ochre.lib.uchicago.edu

Issued by InCommon Server CA

About this certificate


This digital certificate with serial number aa:08:fb:a9:b7:90:9a:75:de:73:5a:00:b3:55:e1:64 was issued on by Internet2 .

While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • ERROR: localityName or stateOrProvinceName is required if organizationName is set
  • ERROR: stateOrProvinceName is required if organizationName is set

University of Chicago

Organization: University of Chicago
Organization unit: IT Services
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): aa:08:fb:a9:b7:90:9a:75:de:73:5a:00:b3:55:e1:64
Serial Number (int): 226015401989484530028692235472262783332
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: eb:4e:44:c2:cd:e9:3a:c3:cf:eb:1b:45:3d:d4:f0:27:25:36:96:58
AuthorityKeyId: 48:4f:5a:fa:2f:4a:9a:5e:e0:50:f3:6b:7b:55:a5:de:f5:be:34:5d

Fingerprint (sha1): fd:33:2f:95:fa:78:3e:bc:d9:67:78:9b:35:04:cf:98:02:0e:2e:87
Fingerprint (sha256): 72:2a:7e:0b:8a:ec:2c:67:a4:b1:3d:3d:8f:84:c8:43:8b:17:a2:c0:74:87:10:65:70:da:5b:b9:ab:c4:6f:f6

Issuing Certificate URL: http://cert.incommon.org/InCommonServerCA.crt

Revocation information

OCSP Server: http://ocsp.incommon.org
CRL Distribution Point: http://crl.incommon.org/InCommonServerCA.crl

Check the revocation status for the current certificate on ochre.lib.uchicago.edu
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any other subject alternative names besides the common name of the subject: ochre.lib.uchicago.edu

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgIRAKoI+6m3kJp13nNaALNV4WQwDQYJKoZIhvcNAQEFBQAw UTELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5D b21tb24xGzAZBgNVBAMTEkluQ29tbW9uIFNlcnZlciBDQTAeFw0xMzEwMDEwMDAw MDBaFw0xNjEwMjIyMzU5NTlaMGQxCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVVbml2 ZXJzaXR5IG9mIENoaWNhZ28xFDASBgNVBAsTC0lUIFNlcnZpY2VzMR8wHQYDVQQD ExZvY2hyZS5saWIudWNoaWNhZ28uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAqJh0DsiDn4XpHpicW74UPvo86NUPs1E31tRDx1oFHDrpu/KA2Pcn w5RTAIIe8QUWbj84dKkADuiyJ3LKHiPymjEyuC5LLbNdeN0trbgAzpdK7+skhBwy RvHBNkhAmlP+M6BU8497dySHTdp+04QQG6lusXbvNIX7yomFkKHR2tCtKTPRst1Y hPSE4Jb+MHkuKcjGt6wx3iCUTzzuhd/BuuhbEkGtWODGpwXeBqEm42ti1iEZDEC7 7nBNu87ZBkW3KR1utfqD+vnDnU9MYf+2ApH2GOEHoJ7R2tionO47zBJmTeuuFkfk 0FORulya6G2wbkwBP3qLRWk5myUzDvNhZwIDAQABo4IBszCCAa8wHwYDVR0jBBgw FoAUSE9a+i9Kml7gUPNre1Wl3vW+NF0wHQYDVR0OBBYEFOtORMLN6TrDz+sbRT3U 8CclNpZYMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjBdBgNVHSAEVjBUMFIGDCsGAQQBriMBBAMBATBC MEAGCCsGAQUFBwIBFjRodHRwczovL3d3dy5pbmNvbW1vbi5vcmcvY2VydC9yZXBv c2l0b3J5L2Nwc19zc2wucGRmMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwu aW5jb21tb24ub3JnL0luQ29tbW9uU2VydmVyQ0EuY3JsMG8GCCsGAQUFBwEBBGMw YTA5BggrBgEFBQcwAoYtaHR0cDovL2NlcnQuaW5jb21tb24ub3JnL0luQ29tbW9u U2VydmVyQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5pbmNvbW1vbi5v cmcwIQYDVR0RBBowGIIWb2NocmUubGliLnVjaGljYWdvLmVkdTANBgkqhkiG9w0B AQUFAAOCAQEADFyYyecizqKYq+1vPeGRzf2nX8Zrm6XJQzRKHUjE3Iu1+RnmwKL0 jn4COWysGIGpiPjuEiJEH1w7qHtuha8r1T2S70/i8f03DQZepOGs5lstRgt+HXny eDjctA4zFxKC/J8lbA2lBHkLvThaxyKjTf9XrX/59XWA0TM81Yd8tYeXYeW0XBoK 8JyWvdSN2CrK8pvfQg6oVYb3s/Vzyg7THw5aytKHy6lCHjyvPY+xxfuWAvMVzWje 6Q3yGiXqmFM2deWaLQYAIDGInubOgOiGwf0OltDU4tdTyzfB2iohm7keGFMNtF6f SgEu/mxi56lGzYC2XZYWyb36e6nnePNLng== -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJh0DsiDn4XpHpicW74U Pvo86NUPs1E31tRDx1oFHDrpu/KA2Pcnw5RTAIIe8QUWbj84dKkADuiyJ3LKHiPy mjEyuC5LLbNdeN0trbgAzpdK7+skhBwyRvHBNkhAmlP+M6BU8497dySHTdp+04QQ G6lusXbvNIX7yomFkKHR2tCtKTPRst1YhPSE4Jb+MHkuKcjGt6wx3iCUTzzuhd/B uuhbEkGtWODGpwXeBqEm42ti1iEZDEC77nBNu87ZBkW3KR1utfqD+vnDnU9MYf+2 ApH2GOEHoJ7R2tionO47zBJmTeuuFkfk0FORulya6G2wbkwBP3qLRWk5myUzDvNh ZwIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 226015401989484530028692235472262783332 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-10-01 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-10-22 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of Chicago' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ochre.lib.uchicago.edu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21283212783371819425578045025666884184159515211906473106298392674172728443756542271864574650743934058816255639057220451290347039578643277420829060351371412371578848232094799356622013962571022343732602318609686850288753843897035809747351677083392362366585803507547628246423682038386872339881887305514734361599269730538821764522897704616158790300068173325602623044156835667561599367985791396040814931571406741784890117167571659963896975091784195725786079497870826672052009963513206018537352588744681869345602486809658814122192355762268708151448815822068196522304577497439618165407893314130520180176889294586604598550887 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 484f5afa2f4a9a5ee050f36b7b55a5def5be345d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) eb4e44c2cde93ac3cfeb1b453dd4f02725369658 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon.org/InCommonServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.incommon.org/InCommonServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.incommon.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ochre.lib.uchicago.edu' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000c5c98c9e722cea298abed6f3de191cdfda75fc66b9ba5c943344a1d48c4dc8bb5f919e6c0a2f48e7e02396cac1881a988f8ee1222441f5c3ba87b6e85af2bd53d92ef4fe2f1fd370d065ea4e1ace65b2d460b7e1d79f27838dcb40e33171282fc9f256c0da504790bbd385ac722a34dff57ad7ff9f57580d1333cd5877cb5879761e5b45c1a0af09c96bdd48dd82acaf29bdf420ea85586f7b3f573ca0ed31f0e5acad287cba9421e3caf3d8fb1c5fb9602f315cd68dee90df21a25ea98533675e59a2d06002031889ee6ce80e886c1fd0e96d0d4e2d753cb37c1da2a219bb91e18530db45e9f4a012efe6c62e7a946cd80b65d9616c9bdfa7ba9e778f34b9e