duo.mica.edu

- Maryland Institute College of Art -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 3c:be:b7:c9:77:5a:c6:ac:cd:23:26:3b:27:43:09:f7 was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Maryland Institute College of Art

Organization: Maryland Institute College of Art
Organization unit: MICA Technology
Address: 1300 W Mount Royal Avenue
Postal code: 21217
State / Province: Maryland
Locality: Baltimore
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 3c:be:b7:c9:77:5a:c6:ac:cd:23:26:3b:27:43:09:f7
Serial Number (int): 80743943792973160955159325677923273207
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 78:15:c8:9a:55:8e:41:2d:e6:53:25:f5:10:e5:da:37:ba:f8:9f:fd
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 07:b6:d8:ff:ab:7d:92:d4:ff:5b:0d:4a:fa:54:0d:e5:a9:63:3c:d2
Fingerprint (sha256): 2f:75:a5:d7:3d:3f:c9:18:91:87:a9:d0:bf:33:bc:4a:bf:8a:15:93:92:9a:4a:5d:02:39:9c:60:13:70:cb:4d

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate duo.mica.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for duo.mica.edu

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

duo.mica.edu

Other certificates including the domain name mica.edu

(limited to 100 certificates)
portal-sp.mica.edu
inside.mica.edu
libguides.mica.edu
*.ezproxy.mica.edu
www.mica.edu
discover.mica.edu
websupport.mica.edu
duo.mica.edu
medium.mica.edu
mica.edu
libguides.mica.edu
chesapeake.mica.edu
csprd90.mica.edu
CGWTest.mica.edu
ptprd85.mica.edu
gwprd.mica.edu
moodlerooms.com
moodlerooms.com
euphrates.mica.edu
shinultima.mica.edu
bahamut.mica.edu
mica2020.missionmedia.net
shop.mica.edu
new.mica.edu
danube.mica.edu
connect.mica.edu
apply.mica.edu
digitaldecker.mica.edu
tms.mica.edu
libguides.mica.edu
www.mica.edu
discover.mica.edu
plannedgiving.mica.edu
shop.mica.edu
sp.mica.edu
moodlerooms.com
shingraduate.mica.edu
ldapserver3.mica.edu
mica.edu
shop.mica.edu
shinomega.mica.edu
inside.mica.edu
shop.mica.edu
idp.mica.edu
commotion.mica.edu
accreditationpolicies.acr.org
libguides.mica.edu
moodlerooms.com
indus.mica.edu
kama.mica.edu
neckar.mica.edu
gwtst.mica.edu
gwprd.mica.edu
commtoolkit.mica.edu
inside.mica.edu
sp.mica.edu
info.mica.edu
velocity.mica.edu
moodlerooms.com
csprd90.mica.edu
webdev.mica.edu
classsearchtest.mica.edu
kalu.mica.edu
testing.mica.edu
moodlerooms.com
idp.mica.edu
velocity.mica.edu
www.mica.edu
online.mica.edu
mica.edu
ldapserver3.mica.edu
csprd92.mica.edu
mica.edu
sp.mica.edu
www.mica.edu
csprd90.mica.edu
velocity.mica.edu
idp.mica.edu
mica.edu
moodlerooms.com
medium.mica.edu
danube.mica.edu
online.mica.edu
duo.mica.edu
inside.mica.edu
discover.mica.edu
helpdesk.mica.edu
cstst90.mica.edu
inside.mica.edu
inside.mica.edu
jonesfalls.mica.edu
alertus.mica.edu
bahamut.mica.edu
mica.edu
Maryland Institute College of Art (THE MARYLAND INSTITUTE)
whatsupgold.mica.edu
libguides.mica.edu
vpn.mica.edu
csdev90.mica.edu
ptprd85.mica.edu

Certificate

The complete raw certificate details for duo.mica.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIICjCCBvKgAwIBAgIQPL63yXdaxqzNIyY7J0MJ9zANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0xOTA0MTYwMDAwMDBaFw0yMTA0MTUy
MzU5NTlaMIHFMQswCQYDVQQGEwJVUzEOMAwGA1UEERMFMjEyMTcxETAPBgNVBAgT
CE1hcnlsYW5kMRIwEAYDVQQHEwlCYWx0aW1vcmUxIjAgBgNVBAkTGTEzMDAgVyBN
b3VudCBSb3lhbCBBdmVudWUxKjAoBgNVBAoTIU1hcnlsYW5kIEluc3RpdHV0ZSBD
b2xsZWdlIG9mIEFydDEYMBYGA1UECxMPTUlDQSBUZWNobm9sb2d5MRUwEwYDVQQD
EwxkdW8ubWljYS5lZHUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD3
B+UIGnqiEPEow71rO4CPIbXCGX1IwfuGHtpJUNFgkJnLYtv/M+691pgo7BG1KNOA
LOpnN+XWsrsCXi7NngKMXnwse7prU9j03v2ptXNtbxfgblIMKy7GqRKBrygkc38K
rTTpGXuYP9lviyS21Kla53WiVe79JSFSgO3D6kEw1n9HVmbIegw8GNTVrf0uYzTt
5VMWJ8KiptgoQzR8v90hh0Qc1yq2IrmSyrVUMo6jmyrtJosmTwIW18q0yZlLCX22
bKmPhfbuey0JCo3UxLiH++oSYPpstM3X0B6mUJ9qtdCoccpKn/7fq1S5LOglP30r
khookWYIy5Y3poJZSSuT3mRpgLzU4CrYyYCKBnbqF3cuOYhsR/ojAs1Tlx3uVp5A
Rnycyg6a83rM0lHQxLJ8s2NtCsVTrB3sdQJjPGap8UiV/+t6v5rp9xs/T5wXPZlY
707ggFWDboEpAVQ/5BfGr6np1zo5QIFPfmgJNxdLbPLjcsexv0wukd8sYauorU57
S0KuOj3Xig20hdbU8NwCDF3fi20a3ZPnD6+nttD/p2N3rlVXqEyTOmOEsjm0S02Y
wxphre+97EakbN53G4YPxnUy2HnmdUAdvz3pSXac2P3NsK2Z4rm4Pi/oFpyWIbgS
W9sRbwkJx8NakFbAN6b/i79GJHVM7J4X7i7bVLUOCQIDAQABo4IDQjCCAz4wHwYD
VR0jBBgwFoAUHgWjd49sluJbh0umtIascQAM5zgwHQYDVR0OBBYEFHgVyJpVjkEt
5lMl9RDl2je6+J/9MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBnBgNVHSAEYDBeMFIGDCsGAQQBriMB
BAMBATBCMEAGCCsGAQUFBwIBFjRodHRwczovL3d3dy5pbmNvbW1vbi5vcmcvY2Vy
dC9yZXBvc2l0b3J5L2Nwc19zc2wucGRmMAgGBmeBDAECAjBEBgNVHR8EPTA7MDmg
N6A1hjNodHRwOi8vY3JsLmluY29tbW9uLXJzYS5vcmcvSW5Db21tb25SU0FTZXJ2
ZXJDQS5jcmwwdQYIKwYBBQUHAQEEaTBnMD4GCCsGAQUFBzAChjJodHRwOi8vY3J0
LnVzZXJ0cnVzdC5jb20vSW5Db21tb25SU0FTZXJ2ZXJDQV8yLmNydDAlBggrBgEF
BQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAXBgNVHREEEDAOggxkdW8u
bWljYS5lZHUwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB3ALvZ37wfinG1k5Qj
l6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABaiduSykAAAQDAEgwRgIhAIrU/3KFCBGQ
LOArR4xO1zEvrGkbUY6NhMRkfMC3UrQEAiEAk+9NdksRlnxMnmB9o8cXgVVxJxqV
8U6HTJvIyDOzn8QAdgBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/0zOWtbaBqAAA
AWonbksVAAAEAwBHMEUCIGtNzZH7Tc5fNmK+dAAMsPp5UuRT8pKTCHZCnJpMQxvh
AiEAxgUHtU5TKDxS5/olMeyMYk1ko8KMjWImmp7JTnLsfVAAdQBc3EOS/uarRUSx
XprUVuYQN/vV+kfcoXOUsl7m9scOygAAAWonbksXAAAEAwBGMEQCIAqVx65721tH
jRlvVZtzfxSROMgMy+ouwVbOSrMpJpnXAiBx6heLoGuS9hq0mzpGAgYtEmIIjljg
DkEtGhPz4eJLYjANBgkqhkiG9w0BAQsFAAOCAQEAWI8Sp5pxEyRNmkm7wlMB3u/X
xd0xq4BeTN+ZV6as/GdUz5h4QwtrnS+wqt0U+B/mtPIfjLWIgiQNScCZJUC45CMg
AA7hzBNqBlABFhog+fdiGgN0J1YkLa1TSbRU6n1T1PFxksPcrziAMBYF+E+cNkLa
kX6iTRxiI18UlHAz7VWQzoU7cgOz2DNXc4s2Gicr+Fw8m/Jy+qRlURrahVmTEBUu
aZVsWqTez+dcoomq86GPjdWSAhp9VWvyoqzT5BhXXwnpHK8FV+6U9qEM0/sNFz7N
gMHUYe2aKnE78LPotmDxCQM6zmnUcFtxDcnIySjYTF706eqGZnpMS5Sd47GPJA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9wflCBp6ohDxKMO9azuA
jyG1whl9SMH7hh7aSVDRYJCZy2Lb/zPuvdaYKOwRtSjTgCzqZzfl1rK7Al4uzZ4C
jF58LHu6a1PY9N79qbVzbW8X4G5SDCsuxqkSga8oJHN/Cq006Rl7mD/Zb4skttSp
Wud1olXu/SUhUoDtw+pBMNZ/R1ZmyHoMPBjU1a39LmM07eVTFifCoqbYKEM0fL/d
IYdEHNcqtiK5ksq1VDKOo5sq7SaLJk8CFtfKtMmZSwl9tmypj4X27nstCQqN1MS4
h/vqEmD6bLTN19AeplCfarXQqHHKSp/+36tUuSzoJT99K5IaKJFmCMuWN6aCWUkr
k95kaYC81OAq2MmAigZ26hd3LjmIbEf6IwLNU5cd7laeQEZ8nMoOmvN6zNJR0MSy
fLNjbQrFU6wd7HUCYzxmqfFIlf/rer+a6fcbP0+cFz2ZWO9O4IBVg26BKQFUP+QX
xq+p6dc6OUCBT35oCTcXS2zy43LHsb9MLpHfLGGrqK1Oe0tCrjo914oNtIXW1PDc
Agxd34ttGt2T5w+vp7bQ/6djd65VV6hMkzpjhLI5tEtNmMMaYa3vvexGpGzedxuG
D8Z1Mth55nVAHb896Ul2nNj9zbCtmeK5uD4v6BacliG4ElvbEW8JCcfDWpBWwDem
/4u/RiR1TOyeF+4u21S1DgkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 80743943792973160955159325677923273207
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-16 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-15 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '21217'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Maryland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Baltimore'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1300 W Mount Royal Avenue'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Maryland Institute College of Art'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MICA Technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'duo.mica.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1007797894887010748316634525760034302939831224165045493200795359990646069896089244374623004228546898658130681952863008925794570980061376285265454208810798841255241101268912098178636155600048705071218572288127853941347237502076381421835361982895948401329581295319323421780462277631871196086606684557776992903961885505207502225224731852764935035819113155939547842501056585501471448379801849329797529779361998166649857808468450635689992743680024911240816956688227428425529697927336766019812007707972472369791224163240464125194025935627919798247740869844608144124794252201103137709846322821368787890015823542706507995253859588224021751740920210217784125280300587750778178065465731676449603360905649834222017490104268694318994456503285061818700135765519908109376950488453341317790846116281174942341260240345587080768788006205884546832283844639640173054489246974639241105053478389867384787302514305517125049247479719918756841964312312299575065409533452607140917201747373207362292437859438795148044313304224563181191067471348783306117035292798513624458475906793116573596628197781443203391978403282892225939134717403013014395186119798702694346574254920160783441014983022023271631827019637071420712001644252100474301712590124156869420340547081
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7815c89a558e412de65325f510e5da37baf89ffd
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'duo.mica.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016a276e4b2900000403004830460221008ad4ff72850811902ce02b478c4ed7312fac691b518e8d84c4647cc0b752b40402210093ef4d764b11967c4c9e607da3c717815571271a95f14e874c9bc8c833b39fc40076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016a276e4b15000004030047304502206b4dcd91fb4dce5f3662be74000cb0fa7952e453f292930876429c9a4c431be1022100c60507b54e53283c52e7fa2531ec8c624d64a3c28c8d62269a9ec94e72ec7d500075005cdc4392fee6ab4544b15e9ad456e61037fbd5fa47dca17394b25ee6f6c70eca0000016a276e4b17000004030046304402200a95c7ae7bdb5b478d196f559b737f149138c80ccbea2ec156ce4ab3292699d7022071ea178ba06b92f61ab49b3a4602062d1262088e58e00e412d1a13f3e1e24b62
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00588f12a79a7113244d9a49bbc25301deefd7c5dd31ab805e4cdf9957a6acfc6754cf9878430b6b9d2fb0aadd14f81fe6b4f21f8cb58882240d49c0992540b8e42320000ee1cc136a065001161a20f9f7621a03742756242dad5349b454ea7d53d4f17192c3dcaf3880301605f84f9c3642da917ea24d1c62235f14947033ed5590ce853b7203b3d83357738b361a272bf85c3c9bf272faa465511ada85599310152e69956c5aa4decfe75ca289aaf3a18f8dd592021a7d556bf2a2acd3e418575f09e91caf0557ee94f6a10cd3fb0d173ecd80c1d461ed9a2a713bf0b3e8b660f109033ace69d4705b710dc9c8c928d84c5ef4e9ea86667a4c4b949de3b18f24