www.kiesli.nl
Issued by COMODO RSA Domain Validation Secure Server CA
About this certificate
This digital certificate with serial number a1:c4:da:dd:e3:d4:92:2b:3b:00:95:21:8d:d9:a7:e2 was issued on by COMODO CA Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.kiesli.nl,OU=Domain Control Validated+OU=EssentialSSL
COMODO CA Limited
Organization:
COMODO CA Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): a1:c4:da:dd:e3:d4:92:2b:3b:00:95:21:8d:d9:a7:e2Serial Number (int): 215027836650871873235447630802514978786
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 0e:34:43:63:8e:78:9d:44:aa:ad:a2:7b:63:cd:6c:59:ec:11:6b:d6
AuthorityKeyId: 90:af:6a:3a:94:5a:0b:d8:90:ea:12:56:73:df:43:b4:3a:28:da:e7
Fingerprint (sha1): de:c1:4d:a9:b6:bf:a3:bc:7f:a6:2e:d5:c8:e6:e7:7d:8e:ee:ad:79
Fingerprint (sha256): 00:0d:71:15:d2:cb:69:ec:c2:a3:2d:43:ba:13:48:0a:2d:27:fb:42:34:c5:d8:da:0d:ff:0f:df:2f:9d:12:45
Issuing Certificate URL: http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.comodoca.comCRL Distribution Point: http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl
Check the revocation status for certificate www.kiesli.nl
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.kiesli.nl
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.kiesli.nl
kiesli.nl
kiesli.nl
Other certificates including the domain name kiesli.nl
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.kiesli.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGRTCCBS2gAwIBAgIRAKHE2t3j1JIrOwCVIY3Zp+IwDQYJKoZIhvcNAQELBQAw gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg Q0EwHhcNMTYxMTIyMDAwMDAwWhcNMTcxMTIyMjM1OTU5WjBSMSEwHwYDVQQLExhE b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFTATBgNVBAsTDEVzc2VudGlhbFNTTDEW MBQGA1UEAxMNd3d3LmtpZXNsaS5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC AgoCggIBAPi6FYD8FSLms85AMkowesNgOYBdQV1CRTUSoQgdLmruj7BdecvjtEyv 46YWkzYL3x/qCptWqQwupDuwXnJ1j+y7d1MeWi6z5ALU0kIl2b6w1YB2dp4f0bBZ 5rvbA02HV2T7nI0tp2g2OPh40Cuf1QoKEyPvkXe6++lLtvRxd/aj9kly40QsE3PB Rt1kWsgV5c6suLIhjx8PQ4cR+zp/WYwYpdoPu2bVCwq4bG0rjBLNQZeLZO/LEI0X R8py+Jb/8ZpDApf1kVo6SAbouxFQ9b6pZmxPgzWTcer30ABIGqvjfVKJO2ZBIDsS ceG9UfXMB/0/2PbE5QwwDklFiEyOrxYap2Npy0HrZhlOWSMWPZEyyBhEtA8CwDWZ fguYHk1Ys8BhmZAQl2nth6p27CXojtKsDQIiiRDs3E0bjjk5Ypeh08kcP+OT/3Rg UAJciCc70E24MXfgyV9leABeiFVKWVyMppMcT4IZxH4/9k1G8VSM5aaaorQdNMqG DkCwO8sQODEFoqCaU3AH9Pw+y7SgVQUCsxUSLStUrxx7Pr7r3hHtDBmMgYWX9kF8 q4a1mBh7imxMu56Cuo6ddhDwVSJzorvc1a0SSA1dy/umY9gcJuvAHY92iNY71xU/ qGT01lYN2/uBSwNY4DYf8nsOiEBnroJzsz9sMOVYcfy3rdNkF71bAgMBAAGjggHV MIIB0TAfBgNVHSMEGDAWgBSQr2o6lFoL2JDqElZz30O0Oija5zAdBgNVHQ4EFgQU DjRDY454nUSqraJ7Y81sWewRa9YwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1UdIARIMEYwOgYL KwYBBAGyMQECAgcwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2Rv LmNvbS9DUFMwCAYGZ4EMAQIBMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly9jcmwu Y29tb2RvY2EuY29tL0NPTU9ET1JTQURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2 ZXJDQS5jcmwwgYUGCCsGAQUFBwEBBHkwdzBPBggrBgEFBQcwAoZDaHR0cDovL2Ny dC5jb21vZG9jYS5jb20vQ09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNl cnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29t MCMGA1UdEQQcMBqCDXd3dy5raWVzbGkubmyCCWtpZXNsaS5ubDANBgkqhkiG9w0B AQsFAAOCAQEAWJqp2cSI9PpLbUxCESkuIOKijxxuvBxev5GN1B9oCvrqs9VCpdwB QUGGBQ9is9fUHQHRSun0+05/GkSqn4ro+kHJqMRWDnInPoR5LPxcMedwq4lAF8D+ IpPJcOpKujFADz5Kr4gKhWIQNKHKpIj68gO2xUghteRQCoypvCYLrcEhiI8Pz8DX Tqswj1hmz39hhosv1CZT/D3XjXpz7zKcYRf1JjlpFk7DcbygcnTxroI5InFMzhHg +l8+lobqrNq/FENJSMFnphs2mFERhywUzE2OK1KVYWoJp/9ZINMU3wP4MpDTFwn+ jcPhbAyKCeMYmP5aa6UgY6Xj0QCgJ3vUBA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA+LoVgPwVIuazzkAySjB6 w2A5gF1BXUJFNRKhCB0uau6PsF15y+O0TK/jphaTNgvfH+oKm1apDC6kO7BecnWP 7Lt3Ux5aLrPkAtTSQiXZvrDVgHZ2nh/RsFnmu9sDTYdXZPucjS2naDY4+HjQK5/V CgoTI++Rd7r76Uu29HF39qP2SXLjRCwTc8FG3WRayBXlzqy4siGPHw9DhxH7On9Z jBil2g+7ZtULCrhsbSuMEs1Bl4tk78sQjRdHynL4lv/xmkMCl/WRWjpIBui7EVD1 vqlmbE+DNZNx6vfQAEgaq+N9Uok7ZkEgOxJx4b1R9cwH/T/Y9sTlDDAOSUWITI6v FhqnY2nLQetmGU5ZIxY9kTLIGES0DwLANZl+C5geTVizwGGZkBCXae2HqnbsJeiO 0qwNAiKJEOzcTRuOOTlil6HTyRw/45P/dGBQAlyIJzvQTbgxd+DJX2V4AF6IVUpZ XIymkxxPghnEfj/2TUbxVIzlppqitB00yoYOQLA7yxA4MQWioJpTcAf0/D7LtKBV BQKzFRItK1SvHHs+vuveEe0MGYyBhZf2QXyrhrWYGHuKbEy7noK6jp12EPBVInOi u9zVrRJIDV3L+6Zj2Bwm68Adj3aI1jvXFT+oZPTWVg3b+4FLA1jgNh/yew6IQGeu gnOzP2ww5Vhx/Let02QXvVsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 215027836650871873235447630802514978786 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO RSA Domain Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-11-22 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-22 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'EssentialSSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.kiesli.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1014717183885815165760562143424850956642776331976355396159890621937715995175150325629091333955760395750755778356971576816676242907909709988543604071926568250615463570227902471654147125902895006969615695761138904749561612362337665033906779724296138551058887765084614492019620623931853305115975504808148387562321794277574474525082064234820585917498670284499988655580179146171142909711638701526181529929613571230443736670962996504698986164955796058434967736486843801179848533199276081685462761217288314107928316227496628885435342219637645695853558269584882370408329920278173383721363237934291800066681959764311866834296741619860277502505704172055348693191572553307836068062500246284425063708730592092664856436268009446494174000651958663556158063189636626771109836330682028627984902154181160072518552299642142047948741597441474250692889866980086285139616598328224638539802490737972939643764502785544459234542400783702857683966379887743988700762772076502617217417504436328420176119401740912119076102084782294279291637126203946821161598605055151197376733972033409167172190384630574647380266950131768320746344408676762530370548168236315268654275207886683010859808904977873171022800305767529280293903689024556158187301626612755960756725857627 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 90af6a3a945a0bd890ea125673df43b43a28dae7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0e3443638e789d44aaada27b63cd6c59ec116bd6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (77 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kiesli.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kiesli.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00589aa9d9c488f4fa4b6d4c4211292e20e2a28f1c6ebc1c5ebf918dd41f680afaeab3d542a5dc01414186050f62b3d7d41d01d14ae9f4fb4e7f1a44aa9f8ae8fa41c9a8c4560e72273e84792cfc5c31e770ab894017c0fe2293c970ea4aba31400f3e4aaf880a85621034a1caa488faf203b6c54821b5e4500a8ca9bc260badc121888f0fcfc0d74eab308f5866cf7f61868b2fd42653fc3dd78d7a73ef329c6117f5263969164ec371bca07274f1ae823922714cce11e0fa5f3e9686eaacdabf14434948c167a61b36985111872c14cc4d8e2b5295616a09a7ff5920d314df03f83290d31709fe8dc3e16c0c8a09e31898fe5a6ba52063a5e3d100a0277bd404