*.stage.ghdx.healthdata.org

- University of Washington -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number b0:c3:06:45:bf:2c:b7:f4:1f:c8:f8:ef:f9:30:36:29 was issued on by Internet2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of Washington

Organization: University of Washington
Organization unit: UW-IT
State / Province: Washington
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): b0:c3:06:45:bf:2c:b7:f4:1f:c8:f8:ef:f9:30:36:29
Serial Number (int): 234956752365926018721197552091983263273
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 29:6f:2a:90:ae:0c:21:a7:a6:3b:63:db:2d:81:a7:c2:3e:9b:d8:09
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 3b:ff:e4:7b:d1:0a:72:cc:5b:84:1e:5c:d3:95:e1:e5:2a:9e:77:25
Fingerprint (sha256): 7d:0c:e4:bf:83:0a:36:75:60:24:b3:70:5b:28:5e:8d:6c:aa:51:3b:b7:ee:c9:da:a7:ed:74:1c:99:86:80:74

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate *.stage.ghdx.healthdata.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.stage.ghdx.healthdata.org

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.stage.ghdx.healthdata.org

Other certificates including the domain name healthdata.org

(limited to 100 certificates)
dev.healthdata.org
*.stage.ghdx.healthdata.org
ssl441041.cloudflaressl.com
login.healthdata.org
ssl441041.cloudflaressl.com
ssl441041.cloudflaressl.com
ssl441042.cloudflaressl.com
ssl441041.cloudflaressl.com
sni.cloudflaressl.com
ssl441042.cloudflaressl.com
ssl4831.cloudflare.com
sni.cloudflaressl.com
ssl441041.cloudflaressl.com
ssl441042.cloudflaressl.com
healthdata.org
healthdata.org
s3.healthdata.org
learn.healthdata.org
ssl319586.cloudflaressl.com
learn.healthdata.org
learn.healthdata.org
dl.healthdata.org
ssl441041.cloudflaressl.com
learn.healthdata.org
console.dl.healthdata.org
healthdata.org
ssl441041.cloudflaressl.com
ssl319586.cloudflaressl.com
healthdata.org
sni.cloudflaressl.com
ssl4831.cloudflare.com
ssl441041.cloudflaressl.com
ssl441042.cloudflaressl.com
dl.healthdata.org
console.dl.healthdata.org
sni.cloudflaressl.com
ssl441042.cloudflaressl.com
dev.healthdata.org
learn.healthdata.org
healthdata.org
healthdata.org
learn.healthdata.org
sni.cloudflaressl.com
ssl441042.cloudflaressl.com
learn.healthdata.org
healthdata.org
ssl441040.cloudflaressl.com
login.healthdata.org
*.stage.ghdx.healthdata.org
ssl441040.cloudflaressl.com
ssl441041.cloudflaressl.com
healthdata.org
www.healthdata.org
*.stage.ghdx.healthdata.org
console.dl.healthdata.org
learn.healthdata.org
console.dl.healthdata.org
healthdata.org
healthdata.org
console.dl.healthdata.org
dl.healthdata.org
console.dl.healthdata.org
healthdata.org
login.healthdata.org
console.dl.healthdata.org
console.dl.healthdata.org
healthdata.org
sni.cloudflaressl.com
dl.healthdata.org
ssl441042.cloudflaressl.com
healthdata.org
healthdata.org
ssl441042.cloudflaressl.com
www.healthdata.org
healthdata.org
ssl441040.cloudflaressl.com
learn.healthdata.org
ssl441040.cloudflaressl.com
console.dl.healthdata.org
ssl4831.cloudflare.com
sni.cloudflaressl.com
console.dl.healthdata.org
healthdata.org
login.healthdata.org
learn.healthdata.org
ssl441042.cloudflaressl.com
*.stage.ghdx.healthdata.org
ssl441040.cloudflaressl.com
ssl441042.cloudflaressl.com
healthdata.org
login.healthdata.org
learn.healthdata.org
ssl441041.cloudflaressl.com
ssl441041.cloudflaressl.com
ssl4831.cloudflare.com
ssl441041.cloudflaressl.com
ssl441042.cloudflaressl.com
ssl441040.cloudflaressl.com
learn.healthdata.org
sni.cloudflaressl.com

Certificate

The complete raw certificate details for *.stage.ghdx.healthdata.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIH0DCCBrigAwIBAgIRALDDBkW/LLf0H8j47/kwNikwDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMjExMTE2MDAwMDAwWhcNMjIxMTE2
MjM1OTU5WjB7MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEhMB8G
A1UEChMYVW5pdmVyc2l0eSBvZiBXYXNoaW5ndG9uMQ4wDAYDVQQLEwVVVy1JVDEk
MCIGA1UEAwwbKi5zdGFnZS5naGR4LmhlYWx0aGRhdGEub3JnMIICIjANBgkqhkiG
9w0BAQEFAAOCAg8AMIICCgKCAgEA3OaQp7uKpmovwoxMtwTJnOq1d7PT1PAINhUz
EzsEGsrWjlsLI8BJazxkgN0q1dHCR3LkSrBl0LNrKXDIBtJ3upsLopfd/hhLvPBv
R6asPaymT2b1t8jm9PGIMNpF018gzAhNQocagZ6URWjSf2hazgWu+7fdx1LRgyVL
Hb/wKqwrbGyYUZ6M2PKlU1qM0NW4BVRkCf1krabnXxYs4qJysblFxcNV5KvvUs+e
1Nmvpkn3Y58yTbPvaN0e6awH8PZsm8VAgnrFXznnriYgbdwB+73Mt89Vwn1KQrZz
+SMwdTqI7LTuCUqMkzwTMszgBW0YvFy7WBv7rh17GmgUFSkhSpWcWXNf07Rfa7s+
IPa/033BW0IoWYHsAJhJQ0gTCM5OO9NSK0tRDbQdTJSYD/WHxP5+HjeQsmHIE/FQ
YohqPLPD+Dwj+3m54Jw4ZDFg1JpUGLQn9VQINHj15NPDj5u6HG1s/CynkbBQgWdu
dSuPOwtJvEZ/Mngpo1eRnRynh5pP6rLNWzJ1vjZIwlIPQLS7o6hL2toGo8PQmJ6p
LofGPLuVW4tdgU8En3Fe+vlmaJbtx6gkLfpgIls6b9d5ovY4PUn2VHc8SupW5zzw
dWaoerKhjPwLBWbKMBLv/mS/VsjTAxojlN43HAW5rPgID1CxNnI5JJpw4Ksrh+zq
zn6+4l8CAwEAAaOCA1IwggNOMB8GA1UdIwQYMBaAFB4Fo3ePbJbiW4dLprSGrHEA
DOc4MB0GA1UdDgQWBBQpbyqQrgwhp6Y7Y9stgafCPpvYCTAOBgNVHQ8BAf8EBAMC
BaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
ZwYDVR0gBGAwXjBSBgwrBgEEAa4jAQQDAQEwQjBABggrBgEFBQcCARY0aHR0cHM6
Ly93d3cuaW5jb21tb24ub3JnL2NlcnQvcmVwb3NpdG9yeS9jcHNfc3NsLnBkZjAI
BgZngQwBAgIwRAYDVR0fBD0wOzA5oDegNYYzaHR0cDovL2NybC5pbmNvbW1vbi1y
c2Eub3JnL0luQ29tbW9uUlNBU2VydmVyQ0EuY3JsMHUGCCsGAQUFBwEBBGkwZzA+
BggrBgEFBQcwAoYyaHR0cDovL2NydC51c2VydHJ1c3QuY29tL0luQ29tbW9uUlNB
U2VydmVyQ0FfMi5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVz
dC5jb20wJgYDVR0RBB8wHYIbKi5zdGFnZS5naGR4LmhlYWx0aGRhdGEub3JnMIIB
fwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdwBGpVXrdfqRIDC1oolp9PN9ESxBdL79
SbiFq/L8cP5tRwAAAX0q/u5qAAAEAwBIMEYCIQCVMgB1i+Crw8tR71Uvv/Jjw8tL
1BfQskUyqR0Or5ygRgIhAJN9QpioKx1pbkOG8WeiGHALaC9nT5BRlFKAaj+hR6f7
AHYAQcjKsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9Kv7uJAAABAMA
RzBFAiB49GbYBQY64w9BN2JewsqQ7y6dfay3A808+mGzLHf/ygIhAMmH1q0R2bIY
MVl7R4FDRTxF0l0jMm8NxQi1ZBlBfSyBAHYAKXm+8J45OSHwVnOfY6V35b5XfZxg
Cvj5TV0mXCVdx4QAAAF9Kv7t/QAABAMARzBFAiEA9zaTnIWYpF2wT5MjLarC4gVs
bVPoavGPu1/oCeVfi9ECIC+Gkh+gNfABJE/9qGUcZRCS+P1EkLPGpw1QlpWfVifk
MA0GCSqGSIb3DQEBCwUAA4IBAQArMIlyy3yD75JWlBfn9K55+ec8bLVAaStYlwgN
/UZvtrBQs0kjRjhUHMox2+09FMWT2pKnncxkwWBoUwafQH3b7PH3xENAUWqulnDk
we74x9JxJleZvAyAOU6rvCDnLV84XXQhKQFu5RTc9nwojQjGK72mg76BNf7llJrS
itBiVTnBrHAai9ahO4+8R0PUOAV/ESiVam2shMf7dm1Vi6iE0/h5tGBznvcJeX5b
g+3tEX3bEOkFAWVC4L+iAm2Y5RNCX2ZXlg+UXBRbfgaTkn4AjfPkVn0/TxT7+TcC
NFl8Pn2fdt1oSs2fcqfVj0Jlxv8TszpceBrwSlazBY9x7tdb
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3OaQp7uKpmovwoxMtwTJ
nOq1d7PT1PAINhUzEzsEGsrWjlsLI8BJazxkgN0q1dHCR3LkSrBl0LNrKXDIBtJ3
upsLopfd/hhLvPBvR6asPaymT2b1t8jm9PGIMNpF018gzAhNQocagZ6URWjSf2ha
zgWu+7fdx1LRgyVLHb/wKqwrbGyYUZ6M2PKlU1qM0NW4BVRkCf1krabnXxYs4qJy
sblFxcNV5KvvUs+e1Nmvpkn3Y58yTbPvaN0e6awH8PZsm8VAgnrFXznnriYgbdwB
+73Mt89Vwn1KQrZz+SMwdTqI7LTuCUqMkzwTMszgBW0YvFy7WBv7rh17GmgUFSkh
SpWcWXNf07Rfa7s+IPa/033BW0IoWYHsAJhJQ0gTCM5OO9NSK0tRDbQdTJSYD/WH
xP5+HjeQsmHIE/FQYohqPLPD+Dwj+3m54Jw4ZDFg1JpUGLQn9VQINHj15NPDj5u6
HG1s/CynkbBQgWdudSuPOwtJvEZ/Mngpo1eRnRynh5pP6rLNWzJ1vjZIwlIPQLS7
o6hL2toGo8PQmJ6pLofGPLuVW4tdgU8En3Fe+vlmaJbtx6gkLfpgIls6b9d5ovY4
PUn2VHc8SupW5zzwdWaoerKhjPwLBWbKMBLv/mS/VsjTAxojlN43HAW5rPgID1Cx
NnI5JJpw4Ksrh+zqzn6+4l8CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 234956752365926018721197552091983263273
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-11-16 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-16 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of Washington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'UW-IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.stage.ghdx.healthdata.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 901196005030279909997416478550370288137196377127685845167210634140991112778381543113309744282830847796551768445742536617409542675728041252107604307198334734016595347303703881430324075710998174690163881918519586138416556488466476232175314025855674119035779707886302796784120123716302836529015282713370126995051032510508484252151482208428223630890505874309238389719528893040209813553993110376561776048031752743479930275341600639303607764989136693417706640456322596642594041580205288646254569878635783547951248439268769425970303998067214120289367810276521374483073948707476010448714934558690513728929824176815389523334809348996997911437952167330972062526086812823697712004232760190836344592094691594605485302094838898409450789433456437624826244869393879355386452830705957332225681114646292120624159463794209331597786085897624284536810178855326911651739991114660608199754476322312551491214796239354284904602252275706449246123420219487744299766986724229172068174888894807297865750529703538451014722479366324506281438326222796627996374438957356995808607447682083042816793525895858627900941869180453945463326874290455744186863904307755840275120998132675991935821946299491654444205010492836351045905420712676612643894833673738256010383909471
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							296f2a90ae0c21a7a63b63db2d81a7c23e9bd809
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (31 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stage.ghdx.healthdata.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							016900770046a555eb75fa912030b5a28969f4f37d112c4174befd49b885abf2fc70fe6d470000017d2afeee6a0000040300483046022100953200758be0abc3cb51ef552fbff263c3cb4bd417d0b24532a91d0eaf9ca046022100937d4298a82b1d696e4386f167a218700b682f674f90519452806a3fa147a7fb00760041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f60000017d2afeee240000040300473045022078f466d805063ae30f4137625ec2ca90ef2e9d7dacb703cd3cfa61b32c77ffca022100c987d6ad11d9b21831597b478143453c45d25d23326f0dc508b56419417d2c810076002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc7840000017d2afeedfd0000040300473045022100f736939c8598a45db04f93232daac2e2056c6d53e86af18fbb5fe809e55f8bd102202f86921fa035f001244ffda8651c651092f8fd4490b3c6a70d5096959f5627e4
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002b308972cb7c83ef92569417e7f4ae79f9e73c6cb540692b5897080dfd466fb6b050b349234638541cca31dbed3d14c593da92a79dcc64c1606853069f407ddbecf1f7c44340516aae9670e4c1eef8c7d271265799bc0c80394eabbc20e72d5f385d742129016ee514dcf67c288d08c62bbda683be8135fee5949ad28ad0625539c1ac701a8bd6a13b8fbc4743d438057f1128956a6dac84c7fb766d558ba884d3f879b460739ef709797e5b83eded117ddb10e905016542e0bfa2026d98e513425f6657960f945c145b7e0693927e008df3e4567d3f4f14fbf9370234597c3e7d9f76dd684acd9f72a7d58f4265c6ff13b33a5c781af04a56b3058f71eed75b