resources.dfa.cornell.edu

Issued by InCommon Server CA

About this certificate


This digital certificate with serial number 17:53:75:81:80:4f:13:af:3e:ec:e9:52:b9:ab:3c:a5 was issued on by Internet2 .

While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cornell University

Organization: Cornell University
Organization unit: Division of Financial Affairs
Postal code: 14853
State / Province: NY
Locality: Ithaca
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
Postal code: 14853
State / Province: NY
Locality: Ithaca
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 17:53:75:81:80:4f:13:af:3e:ec:e9:52:b9:ab:3c:a5
Serial Number (int): 31005587844377726710054112367714450597
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: a2:93:86:31:0c:7b:d3:7d:1f:e0:85:25:94:5d:20:24:eb:fa:3d:54
AuthorityKeyId: 48:4f:5a:fa:2f:4a:9a:5e:e0:50:f3:6b:7b:55:a5:de:f5:be:34:5d

Fingerprint (sha1): 7c:a9:5b:81:f3:40:ba:a3:7c:ba:e3:df:80:a6:90:b9:01:59:39:fa
Fingerprint (sha256): 50:0d:bf:21:30:1a:d7:87:a8:07:4b:15:39:58:34:68:9a:87:50:a1:df:cc:c2:99:c1:35:e8:3b:72:5e:97:bb

Issuing Certificate URL: http://cert.incommon.org/InCommonServerCA.crt

Revocation information

OCSP Server: http://ocsp.incommon.org
CRL Distribution Point: http://crl.incommon.org/InCommonServerCA.crl

Check the revocation status for the current certificate on resources.dfa.cornell.edu
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any other subject alternative names besides the common name of the subject: resources.dfa.cornell.edu

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgIQF1N1gYBPE68+7OlSuas8pTANBgkqhkiG9w0BAQUFADBR MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNv bW1vbjEbMBkGA1UEAxMSSW5Db21tb24gU2VydmVyIENBMB4XDTEzMDkwNDAwMDAw MFoXDTE2MDkwMzIzNTk1OVowgaQxCzAJBgNVBAYTAlVTMQ4wDAYDVQQREwUxNDg1 MzELMAkGA1UECBMCTlkxDzANBgNVBAcTBkl0aGFjYTEbMBkGA1UEChMSQ29ybmVs bCBVbml2ZXJzaXR5MSYwJAYDVQQLEx1EaXZpc2lvbiBvZiBGaW5hbmNpYWwgQWZm YWlyczEiMCAGA1UEAxMZcmVzb3VyY2VzLmRmYS5jb3JuZWxsLmVkdTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMTa++ETBPOoX5DNFpR8nHwwHDxfDMTR ZTFLE1GWDKGJKeqAz2MqdCkivsUsjxRIR2zq625spT63WyMo3Nb7lz64/gk62yJV nl5JaujhWXzlpi0MBoEhxqx0nUpsIL922pxCqHV5+2wuIFL6V/tHT+iCzmPPKKBX lJGBjEuf2r8CHCdziycQ5H29eOiiDUSJIEFsaCunf+5P0RJZekH1zBRlYkeU76EO gCEJU35JQ2yjPaHBwJvjz34L6l8XZyzIgJKatrcHo0IaR9U4T0kVNQbFSmDtO8Lf pvu2gU7twqaz6PRtLYPdv7s58SzLSo5N5zmTridEcqMPVDXz+vW3fvcCAwEAAaOC AcAwggG8MB8GA1UdIwQYMBaAFEhPWvovSppe4FDza3tVpd71vjRdMB0GA1UdDgQW BBSik4YxDHvTfR/ghSWUXSAk6/o9VDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/ BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwZwYDVR0gBGAwXjBS BgwrBgEEAa4jAQQDAQEwQjBABggrBgEFBQcCARY0aHR0cHM6Ly93d3cuaW5jb21t b24ub3JnL2NlcnQvcmVwb3NpdG9yeS9jcHNfc3NsLnBkZjAIBgZngQwBAgIwPQYD VR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5pbmNvbW1vbi5vcmcvSW5Db21tb25T ZXJ2ZXJDQS5jcmwwbwYIKwYBBQUHAQEEYzBhMDkGCCsGAQUFBzAChi1odHRwOi8v Y2VydC5pbmNvbW1vbi5vcmcvSW5Db21tb25TZXJ2ZXJDQS5jcnQwJAYIKwYBBQUH MAGGGGh0dHA6Ly9vY3NwLmluY29tbW9uLm9yZzAkBgNVHREEHTAbghlyZXNvdXJj ZXMuZGZhLmNvcm5lbGwuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQBmk7eE8lSBjrfz YsHLNm0xhJh9+pAd8b5iFseWEnLpashFRx7CZ1ijN1/QqrZrOblltIuqYSN1CrM7 IBWI6MOFt8E2NWDDCBWT4JX6VIbK7wkStDUnR6p+2C23NzE6QXoWzXMt9hibH+/X bXbMc7HrSBnv32OmbJSZZT8IByyODSufGjvOI+x1Mbj39rbAsnRWJvaqO0cQ2gxQ KiNYm1wNQ+9wx28UawCUCg5IAkl8gyudqKgVmCMWyobBhNjmBT+u77hVOz+b08fl 1hj0JIv+2n+9VQIpLYDpI79bk+ZjV47MUiZ2LmarukTQO+1Z9KfLzu4Jf+xKqLt4 c9ZnVO/o -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNr74RME86hfkM0WlHyc fDAcPF8MxNFlMUsTUZYMoYkp6oDPYyp0KSK+xSyPFEhHbOrrbmylPrdbIyjc1vuX Prj+CTrbIlWeXklq6OFZfOWmLQwGgSHGrHSdSmwgv3banEKodXn7bC4gUvpX+0dP 6ILOY88ooFeUkYGMS5/avwIcJ3OLJxDkfb146KINRIkgQWxoK6d/7k/REll6QfXM FGViR5TvoQ6AIQlTfklDbKM9ocHAm+PPfgvqXxdnLMiAkpq2twejQhpH1ThPSRU1 BsVKYO07wt+m+7aBTu3CprPo9G0tg92/uznxLMtKjk3nOZOuJ0Ryow9UNfP69bd+ 9wIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 31005587844377726710054112367714450597 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-09-04 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-09-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '14853' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NY' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ithaca' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cornell University' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Division of Financial Affairs' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'resources.dfa.cornell.edu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24850692760627204827212021449615567793331404419334068805339771442705348018037951617727185169655185645073290436708674634875006602184727198857435814600645472375794830816352667406322332962136798557887755232616890718069806894095901708482047078136515276326239690170315971934757681364519317956921007020672256620820273529013992189709163762944544038288620007076050856651029121467341844391448205337098009000118090038567381137107102138624867284505654539805365866397268698587953792296476629051139615351423110551502331630524949187029147026855594716599398279533654290073504127507318376429529552705684461318578942166531891967524599 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 484f5afa2f4a9a5ee050f36b7b55a5def5be345d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a29386310c7bd37d1fe08525945d2024ebfa3d54 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon.org/InCommonServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.incommon.org/InCommonServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.incommon.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'resources.dfa.cornell.edu' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006693b784f254818eb7f362c1cb366d3184987dfa901df1be6216c7961272e96ac845471ec26758a3375fd0aab66b39b965b48baa6123750ab33b201588e8c385b7c1363560c3081593e095fa5486caef0912b4352747aa7ed82db737313a417a16cd732df6189b1fefd76d76cc73b1eb4819efdf63a66c9499653f08072c8e0d2b9f1a3bce23ec7531b8f7f6b6c0b2745626f6aa3b4710da0c502a23589b5c0d43ef70c76f146b00940a0e4802497c832b9da8a815982316ca86c184d8e6053faeefb8553b3f9bd3c7e5d618f4248bfeda7fbd5502292d80e923bf5b93e663578ecc5226762e66abba44d03bed59f4a7cbceee097fec4aa8bb7873d66754efe8