www.uchicagomedicine.org

- The University of Chicago -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 9d:b3:65:05:f4:ff:49:d0:a6:12:d8:06:da:ae:f7:23 was issued on by Internet2.

With 20 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

The University of Chicago

Organization: The University of Chicago
Organization unit: IT Security
Address: 5801 South Ellis Avenue
Postal code: 60637
State / Province: Illinois
Locality: Chicago
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 9d:b3:65:05:f4:ff:49:d0:a6:12:d8:06:da:ae:f7:23
Serial Number (int): 209620265471243274643491982654955255587
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 73:55:04:67:98:29:e9:e1:89:0e:7f:6a:46:8a:ed:e2:b0:96:31:b7
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 8e:6b:69:49:12:ec:87:6e:29:a3:88:c1:43:07:a2:d8:da:13:cc:a7
Fingerprint (sha256): 94:51:86:72:c9:a1:b5:ff:31:3d:46:04:e4:e8:95:d8:7e:82:b1:f2:4b:10:b9:43:92:b5:19:25:1e:b1:e9:19

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate www.uchicagomedicine.org

20

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.uchicagomedicine.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.uchicagomedicine.org
app.m.uchicagomedicine.org
birthcenter.uchospitals.edu
cancer.uchicago.edu
healthlibrary.uchicagomedicine.org
healthlibrary.uchospitals.edu
ingalls.org
m.uchicagomedicine.org
m.uchospitals.edu
pages.uchicagomedicine.org
riskonnect.uchospitals.edu
sciencelife.uchospitals.edu
trauma.uchospitals.edu
uchicagokidshospital.org
uchicagomedicine.org
uchospitals.edu
ucmleave.uchospitals.edu
www.ingalls.org
www.uchicagokidshospital.org
www.uchospitals.edu

Other certificates including the domain name uchicagomedicine.org

(limited to 100 certificates)
mail.uchospitals.edu
pages.uchicagomedicine.org
san-15-s13.tlsprovisioning.exacttarget.com
mail.uchospitals.edu
community.uchicagomedicine.org
pages.uchicagomedicine.org
community.uchicagomedicine.org
uchicagomedicine.org
www.uchicagomedicine.org
healthlibrary.uchicagomedicine.org
uat.uchicagomedicine.org
uchicagomedicine.org
www.uchicagomedicine.org
pages.uchicagomedicine.org
healthlibrary.uchicagomedicine.org
www.uchicagomedicine.org
uat.uchicagomedicine.org
www.uchicagomedicine.org
mail.uchospitals.edu
uat.uchicagomedicine.org
www.uchicagomedicine.org
www.uchicagomedicine.org
www.uchicagomedicine.org
www.uchicagomedicine.org
*.uchicagomedicine.org
www.uchicagomedicine.org

Certificate

The complete raw certificate details for www.uchicagomedicine.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIII7TCCB9WgAwIBAgIRAJ2zZQX0/0nQphLYBtqu9yMwDQYJKoZIhvcNAQELBQAw
djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix
EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT
FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMjAwMzA1MDAwMDAwWhcNMjIwMjE0
MjM1OTU5WjCBwTELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTYwNjM3MREwDwYDVQQI
EwhJbGxpbm9pczEQMA4GA1UEBxMHQ2hpY2FnbzEgMB4GA1UECRMXNTgwMSBTb3V0
aCBFbGxpcyBBdmVudWUxIjAgBgNVBAoTGVRoZSBVbml2ZXJzaXR5IG9mIENoaWNh
Z28xFDASBgNVBAsTC0lUIFNlY3VyaXR5MSEwHwYDVQQDExh3d3cudWNoaWNhZ29t
ZWRpY2luZS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXlsog
mL6HR/amxSVGClhzVnW6OCLTvrWpONSzWn1FWcuSaZq30Yr6A3VU9DXwA3gdyIhn
MTps9SwsdhN7PEBsrCM6BbxZ2Hqh06d66UmvjfO07iOJ/HH9UvEYtiwO5bBhmUb9
bqjfHCYyqJz2oTrjEIaQ5okUO2Oiztqck5S+tCmBxEVEDX+89YiNZ5LSp5HqKH5M
eT9oYEPQoN83Id4dv369X6Nr6r5lcxWtW18CdOlXI1Ft01b+mg5w0pUIXWmGStkW
C4ZL75LMOLIioyk0P9oW3cgP+s77oadQ0J0MHyRrZ0rdYzddgswiKy48S85vSE4q
dGBcBfm6pnhAqPjPAgMBAAGjggUoMIIFJDAfBgNVHSMEGDAWgBQeBaN3j2yW4luH
S6a0hqxxAAznODAdBgNVHQ4EFgQUc1UEZ5gp6eGJDn9qRort4rCWMbcwDgYDVR0P
AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMGcGA1UdIARgMF4wUgYMKwYBBAGuIwEEAwEBMEIwQAYIKwYBBQUHAgEW
NGh0dHBzOi8vd3d3LmluY29tbW9uLm9yZy9jZXJ0L3JlcG9zaXRvcnkvY3BzX3Nz
bC5wZGYwCAYGZ4EMAQICMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwuaW5j
b21tb24tcnNhLm9yZy9JbkNvbW1vblJTQVNlcnZlckNBLmNybDB1BggrBgEFBQcB
AQRpMGcwPgYIKwYBBQUHMAKGMmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9JbkNv
bW1vblJTQVNlcnZlckNBXzIuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51
c2VydHJ1c3QuY29tMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgBGpVXrdfqR
IDC1oolp9PN9ESxBdL79SbiFq/L8cP5tRwAAAXCoXKu0AAAEAwBHMEUCIGjc4TBp
IuVNGsk/7V6Py6tzyx8rLnef5Zkk5g+8YOpBAiEA8jEMoRLIqWtuP6d9aevQLTBM
ea1UIqVjVwfecZVYxakAdgDfpV6raIJPH2yt7rhfTj5a6s2iEqRqXo47EsAgRFwq
cwAAAXCoXKvDAAAEAwBHMEUCIBDCC3l6J5pEJGFeQ/jk74fea57f/m8DxfHsKMHR
8ffDAiEAm1xKFHsze7pEDFdI4cix8iWzNnBOGBwOoUsQvaEL3JAAdQBByMqx3yJG
ShDGoToJQodeTjGLGwPr60vHaPCQYpYG9gAAAXCoXKulAAAEAwBGMEQCIENWJgui
dp6p+NLj6hTak+ByolHYnqlsrLpZsP/4Df+PAiB2SQZ50iqDKnpYzRJl25YHyiOx
CuASeNwFQPq7LbslOTCCAfwGA1UdEQSCAfMwggHvghh3d3cudWNoaWNhZ29tZWRp
Y2luZS5vcmeCGmFwcC5tLnVjaGljYWdvbWVkaWNpbmUub3JnghtiaXJ0aGNlbnRl
ci51Y2hvc3BpdGFscy5lZHWCE2NhbmNlci51Y2hpY2Fnby5lZHWCImhlYWx0aGxp
YnJhcnkudWNoaWNhZ29tZWRpY2luZS5vcmeCHWhlYWx0aGxpYnJhcnkudWNob3Nw
aXRhbHMuZWR1ggtpbmdhbGxzLm9yZ4IWbS51Y2hpY2Fnb21lZGljaW5lLm9yZ4IR
bS51Y2hvc3BpdGFscy5lZHWCGnBhZ2VzLnVjaGljYWdvbWVkaWNpbmUub3Jnghpy
aXNrb25uZWN0LnVjaG9zcGl0YWxzLmVkdYIbc2NpZW5jZWxpZmUudWNob3NwaXRh
bHMuZWR1ghZ0cmF1bWEudWNob3NwaXRhbHMuZWR1ghh1Y2hpY2Fnb2tpZHNob3Nw
aXRhbC5vcmeCFHVjaGljYWdvbWVkaWNpbmUub3Jngg91Y2hvc3BpdGFscy5lZHWC
GHVjbWxlYXZlLnVjaG9zcGl0YWxzLmVkdYIPd3d3LmluZ2FsbHMub3Jnghx3d3cu
dWNoaWNhZ29raWRzaG9zcGl0YWwub3JnghN3d3cudWNob3NwaXRhbHMuZWR1MA0G
CSqGSIb3DQEBCwUAA4IBAQBvlNZgSeI7RJLHxzmnBchbjzSHsSnrKkX15kBcEGkT
0KGieiBg9SnUOk9XOxM+OBaAm0gFRey4gz08MPqxUnnCmrzn2e/cKLjy+u5+SonL
BoH6bwWFYDhSLGzKKAKjCDXOFoWzNo/PlPrJeH/lNZWLIOGAlq0BH4s7zj6lEIUQ
q4sB3s45WGCziX2MyiKZv3Hw2vcWCQCBYC0g5EPiAbekiUrx3TD7hC4Ilhn7RUVr
f6Adw+zDaWefBK4suA9pgQbAJ63wZ1PtdBirnhIV+eLKZZrxzQjYSubkQv3Ugqgq
2oA8baG/2BF6xscK6hY0w+K2h+SpkLgt5/nlCDaA1uta
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5bKIJi+h0f2psUlRgpY
c1Z1ujgi0761qTjUs1p9RVnLkmmat9GK+gN1VPQ18AN4HciIZzE6bPUsLHYTezxA
bKwjOgW8Wdh6odOneulJr43ztO4jifxx/VLxGLYsDuWwYZlG/W6o3xwmMqic9qE6
4xCGkOaJFDtjos7anJOUvrQpgcRFRA1/vPWIjWeS0qeR6ih+THk/aGBD0KDfNyHe
Hb9+vV+ja+q+ZXMVrVtfAnTpVyNRbdNW/poOcNKVCF1phkrZFguGS++SzDiyIqMp
ND/aFt3ID/rO+6GnUNCdDB8ka2dK3WM3XYLMIisuPEvOb0hOKnRgXAX5uqZ4QKj4
zwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 209620265471243274643491982654955255587
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-05 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-02-14 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '60637'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Illinois'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chicago'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '5801 South Ellis Avenue'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The University of Chicago'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT Security'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.uchicagomedicine.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19136341153181592735002556161193580146576490343323806627259689450247981718317312045887079598910402316929909508329666366417210524873620516383078498929611683749448048365878230895119098275639320156041146731865616661694335210476417768108284744172796242353886154914479496323056201339025859019944743974606443903142551096362809653091356853630281080679799871099006298473091336803519912787324991740029868794072055598264365630355628492841287445007740912302556607308849272465413628117304103206206085873673837061211603114012885767407647057381087057949350147879906325249416825044178599910058541992766454615495647828638649062848719
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							735504679829e9e1890e7f6a468aede2b09631b7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							016700760046a555eb75fa912030b5a28969f4f37d112c4174befd49b885abf2fc70fe6d4700000170a85cabb40000040300473045022068dce1306922e54d1ac93fed5e8fcbab73cb1f2b2e779fe59924e60fbc60ea41022100f2310ca112c8a96b6e3fa77d69ebd02d304c79ad5422a5635707de719558c5a9007600dfa55eab68824f1f6cadeeb85f4e3e5aeacda212a46a5e8e3b12c020445c2a7300000170a85cabc30000040300473045022010c20b797a279a4424615e43f8e4ef87de6b9edffe6f03c5f1ec28c1d1f1f7c30221009b5c4a147b337bba440c5748e1c8b1f225b336704e181c0ea14b10bda10bdc9000750041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f600000170a85caba5000004030046304402204356260ba2769ea9f8d2e3ea14da93e072a251d89ea96cacba59b0fff80dff8f022076490679d22a832a7a58cd1265db9607ca23b10ae01278dc0540fabb2dbb2539
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (499 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app.m.uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'birthcenter.uchospitals.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cancer.uchicago.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'healthlibrary.uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'healthlibrary.uchospitals.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ingalls.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.uchospitals.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pages.uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'riskonnect.uchospitals.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sciencelife.uchospitals.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'trauma.uchospitals.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uchicagokidshospital.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uchospitals.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ucmleave.uchospitals.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ingalls.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uchicagokidshospital.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uchospitals.edu'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006f94d66049e23b4492c7c739a705c85b8f3487b129eb2a45f5e6405c106913d0a1a27a2060f529d43a4f573b133e3816809b480545ecb8833d3c30fab15279c29abce7d9efdc28b8f2faee7e4a89cb0681fa6f05856038522c6cca2802a30835ce1685b3368fcf94fac9787fe535958b20e18096ad011f8b3bce3ea5108510ab8b01dece395860b3897d8cca2299bf71f0daf716090081602d20e443e201b7a4894af1dd30fb842e089619fb45456b7fa01dc3ecc369679f04ae2cb80f698106c027adf06753ed7418ab9e1215f9e2ca659af1cd08d84ae6e442fdd482a82ada803c6da1bfd8117ac6c70aea1634c3e2b687e4a990b82de7f9e5083680d6eb5a