advanceiowa.com

- University of Northern Iowa -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 3c:cd:81:0c:de:42:14:76:20:56:84:a2:71:7d:29:fa was issued on by Internet2.

With 48 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of Northern Iowa

Organization: University of Northern Iowa
Organization unit: IT-Network & Infrastructure Services
Address: 1227 W 27th St
Postal code: 50614
State / Province: Iowa
Locality: Cedar Falls
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 3c:cd:81:0c:de:42:14:76:20:56:84:a2:71:7d:29:fa
Serial Number (int): 80820718053456971185542740245751867898
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: f7:b7:b2:80:cd:c0:f2:09:1f:8e:20:a0:ea:5a:f3:ad:a3:43:77:19
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 58:9e:12:35:18:ea:7c:fa:af:eb:40:cf:c4:12:dc:12:c7:11:ab:f0
Fingerprint (sha256): 73:8e:75:74:71:21:9a:0d:49:43:8b:71:42:d1:a7:e3:c0:a5:3f:00:07:5c:6d:a9:f5:21:da:b3:9c:5a:fc:47

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate advanceiowa.com

48

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for advanceiowa.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

advanceiowa.com
*.19th-amendment-centennial.org
*.advanceiowa.com
*.agricultureforpublichealth.org
*.campadventure.com
*.cedarvalleyrobotweek.com
*.community-in-motion.com
*.exploreiowageology.org
*.farmingforpublichealth.org
*.findstemiowa.org
*.getreadyforbusiness.com
*.goodneighboriowa.com
*.goodneighboriowa.org
*.intranet.iwrc.org
*.iowafamilybusiness.com
*.iowafamilybusinesscenter.com
*.iowafamilybusinessforum.com
*.iwrc.org
*.jpec.org
*.mba.uni.edu.hk
*.msei.iwrc.org
*.mwfoodsummit.com
*.neiowastem.com
*.neiowastem.net
*.northamericanreview.org
*.nwirrc.org
*.painttraining.com
*.plantiowanative.com
*.playgroundsafety.org
*.proudandtorn.com
*.proudandtorn.org
*.qualityeducationnwia.org
*.qualityeducationswia.org
*.rampsandpathways.org
*.rrttc.com
*.star4d.org
*.tallgrassprairiecenter.org
*.teachingiowahistory.com
*.tedxuni.com
*.uni-dome.com
*.uni-dome.org
*.uni-foundation.org
*.uni.edu.hk
*.unialum.org
*.unibusinessethics.com
*.unidome.org
*.unifoundation.org
*.wayup-iowa.org

Other certificates including the domain name advanceiowa.com

(limited to 100 certificates)
advanceiowa.com
advanceiowa.com
advanceiowa.com
uni.edu
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
uni.edu
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
uni.edu
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
uni.edu
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com
advanceiowa.com

Certificate

The complete raw certificate details for advanceiowa.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIILHDCCCgSgAwIBAgIQPM2BDN5CFHYgVoSicX0p+jANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0yMDAzMzEwMDAwMDBaFw0yMTEyMTIy
MzU5NTlaMIHKMQswCQYDVQQGEwJVUzEOMAwGA1UEERMFNTA2MTQxDTALBgNVBAgT
BElvd2ExFDASBgNVBAcTC0NlZGFyIEZhbGxzMRcwFQYDVQQJEw4xMjI3IFcgMjd0
aCBTdDEkMCIGA1UEChMbVW5pdmVyc2l0eSBvZiBOb3J0aGVybiBJb3dhMS0wKwYD
VQQLDCRJVC1OZXR3b3JrICYgSW5mcmFzdHJ1Y3R1cmUgU2VydmljZXMxGDAWBgNV
BAMTD2FkdmFuY2Vpb3dhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNfYOJKf2XGFGl/oh0ZZdB3ZGfoqmUCKRkoBD099vx6M8lVuPCX+hxfWuWk
PhG04bUN2wwyX49mp7M68N+AKyxAoKRAUuNzoRPfZQ4zN2QWJQxxjA+BuoEfa4+S
/0FUgLidHhvJJ+hGR+O8cvgHc62Y5u/eo4+xPqkNR6g8BuBKtyXKLY6a9I1+wgF6
4k8SpVx9MBn8gFmB/LukMN+2/HBJq6Jnz9dBypScPlNsBfUD07FaJn+Uzud+/Q8Z
0QpE48mcfWO98Bkkm3M3MBlZ5KE1eB0UKQ/Jiynjylus54Qsr6ruFWyke2f0l8yp
H9p/PXe9czvkESpKrqFsHwptX8UCAwEAAaOCB08wggdLMB8GA1UdIwQYMBaAFB4F
o3ePbJbiW4dLprSGrHEADOc4MB0GA1UdDgQWBBT3t7KAzcDyCR+OIKDqWvOto0N3
GTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwZwYDVR0gBGAwXjBSBgwrBgEEAa4jAQQDAQEwQjBABggr
BgEFBQcCARY0aHR0cHM6Ly93d3cuaW5jb21tb24ub3JnL2NlcnQvcmVwb3NpdG9y
eS9jcHNfc3NsLnBkZjAIBgZngQwBAgIwRAYDVR0fBD0wOzA5oDegNYYzaHR0cDov
L2NybC5pbmNvbW1vbi1yc2Eub3JnL0luQ29tbW9uUlNBU2VydmVyQ0EuY3JsMHUG
CCsGAQUFBwEBBGkwZzA+BggrBgEFBQcwAoYyaHR0cDovL2NydC51c2VydHJ1c3Qu
Y29tL0luQ29tbW9uUlNBU2VydmVyQ0FfMi5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6
Ly9vY3NwLnVzZXJ0cnVzdC5jb20wggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB1
AH0+8viP/4hVaCTCwMqeUol5K8UOeAl/LmqXaJl+IvDXAAABcTKCyE0AAAQDAEYw
RAIgOEsc2r3GjtWHYUcdpQ7l8B6yklEBMZAHKpjlnzGaaKACIBv3D/gfLIDPSfUZ
Fa34PskdepPbdy90yoX3qjVYwB67AHcAlCC8Ho7VjWyIcx+CiyIsDdHaTV5sT5Q9
YdtOL1hNosIAAAFxMoLIGwAABAMASDBGAiEA0I6Zk8BRfmXJv/m6IscqGFsM+FT7
vwvLTwoPGhDeznwCIQCLXDsVLKVreDBYKlAUi4Z/Odf+p9ZIMVpJ3RiEXDbIiQB2
AESUZS6w7s6vxEAH2Kj+KMDa5oK+2MsxtT/TM5a1toGoAAABcTKCyE4AAAQDAEcw
RQIgBKKmnLR3y7lWTUnmdVHYaLFcINCWs+yPQ4u2a6VnnUoCIQDZJIRIBFan6IKg
+adTX70na5u5jvu6EqsYMKfqkk2mADCCBCIGA1UdEQSCBBkwggQVgg9hZHZhbmNl
aW93YS5jb22CHyouMTl0aC1hbWVuZG1lbnQtY2VudGVubmlhbC5vcmeCESouYWR2
YW5jZWlvd2EuY29tgiAqLmFncmljdWx0dXJlZm9ycHVibGljaGVhbHRoLm9yZ4IT
Ki5jYW1wYWR2ZW50dXJlLmNvbYIaKi5jZWRhcnZhbGxleXJvYm90d2Vlay5jb22C
GSouY29tbXVuaXR5LWluLW1vdGlvbi5jb22CGCouZXhwbG9yZWlvd2FnZW9sb2d5
Lm9yZ4IcKi5mYXJtaW5nZm9ycHVibGljaGVhbHRoLm9yZ4ISKi5maW5kc3RlbWlv
d2Eub3JnghkqLmdldHJlYWR5Zm9yYnVzaW5lc3MuY29tghYqLmdvb2RuZWlnaGJv
cmlvd2EuY29tghYqLmdvb2RuZWlnaGJvcmlvd2Eub3JnghMqLmludHJhbmV0Lml3
cmMub3JnghgqLmlvd2FmYW1pbHlidXNpbmVzcy5jb22CHiouaW93YWZhbWlseWJ1
c2luZXNzY2VudGVyLmNvbYIdKi5pb3dhZmFtaWx5YnVzaW5lc3Nmb3J1bS5jb22C
CiouaXdyYy5vcmeCCiouanBlYy5vcmeCECoubWJhLnVuaS5lZHUuaGuCDyoubXNl
aS5pd3JjLm9yZ4ISKi5td2Zvb2RzdW1taXQuY29tghAqLm5laW93YXN0ZW0uY29t
ghAqLm5laW93YXN0ZW0ubmV0ghkqLm5vcnRoYW1lcmljYW5yZXZpZXcub3Jnggwq
Lm53aXJyYy5vcmeCEyoucGFpbnR0cmFpbmluZy5jb22CFSoucGxhbnRpb3dhbmF0
aXZlLmNvbYIWKi5wbGF5Z3JvdW5kc2FmZXR5Lm9yZ4ISKi5wcm91ZGFuZHRvcm4u
Y29tghIqLnByb3VkYW5kdG9ybi5vcmeCGioucXVhbGl0eWVkdWNhdGlvbm53aWEu
b3JnghoqLnF1YWxpdHllZHVjYXRpb25zd2lhLm9yZ4IWKi5yYW1wc2FuZHBhdGh3
YXlzLm9yZ4ILKi5ycnR0Yy5jb22CDCouc3RhcjRkLm9yZ4IcKi50YWxsZ3Jhc3Nw
cmFpcmllY2VudGVyLm9yZ4IZKi50ZWFjaGluZ2lvd2FoaXN0b3J5LmNvbYINKi50
ZWR4dW5pLmNvbYIOKi51bmktZG9tZS5jb22CDioudW5pLWRvbWUub3JnghQqLnVu
aS1mb3VuZGF0aW9uLm9yZ4IMKi51bmkuZWR1Lmhrgg0qLnVuaWFsdW0ub3Jnghcq
LnVuaWJ1c2luZXNzZXRoaWNzLmNvbYINKi51bmlkb21lLm9yZ4ITKi51bmlmb3Vu
ZGF0aW9uLm9yZ4IQKi53YXl1cC1pb3dhLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEA
aahc1oxfiiIbawPXuk3k79utD5aZ7+sL4vhzOxBbuwSO8RUKCs75Z3Sb3tF223H5
yy7RQ3Mx5h4Rwb5HZ9TRvlq33C4jH6Kg+o/pQPPMSi83pvQxJ5YLSPU954vhyDNr
WfNDWznPEUSDko4VlVQAJwg3mxPMh9jGPeRfOn5ExL0er1Wwjmtm9CUOGmUmDGSv
IUm+piImK9qmeHt9e3hFZryYc9ZSX/rYN1WdoPtRdqDwGwn9PrgJjg8fmgJ0tgsM
hmGfWHjYL2H5RzMtCUMMsyutoJwSX4OOCKp2E6D6O1EarkHNqBMj/a9f49QQA+iT
WyugyU4PmyhCw+J16Az9Iw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA019g4kp/ZcYUaX+iHRll
0HdkZ+iqZQIpGSgEPT32/HozyVW48Jf6HF9a5aQ+EbThtQ3bDDJfj2anszrw34Ar
LECgpEBS43OhE99lDjM3ZBYlDHGMD4G6gR9rj5L/QVSAuJ0eG8kn6EZH47xy+Adz
rZjm796jj7E+qQ1HqDwG4Eq3Jcotjpr0jX7CAXriTxKlXH0wGfyAWYH8u6Qw37b8
cEmromfP10HKlJw+U2wF9QPTsVomf5TO5379DxnRCkTjyZx9Y73wGSSbczcwGVnk
oTV4HRQpD8mLKePKW6znhCyvqu4VbKR7Z/SXzKkf2n89d71zO+QRKkquoWwfCm1f
xQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 80820718053456971185542740245751867898
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-31 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-12 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '50614'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Iowa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cedar Falls'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1227 W 27th St'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of Northern Iowa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'IT-Network & Infrastructure Services'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'advanceiowa.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26683315215915540781901500443418572094740952245701369383192660575997168522969856539924939589519922147154176488219649341356793036796446825270677457751362276898308082051374370721061435946829301066037833644251210076269062384746255736171457801509249752954450988050201563709369540542627949360990845002404864004690771636495135658448821485472998214766231337351138956650803874196261288332979680885564342675121728469502188552491810764778789241501392616657827979240966043509707583937131110188051467714180228917265758879479328243970669392145865542653165697085819374077663782221373492812175178322733466923240376889384172899884997
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f7b7b280cdc0f2091f8e20a0ea5af3ada3437719
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680075007d3ef2f88fff88556824c2c0ca9e5289792bc50e78097f2e6a9768997e22f0d7000001713282c84d00000403004630440220384b1cdabdc68ed58761471da50ee5f01eb29251013190072a98e59f319a68a002201bf70ff81f2c80cf49f51915adf83ec91d7a93db772f74ca85f7aa3558c01ebb0077009420bc1e8ed58d6c88731f828b222c0dd1da4d5e6c4f943d61db4e2f584da2c2000001713282c81b0000040300483046022100d08e9993c0517e65c9bff9ba22c72a185b0cf854fbbf0bcb4f0a0f1a10dece7c0221008b5c3b152ca56b7830582a50148b867f39d7fea7d648315a49dd18845c36c8890076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a8000001713282c84e0000040300473045022004a2a69cb477cbb9564d49e67551d868b15c20d096b3ec8f438bb66ba5679d4a022100d92484480456a7e882a0f9a7535fbd276b9bb98efbba12ab1830a7ea924da600
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1049 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advanceiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.19th-amendment-centennial.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.advanceiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.agricultureforpublichealth.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.campadventure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cedarvalleyrobotweek.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.community-in-motion.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.exploreiowageology.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.farmingforpublichealth.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.findstemiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.getreadyforbusiness.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.goodneighboriowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.goodneighboriowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.intranet.iwrc.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.iowafamilybusiness.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.iowafamilybusinesscenter.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.iowafamilybusinessforum.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.iwrc.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jpec.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mba.uni.edu.hk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msei.iwrc.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mwfoodsummit.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.neiowastem.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.neiowastem.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.northamericanreview.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.nwirrc.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.painttraining.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.plantiowanative.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.playgroundsafety.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.proudandtorn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.proudandtorn.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qualityeducationnwia.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qualityeducationswia.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rampsandpathways.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rrttc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.star4d.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tallgrassprairiecenter.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.teachingiowahistory.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tedxuni.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.uni-dome.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.uni-dome.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.uni-foundation.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.uni.edu.hk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.unialum.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.unibusinessethics.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.unidome.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.unifoundation.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wayup-iowa.org'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0069a85cd68c5f8a221b6b03d7ba4de4efdbad0f9699efeb0be2f8733b105bbb048ef1150a0acef967749bded176db71f9cb2ed1437331e61e11c1be4767d4d1be5ab7dc2e231fa2a0fa8fe940f3cc4a2f37a6f43127960b48f53de78be1c8336b59f3435b39cf114483928e159554002708379b13cc87d8c63de45f3a7e44c4bd1eaf55b08e6b66f4250e1a65260c64af2149bea622262bdaa6787b7d7b784566bc9873d6525ffad837559da0fb5176a0f01b09fd3eb8098e0f1f9a0274b60b0c86619f5878d82f61f947332d09430cb32bada09c125f838e08aa7613a0fa3b511aae41cda81323fdaf5fe3d41003e8935b2ba0c94e0f9b2842c3e275e80cfd23