www.uchicagomedicine.org

- The University of Chicago -

Issued by InCommon RSA Server CA

About this certificate

This digital certificate with serial number 0d:7e:8c:85:3c:89:6e:72:39:bc:15:b2:e4:d4:63:e6 was issued on by Internet2.

With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

The University of Chicago

Organization: The University of Chicago
Organization unit: The University of Chicago Medical Center
Address: 5801 South Ellis Avenue
Postal code: 60637
State / Province: Illinois
Locality: Chicago
Country: US

Internet2

Organization: Internet2
Organization unit: InCommon
State / Province: MI
Locality: Ann Arbor
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0d:7e:8c:85:3c:89:6e:72:39:bc:15:b2:e4:d4:63:e6
Serial Number (int): 17937043442804665253930659275806630886
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 4f:bd:2b:54:5b:4f:b2:d9:99:c2:84:fd:81:86:cd:b4:79:11:94:d4
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38

Fingerprint (sha1): ce:1e:fa:68:05:a5:db:82:d1:17:a0:b1:41:e0:bd:79:50:ed:4e:3a
Fingerprint (sha256): f7:ae:75:95:a3:01:1b:82:9f:1a:32:d4:00:a7:b9:72:67:59:e3:64:b2:e0:01:e5:6b:88:70:05:b0:cc:f2:80

Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

Check the revocation status for certificate www.uchicagomedicine.org

11

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.uchicagomedicine.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.uchicagomedicine.org
app.m.uchicagomedicine.org
authoring.uchicagomedicine.org
ca1.uchicagomedicine.org
ca2.uchicagomedicine.org
cd1.uchicagomedicine.org
cd2.uchicagomedicine.org
cd3.uchicagomedicine.org
healthlibrary.uchicagomedicine.org
pages.uchicagomedicine.org
uchicagomedicine.org

Other certificates including the domain name uchicagomedicine.org

(limited to 100 certificates)
mail.uchospitals.edu
pages.uchicagomedicine.org
san-15-s13.tlsprovisioning.exacttarget.com
mail.uchospitals.edu
community.uchicagomedicine.org
pages.uchicagomedicine.org
community.uchicagomedicine.org
uchicagomedicine.org
www.uchicagomedicine.org
healthlibrary.uchicagomedicine.org
uat.uchicagomedicine.org
uchicagomedicine.org
www.uchicagomedicine.org
pages.uchicagomedicine.org
healthlibrary.uchicagomedicine.org
www.uchicagomedicine.org
uat.uchicagomedicine.org
www.uchicagomedicine.org
mail.uchospitals.edu
uat.uchicagomedicine.org
www.uchicagomedicine.org
www.uchicagomedicine.org
www.uchicagomedicine.org
www.uchicagomedicine.org
*.uchicagomedicine.org
www.uchicagomedicine.org

Certificate

The complete raw certificate details for www.uchicagomedicine.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIRzCCBy+gAwIBAgIQDX6MhTyJbnI5vBWy5NRj5jANBgkqhkiG9w0BAQsFADB2
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES
MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW
SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0yMDAxMjQwMDAwMDBaFw0yMjAxMjMy
MzU5NTlaMIHeMQswCQYDVQQGEwJVUzEOMAwGA1UEERMFNjA2MzcxETAPBgNVBAgT
CElsbGlub2lzMRAwDgYDVQQHEwdDaGljYWdvMSAwHgYDVQQJExc1ODAxIFNvdXRo
IEVsbGlzIEF2ZW51ZTEiMCAGA1UEChMZVGhlIFVuaXZlcnNpdHkgb2YgQ2hpY2Fn
bzExMC8GA1UECxMoVGhlIFVuaXZlcnNpdHkgb2YgQ2hpY2FnbyBNZWRpY2FsIENl
bnRlcjEhMB8GA1UEAxMYd3d3LnVjaGljYWdvbWVkaWNpbmUub3JnMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwlPGU341zHP1teIjmLg7d327EJ6QxSY
sMgXbI0MvRRrGeNxw7N3/rdTJIjYIF6Ces+gQQU5+zkAvPELjWmIsa+KGWS0CsZW
1Htgao/VGvXvMGVAywIOwJoJa8WNIcSdLaacf42LO/8vqLyPVd/j02ZHbMNHHHpa
fLt4QrrNA3mfpZxhCnxCgckG/mQHDoZyl7sIJ124JHOXWI/gEk98b5uxP9Fztwcu
NYgfecEQgbt8EmAXa4ig0bGWMmXaZFD+g7mluPuni/FrWV7FtuaX3ccF1sImbrNA
4yC63nLxaBhKJOHYiJI9TsdLf6sIM4omWpMJKxOppwnpIU6PTsHX6QIDAQABo4IE
ZjCCBGIwHwYDVR0jBBgwFoAUHgWjd49sluJbh0umtIascQAM5zgwHQYDVR0OBBYE
FE+9K1RbT7LZmcKE/YGGzbR5EZTUMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBnBgNVHSAEYDBeMFIG
DCsGAQQBriMBBAMBATBCMEAGCCsGAQUFBwIBFjRodHRwczovL3d3dy5pbmNvbW1v
bi5vcmcvY2VydC9yZXBvc2l0b3J5L2Nwc19zc2wucGRmMAgGBmeBDAECAjBEBgNV
HR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLmluY29tbW9uLXJzYS5vcmcvSW5Db21t
b25SU0FTZXJ2ZXJDQS5jcmwwdQYIKwYBBQUHAQEEaTBnMD4GCCsGAQUFBzAChjJo
dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vSW5Db21tb25SU0FTZXJ2ZXJDQV8yLmNy
dDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTCCATsGA1Ud
EQSCATIwggEughh3d3cudWNoaWNhZ29tZWRpY2luZS5vcmeCGmFwcC5tLnVjaGlj
YWdvbWVkaWNpbmUub3Jngh5hdXRob3JpbmcudWNoaWNhZ29tZWRpY2luZS5vcmeC
GGNhMS51Y2hpY2Fnb21lZGljaW5lLm9yZ4IYY2EyLnVjaGljYWdvbWVkaWNpbmUu
b3JnghhjZDEudWNoaWNhZ29tZWRpY2luZS5vcmeCGGNkMi51Y2hpY2Fnb21lZGlj
aW5lLm9yZ4IYY2QzLnVjaGljYWdvbWVkaWNpbmUub3JngiJoZWFsdGhsaWJyYXJ5
LnVjaGljYWdvbWVkaWNpbmUub3JnghpwYWdlcy51Y2hpY2Fnb21lZGljaW5lLm9y
Z4IUdWNoaWNhZ29tZWRpY2luZS5vcmcwggF8BgorBgEEAdZ5AgQCBIIBbASCAWgB
ZgB1AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw/m1HAAABb9gOsR4AAAQD
AEYwRAIgJwRZvsaH9o2YATYTPfN6NWuZcW9/Gm1J9qmBYjjRsi4CIFFSXrnmupbB
0RIwRnPDbOu2yoEHGa4/4UzkXizPwnz1AHUAb1N2rDHwMRnYmQCkURX/dxUcEdkC
wQApBo2yCJo32RMAAAFv2A6xCwAABAMARjBEAiBu80tr771aa3I06s0MH47vr51X
uq+kfVNQ3v1TVZnPkwIgU9lP92AWQ0e7Eu7oyyG4wmH0QYEeiPCzyiFQTIoSoMMA
dgAiRUUHWVUkVpY/oS/x922G4CMmY63AS39dxoNcbuIPAgAAAW/YDrEOAAAEAwBH
MEUCIF049ok6OthSjVROjsbgWH/BKoWzKzMFPfnKl5rWcNzxAiEA8Z0ua6TVccr8
XzBGGyUGmBT682m25jNjKtpgTR9E4A4wDQYJKoZIhvcNAQELBQADggEBAF91gtqC
+ysWXej+a7JEVbv3S2cC6uDeO9FG2fFYu5eYhA9pP5fg/r73zlo3Tzfv1Lz7b8lO
sbhmwliW099dlcUN/nUrqXOqTCaynhGbRFZ0eptj17nSSUmlTQ0Fff0a2Q87PMaw
NC3frpmSd1/rGvZGjM/fAS6v2NBYvMeW/y991rExABrs3IrASPQZuBZQ+dGUEPzi
gcApkSM/sfIqweDuHlzLdshJSUn8wgDn3LthlsoPzyMYpKGWrS6ID3J8ULB1EjgV
Ybc5dHGaILKHYj9TlG6fDvk14keOEzhgslvbu12U8kFtFa6FuN1E5D2dnTIYMN5g
34FDCGjWUB3D2Xg=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwlPGU341zHP1teIjmLg
7d327EJ6QxSYsMgXbI0MvRRrGeNxw7N3/rdTJIjYIF6Ces+gQQU5+zkAvPELjWmI
sa+KGWS0CsZW1Htgao/VGvXvMGVAywIOwJoJa8WNIcSdLaacf42LO/8vqLyPVd/j
02ZHbMNHHHpafLt4QrrNA3mfpZxhCnxCgckG/mQHDoZyl7sIJ124JHOXWI/gEk98
b5uxP9FztwcuNYgfecEQgbt8EmAXa4ig0bGWMmXaZFD+g7mluPuni/FrWV7FtuaX
3ccF1sImbrNA4yC63nLxaBhKJOHYiJI9TsdLf6sIM4omWpMJKxOppwnpIU6PTsHX
6QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 17937043442804665253930659275806630886
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-24 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-23 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '60637'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Illinois'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chicago'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '5801 South Ellis Avenue'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The University of Chicago'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The University of Chicago Medical Center'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.uchicagomedicine.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21086387358391951097215213057654029087802877809658375060090382561789600579174823701483954344921483471061311724076141518984328107877924080087271744459999273621271743418024681104575444734688103209162926563517407217591577812282478704474837094738392025529804247501537988355268729090895367857139940535722067442815736244657356915185124143970336197379692075923999728206015536668945209548080353927383533450641970175624468846277605263506054341154716428210865928030478106721119216056539231741703958924956958866543768532507693047724089065143968146753569745286488244407276917245252069088834735796434548927953161551841545171359721
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4fbd2b545b4fb2d999c284fd8186cdb4791194d4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (306 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app.m.uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'authoring.uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ca1.uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ca2.uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cd1.uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cd2.uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cd3.uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'healthlibrary.uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pages.uchicagomedicine.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uchicagomedicine.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							016600750046a555eb75fa912030b5a28969f4f37d112c4174befd49b885abf2fc70fe6d470000016fd80eb11e00000403004630440220270459bec687f68d980136133df37a356b99716f7f1a6d49f6a9816238d1b22e022051525eb9e6ba96c1d112304673c36cebb6ca810719ae3fe14ce45e2ccfc27cf50075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016fd80eb10b000004030046304402206ef34b6befbd5a6b7234eacd0c1f8eefaf9d57baafa47d5350defd535599cf93022053d94ff760164347bb12eee8cb21b8c261f441811e88f0b3ca21504c8a12a0c30076002245450759552456963fa12ff1f76d86e0232663adc04b7f5dc6835c6ee20f020000016fd80eb10e000004030047304502205d38f6893a3ad8528d544e8ec6e0587fc12a85b32b33053df9ca979ad670dcf1022100f19d2e6ba4d571cafc5f30461b25069814faf369b6e633632ada604d1f44e00e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005f7582da82fb2b165de8fe6bb24455bbf74b6702eae0de3bd146d9f158bb9798840f693f97e0febef7ce5a374f37efd4bcfb6fc94eb1b866c25896d3df5d95c50dfe752ba973aa4c26b29e119b4456747a9b63d7b9d24949a54d0d057dfd1ad90f3b3cc6b0342ddfae9992775feb1af6468ccfdf012eafd8d058bcc796ff2f7dd6b131001aecdc8ac048f419b81650f9d19410fce281c02991233fb1f22ac1e0ee1e5ccb76c8494949fcc200e7dcbb6196ca0fcf2318a4a196ad2e880f727c50b07512381561b73974719a20b287623f53946e9f0ef935e2478e133860b25bdbbb5d94f2416d15ae85b8dd44e43d9d9d321830de60df81430868d6501dc3d978