www.cumc.columbia.edu

- Columbia University -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 10:0f:dd:17:ea:4e:80:12:a8:f0:39:5c:f7:4f:1b:24 was issued on by Internet2.

With 30 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Columbia University

Organization: Columbia University
Organization unit: Information Technology
Address: 612 W 115 St
Postal code: 10025
State / Province: NY
Locality: New York
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 10:0f:dd:17:ea:4e:80:12:a8:f0:39:5c:f7:4f:1b:24
Serial Number (int): 21350016692721214547381508066285394724
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: 07:59:bf:d3:5d:f9:ee:8a:09:dc:6d:39:8b:f2:eb:b8:5e:b8:66:4a
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): 68:f9:2d:66:ce:c0:63:31:41:03:c1:49:5e:6a:12:88:46:1c:95:ad
Fingerprint (sha256): d2:c1:1f:ea:f0:d8:89:68:cd:b2:3d:c4:35:4f:f9:9a:23:fe:33:87:83:74:ad:ef:d6:7a:05:17:be:1b:ce:cd

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate www.cumc.columbia.edu

30

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.cumc.columbia.edu

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.cumc.columbia.edu
columbiaobgyn.org
columbiapsychiatry.org
columbiaradiology.org
cumc.columbia.edu
dental.columbia.edu
derc.cumc.columbia.edu
dermatology.columbia.edu
pathology.columbia.edu
prod.columbiaobgyn.org
prod.columbiapsychiatry.org
prod.columbiaradiology.org
prod.cumc.columbia.edu
prod.dental.columbia.edu
prod.derc.cumc.columbia.edu
prod.dermatology.columbia.edu
prod.pathology.columbia.edu
prod.ps.columbia.edu
prod.rheumatologyatcolumbia.org
ps.columbia.edu
rheumatologyatcolumbia.org
www.columbiaobgyn.org
www.columbiapsychiatry.org
www.columbiaradiology.org
www.dental.columbia.edu
www.derc.cumc.columbia.edu
www.dermatology.columbia.edu
www.pathology.columbia.edu
www.ps.columbia.edu
www.rheumatologyatcolumbia.org

Other certificates including the domain name columbia.edu

(limited to 100 certificates)
coursewebs.law.columbia.edu
mcftp.mc.cumc.columbia.edu
diamond.law.columbia.edu
classics.columbia.edu
tsividis.ee.columbia.edu
frontend.sisfrontend-uat.sis-r53.cuit.columbia.edu
povertycenter.columbia.edu
invest-serv2.ooi.columbia.edu
test-web-lws.edu.help
exprodmail01.cuit.columbia.edu
ssl.procurement.columbia.edu
nursingvolunteer.givingday.columbia.edu
*.hr.columbia.edu
5697124062724096-fe2.pantheonsite.io
us.prod.campusgroups.com
unleashing.tc.columbia.edu
www.mailman.columbia.edu
secure5bb5ec4d4764e8eaa9667dce.nationbuilder.com
wikischolars.columbia.edu
incapsula.com
nano.columbia.edu
emeritus.gsb.columbia.edu
courseworks2.columbia.edu
admissions.emeritus.org
video.engineering.columbia.edu
cluster3.technolutions.net
aspirerefugees.columbia.edu
cluster.technolutions.net
cluster3.technolutions.net
globalreports.columbia.edu
wwws-db.law.columbia.edu
us.prod.campusgroups.com
5691420614590464-fe3.pantheonsite.io
califano.c2b2.columbia.edu
dev.cumc.columbia.edu
amploadvance.com
www.icap.columbia.edu
icccr.tc.columbia.edu
guestaccess.law.columbia.edu
giving.columbia.edu
www.incite.columbia.edu
ad01.gsb.columbia.edu
thelowdown.alumni.columbia.edu
mail.biology.columbia.edu
*.isso.columbia.edu
digitaltutorials.jrn.columbia.edu
pawprtprodmprt1.cuit.columbia.edu
incapsula.com
5727389891952640-fe2.pantheonsite.io
columbia.edu
pawprtprodprt02.adcu.columbia.edu
stat.columbia.edu
palestine.mei.columbia.edu
m.lawnet.law.columbia.edu
abate-shen.cumc.columbia.edu
jira.columbia.edu
incite.columbia.edu
portal.neuro.columbia.edu
idmapp.cc.columbia.edu
incapsula.com
haywire.college.columbia.edu
sustainability.ei.columbia.edu
lockers-dev.paas.cc.columbia.edu
connect.woodstockacademy.org
indianeconomy.columbia.edu
ias-drupal6-test.cc.columbia.edu
mail-in.cc.columbia.edu
beisdev1.tc.columbia.edu
www.design-engineering.princeton.edu
5753050442498048-fe1.pantheonsite.io
tls.automattic.com
chagall.tc.columbia.edu
prod.25.slot.cdn.salesforce-communities.com
5691420614590464-fe3.pantheonsite.io
act.dbmi.columbia.edu
www.cser.columbia.edu
5703702744662016-fe4.pantheonsite.io
soc.cs.columbia.edu
sni.cloudflaressl.com
amploadvance.com
sslvs03.igloosoftware.com
cluster3.technolutions.net
sustainability.ei.columbia.edu
stat.columbia.edu
library.columbia.edu
pistars1.cpmc.columbia.edu
nxterra.ucop.edu
*.journalism.columbia.edu
portal.studenthealth.cuimc.columbia.edu
cice-dev.paas.cc.columbia.edu
www.ffworkshop.columbia.edu
shoreline.ncdp.columbia.edu
dev-gfs2.api.columbia.edu
hudson.jrn.columbia.edu
enhants.ee.columbia.edu
p-ctx-dc-02.mc.cumc.columbia.edu
admissions.nursing.columbia.edu
realrisks.dbmi.columbia.edu
*.gsas.columbia.edu
cluster2.technolutions.net

Certificate

The complete raw certificate details for www.cumc.columbia.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJazCCCFOgAwIBAgIQEA/dF+pOgBKo8Dlc908bJDANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0xNzA2MDYwMDAwMDBaFw0xOTA2MDYy
MzU5NTlaMIGzMQswCQYDVQQGEwJVUzEOMAwGA1UEERMFMTAwMjUxCzAJBgNVBAgT
Ak5ZMREwDwYDVQQHEwhOZXcgWW9yazEVMBMGA1UECRMMNjEyIFcgMTE1IFN0MRww
GgYDVQQKExNDb2x1bWJpYSBVbml2ZXJzaXR5MR8wHQYDVQQLExZJbmZvcm1hdGlv
biBUZWNobm9sb2d5MR4wHAYDVQQDExV3d3cuY3VtYy5jb2x1bWJpYS5lZHUwggIi
MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDDxwLq+zgpzadYB8dtqsnuEdJm
lKXPuUl0HvMIXeIbXCJw8V9EEOFx00T05Aza+tGLt7crXlADl1lA80CZJjuCWinl
1Il6nMTYGtJlHsWt9baJL3IfjuZ7pecTxIRk7m/Xyi8g6TNKntbxgzgfveXi5VCj
22cmMacmfeAuugdHLYeNAuKCJGAQjBkECcfsx001C5aJynFOxXJH1Jk9aJ7dj3V0
sDK6SyQzq/uqUILnC7ySXbu4SBQnJ8QiLnhcXuOLpsjHpCYL2HXfllAVjEC2Lo95
FWH1eyPArbWsqYIvu79x+O6ysW9ig28vFzlJjP+y6zMV7qY+wlP/zIGIpwdcDm1x
4OxvD7AukB4l+tDaHnZvmEIpciSpY4S3kEw1rGvxe1dOJUiiul17o+qjHbVRNnSU
3JQcMu0JACuc8JzyXBzALegqGtexpy46281zlykjmTmnbc6KAlU3CEQi5S/9CcR/
kjluEgq6w46YtdYF/YMH2YPTc/yH30oeNaMSy1WfKbQ3xXtZcPQ/Be1xbfaml5ws
jlTHtNVpxPZGCINqNsAy0MdGQzTUpo3+dAs8lKPtlR0kLTcbKDLRk7xYI9YzmXHr
SiaD0o73J4XFsMmtGI7BP0n80nlr3a19Hxr5va6/GDOCt7hLAtwrCPr1gjkavmOL
UakjFBaRH+oMq9vTjwIDAQABo4IEtTCCBLEwHwYDVR0jBBgwFoAUHgWjd49sluJb
h0umtIascQAM5zgwHQYDVR0OBBYEFAdZv9Nd+e6KCdxtOYvy67heuGZKMA4GA1Ud
DwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjBnBgNVHSAEYDBeMFIGDCsGAQQBriMBBAMBATBCMEAGCCsGAQUFBwIB
FjRodHRwczovL3d3dy5pbmNvbW1vbi5vcmcvY2VydC9yZXBvc2l0b3J5L2Nwc19z
c2wucGRmMAgGBmeBDAECAjBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLmlu
Y29tbW9uLXJzYS5vcmcvSW5Db21tb25SU0FTZXJ2ZXJDQS5jcmwwdQYIKwYBBQUH
AQEEaTBnMD4GCCsGAQUFBzAChjJodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vSW5D
b21tb25SU0FTZXJ2ZXJDQV8yLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3Au
dXNlcnRydXN0LmNvbTCCAwoGA1UdEQSCAwEwggL9ghV3d3cuY3VtYy5jb2x1bWJp
YS5lZHWCEWNvbHVtYmlhb2JneW4ub3JnghZjb2x1bWJpYXBzeWNoaWF0cnkub3Jn
ghVjb2x1bWJpYXJhZGlvbG9neS5vcmeCEWN1bWMuY29sdW1iaWEuZWR1ghNkZW50
YWwuY29sdW1iaWEuZWR1ghZkZXJjLmN1bWMuY29sdW1iaWEuZWR1ghhkZXJtYXRv
bG9neS5jb2x1bWJpYS5lZHWCFnBhdGhvbG9neS5jb2x1bWJpYS5lZHWCFnByb2Qu
Y29sdW1iaWFvYmd5bi5vcmeCG3Byb2QuY29sdW1iaWFwc3ljaGlhdHJ5Lm9yZ4Ia
cHJvZC5jb2x1bWJpYXJhZGlvbG9neS5vcmeCFnByb2QuY3VtYy5jb2x1bWJpYS5l
ZHWCGHByb2QuZGVudGFsLmNvbHVtYmlhLmVkdYIbcHJvZC5kZXJjLmN1bWMuY29s
dW1iaWEuZWR1gh1wcm9kLmRlcm1hdG9sb2d5LmNvbHVtYmlhLmVkdYIbcHJvZC5w
YXRob2xvZ3kuY29sdW1iaWEuZWR1ghRwcm9kLnBzLmNvbHVtYmlhLmVkdYIfcHJv
ZC5yaGV1bWF0b2xvZ3lhdGNvbHVtYmlhLm9yZ4IPcHMuY29sdW1iaWEuZWR1ghpy
aGV1bWF0b2xvZ3lhdGNvbHVtYmlhLm9yZ4IVd3d3LmNvbHVtYmlhb2JneW4ub3Jn
ghp3d3cuY29sdW1iaWFwc3ljaGlhdHJ5Lm9yZ4IZd3d3LmNvbHVtYmlhcmFkaW9s
b2d5Lm9yZ4IXd3d3LmRlbnRhbC5jb2x1bWJpYS5lZHWCGnd3dy5kZXJjLmN1bWMu
Y29sdW1iaWEuZWR1ghx3d3cuZGVybWF0b2xvZ3kuY29sdW1iaWEuZWR1ghp3d3cu
cGF0aG9sb2d5LmNvbHVtYmlhLmVkdYITd3d3LnBzLmNvbHVtYmlhLmVkdYIed3d3
LnJoZXVtYXRvbG9neWF0Y29sdW1iaWEub3JnMA0GCSqGSIb3DQEBCwUAA4IBAQAP
2BDn6v5hrlFmvApB8I6iwXQ3KoHBMsPq8v+8tgnGj0z0187E8+QINkUCHoOiDY9P
1FmhKYfARMCxBwAzJy3P787YIn+SgeYueYTsIO6OZYymN8UTdqxx6vbGho5eq7HN
1TKP3Lqo3KWbyUwsbWinYIkzDgFp0JSv6jOnKTgLjduie9oaU7RNHTml3S4HBh/f
F4/rPe8igsm13tAM4YIYdlHHWEvC43EpOsMNt26iF9DSMvY0UM+p0S81lYj+cioO
0YEXu58BpvaLZTAIB3tHBKYg2CWJ1di05xNfYXN9TDVkVOmVUTWcPR4lt410dKSH
MW9Ty8ip99A23qgCHAMR
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAw8cC6vs4Kc2nWAfHbarJ
7hHSZpSlz7lJdB7zCF3iG1wicPFfRBDhcdNE9OQM2vrRi7e3K15QA5dZQPNAmSY7
glop5dSJepzE2BrSZR7FrfW2iS9yH47me6XnE8SEZO5v18ovIOkzSp7W8YM4H73l
4uVQo9tnJjGnJn3gLroHRy2HjQLigiRgEIwZBAnH7MdNNQuWicpxTsVyR9SZPWie
3Y91dLAyukskM6v7qlCC5wu8kl27uEgUJyfEIi54XF7ji6bIx6QmC9h135ZQFYxA
ti6PeRVh9XsjwK21rKmCL7u/cfjusrFvYoNvLxc5SYz/suszFe6mPsJT/8yBiKcH
XA5tceDsbw+wLpAeJfrQ2h52b5hCKXIkqWOEt5BMNaxr8XtXTiVIorpde6Pqox21
UTZ0lNyUHDLtCQArnPCc8lwcwC3oKhrXsacuOtvNc5cpI5k5p23OigJVNwhEIuUv
/QnEf5I5bhIKusOOmLXWBf2DB9mD03P8h99KHjWjEstVnym0N8V7WXD0PwXtcW32
ppecLI5Ux7TVacT2RgiDajbAMtDHRkM01KaN/nQLPJSj7ZUdJC03Gygy0ZO8WCPW
M5lx60omg9KO9yeFxbDJrRiOwT9J/NJ5a92tfR8a+b2uvxgzgre4SwLcKwj69YI5
Gr5ji1GpIxQWkR/qDKvb048CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 21350016692721214547381508066285394724
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-06-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-06 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '10025'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NY'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '612 W 115 St'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Columbia University'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Information Technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.cumc.columbia.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 798702060722688246701488685398050958391799571620901075515748951248296180834082174154922696076635069442768093792121996395455922210382820383655368501548991685313407238244291150177085325684492942876034364363703787706752618591809057333736691520297209631948238917900352120985328563419525404984550274766435661157223640746017630259646691703286476087380372748885300910465717812961140541229051464701698609758920541978413745743958155170387443245921748135679390121507176079630846065058993670890978830151811544802899494465198795528116597712897663919772601054351625129291436055839301704015906739506605262536120736172326819719674495413434249380384840038508164454482875704526781784418885699799610505906910887156294465735851709188626869836625409884041403476287819845247887592814300959722750875906702065309218631992021768161041468813602300591858158842998550308159795198287734634980149152005859612835894703701525934949371404180710757838883380013358339659139462266143053433239396059591076747122004057491391531673494367297419578810394373980867980942295436680314639269979317061141266532442053210256918453343961025776695600336503636899288091580293600425169420378086445750210784572371406874061394762969032764227598407607227241883697651189885243582676980623
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0759bfd35df9ee8a09dc6d398bf2ebb85eb8664a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (769 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cumc.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'columbiaobgyn.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'columbiapsychiatry.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'columbiaradiology.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cumc.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dental.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'derc.cumc.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dermatology.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pathology.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.columbiaobgyn.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.columbiapsychiatry.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.columbiaradiology.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.cumc.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.dental.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.derc.cumc.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.dermatology.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.pathology.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.ps.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.rheumatologyatcolumbia.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ps.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rheumatologyatcolumbia.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.columbiaobgyn.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.columbiapsychiatry.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.columbiaradiology.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dental.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.derc.cumc.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dermatology.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pathology.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ps.columbia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rheumatologyatcolumbia.org'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000fd810e7eafe61ae5166bc0a41f08ea2c174372a81c132c3eaf2ffbcb609c68f4cf4d7cec4f3e4083645021e83a20d8f4fd459a12987c044c0b1070033272dcfefced8227f9281e62e7984ec20ee8e658ca637c51376ac71eaf6c6868e5eabb1cdd5328fdcbaa8dca59bc94c2c6d68a76089330e0169d094afea33a729380b8ddba27bda1a53b44d1d39a5dd2e07061fdf178feb3def2282c9b5ded00ce182187651c7584bc2e371293ac30db76ea217d0d232f63450cfa9d12f359588fe722a0ed18117bb9f01a6f68b653008077b4704a620d82589d5d8b4e7135f61737d4c356454e99551359c3d1e25b78d7474a487316f53cbc8a9f7d036dea8021c0311