490618361303178910379138287423353441727377991360244228588229046012527246606975001624966552119510533584571544054122728128678328265978525490336189335205290887039207341301003110499222416620470428565954724453265222517440373558161655446403445249722788440284056897963359771523235775685181718185687151680708763242773223147271342758829389375969206957810243940167836459214160928002018847706065555316768209389673849064159408907343067489 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4877b46d4b2118ddadba3d46686878864effa1cb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'access-amfc1.amf.arm.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017d956393a5000004030047304502205af08dfa89520519bec027dde0b9bd76658ddc3b8ae2e216d916410ab3fb4eb7022100d9672288c020633bccdc6cd1f619cc45e06d33242faf6efd2f0a992a044635830077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000017d956393640000040300483046022100c73989a1af617d3fe433d958ca39d9606a705cb495bfd9fe52c78a68b06976b6022100f7cee78699073a05d21027359b96e39097bbb41b45556103014ac5ba3e7a3591007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017d9563933800000403004730450220501af60ce82034dc21d6a085accd97be05022bba850181fea14b6e43fcd5f03d0221008b654c3634872c6577193dda43ac2419f33b2fd192eb2bc2540a92bb208f4d8d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0029eecfd6ca8ef73e8da83f83baf3bfc62c94cdf41fa781bb907bc89824530cec6c4526790ffbccb8d79e04425edf21d09388569668d076d0c09b4a2d17738192e8fc47ef93e4784dca7c1adf1543a5063adf14c899260477762597a40b1a2135b61525e3742188a11054c1108233bbabebff7599d8059be7284b6e46cce47b30d2b5c1d14aaf033fbeb628383f5c7f01c6d7abeaefa7421468f2d1105273dc04984719f011520640e67aeb2b300725d7d5d409c0382ddc06c7072366ed7526f5dace0f5b1766e17322c109963d24b2492dbb42f2b4928015dd00d50954a17e34cefd58153599ed11e0c33d759e2c829cb7da151bcb221452e694d6e90a8ad973