q9rFcCy9gAQOjkmxtE51vBzvHOenNg/CNBeum4/MtW4= CT6XG3MnakPU/p9m/bklJHIckS+Tp90E0QcHQ87XlkZZQKxHxsvB5bpYAcKJwVczvTTNxWXqm3Jujczw01RZqHRPFrSSGq+h1exHrt6idk8pVLRWVSzlhX70JQ/SpFxQiR5aVWYlzNxITtUXeyXLkoZ/bOi+2HCld8xsl9ZXzfq33oadjsrop6iptTv2CAomFU+2nVtfX1a9WauNcB9st45n/RYK32pjPdKh0JVEvpjcc4BkPNcjCSl7VrzZNgG3W95Z1l9j62jHXvbI0f1nX7ezKRrc4GaN91thXmnIuXJ/W2HMunPXoblgJoxLh2dF38bHbrM5ykW28zZSJg57CQ== MIIDPjCCAiagAwIBAgIQIobBuvMfjZJJs5M30rFd5TANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDDCdBREZTIFNpZ25pbmcgLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wHhcNMjUwNzAzMTI0NTExWhcNMjcwNzAzMTI0NTExWjAyMTAwLgYDVQQDDCdBREZTIFNpZ25pbmcgLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCKvI63/RdJRulTi2Jm1QVRzkFZds8Gxx9wXpJAE0vckMF6l5CPKraoIFKjztwk0UM/078OfXGY2KGWbv5tsDP2vV0+VgPgUgrRScP0Hu3hMahwIC2QhalxrUqZM54htRsrU+6jXDJpjXXKUUZNnvvMqOzXWgSZ/ssHkhqURc/IXtEiAFsj3L3KviJ4q4pvRa5eZ2RWfoP3K0+PKFeo0w1n6Xc14ChO8oM1ZVw6GGHfs/qs/49f+7gyll6iJLl5Zy0vhaZCr5qSLZaq8U7zzZZhrFnVT67VNMMkGbs3MdOOVs+b6PtfBlVfQqrwhXLzzVr4MqX2GgmhDptiuR+4HCFAgMBAAGjUDBOMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFNYtVU0cPtvMyGCo+9vvxJsly3BYMA0GCSqGSIb3DQEBCwUAA4IBAQBbqLu7H7eUJA1cdGBTiRktlFh5KtcrjHEk6eayHgtcwpH0vS4DVGGpAqpp0KAzWqfQmcuZOe3382jczXODYqhISZuIIcG07PUvZRmiDbUqAHwC8oxwfwQzsUkfyJmd3wHDDSFrIkbih+Gg+SFl/wOdHLrSvdMl7qn7ev1If/hUHauCHFejig0I3S0bTNGarYCXKlYanKUBelWz6o8MyMk2kDbEjubgbmsCRs2Zr8mTst/cE7U97nwWPoqFKM01xcs+OFuk6Ysy07SVQ46V2OEbm9ZGOtYvsuqyI4bNGBi2VDmvtXQkHAvADElqSdsJ/MpooI10/481QnKbLI7IWlCq MIIDRDCCAiygAwIBAgIQGsKwHcVMYIdPQqb6PKFNqDANBgkqhkiG9w0BAQsFADA1MTMwMQYDVQQDDCpBREZTIEVuY3J5cHRpb24gLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wHhcNMjUwNzAzMTI0NTExWhcNMjcwNzAzMTI0NTExWjA1MTMwMQYDVQQDDCpBREZTIEVuY3J5cHRpb24gLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcSrwvUkKJ06dGNBWRy1WlrD4oQtPm0TlTkJlJdhmlTNtGZzUZFVwFIOfQrV1Ry1qFvbI58hDsOcjgIYQ+SM+KGZg3nq3hgVLBcOWkl3kmN8AMexNGAkif3scRqOS8jnenOWkFSor3d2abQE+3Sf80QhW23HIZanvMpQgDeX4tMg+Rz33JgUtXIWg805xoZmmKgAFaiql7nnjmvJ/EOJDaKkFVsgG3yjx3T0n88c7nTgS36vgUkWgfrZjbrydW//Jw5fO1sItt1yx/r8a0ZDRYcOZz42Y1nP6X0WwKPXhJa1I8VeiTyn+383rpFgglHifiOBRBIPPgLP79i54aKpHVAgMBAAGjUDBOMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFPZEyUfpQRp8vHfoqY3eTvWTskXSMA0GCSqGSIb3DQEBCwUAA4IBAQBRTqldOdDTmNDCGYG39zdmE3Viq92dId49Zblfq43ZmDRlh4B4JYSxWD3TQvQoaiKePMc/kj5D2mXqvEuw/4uWnv0XhYm156Wb+vQNUFzFApnRkMw5bTbJ3a7ZE/499duD2v/6XmgOXjLUb4o5lCssbC9wO2A8tR+0qgQlDbk6ZWoSe4UCI20vpoUNoGk5C2oWHSjv4HQjL4uxxGJfnSAkMVFkMJEs22AB7IwHGsteM3ayhKz9reCu4CIspsixt5CZgoALJWJcguXpZBYiH7vZXxfbps4+rXuDUbiw2Cud/W2hpqhcXKUYUENIRSgEgjF/uQ/n+XdWNlu0Ff5OtO8e E-Mail Address The e-mail address of the user Given Name The given name of the user Name The unique name of the user UPN The user principal name (UPN) of the user Common Name The common name of the user AD FS 1.x E-Mail Address The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0 Group A group that the user is a member of AD FS 1.x UPN The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0 Role A role that the user has Surname The surname of the user PPID The private identifier of the user Name ID The SAML name identifier of the user Authentication time stamp Used to display the time and date that the user was authenticated Authentication method The method used to authenticate the user Deny only group SID The deny-only group SID of the user Deny only primary SID The deny-only primary SID of the user Deny only primary group SID The deny-only primary group SID of the user Group SID The group SID of the user Primary group SID The primary group SID of the user Primary SID The primary SID of the user Windows account name The domain account name of the user in the form of domain user Is Registered User User is registered to use this device Device Identifier Identifier of the device Device Registration Identifier Identifier for Device Registration Device Registration DisplayName Display name of Device Registration Device OS type OS type of the device Device OS Version OS version of the device Is Managed Device Device is managed by a management service Forwarded Client IP IP address of the user Client Application Type of the Client Application Client User Agent Device type the client is using to access the application Client IP IP address of the client Endpoint Path Absolute Endpoint path which can be used to determine active versus passive clients Proxy DNS name of the federation server proxy that passed the request Application Identifier Identifier for the Relying Party Application policies Application policies of the certificate Authority Key Identifier The Authority Key Identifier extension of the certificate that signed an issued certificate Basic Constraint One of the basic constraints of the certificate Enhanced Key Usage Describes one of the enhanced key usages of the certificate Issuer The name of the certificate authority that issued the X.509 certificate Issuer Name The distinguished name of the certificate issuer Key Usage One of the key usages of the certificate Not After Date in local time after which a certificate is no longer valid Not Before The date in local time on which a certificate becomes valid Certificate Policies The policies under which the certificate has been issued Public Key Public Key of the certificate Certificate Raw Data The raw data of the certificate Subject Alternative Name One of the alternative names of the certificate Serial Number The serial number of a certificate Signature Algorithm The algorithm used to create the signature of a certificate Subject The subject from the certificate Subject Key Identifier Describes the subject key identifier of the certificate Subject Name The subject distinguished name from a certificate V2 Template Name The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific. V1 Template Name The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific. Thumbprint Thumbprint of the certificate X.509 Version The X.509 format version of a certificate Inside Corporate Network Used to indicate if a request originated inside corporate network Password Expiration Time Used to display the time when the password expires Password Expiration Days Used to display the number of days to password expiry Update Password URL Used to display the web address of update password service Authentication Methods References Used to indicate all authentication methods used to authenticate the user Client Request ID Identifier for a user session Alternate Login ID Alternate login ID of the user

https://idadg2.jpmorganchase.com/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256

https://idadg2.jpmorganchase.com/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256

https://idadg2.jpmorganchase.com/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256

https://idadg2.jpmorganchase.com/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256sha256

https://idadg2.jpmorganchase.com/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256

https://idadg2.jpmorganchase.com/adfs/ls/

http://idad.jpmorganchase.com/adfs/services/trust

https://idadg2.jpmorganchase.com/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256

https://idadg2.jpmorganchase.com/adfs/ls/

MIIDPjCCAiagAwIBAgIQTaHJ7I2WPY9DDxQXyv8pbDANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDDCdBREZTIFNpZ25pbmcgLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wHhcNMjUwNjE5MTI0NTA4WhcNMjcwNjE5MTI0NTA4WjAyMTAwLgYDVQQDDCdBREZTIFNpZ25pbmcgLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZFH7sPdjjpPXmE+3lCrRFjso5IMXWopFyZ4JUtnl4+S877xyMMXOLxX/gfXAIzR+V/NVZpdsXHY15PAexFD6ar8oTJXfDke1H4M35V8fJ7QBWl7I/svPSqgZsFBU1FsM4Gu0gJpH42cmxrfOS0sII9ExRSzfbWHUyV+j7YPXaydbLxl9d94gpazlXfE++pFaM5a6BYruf8KQKXjjK/onxwgxdFpkx9PcDTw3cjHIPPN4Ooka5h8V+Zo6COLhq+q0O6D+DYRmXbYGzwm/Uf1lBvjXviDN3koRylmjK45Af98lRD9YCmKqbWinbgMg9vp+hr72ccxyZr0JRbIuTWh6xAgMBAAGjUDBOMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFL64+BoAtH+jlTSRJ5HErT6rggb4MA0GCSqGSIb3DQEBCwUAA4IBAQBw3Ye2y8DLDJ/bp6wgTkllmq/jbHqSRqWWPdLAb1pB1SMANn5aDgrRzYuOr6qcaeWhCgBA1eZI5fkcx6tsrNjHefeZvM3Mr2ubsdXBRdbsGDK4436ZuHi5EebpVJDhQM9KdvAs03kJjuqXAt+srU4m9l5osNgDpFKTYShQ4DQ1i7Zet6etPZHpcM7mw1v/nzG3Z59/Vo7d0+Qs2Ctijo+4Tl11iBhUOXj89LsgSF3gA43VunMBINj3OohMTGeVBxBuRxrohd9dAwrNjYWTo8UGkNoDkx7BkDtk6iIacdr3XvI2Q5UYfj9A+TR0qCjwVqFHW7suCT/S4jkiQRgJx4tS MIIDPjCCAiagAwIBAgIQIobBuvMfjZJJs5M30rFd5TANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDDCdBREZTIFNpZ25pbmcgLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wHhcNMjUwNzAzMTI0NTExWhcNMjcwNzAzMTI0NTExWjAyMTAwLgYDVQQDDCdBREZTIFNpZ25pbmcgLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCKvI63/RdJRulTi2Jm1QVRzkFZds8Gxx9wXpJAE0vckMF6l5CPKraoIFKjztwk0UM/078OfXGY2KGWbv5tsDP2vV0+VgPgUgrRScP0Hu3hMahwIC2QhalxrUqZM54htRsrU+6jXDJpjXXKUUZNnvvMqOzXWgSZ/ssHkhqURc/IXtEiAFsj3L3KviJ4q4pvRa5eZ2RWfoP3K0+PKFeo0w1n6Xc14ChO8oM1ZVw6GGHfs/qs/49f+7gyll6iJLl5Zy0vhaZCr5qSLZaq8U7zzZZhrFnVT67VNMMkGbs3MdOOVs+b6PtfBlVfQqrwhXLzzVr4MqX2GgmhDptiuR+4HCFAgMBAAGjUDBOMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFNYtVU0cPtvMyGCo+9vvxJsly3BYMA0GCSqGSIb3DQEBCwUAA4IBAQBbqLu7H7eUJA1cdGBTiRktlFh5KtcrjHEk6eayHgtcwpH0vS4DVGGpAqpp0KAzWqfQmcuZOe3382jczXODYqhISZuIIcG07PUvZRmiDbUqAHwC8oxwfwQzsUkfyJmd3wHDDSFrIkbih+Gg+SFl/wOdHLrSvdMl7qn7ev1If/hUHauCHFejig0I3S0bTNGarYCXKlYanKUBelWz6o8MyMk2kDbEjubgbmsCRs2Zr8mTst/cE7U97nwWPoqFKM01xcs+OFuk6Ysy07SVQ46V2OEbm9ZGOtYvsuqyI4bNGBi2VDmvtXQkHAvADElqSdsJ/MpooI10/481QnKbLI7IWlCq E-Mail Address The e-mail address of the user Given Name The given name of the user Name The unique name of the user UPN The user principal name (UPN) of the user Common Name The common name of the user AD FS 1.x E-Mail Address The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0 Group A group that the user is a member of AD FS 1.x UPN The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0 Role A role that the user has Surname The surname of the user PPID The private identifier of the user Name ID The SAML name identifier of the user Authentication time stamp Used to display the time and date that the user was authenticated Authentication method The method used to authenticate the user Deny only group SID The deny-only group SID of the user Deny only primary SID The deny-only primary SID of the user Deny only primary group SID The deny-only primary group SID of the user Group SID The group SID of the user Primary group SID The primary group SID of the user Primary SID The primary SID of the user Windows account name The domain account name of the user in the form of domain user Is Registered User User is registered to use this device Device Identifier Identifier of the device Device Registration Identifier Identifier for Device Registration Device Registration DisplayName Display name of Device Registration Device OS type OS type of the device Device OS Version OS version of the device Is Managed Device Device is managed by a management service Forwarded Client IP IP address of the user Client Application Type of the Client Application Client User Agent Device type the client is using to access the application Client IP IP address of the client Endpoint Path Absolute Endpoint path which can be used to determine active versus passive clients Proxy DNS name of the federation server proxy that passed the request Application Identifier Identifier for the Relying Party Application policies Application policies of the certificate Authority Key Identifier The Authority Key Identifier extension of the certificate that signed an issued certificate Basic Constraint One of the basic constraints of the certificate Enhanced Key Usage Describes one of the enhanced key usages of the certificate Issuer The name of the certificate authority that issued the X.509 certificate Issuer Name The distinguished name of the certificate issuer Key Usage One of the key usages of the certificate Not After Date in local time after which a certificate is no longer valid Not Before The date in local time on which a certificate becomes valid Certificate Policies The policies under which the certificate has been issued Public Key Public Key of the certificate Certificate Raw Data The raw data of the certificate Subject Alternative Name One of the alternative names of the certificate Serial Number The serial number of a certificate Signature Algorithm The algorithm used to create the signature of a certificate Subject The subject from the certificate Subject Key Identifier Describes the subject key identifier of the certificate Subject Name The subject distinguished name from a certificate V2 Template Name The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific. V1 Template Name The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific. Thumbprint Thumbprint of the certificate X.509 Version The X.509 format version of a certificate Inside Corporate Network Used to indicate if a request originated inside corporate network Password Expiration Time Used to display the time when the password expires Password Expiration Days Used to display the number of days to password expiry Update Password URL Used to display the web address of update password service Authentication Methods References Used to indicate all authentication methods used to authenticate the user Client Request ID Identifier for a user session Alternate Login ID Alternate login ID of the user

https://idadg2.jpmorganchase.com/adfs/services/trust/2005/certificatemixed

https://idadg2.jpmorganchase.com/adfs/services/trust/mex

https://idadg2.jpmorganchase.com/adfs/ls/

MIIDRDCCAiygAwIBAgIQGsKwHcVMYIdPQqb6PKFNqDANBgkqhkiG9w0BAQsFADA1MTMwMQYDVQQDDCpBREZTIEVuY3J5cHRpb24gLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wHhcNMjUwNzAzMTI0NTExWhcNMjcwNzAzMTI0NTExWjA1MTMwMQYDVQQDDCpBREZTIEVuY3J5cHRpb24gLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcSrwvUkKJ06dGNBWRy1WlrD4oQtPm0TlTkJlJdhmlTNtGZzUZFVwFIOfQrV1Ry1qFvbI58hDsOcjgIYQ+SM+KGZg3nq3hgVLBcOWkl3kmN8AMexNGAkif3scRqOS8jnenOWkFSor3d2abQE+3Sf80QhW23HIZanvMpQgDeX4tMg+Rz33JgUtXIWg805xoZmmKgAFaiql7nnjmvJ/EOJDaKkFVsgG3yjx3T0n88c7nTgS36vgUkWgfrZjbrydW//Jw5fO1sItt1yx/r8a0ZDRYcOZz42Y1nP6X0WwKPXhJa1I8VeiTyn+383rpFgglHifiOBRBIPPgLP79i54aKpHVAgMBAAGjUDBOMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFPZEyUfpQRp8vHfoqY3eTvWTskXSMA0GCSqGSIb3DQEBCwUAA4IBAQBRTqldOdDTmNDCGYG39zdmE3Viq92dId49Zblfq43ZmDRlh4B4JYSxWD3TQvQoaiKePMc/kj5D2mXqvEuw/4uWnv0XhYm156Wb+vQNUFzFApnRkMw5bTbJ3a7ZE/499duD2v/6XmgOXjLUb4o5lCssbC9wO2A8tR+0qgQlDbk6ZWoSe4UCI20vpoUNoGk5C2oWHSjv4HQjL4uxxGJfnSAkMVFkMJEs22AB7IwHGsteM3ayhKz9reCu4CIspsixt5CZgoALJWJcguXpZBYiH7vZXxfbps4+rXuDUbiw2Cud/W2hpqhcXKUYUENIRSgEgjF/uQ/n+XdWNlu0Ff5OtO8e MIIDPjCCAiagAwIBAgIQTaHJ7I2WPY9DDxQXyv8pbDANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDDCdBREZTIFNpZ25pbmcgLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wHhcNMjUwNjE5MTI0NTA4WhcNMjcwNjE5MTI0NTA4WjAyMTAwLgYDVQQDDCdBREZTIFNpZ25pbmcgLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZFH7sPdjjpPXmE+3lCrRFjso5IMXWopFyZ4JUtnl4+S877xyMMXOLxX/gfXAIzR+V/NVZpdsXHY15PAexFD6ar8oTJXfDke1H4M35V8fJ7QBWl7I/svPSqgZsFBU1FsM4Gu0gJpH42cmxrfOS0sII9ExRSzfbWHUyV+j7YPXaydbLxl9d94gpazlXfE++pFaM5a6BYruf8KQKXjjK/onxwgxdFpkx9PcDTw3cjHIPPN4Ooka5h8V+Zo6COLhq+q0O6D+DYRmXbYGzwm/Uf1lBvjXviDN3koRylmjK45Af98lRD9YCmKqbWinbgMg9vp+hr72ccxyZr0JRbIuTWh6xAgMBAAGjUDBOMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFL64+BoAtH+jlTSRJ5HErT6rggb4MA0GCSqGSIb3DQEBCwUAA4IBAQBw3Ye2y8DLDJ/bp6wgTkllmq/jbHqSRqWWPdLAb1pB1SMANn5aDgrRzYuOr6qcaeWhCgBA1eZI5fkcx6tsrNjHefeZvM3Mr2ubsdXBRdbsGDK4436ZuHi5EebpVJDhQM9KdvAs03kJjuqXAt+srU4m9l5osNgDpFKTYShQ4DQ1i7Zet6etPZHpcM7mw1v/nzG3Z59/Vo7d0+Qs2Ctijo+4Tl11iBhUOXj89LsgSF3gA43VunMBINj3OohMTGeVBxBuRxrohd9dAwrNjYWTo8UGkNoDkx7BkDtk6iIacdr3XvI2Q5UYfj9A+TR0qCjwVqFHW7suCT/S4jkiQRgJx4tS MIIDPjCCAiagAwIBAgIQIobBuvMfjZJJs5M30rFd5TANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDDCdBREZTIFNpZ25pbmcgLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wHhcNMjUwNzAzMTI0NTExWhcNMjcwNzAzMTI0NTExWjAyMTAwLgYDVQQDDCdBREZTIFNpZ25pbmcgLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCKvI63/RdJRulTi2Jm1QVRzkFZds8Gxx9wXpJAE0vckMF6l5CPKraoIFKjztwk0UM/078OfXGY2KGWbv5tsDP2vV0+VgPgUgrRScP0Hu3hMahwIC2QhalxrUqZM54htRsrU+6jXDJpjXXKUUZNnvvMqOzXWgSZ/ssHkhqURc/IXtEiAFsj3L3KviJ4q4pvRa5eZ2RWfoP3K0+PKFeo0w1n6Xc14ChO8oM1ZVw6GGHfs/qs/49f+7gyll6iJLl5Zy0vhaZCr5qSLZaq8U7zzZZhrFnVT67VNMMkGbs3MdOOVs+b6PtfBlVfQqrwhXLzzVr4MqX2GgmhDptiuR+4HCFAgMBAAGjUDBOMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFNYtVU0cPtvMyGCo+9vvxJsly3BYMA0GCSqGSIb3DQEBCwUAA4IBAQBbqLu7H7eUJA1cdGBTiRktlFh5KtcrjHEk6eayHgtcwpH0vS4DVGGpAqpp0KAzWqfQmcuZOe3382jczXODYqhISZuIIcG07PUvZRmiDbUqAHwC8oxwfwQzsUkfyJmd3wHDDSFrIkbih+Gg+SFl/wOdHLrSvdMl7qn7ev1If/hUHauCHFejig0I3S0bTNGarYCXKlYanKUBelWz6o8MyMk2kDbEjubgbmsCRs2Zr8mTst/cE7U97nwWPoqFKM01xcs+OFuk6Ysy07SVQ46V2OEbm9ZGOtYvsuqyI4bNGBi2VDmvtXQkHAvADElqSdsJ/MpooI10/481QnKbLI7IWlCq urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress urn:oasis:names:tc:SAML:2.0:nameid-format:persistent urn:oasis:names:tc:SAML:2.0:nameid-format:transient MIIDRDCCAiygAwIBAgIQGsKwHcVMYIdPQqb6PKFNqDANBgkqhkiG9w0BAQsFADA1MTMwMQYDVQQDDCpBREZTIEVuY3J5cHRpb24gLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wHhcNMjUwNzAzMTI0NTExWhcNMjcwNzAzMTI0NTExWjA1MTMwMQYDVQQDDCpBREZTIEVuY3J5cHRpb24gLSBpZGFkZzIuanBtb3JnYW5jaGFzZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcSrwvUkKJ06dGNBWRy1WlrD4oQtPm0TlTkJlJdhmlTNtGZzUZFVwFIOfQrV1Ry1qFvbI58hDsOcjgIYQ+SM+KGZg3nq3hgVLBcOWkl3kmN8AMexNGAkif3scRqOS8jnenOWkFSor3d2abQE+3Sf80QhW23HIZanvMpQgDeX4tMg+Rz33JgUtXIWg805xoZmmKgAFaiql7nnjmvJ/EOJDaKkFVsgG3yjx3T0n88c7nTgS36vgUkWgfrZjbrydW//Jw5fO1sItt1yx/r8a0ZDRYcOZz42Y1nP6X0WwKPXhJa1I8VeiTyn+383rpFgglHifiOBRBIPPgLP79i54aKpHVAgMBAAGjUDBOMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFPZEyUfpQRp8vHfoqY3eTvWTskXSMA0GCSqGSIb3DQEBCwUAA4IBAQBRTqldOdDTmNDCGYG39zdmE3Viq92dId49Zblfq43ZmDRlh4B4JYSxWD3TQvQoaiKePMc/kj5D2mXqvEuw/4uWnv0XhYm156Wb+vQNUFzFApnRkMw5bTbJ3a7ZE/499duD2v/6XmgOXjLUb4o5lCssbC9wO2A8tR+0qgQlDbk6ZWoSe4UCI20vpoUNoGk5C2oWHSjv4HQjL4uxxGJfnSAkMVFkMJEs22AB7IwHGsteM3ayhKz9reCu4CIspsixt5CZgoALJWJcguXpZBYiH7vZXxfbps4+rXuDUbiw2Cud/W2hpqhcXKUYUENIRSgEgjF/uQ/n+XdWNlu0Ff5OtO8e MIIDVjCCAj4CCQDPCz91+8Oo2TANBgkqhkiG9w0BAQsFADBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEQMA4GA1UECgwHSmFua3lDbzEfMB0GA1UEAwwWVGVzdCBJZGVudGl0eSBQcm92aWRlcjAeFw0yNTA2MjgwMzU4NDdaFw00NTA2MjMwMzU4NDdaMG0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMRAwDgYDVQQKDAdKYW5reUNvMR8wHQYDVQQDDBZUZXN0IElkZW50aXR5IFByb3ZpZGVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6NsxtaC5F0oDygZO6DOjopprdl4t2YErKJS8haCrJdWvYTIQG5UHFMLfgq4APoEQbVJm6rV4Z5kjxbQvXkkLyKcMJfwkscMuR/Gquih08zKKCRmeLbqUOhwDx+Zamlvh1Ll7ffFIA3pmAAUCrN3TYdgvzOCg/wbhkEgRYhjCXEmJGdCkPEfOiTatmxZ5Uft441e0aSyyx0D/wOSOJcR1FOQliPgM3PFJKZjlhlACzu5O5l/2ntPBbmU7IfjM4Qjpln16ArXRbRyXIHPsyge/rXJo3HwOOoEdK4nARvZEGw4/xBu/o43im6rK2RmJV10hgAw/S27ocREbOWGOy/IAwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQA0YY9yxwcFY4kwvnkJu3ZG6BdbTXx4LLnyInJTU10UYEI9WjJzGHJ1pWvKO8xFqfUM8FsHlxksaW3ayCVQO9K2cqaq84qkmS0JokkhkKo6gA434a0ExY++w9eRXy3/dCmkCWYT9+4BOc1BrY69Jt9PvamUpZLFzI/oj0Eg4ORGuoJPEq2186ziexfi1MOoCequFkjBYTIyK3y3mfjUckw6iX8oX6J40ciBACqXvw/T27zVRsH4THCv5XkKLsXIsvEHNhoSVLAcBhkR31oO2txN7/txibmxWIGiBB8+if1cNd+b3ce3jfvb1Qv5JgdeJU/R3LtZLEYjqFYlpzHtuRAN MIIDzTCCArWgAwIBAgIUEOmLajxiCXOUIvFRR4UUCU55jnMwDQYJKoZIhvcNAQELBQAwdjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xEDAOBgNVBAoMB0phbmt5Q28xKDAmBgNVBAMMH1Rlc3QgSWRlbnRpdHkgUHJvdmlkZXIgUm9sbG92ZXIwHhcNMjUwNzE0MTYwNzI0WhcNNDUwNzA5MTYwNzI0WjB2MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEQMA4GA1UECgwHSmFua3lDbzEoMCYGA1UEAwwfVGVzdCBJZGVudGl0eSBQcm92aWRlciBSb2xsb3ZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANOzyDkY5Iz3Sh14rbfCqEkBHuwJvgeqkuv9fystVCJLIK79W/+fECOXjPMpZuBR7Qm4LZ/dHl1MSMZ/1lh4Oa7R3Ui4Oq1zMDON4HkgZJKxXXHb1WtPFbg+0XeVymJd/UvAGYJ+pUETgtqvc5kzmHYTOOG7SZwz9AZYlhzFzn51Gik+UwnGwTt0iapY9z+f+wfitnfFiBzqN41LQK20UUF4+nJFcn5zyshQwbqBX2azZrVKxNG3ZNTmBNQQdxkoAuLJVO+jOe5v11PKx18fcE3QmkpFsZEr3bQkdg04/+jVSpfX00O43JvUiZSnE+bgfXQhQMZa6PNPA7LIe6Ezpr0CAwEAAaNTMFEwHQYDVR0OBBYEFKJ8rut6eb/vzbzLEE6pAsS6aD0MMB8GA1UdIwQYMBaAFKJ8rut6eb/vzbzLEE6pAsS6aD0MMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBALA7H81rYfFXTZ6HbRjSfoJXyVGqnF+lFUIxK90S/cEDcycXTT7SaYwGF3DWTmPxGXrI9WCQA4avIgVbAs7o5DrMmAcwtju4fS+eq2ThFEqneGK1EukUiDeh3joOjLBO2rR7q8RktnUiGJeZRKtgEdJ2jd9q36gBMA9uj35ACqHQqEdJHd8KP6smrcqbhR2mKqhb9PpDvhFDCKNtS83kEQuahC+1WZUt529SVR7YvPdxXYMXliR9lxeagA9noB8lgJhu81/Z5kD8WwmHuZkzfCPELVXLM3JO2EoNTtbC1o7Kjee47YWu/qJqLIbMzgq7dbdLe13QdOmj1KHEKjY7u2g= urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress urn:oasis:names:tc:SAML:2.0:nameid-format:persistent urn:oasis:names:tc:SAML:2.0:nameid-format:transient