www.cumc.columbia.edu

- Columbia University -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number e2:90:d2:28:0b:45:ed:ca:47:bf:52:01:9f:77:fb:2a was issued on by Internet2.

With 29 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Columbia University

Organization: Columbia University
Organization unit: Information Technology
Address: 612 W 115 St
Postal code: 10025
State / Province: NY
Locality: New York
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): e2:90:d2:28:0b:45:ed:ca:47:bf:52:01:9f:77:fb:2a
Serial Number (int): 301157480273652143797988208987734539050
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 9b:0d:91:3d:ca:86:42:9a:c9:c9:2c:25:b1:fb:70:ff:42:16:b0:13
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): f4:63:19:b0:6a:f9:c7:eb:2d:77:e6:66:8e:9f:3d:8f:75:6c:0d:70
Fingerprint (sha256): 82:f6:fe:1a:57:26:39:bc:f5:1c:7b:e7:1d:90:00:6b:0d:d6:1d:db:c6:3d:9b:cb:ef:7f:59:f2:49:71:4e:2e

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate www.cumc.columbia.edu

29

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.cumc.columbia.edu

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.cumc.columbia.edu
columbiaobgyn.org
columbiapsychiatry.org
columbiaradiology.org
cumc.columbia.edu
dental.columbia.edu
derc.cumc.columbia.edu
dermatology.columbia.edu
pathology.columbia.edu
prod.columbiaobgyn.org
prod.columbiapsychiatry.org
prod.columbiaradiology.org
prod.dental.columbia.edu
prod.derc.cumc.columbia.edu
prod.dermatology.columbia.edu
prod.pathology.columbia.edu
prod.ps.columbia.edu
prod.rheumatologyatcolumbia.org
ps.columbia.edu
rheumatologyatcolumbia.org
www.columbiaobgyn.org
www.columbiapsychiatry.org
www.columbiaradiology.org
www.dental.columbia.edu
www.derc.cumc.columbia.edu
www.dermatology.columbia.edu
www.pathology.columbia.edu
www.ps.columbia.edu
www.rheumatologyatcolumbia.org

Other certificates including the domain name columbia.edu

(limited to 100 certificates)
coursewebs.law.columbia.edu
mcftp.mc.cumc.columbia.edu
diamond.law.columbia.edu
classics.columbia.edu
tsividis.ee.columbia.edu
frontend.sisfrontend-uat.sis-r53.cuit.columbia.edu
povertycenter.columbia.edu
invest-serv2.ooi.columbia.edu
test-web-lws.edu.help
exprodmail01.cuit.columbia.edu
ssl.procurement.columbia.edu
nursingvolunteer.givingday.columbia.edu
*.hr.columbia.edu
5697124062724096-fe2.pantheonsite.io
us.prod.campusgroups.com
unleashing.tc.columbia.edu
www.mailman.columbia.edu
secure5bb5ec4d4764e8eaa9667dce.nationbuilder.com
wikischolars.columbia.edu
incapsula.com
nano.columbia.edu
emeritus.gsb.columbia.edu
courseworks2.columbia.edu
admissions.emeritus.org
video.engineering.columbia.edu
cluster3.technolutions.net
aspirerefugees.columbia.edu
cluster.technolutions.net
cluster3.technolutions.net
globalreports.columbia.edu
wwws-db.law.columbia.edu
us.prod.campusgroups.com
5691420614590464-fe3.pantheonsite.io
califano.c2b2.columbia.edu
dev.cumc.columbia.edu
amploadvance.com
www.icap.columbia.edu
icccr.tc.columbia.edu
guestaccess.law.columbia.edu
giving.columbia.edu
www.incite.columbia.edu
ad01.gsb.columbia.edu
thelowdown.alumni.columbia.edu
mail.biology.columbia.edu
*.isso.columbia.edu
digitaltutorials.jrn.columbia.edu
pawprtprodmprt1.cuit.columbia.edu
incapsula.com
5727389891952640-fe2.pantheonsite.io
columbia.edu
pawprtprodprt02.adcu.columbia.edu
stat.columbia.edu
palestine.mei.columbia.edu
m.lawnet.law.columbia.edu
abate-shen.cumc.columbia.edu
jira.columbia.edu
incite.columbia.edu
portal.neuro.columbia.edu
idmapp.cc.columbia.edu
incapsula.com
haywire.college.columbia.edu
sustainability.ei.columbia.edu
lockers-dev.paas.cc.columbia.edu
connect.woodstockacademy.org
indianeconomy.columbia.edu
ias-drupal6-test.cc.columbia.edu
mail-in.cc.columbia.edu
beisdev1.tc.columbia.edu
www.design-engineering.princeton.edu
5753050442498048-fe1.pantheonsite.io
tls.automattic.com
chagall.tc.columbia.edu
prod.25.slot.cdn.salesforce-communities.com
5691420614590464-fe3.pantheonsite.io
act.dbmi.columbia.edu
www.cser.columbia.edu
5703702744662016-fe4.pantheonsite.io
soc.cs.columbia.edu
sni.cloudflaressl.com
amploadvance.com
sslvs03.igloosoftware.com
cluster3.technolutions.net
sustainability.ei.columbia.edu
stat.columbia.edu
library.columbia.edu
pistars1.cpmc.columbia.edu
nxterra.ucop.edu
*.journalism.columbia.edu
portal.studenthealth.cuimc.columbia.edu
cice-dev.paas.cc.columbia.edu
www.ffworkshop.columbia.edu
shoreline.ncdp.columbia.edu
dev-gfs2.api.columbia.edu
hudson.jrn.columbia.edu
enhants.ee.columbia.edu
p-ctx-dc-02.mc.cumc.columbia.edu
admissions.nursing.columbia.edu
realrisks.dbmi.columbia.edu
*.gsas.columbia.edu
cluster2.technolutions.net

Certificate

The complete raw certificate details for www.cumc.columbia.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJVDCCCDygAwIBAgIRAOKQ0igLRe3KR79SAZ93+yowDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMTcwNTI2MDAwMDAwWhcNMTgwNTI2
MjM1OTU5WjCBszELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTEwMDI1MQswCQYDVQQI
EwJOWTERMA8GA1UEBxMITmV3IFlvcmsxFTATBgNVBAkTDDYxMiBXIDExNSBTdDEc
MBoGA1UEChMTQ29sdW1iaWEgVW5pdmVyc2l0eTEfMB0GA1UECxMWSW5mb3JtYXRp
b24gVGVjaG5vbG9neTEeMBwGA1UEAxMVd3d3LmN1bWMuY29sdW1iaWEuZWR1MIIC
IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlIcX5gARaZA/lPEwQUZXrv1K
ymuSSjRjqmBvLIJd4j98KvIB/TprXnEJXB3cBCVBzZR93JNJCOh80CLHvD/wM4Ms
mVwTZ/54Bvld+0OpRSJaTsyTn6MwUumCKcYHR1/mG98U5dAailkmLudy75fPOKun
QFTipelqvMeyfv9Hn12QO7MqW/CMwBiJPDg/1Q5EW8t5FRJ75bL+H0XjVvIumn/N
QqtLjv0AzMOmd6R8xo/Eng93EkB8tCV321fRqEqNGom2eK5pNdA4kqTPxs+5WwJS
fn2uUGNxPtBxBO/EV5bUJAzSFI30GWMZNOvcbgcETHWRy2/C/zDw4f2+CP21NdjU
ePUzlDiBHtfbT3sxtf3M4tgwgVXL00UIigDjmCviNqIEDexqmh9GUASIEpvCTCAz
LYx6dTvyAxImUxGO6IbBNms5a0dOYnGufoAhTFmUUKjYp2EXLDwsO3gsPPXvZQn+
nCrDsCgS6KchHCA3rF0a3uw882+O5x/ScRYPO0Sh6iCACetwxnBJbFymU9OYlUie
v2tGWDgYLC/c/GsnfCgtbrD8Dy+AH0nmQ3vEguNC+9YfrO57J61lzhnaB1bFy8FI
b++Ld2ggwGibE607cVcSbzoCNybwPOV9wwt4hWzW4rtRMhc9HkAIwGgtkj9SGWNN
IiqSln7v0LBpMP2ufp8CAwEAAaOCBJ0wggSZMB8GA1UdIwQYMBaAFB4Fo3ePbJbi
W4dLprSGrHEADOc4MB0GA1UdDgQWBBSbDZE9yoZCmsnJLCWx+3D/QhawEzAOBgNV
HQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwZwYDVR0gBGAwXjBSBgwrBgEEAa4jAQQDAQEwQjBABggrBgEFBQcC
ARY0aHR0cHM6Ly93d3cuaW5jb21tb24ub3JnL2NlcnQvcmVwb3NpdG9yeS9jcHNf
c3NsLnBkZjAIBgZngQwBAgIwRAYDVR0fBD0wOzA5oDegNYYzaHR0cDovL2NybC5p
bmNvbW1vbi1yc2Eub3JnL0luQ29tbW9uUlNBU2VydmVyQ0EuY3JsMHUGCCsGAQUF
BwEBBGkwZzA+BggrBgEFBQcwAoYyaHR0cDovL2NydC51c2VydHJ1c3QuY29tL0lu
Q29tbW9uUlNBU2VydmVyQ0FfMi5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3Nw
LnVzZXJ0cnVzdC5jb20wggLyBgNVHREEggLpMIIC5YIVd3d3LmN1bWMuY29sdW1i
aWEuZWR1ghFjb2x1bWJpYW9iZ3luLm9yZ4IWY29sdW1iaWFwc3ljaGlhdHJ5Lm9y
Z4IVY29sdW1iaWFyYWRpb2xvZ3kub3JnghFjdW1jLmNvbHVtYmlhLmVkdYITZGVu
dGFsLmNvbHVtYmlhLmVkdYIWZGVyYy5jdW1jLmNvbHVtYmlhLmVkdYIYZGVybWF0
b2xvZ3kuY29sdW1iaWEuZWR1ghZwYXRob2xvZ3kuY29sdW1iaWEuZWR1ghZwcm9k
LmNvbHVtYmlhb2JneW4ub3Jnghtwcm9kLmNvbHVtYmlhcHN5Y2hpYXRyeS5vcmeC
GnByb2QuY29sdW1iaWFyYWRpb2xvZ3kub3Jnghhwcm9kLmRlbnRhbC5jb2x1bWJp
YS5lZHWCG3Byb2QuZGVyYy5jdW1jLmNvbHVtYmlhLmVkdYIdcHJvZC5kZXJtYXRv
bG9neS5jb2x1bWJpYS5lZHWCG3Byb2QucGF0aG9sb2d5LmNvbHVtYmlhLmVkdYIU
cHJvZC5wcy5jb2x1bWJpYS5lZHWCH3Byb2QucmhldW1hdG9sb2d5YXRjb2x1bWJp
YS5vcmeCD3BzLmNvbHVtYmlhLmVkdYIacmhldW1hdG9sb2d5YXRjb2x1bWJpYS5v
cmeCFXd3dy5jb2x1bWJpYW9iZ3luLm9yZ4Iad3d3LmNvbHVtYmlhcHN5Y2hpYXRy
eS5vcmeCGXd3dy5jb2x1bWJpYXJhZGlvbG9neS5vcmeCF3d3dy5kZW50YWwuY29s
dW1iaWEuZWR1ghp3d3cuZGVyYy5jdW1jLmNvbHVtYmlhLmVkdYIcd3d3LmRlcm1h
dG9sb2d5LmNvbHVtYmlhLmVkdYIad3d3LnBhdGhvbG9neS5jb2x1bWJpYS5lZHWC
E3d3dy5wcy5jb2x1bWJpYS5lZHWCHnd3dy5yaGV1bWF0b2xvZ3lhdGNvbHVtYmlh
Lm9yZzANBgkqhkiG9w0BAQsFAAOCAQEATxIoXbVrEmufIrzOLfIw3SpJUyGIBUpA
Cw46UuAeGOrqtYOIlVFTXIQn0NbEBSuorbx604kDBa6ru0AUdBHnPATyj9BAHue9
NJ0i6KSA2J64ChvzTGNyhK7vDCyu2mylO3l3TgigSdxJdVwa63BFjyLon8xr8jRk
1LWqTvDGdXEAaWOaj/JKRhf/O4eZJnmgQzXGEJQYpfYL9fRwg7Pc/T1DuWbt+2iv
S+i5gmIHILygCqLmZ/zzcDMhhNu9D0hzGYFfLqsSmiYtZqOp0vgkbzB2gFoOOMsN
OHYg/bffaCsqyfDWehGfu8mCDowfOqTNgC3CBV1GlIJ4skAkpHcxiw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlIcX5gARaZA/lPEwQUZX
rv1KymuSSjRjqmBvLIJd4j98KvIB/TprXnEJXB3cBCVBzZR93JNJCOh80CLHvD/w
M4MsmVwTZ/54Bvld+0OpRSJaTsyTn6MwUumCKcYHR1/mG98U5dAailkmLudy75fP
OKunQFTipelqvMeyfv9Hn12QO7MqW/CMwBiJPDg/1Q5EW8t5FRJ75bL+H0XjVvIu
mn/NQqtLjv0AzMOmd6R8xo/Eng93EkB8tCV321fRqEqNGom2eK5pNdA4kqTPxs+5
WwJSfn2uUGNxPtBxBO/EV5bUJAzSFI30GWMZNOvcbgcETHWRy2/C/zDw4f2+CP21
NdjUePUzlDiBHtfbT3sxtf3M4tgwgVXL00UIigDjmCviNqIEDexqmh9GUASIEpvC
TCAzLYx6dTvyAxImUxGO6IbBNms5a0dOYnGufoAhTFmUUKjYp2EXLDwsO3gsPPXv
ZQn+nCrDsCgS6KchHCA3rF0a3uw882+O5x/ScRYPO0Sh6iCACetwxnBJbFymU9OY
lUiev2tGWDgYLC/c/GsnfCgtbrD8Dy+AH0nmQ3vEguNC+9YfrO57J61lzhnaB1bF
y8FIb++Ld2ggwGibE607cVcSbzoCNybwPOV9wwt4hWzW4rtRMhc9HkAIwGgtkj9S
GWNNIiqSln7v0LBpMP2ufp8CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 301157480273652143797988208987734539050
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-05-26 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-26 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '10025'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NY'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '612 W 115 St'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Columbia University'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Information Technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.cumc.columbia.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 605940184556508082204659310409975333631721416289094909665774207690102999540478648184787149757858283835669045947430659930998506745044942369721524589436324194489839588882840842373778083579588266042181573558390803862237668180732178855514569926393626944637192209378922102235814802092635891920291070188378136208485859750572945216091637074060437971452259408068390535301943426293962409471609412265998222663073816211522406819093149971713175305878774833260019311675523573080809864243784415529346807467440079494374547435213314255097348194016973707881379810481446418506697615190076356965320115690996680367504569314305857979378856618115885546205456483273612044623525152467792902412506268618311164054520589582914979856116799176936827117420126384657749796199866847579361376690333673829821736766125729479722394915426906555683462265735382949390600689547964314954806230300969525808447810741913406727619290077028232543146671556413436431574037110110457214985888687832529864190024518221170621318745532842237797064377983761704929487091507087926412987241847662135631362861134242546626961626064642267755276275047349980047122602962006217516663909600866531113940972026988675961787506199623136242222678720914674777332363018779661023360547999712400846319681183
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9b0d913dca86429ac9c92c25b1fb70ff4216b013
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (745 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cumc.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'columbiaobgyn.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'columbiapsychiatry.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'columbiaradiology.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cumc.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dental.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'derc.cumc.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dermatology.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pathology.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.columbiaobgyn.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.columbiapsychiatry.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.columbiaradiology.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.dental.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.derc.cumc.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.dermatology.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.pathology.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.ps.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.rheumatologyatcolumbia.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ps.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rheumatologyatcolumbia.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.columbiaobgyn.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.columbiapsychiatry.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.columbiaradiology.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dental.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.derc.cumc.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dermatology.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pathology.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ps.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rheumatologyatcolumbia.org'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004f12285db56b126b9f22bcce2df230dd2a49532188054a400b0e3a52e01e18eaeab583889551535c8427d0d6c4052ba8adbc7ad3890305aeabbb40147411e73c04f28fd0401ee7bd349d22e8a480d89eb80a1bf34c637284aeef0c2caeda6ca53b79774e08a049dc49755c1aeb70458f22e89fcc6bf23464d4b5aa4ef0c675710069639a8ff24a4617ff3b87992679a04335c6109418a5f60bf5f47083b3dcfd3d43b966edfb68af4be8b982620720bca00aa2e667fcf370332184dbbd0f487319815f2eab129a262d66a3a9d2f8246f3076805a0e38cb0d387620fdb7df682b2ac9f0d67a119fbbc9820e8c1f3aa4cd802dc2055d46948278b24024a477318b