author-stage.jefferson.edu

- Thomas Jefferson University -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 47:d9:6a:05:2a:52:8a:3a:b5:53:62:62:0d:80:17:fe was issued on by Entrust, Inc..

With 42 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Thomas Jefferson University

Organization: Thomas Jefferson University
State / Province: Pennsylvania
Locality: Philadelphia
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 47:d9:6a:05:2a:52:8a:3a:b5:53:62:62:0d:80:17:fe
Serial Number (int): 95504066463688039319204625241866246142
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: c5:7d:e8:7e:21:8f:00:2f:74:48:bf:1c:d3:21:5d:85:b8:87:0e:87
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): ae:3f:0e:af:ca:37:4d:5f:b2:62:8e:75:d1:05:0e:7e:c1:98:ba:6c
Fingerprint (sha256): 9e:4f:6c:cb:ea:56:3b:1a:de:87:c4:ed:9c:eb:90:eb:db:4b:a5:14:45:35:5f:e9:80:45:9b:12:d9:91:bc:77

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate author-stage.jefferson.edu

42

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for author-stage.jefferson.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

author-stage.jefferson.edu
*.jefferson.edu
jefferson.edu
jeffersonhealth.org
abingtonhealth.org
sidneykimmelcancercenter.org
jskcc.org
kennedyhealth.org
jeffersonbioprocessing.com
thehealthnexus.org
einstein.edu
wearejefferson.org
jefferson200.org
jeffersonhealthplans.com
jeffersonhospital.org
*.jeffersonhealth.org
*.abingtonhealth.org
*.sidneykimmelcancercenter.org
*.jskcc.org
*.kennedyhealth.org
*.jeffersonbioprocessing.com
*.thehealthnexus.org
*.einstein.edu
*.wearejefferson.org
*.jefferson200.org
*.jeffersonhealthplans.com
*.jeffersonhospital.org
*.qa.jefferson.edu
*.qa.jeffersonhealth.org
*.qa.sidneykimmelcancercenter.org
*.qa.abingtonhealth.org
*.qa.jskcc.org
*.qa.kennedyhealth.org
*.qa.jeffersonbioprocessing.com
*.qa.thehealthnexus.org
*.qa.einstein.edu
*.qa.wearejefferson.org
*.qa.jefferson200.org
*.qa.jeffersonhealthplans.com
*.qa.jeffersonhospital.org
www.sidneykimmelcancercenter.jeffersonhealth.org
www.qa.sidneykimmelcancercenter.jeffersonhealth.org

Other certificates including the domain name jefferson.edu

(limited to 100 certificates)
xvm13.jefferson.edu
jeffcal.jefferson.edu
cm.jefferson.edu
www.spanish4all.tk
*.jefferson.edu
live.collegeserve.org
pollina.jefferson.edu
author-stage.jefferson.edu
n002.offcampuspartners.com
n002.offcampuspartners.com
offcampushousing.fau.edu
*.jefferson.edu
nexus.jefferson.edu
n002.offcampuspartners.com
author-stage.jefferson.edu
offcampushousing.fau.edu
brindmarcustore.jefferson.edu
offcampushousing.fau.edu
attend.jefferson.edu
ewebapp02pa.jefferson.edu
brindmarcustore.jefferson.edu
sfunder10cert.net
sfunder10cert.net
jdc.jefferson.edu
*.jefferson.edu
n002.offcampuspartners.com
n002.offcampuspartners.com
cme.jefferson.edu
giftmap.jefferson.edu
jdc.jefferson.edu
cloud.hocusfocus.no
n002.offcampuspartners.com
www.eastfalls.jefferson.edu
*.jefferson.edu
offcampushousing.fau.edu
cme.jefferson.edu
jefferson-payments.jefferson.edu
brindmarcusstore.jefferson.edu
pvs01-a.jefferson.edu
offcampushousing.fau.edu
one.jefferson.edu
offcampushousing.fau.edu
brindmarcusstore.jefferson.edu
jefferson-payments.jefferson.edu
heathrobotics.com
leeds.jefferson.edu
offcampushousing.fau.edu
brindmarcusstore.jefferson.edu
jdc.jefferson.edu
brindmarcusstore.jefferson.edu
jefferson-payments.jefferson.edu
offcampushousing.fau.edu
qlicktest02.tju-res.jefferson.edu
jefferson-payments.jefferson.edu
*.jefferson.edu
*.jefferson.edu
creative.jefferson.edu
offcampushousing.fau.edu
leadership.jefferson.edu
brindmarcustore.jefferson.edu
n002.offcampuspartners.com
bootspruefung.de
jefferson-payments.jefferson.edu
brindmarcustore.jefferson.edu
online.jefferson.edu
connectvpn.jefferson.edu
n002.offcampuspartners.com
degreeworks.jefferson.edu
eastfalls.jefferson.edu
offcampushousing.fau.edu
n002.offcampuspartners.com
brindmarcustore.jefferson.edu
n002.offcampuspartners.com
jdc.jefferson.edu
online.jefferson.edu
n002.offcampuspartners.com
my.jefferson.edu
*.jefferson.edu
*.jefferson.edu
n002.offcampuspartners.com
banadmin02pb.jefferson.edu
jdc.jefferson.edu
sfunder10cert.net
jeffline.jefferson.edu
cme.jefferson.edu
banxeadmc07.jefferson.edu
n002.offcampuspartners.com
offcampushousing.fau.edu
apps.jeffersonhospital.org
brindmarcusstore.jefferson.edu
cm.jefferson.edu
leadership.jefferson.edu
www.enchird.com
offcampushousing.fau.edu
Directpnrprod.jefferson.edu
fairwarning.jefferson.edu
www.eastfalls.jefferson.edu
offcampushousing.fau.edu
brindmarcusstore.jefferson.edu
canvas.jefferson.edu

Certificate

The complete raw certificate details for author-stage.jefferson.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIKjzCCCXegAwIBAgIQR9lqBSpSijq1U2JiDYAX/jANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y
NDAzMTMxNDAzNTFaFw0yNTA0MDQxNDAzNDlaMIGGMQswCQYDVQQGEwJVUzEVMBMG
A1UECBMMUGVubnN5bHZhbmlhMRUwEwYDVQQHEwxQaGlsYWRlbHBoaWExJDAiBgNV
BAoTG1Rob21hcyBKZWZmZXJzb24gVW5pdmVyc2l0eTEjMCEGA1UEAxMaYXV0aG9y
LXN0YWdlLmplZmZlcnNvbi5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCugm4q3+4PF8JQf3lUaOwRkmpM+L+AFkWxPonm39N2Prn6XCVDoTQcZx98
WMvU1okug6mtgre6KFp2o1VAgE0tEJgV2zGzRJztY84mLv6w/wG9b2pkvXA//vVU
iM3gupiVkaZ7cVmdgQlVX1ovGB5r8BIcdyY7nd6Lq1Cqag0yjfmlGwOT+xmthkx5
p/v5KLWd3w2S9jMSlk/JJmdy6Xk9XDU5pOW6Lyq4giq33GsD3aVKE3JKQJBRA0nc
bqcvVdqvMnuBAJkKAnGQqde7Au3qG5ZluAzWIMs1BUAG2Hum8BTk7YSFbeXSWqVe
geh9sJNqgxPme5rGmApfLQVtgMahAgMBAAGjggbBMIIGvTAMBgNVHRMBAf8EAjAA
MB0GA1UdDgQWBBTFfeh+IY8AL3RIvxzTIV2FuIcOhzAfBgNVHSMEGDAWgBSConB0
3bxTP8971PfNf6dgxgpMvzBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0
dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVu
dHJ1c3QubmV0L2wxay1jaGFpbjI1Ni5jZXIwMwYDVR0fBCwwKjAooCagJIYiaHR0
cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNybDCCBAYGA1UdEQSCA/0wggP5
ghphdXRob3Itc3RhZ2UuamVmZmVyc29uLmVkdYIPKi5qZWZmZXJzb24uZWR1gg1q
ZWZmZXJzb24uZWR1ghNqZWZmZXJzb25oZWFsdGgub3JnghJhYmluZ3RvbmhlYWx0
aC5vcmeCHHNpZG5leWtpbW1lbGNhbmNlcmNlbnRlci5vcmeCCWpza2NjLm9yZ4IR
a2VubmVkeWhlYWx0aC5vcmeCGmplZmZlcnNvbmJpb3Byb2Nlc3NpbmcuY29tghJ0
aGVoZWFsdGhuZXh1cy5vcmeCDGVpbnN0ZWluLmVkdYISd2VhcmVqZWZmZXJzb24u
b3JnghBqZWZmZXJzb24yMDAub3JnghhqZWZmZXJzb25oZWFsdGhwbGFucy5jb22C
FWplZmZlcnNvbmhvc3BpdGFsLm9yZ4IVKi5qZWZmZXJzb25oZWFsdGgub3JnghQq
LmFiaW5ndG9uaGVhbHRoLm9yZ4IeKi5zaWRuZXlraW1tZWxjYW5jZXJjZW50ZXIu
b3JnggsqLmpza2NjLm9yZ4ITKi5rZW5uZWR5aGVhbHRoLm9yZ4IcKi5qZWZmZXJz
b25iaW9wcm9jZXNzaW5nLmNvbYIUKi50aGVoZWFsdGhuZXh1cy5vcmeCDiouZWlu
c3RlaW4uZWR1ghQqLndlYXJlamVmZmVyc29uLm9yZ4ISKi5qZWZmZXJzb24yMDAu
b3JnghoqLmplZmZlcnNvbmhlYWx0aHBsYW5zLmNvbYIXKi5qZWZmZXJzb25ob3Nw
aXRhbC5vcmeCEioucWEuamVmZmVyc29uLmVkdYIYKi5xYS5qZWZmZXJzb25oZWFs
dGgub3JngiEqLnFhLnNpZG5leWtpbW1lbGNhbmNlcmNlbnRlci5vcmeCFyoucWEu
YWJpbmd0b25oZWFsdGgub3Jngg4qLnFhLmpza2NjLm9yZ4IWKi5xYS5rZW5uZWR5
aGVhbHRoLm9yZ4IfKi5xYS5qZWZmZXJzb25iaW9wcm9jZXNzaW5nLmNvbYIXKi5x
YS50aGVoZWFsdGhuZXh1cy5vcmeCESoucWEuZWluc3RlaW4uZWR1ghcqLnFhLndl
YXJlamVmZmVyc29uLm9yZ4IVKi5xYS5qZWZmZXJzb24yMDAub3Jngh0qLnFhLmpl
ZmZlcnNvbmhlYWx0aHBsYW5zLmNvbYIaKi5xYS5qZWZmZXJzb25ob3NwaXRhbC5v
cmeCMHd3dy5zaWRuZXlraW1tZWxjYW5jZXJjZW50ZXIuamVmZmVyc29uaGVhbHRo
Lm9yZ4Izd3d3LnFhLnNpZG5leWtpbW1lbGNhbmNlcmNlbnRlci5qZWZmZXJzb25o
ZWFsdGgub3JnMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwEwYDVR0gBAwwCjAIBgZngQwBAgIwggF+BgorBgEEAdZ5AgQCBIIB
bgSCAWoBaAB2AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjjgg
aXkAAAQDAEcwRQIgTJmJzTWMMq0xlhSIRODdCoN83Fgl+h5NCDsqFU4prDYCIQC9
OWUo9A4YD5rYxQV45fXtoA33gjIbsGcy11B9ctGKCQB2AObSMWNAd4zBEEEG13G5
zsHSQPaWhIb7uocyHf0eN45QAAABjjggabkAAAQDAEcwRQIhAKTMZKi5eGqI46mX
NFipZeSrVggOC6/W/b7p57rzdZ3oAiA3XpHV7oujMRMfeKx0gBT8Q6Thw4kO6r7O
WHtjJUTbwAB2AMz7D2qFcQll/pWbU87psnwi6YVcDZeNtql+VMD+TA2wAAABjjgg
aaQAAAQDAEcwRQIhAJYe9RLqOm8pGRPLTt015Ubn3DhBIWxZ1BlUmyICWnxiAiBZ
vFC37FIQp68Qjt0GljN5FAGQ91rpr+wewvJ/qlIXhTANBgkqhkiG9w0BAQsFAAOC
AQEAZ/sSw304uNuStbsoPx0mo7/S4nl5WTHoqLi1AM21HGFK5ONWw7hR1TKV333Z
MpqIq00mozZLHm1fZUjCB6Y9gqRL+3sbZ7lJAdAM2zmmqRcv+QO2/4F0R6efznki
6pNEqoJ64kFqSb4g7COCHfgxhynRYzhDC9OqpMOlLKKQJz1PcvzKgZL/tYj75aie
0b2YQitaEGxbA+E+U5utRw3jxxRP1rCzgCaTOFpiC2Y/5nsRky0I4zcp9rFsApgi
wa1OMWcxMEpCdscDweelE1Gtc8p5xvexhIrNqi8ArEIAyUM10GpwhvkTBfRk69JC
SSjEbovTy7jrBwXJkEcZP8cQKg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroJuKt/uDxfCUH95VGjs
EZJqTPi/gBZFsT6J5t/Tdj65+lwlQ6E0HGcffFjL1NaJLoOprYK3uihadqNVQIBN
LRCYFdsxs0Sc7WPOJi7+sP8BvW9qZL1wP/71VIjN4LqYlZGme3FZnYEJVV9aLxge
a/ASHHcmO53ei6tQqmoNMo35pRsDk/sZrYZMeaf7+Si1nd8NkvYzEpZPySZncul5
PVw1OaTlui8quIIqt9xrA92lShNySkCQUQNJ3G6nL1XarzJ7gQCZCgJxkKnXuwLt
6huWZbgM1iDLNQVABth7pvAU5O2EhW3l0lqlXoHofbCTaoMT5nuaxpgKXy0FbYDG
oQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 95504066463688039319204625241866246142
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-13 14:03:51 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-04 14:03:49 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pennsylvania'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Philadelphia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thomas Jefferson University'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'author-stage.jefferson.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22029782662744288652400670241540589866364942232436553517580519863384252557125830640612015217191771141575571549776368387002609142682865297617833000893841206667633433646743799523891645939590330984487184881664968197970429840023876810992318030490476529171074850339539132446948077263313164381616901785411295682185092666157751099114709713921540401998842170495050809246839385003535977902565561097135174152148043502983789665270034955786119617969196415390875672832627069977606515416211900585379011535426671438709073421554125999930981524231393174734976024557882179281263967674443527777425531446789130680616012026519418038175393
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c57de87e218f002f7448bf1cd3215d85b8870e87
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1021 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'author-stage.jefferson.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jefferson.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jefferson.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jeffersonhealth.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'abingtonhealth.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sidneykimmelcancercenter.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jskcc.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kennedyhealth.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jeffersonbioprocessing.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thehealthnexus.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'einstein.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wearejefferson.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jefferson200.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jeffersonhealthplans.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jeffersonhospital.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jeffersonhealth.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.abingtonhealth.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sidneykimmelcancercenter.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jskcc.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kennedyhealth.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jeffersonbioprocessing.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.thehealthnexus.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.einstein.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wearejefferson.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jefferson200.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jeffersonhealthplans.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jeffersonhospital.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa.jefferson.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa.jeffersonhealth.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa.sidneykimmelcancercenter.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa.abingtonhealth.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa.jskcc.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa.kennedyhealth.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa.jeffersonbioprocessing.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa.thehealthnexus.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa.einstein.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa.wearejefferson.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa.jefferson200.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa.jeffersonhealthplans.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa.jeffersonhospital.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sidneykimmelcancercenter.jeffersonhealth.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.qa.sidneykimmelcancercenter.jeffersonhealth.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018e38206979000004030047304502204c9989cd358c32ad3196148844e0dd0a837cdc5825fa1e4d083b2a154e29ac36022100bd396528f40e180f9ad8c50578e5f5eda00df782321bb06732d7507d72d18a09007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018e382069b90000040300473045022100a4cc64a8b9786a88e3a9973458a965e4ab56080e0bafd6fdbee9e7baf3759de80220375e91d5ee8ba331131f78ac748014fc43a4e1c3890eeabece587b632544dbc0007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018e382069a40000040300473045022100961ef512ea3a6f291913cb4edd35e546e7dc3841216c59d419549b22025a7c62022059bc50b7ec5210a7af108edd06963379140190f75ae9afec1ec2f27faa521785
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0067fb12c37d38b8db92b5bb283f1d26a3bfd2e279795931e8a8b8b500cdb51c614ae4e356c3b851d53295df7dd9329a88ab4d26a3364b1e6d5f6548c207a63d82a44bfb7b1b67b94901d00cdb39a6a9172ff903b6ff817447a79fce7922ea9344aa827ae2416a49be20ec23821df8318729d16338430bd3aaa4c3a52ca290273d4f72fcca8192ffb588fbe5a89ed1bd98422b5a106c5b03e13e539bad470de3c7144fd6b0b3802693385a620b663fe67b11932d08e33729f6b16c029822c1ad4e316731304a4276c703c1e7a51351ad73ca79c6f7b1848acdaa2f00ac4200c94335d06a7086f91305f464ebd2424928c46e8bd3cbb8eb0705c99047193fc7102a