*.princetonhcs.org
- The Trustees of the University of Pennsylvania -
Issued by InCommon RSA Server CA 2
About this certificate
This digital certificate with serial number 4e:5b:28:d9:11:d3:0e:ae:0a:bf:4b:00:89:9a:34:8d was issued on by Internet2.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
The Trustees of the University of Pennsylvania
Organization:
The Trustees of the University of Pennsylvania
State / Province:
Pennsylvania
Country: US
Country: US
Internet2
Organization:
Internet2
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 4e:5b:28:d9:11:d3:0e:ae:0a:bf:4b:00:89:9a:34:8dSerial Number (int): 104153111179761916901411643608205505677
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 1d:8d:a8:da:25:80:7a:11:40:ab:93:7c:7b:cb:b7:c2:01:09:e9:3f
AuthorityKeyId: ef:4c:00:92:a6:fb:76:2e:5e:95:e2:c9:5f:87:1b:19:d5:4d:e2:d9
Fingerprint (sha1): 62:11:a8:29:aa:4a:4c:15:9a:a2:d7:3f:58:41:c9:ba:f2:29:58:6b
Fingerprint (sha256): 95:10:9d:14:36:e3:96:42:16:26:c8:b0:8d:f8:75:0c:b8:2e:e7:f0:b7:44:75:05:59:c7:15:ba:e7:a4:8d:44
Issuing Certificate URL: http://crt.sectigo.com/InCommonRSAServerCA2.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/InCommonRSAServerCA2.crl
Check the revocation status for certificate *.princetonhcs.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.princetonhcs.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.princetonhcs.org
Other certificates including the domain name princetonhcs.org
(limited to 100 certificates)
portal.princetonhcs.org
imperva.com
imperva.com
*.princetonhcs.org
webmail.princetonhcs.org
*.princetonhcs.org
secmsg.princetonhcs.org
imperva.com
incapsula.com
imperva.com
iportal.princetonhcs.org
downloads.princetonhcs.org
extranet.princetonhcs.org
imperva.com
www.princetonhcs.org
webmail.princetonhcs.org
lync-external.princetonhcs.org
*.princetonhcs.org
incapsula.com
imperva.com
lync-external.princetonhcs.org
secmsg.princetonhcs.org
*.princetonhcs.org
extranet.princetonhcs.org
secmsg2.princetonhcs.org
imperva.com
webmail.princetonhcs.org
imperva.com
imperva.com
imperva.com
*.princetonhcs.org
*.princetonhcs.org
incapsula.com
imperva.com
www.princetonhcs.org
www.princetonhcs.org
incapsula.com
portal.princetonhcs.org
imperva.com
imperva.com
*.princetonhcs.org
imperva.com
incapsula.com
imperva.com
extranet.princetonhcs.org
imperva.com
webmail.princetonhcs.org
imperva.com
imperva.com
imperva.com
imperva.com
*.princetonhcs.org
webmail.princetonhcs.org
*.princetonhcs.org
secmsg.princetonhcs.org
imperva.com
incapsula.com
imperva.com
iportal.princetonhcs.org
downloads.princetonhcs.org
extranet.princetonhcs.org
imperva.com
www.princetonhcs.org
webmail.princetonhcs.org
lync-external.princetonhcs.org
*.princetonhcs.org
incapsula.com
imperva.com
lync-external.princetonhcs.org
secmsg.princetonhcs.org
*.princetonhcs.org
extranet.princetonhcs.org
secmsg2.princetonhcs.org
imperva.com
webmail.princetonhcs.org
imperva.com
imperva.com
imperva.com
*.princetonhcs.org
*.princetonhcs.org
incapsula.com
imperva.com
www.princetonhcs.org
www.princetonhcs.org
incapsula.com
portal.princetonhcs.org
imperva.com
imperva.com
*.princetonhcs.org
imperva.com
incapsula.com
imperva.com
extranet.princetonhcs.org
imperva.com
webmail.princetonhcs.org
imperva.com
imperva.com
Certificate
The complete raw certificate details for *.princetonhcs.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG7DCCBVSgAwIBAgIQTlso2RHTDq4Kv0sAiZo0jTANBgkqhkiG9w0BAQwFADBE MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSW50ZXJuZXQyMSEwHwYDVQQDExhJbkNv bW1vbiBSU0EgU2VydmVyIENBIDIwHhcNMjQwMTA1MDAwMDAwWhcNMjUwMTA0MjM1 OTU5WjB6MQswCQYDVQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMTcwNQYD VQQKEy5UaGUgVHJ1c3RlZXMgb2YgdGhlIFVuaXZlcnNpdHkgb2YgUGVubnN5bHZh bmlhMRswGQYDVQQDDBIqLnByaW5jZXRvbmhjcy5vcmcwggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQCpS8cH5XBhjZSnNYPcuRvgyGbrjBmgqs+cgsvbDxO2 cZorV/rNv5ivY74nokiNp+hnKFThMbw1BAxvpHkEcyi05liD5AaAwQJFa6VMFWGT W9TZLySQegiIOFKCXO1o+omE4RxxdUK0x4V6g6Nt4tJrkZ4YdQrpSt3onRUSCIvW Yny1U99OAQmpmYM9YZFxe0La2LwsvO1WBiV51QOJ/25TuOA5ca5Igp5E4oiqNT2I xoSEdEoKZ2I9+0NdTmlsRV5IxlBhZgI6j4s7QYijqkaYSaUzFVYH6Wg1Y8c2TzDt ABHgCdaU3EbjNr5tFJp42WyzQBjsUpOosDBJ5YB/cZtzAgMBAAGjggMiMIIDHjAf BgNVHSMEGDAWgBTvTACSpvt2Ll6V4slfhxsZ1U3i2TAdBgNVHQ4EFgQUHY2o2iWA ehFAq5N8e8u3wgEJ6T8wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGy MQECAmcwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYG Z4EMAQICMEAGA1UdHwQ5MDcwNaAzoDGGL2h0dHA6Ly9jcmwuc2VjdGlnby5jb20v SW5Db21tb25SU0FTZXJ2ZXJDQTIuY3JsMHAGCCsGAQUFBwEBBGQwYjA7BggrBgEF BQcwAoYvaHR0cDovL2NydC5zZWN0aWdvLmNvbS9JbkNvbW1vblJTQVNlcnZlckNB Mi5jcnQwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMB0GA1Ud EQQWMBSCEioucHJpbmNldG9uaGNzLm9yZzCCAX8GCisGAQQB1nkCBAIEggFvBIIB awFpAHYAzxFW7tUufK/zh1vZaS6b6RpxZ0qwF+ysAdJbd87MOwgAAAGM2iI4awAA BAMARzBFAiBoQXq84p/9Kjhs84I6Y5GOFN0vhgfWvSDuFlSMb1fiqAIhAK6qLk6T jYkFiSLFMNuHuoGTLOwXNMy8Ee8onkB5JsB0AHYAouMK5EXvva2bfjjtR2d3U9eC W4SU1yteGyzEuVCkR+cAAAGM2iI4FQAABAMARzBFAiEA5hMTcf3h74HtUXM7v1nk 4CApc0z1gLtH9IHBXHV9PJ0CIDz5nldIV0/LHDu4CiQbzCuYXHB/PAkVWry0AzYz +QdlAHcATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGM2iI3+QAA BAMASDBGAiEAw+gO8QaV8kX41n33BSQHq/q5ptHvOHJCV2FyqHMfAOMCIQCjpcpa vrorkqaHqeQpo//OFq1zL37361z1Xn+l/xfqITANBgkqhkiG9w0BAQwFAAOCAYEA gpumRYkMUbzIDfsnFOejNC9dgawy8uD/AC5MlNzNnqP7C7MPUh+l7b/TgZ+voGUk QTfiHDuCVKOWG521qwV8demDOJAzwkJjdQoQdp15r/Z4Ar+lWz42jPGfLfrmUVdt Ltd8DaDqGEgYwspu9078LUGBAnCqYP9ut6ue26RyDnAx8JzSdfXe89zKw9Favt0S QNCS53iphmYwmIChLFRtwVti3tMTXbffsVsYq/bvxis5k6/7YUUkWHIjp4gZSY7m aV8tLQRVJ89bQxDachZe1QwXHKSE1SC907mqfvBUfkJg3nbFce9Vs1E3jtyapgH7 2+WZ/1DMwn4LJKnhrtkkhOIZFmtBfFQDBe36ZhgUSY8l+gQ0EJmbCe6wphUsISZj VPaF4ztgSmxhoXCcYDF0OQEcjTwyiHLLk35jALvXSSUqz4BzanNYQSlKom11ZtPb +Yk6QJEwAy40AafSNTkVKFyHvne2eYSJoKQYcFz0byXfjccftrycZdsxyW3EcejX -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUvHB+VwYY2UpzWD3Lkb 4Mhm64wZoKrPnILL2w8TtnGaK1f6zb+Yr2O+J6JIjafoZyhU4TG8NQQMb6R5BHMo tOZYg+QGgMECRWulTBVhk1vU2S8kkHoIiDhSglztaPqJhOEccXVCtMeFeoOjbeLS a5GeGHUK6Urd6J0VEgiL1mJ8tVPfTgEJqZmDPWGRcXtC2ti8LLztVgYledUDif9u U7jgOXGuSIKeROKIqjU9iMaEhHRKCmdiPftDXU5pbEVeSMZQYWYCOo+LO0GIo6pG mEmlMxVWB+loNWPHNk8w7QAR4AnWlNxG4za+bRSaeNlss0AY7FKTqLAwSeWAf3Gb cwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 104153111179761916901411643608205505677 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA 2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-04 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pennsylvania' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Trustees of the University of Pennsylvania' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.princetonhcs.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21371640799576111467702702952020921625366980435339939854006137282311676911091200191363703714011602252878243964723166922774642399261195237599731037628414962109094892338716902338354907360016918187878416332035883417110393789201792576740642977274394470061467801551302403621660462886876244523344166990693296196101438666387230737905852610563652312238401801686597584090896813979833268167107151554223580113294036906914064783458383653656909471798262420139658394829655675864606677806860766179864842735348636070794226095238766509661872453018374964879573137493197339400704116048517423047490321949297834806426813250730666560166771 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ef4c0092a6fb762e5e95e2c95f871b19d54de2d9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1d8da8da25807a1140ab937c7bcbb7c20109e93f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.103 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/InCommonRSAServerCA2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/InCommonRSAServerCA2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.princetonhcs.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018cda22386b0000040300473045022068417abce29ffd2a386cf3823a63918e14dd2f8607d6bd20ee16548c6f57e2a8022100aeaa2e4e938d89058922c530db87ba81932cec1734ccbc11ef289e407926c074007600a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018cda2238150000040300473045022100e6131371fde1ef81ed51733bbf59e4e02029734cf580bb47f481c15c757d3c9d02203cf99e5748574fcb1c3bb80a241bcc2b985c707f3c09155abcb4033633f907650077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018cda2237f90000040300483046022100c3e80ef10695f245f8d67df7052407abfab9a6d1ef387242576172a8731f00e3022100a3a5ca5abeba2b92a687a9e429a3ffce16ad732f7ef7eb5cf55e7fa5ff17ea21 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (3072 bits) 00829ba645890c51bcc80dfb2714e7a3342f5d81ac32f2e0ff002e4c94dccd9ea3fb0bb30f521fa5edbfd3819fafa065244137e21c3b8254a3961b9db5ab057c75e983389033c24263750a10769d79aff67802bfa55b3e368cf19f2dfae651576d2ed77c0da0ea184818c2ca6ef74efc2d41810270aa60ff6eb7ab9edba4720e7031f09cd275f5def3dccac3d15abedd1240d092e778a98666309880a12c546dc15b62ded3135db7dfb15b18abf6efc62b3993affb614524587223a78819498ee6695f2d2d045527cf5b4310da72165ed50c171ca484d520bdd3b9aa7ef0547e4260de76c571ef55b351378edc9aa601fbdbe599ff50ccc27e0b24a9e1aed92484e219166b417c540305edfa661814498f25fa043410999b09eeb0a6152c21266354f685e33b604a6c61a1709c60317439011c8d3c328872cb937e6300bbd749252acf80736a735841294aa26d7566d3dbf9893a409130032e3401a7d2353915285c87be77b6798489a0a418705cf46f25df8dc71fb6bc9c65db31c96dc471e8d7