bktoi1.bk.tudelft.nl
- Technische Universiteit Delft -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number 6b:d9:30:a4:f8:4b:37:90:59:bf:17:62:a3:95:6f:11 was issued on by GEANT Vereniging.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Technische Universiteit Delft
Organization:
Technische Universiteit Delft
State / Province:
Zuid-Holland
Country: NL
Country: NL
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate will expire on
Certificate Details
Serial Number (hex): 6b:d9:30:a4:f8:4b:37:90:59:bf:17:62:a3:95:6f:11Serial Number (int): 143355110593210897880749479941564100369
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: e2:f3:ea:24:5f:d0:95:88:8b:3d:e3:88:4f:9c:cd:ce:4c:a8:76:e8
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): 38:de:00:85:27:69:26:e6:3f:b0:95:6a:08:0b:fe:1d:33:b4:39:2a
Fingerprint (sha256): 01:bb:1c:b9:a8:26:3c:a9:53:69:ed:a4:ab:be:de:7b:88:c3:2d:dd:cb:15:2a:6c:a2:a6:a1:08:60:df:4b:ae
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate bktoi1.bk.tudelft.nl
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for bktoi1.bk.tudelft.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bktoi1.bk.tudelft.nl
designinformatics.bk.tudelft.nl
di.bk.tudelft.nl
designinformatics.bk.tudelft.nl
di.bk.tudelft.nl
Other certificates including the domain name tudelft.nl
(limited to 100 certificates)
solidstate.quantumtinkerer.tudelft.nl
api.p-cube.gamelab-staging.tbm.tudelft.nl
bepsys.ewi.tudelft.nl
webdsl-org.ewi.tudelft.nl
talentservices.tudelft.nl
wism8.dunet.tudelft.nl
www.pp1.tudelft.nl
suslabnwe-en.io.tudelft.nl
eipdev.ewi.tudelft.nl
quantumtinkerer.tudelft.nl
www.hooke.tudelft.nl
mattermost-imphys.tudelft.nl
3d.bk.tudelft.nl
hpcwiki.tudelft.nl
suslabnwe-de.io.tudelft.nl
externenmds.tudelft.nl
webdsl-2015.ewi.tudelft.nl
telefoonboek.tudelft.nl
searchenginewis2.ewi.tudelft.nl
se.ewi.tudelft.nl
ipms-prd1.tudelft.nl
bitrix24.tbm.tudelft.nl
punch.tudelft.nl
oauth-t.tudelft.nl
inforln.tudelft.nl
3d.bk.tudelft.nl
bktoi1.bk.tudelft.nl
abdowiki.tudelft.nl
www.broach.nl
webapp.tudelft.nl
demoprojects.tudelft.nl
telewerken.tudelft.nl
pl-jenkins.ewi.tudelft.nl
bbtest.tudelft.nl
marsrv.tudelft.nl
4tudata-libbuild.tudelft.nl
inforln.tudelft.nl
mod-est.tbm.tudelft.nl
coin2013-prima.tudelft.nl
syllabus.tudelft.nl
aecoderunner.lr.tudelft.nl
erfgoed.tudelft.nl
www.civielebedrijvendagen.nl
was.tudelft.nl
sysadminwiki.tudelft.nl
esb-gateway.tudelft.nl
www.vvtp.tudelft.nl
services.sc.tudelft.nl
3d.bk.tudelft.nl
campusdevelopment.tudelft.nl
marsrv.tudelft.nl
svn.3me.tudelft.nl
lamp6.tudelft.nl
svn.tnw.tudelft.nl
www.dined.nl
dutmail.tudelft.nl
b2bcrm.tudelft.nl
www.nas.ewi.tudelft.nl
b2bcrm.tudelft.nl
qutech.tudelft.nl
personeelsdossiers.tudelft.nl
zandmotor-libtest.tudelft.nl
www.beeldportal.tudelft.nl
labservant.tudelft.nl
lampict2.tudelft.nl
coursemaptest.tudelft.nl
se.ewi.tudelft.nl
presto.tudelft.nl
3d.bk.tudelft.nl
www.punch.tudelft.nl
reservation.ekl.tudelft.nl
qit.ewi.tudelft.nl
elearning-libprod.tudelft.nl
www.praktischestudie.nl
handler.tudelft.nl
matchmakers.ewi.tudelft.nl
newmediacentre.tudelft.nl
burgerbegroting.tbm.tudelft.nl
www.broach.nl
ismir2019.ewi.tudelft.nl
sg-4.tbm.tudelft.nl
srv775-2.tudelft.net
www.dcsc.tudelft.nl
ppm1.tudelft.nl
lts1-test.tbm.tudelft.nl
inclusivedesign.io.tudelft.nl
visit.tudelft.nl
eurasipdev.ewi.tudelft.nl
ei.tudelft.nl
elearning-libaccp.tudelft.nl
www.practischestudie.nl
api.myota-test.tudelft.nl
svn.bk.tudelft.nl
gnss1.tudelft.nl
luistermutant.gamelab.tbm.tudelft.nl
filr.tudelft.nl
trendhost-cb.tudelft.nl
www.punch.tudelft.nl
research.tudelft.nl
osidoc.tudelft.nl
api.p-cube.gamelab-staging.tbm.tudelft.nl
bepsys.ewi.tudelft.nl
webdsl-org.ewi.tudelft.nl
talentservices.tudelft.nl
wism8.dunet.tudelft.nl
www.pp1.tudelft.nl
suslabnwe-en.io.tudelft.nl
eipdev.ewi.tudelft.nl
quantumtinkerer.tudelft.nl
www.hooke.tudelft.nl
mattermost-imphys.tudelft.nl
3d.bk.tudelft.nl
hpcwiki.tudelft.nl
suslabnwe-de.io.tudelft.nl
externenmds.tudelft.nl
webdsl-2015.ewi.tudelft.nl
telefoonboek.tudelft.nl
searchenginewis2.ewi.tudelft.nl
se.ewi.tudelft.nl
ipms-prd1.tudelft.nl
bitrix24.tbm.tudelft.nl
punch.tudelft.nl
oauth-t.tudelft.nl
inforln.tudelft.nl
3d.bk.tudelft.nl
bktoi1.bk.tudelft.nl
abdowiki.tudelft.nl
www.broach.nl
webapp.tudelft.nl
demoprojects.tudelft.nl
telewerken.tudelft.nl
pl-jenkins.ewi.tudelft.nl
bbtest.tudelft.nl
marsrv.tudelft.nl
4tudata-libbuild.tudelft.nl
inforln.tudelft.nl
mod-est.tbm.tudelft.nl
coin2013-prima.tudelft.nl
syllabus.tudelft.nl
aecoderunner.lr.tudelft.nl
erfgoed.tudelft.nl
www.civielebedrijvendagen.nl
was.tudelft.nl
sysadminwiki.tudelft.nl
esb-gateway.tudelft.nl
www.vvtp.tudelft.nl
services.sc.tudelft.nl
3d.bk.tudelft.nl
campusdevelopment.tudelft.nl
marsrv.tudelft.nl
svn.3me.tudelft.nl
lamp6.tudelft.nl
svn.tnw.tudelft.nl
www.dined.nl
dutmail.tudelft.nl
b2bcrm.tudelft.nl
www.nas.ewi.tudelft.nl
b2bcrm.tudelft.nl
qutech.tudelft.nl
personeelsdossiers.tudelft.nl
zandmotor-libtest.tudelft.nl
www.beeldportal.tudelft.nl
labservant.tudelft.nl
lampict2.tudelft.nl
coursemaptest.tudelft.nl
se.ewi.tudelft.nl
presto.tudelft.nl
3d.bk.tudelft.nl
www.punch.tudelft.nl
reservation.ekl.tudelft.nl
qit.ewi.tudelft.nl
elearning-libprod.tudelft.nl
www.praktischestudie.nl
handler.tudelft.nl
matchmakers.ewi.tudelft.nl
newmediacentre.tudelft.nl
burgerbegroting.tbm.tudelft.nl
www.broach.nl
ismir2019.ewi.tudelft.nl
sg-4.tbm.tudelft.nl
srv775-2.tudelft.net
www.dcsc.tudelft.nl
ppm1.tudelft.nl
lts1-test.tbm.tudelft.nl
inclusivedesign.io.tudelft.nl
visit.tudelft.nl
eurasipdev.ewi.tudelft.nl
ei.tudelft.nl
elearning-libaccp.tudelft.nl
www.practischestudie.nl
api.myota-test.tudelft.nl
svn.bk.tudelft.nl
gnss1.tudelft.nl
luistermutant.gamelab.tbm.tudelft.nl
filr.tudelft.nl
trendhost-cb.tudelft.nl
www.punch.tudelft.nl
research.tudelft.nl
osidoc.tudelft.nl
Certificate
The complete raw certificate details for bktoi1.bk.tudelft.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHlzCCBX+gAwIBAgIQa9kwpPhLN5BZvxdio5VvETANBgkqhkiG9w0BAQwFADBE MQswCQYDVQQGEwJOTDEZMBcGA1UEChMQR0VBTlQgVmVyZW5pZ2luZzEaMBgGA1UE AxMRR0VBTlQgT1YgUlNBIENBIDQwHhcNMjMwOTI5MDAwMDAwWhcNMjQwOTI4MjM1 OTU5WjBrMQswCQYDVQQGEwJOTDEVMBMGA1UECBMMWnVpZC1Ib2xsYW5kMSYwJAYD VQQKEx1UZWNobmlzY2hlIFVuaXZlcnNpdGVpdCBEZWxmdDEdMBsGA1UEAxMUYmt0 b2kxLmJrLnR1ZGVsZnQubmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDfSeAuxQHAa7wnnoiHv5HKbtNDGB5EL1XSz6Ercex2lrHDFWidmBw/h77B8qu5 gl2up8zrv73XMlD2CitdbioBrGlVVY70C8Mxpz78zGTGYTzGlbNVs56XZZbsP/1/ 8r0k50dGw9vQREq4DIe+pJVN4AYV8HIUp2CVL9EhxyZ/X3UcIp34lQTtI73KhZTg E7JchE2kCSidMIEc5pUTT8ujReEuf3mTjdqoicGzpLFsyg9x/RvA5CLXPKvD3y2a hh1XeVPuTtlx7go8UrHV0OPWEy1NoTCIj2ETqfyYu1G++tKpxBS/lIrh9z54N7da VWzgH/2V5J+aVIVrkamWhVNNAgMBAAGjggNcMIIDWDAfBgNVHSMEGDAWgBRvHTVJ EGwy+lmgnryK6B+VvnF6DDAdBgNVHQ4EFgQU4vPqJF/QlYiLPeOIT5zNzkyodugw DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAk8wJTAjBggrBgEF BQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQICMD8GA1UdHwQ4 MDYwNKAyoDCGLmh0dHA6Ly9HRUFOVC5jcmwuc2VjdGlnby5jb20vR0VBTlRPVlJT QUNBNC5jcmwwdQYIKwYBBQUHAQEEaTBnMDoGCCsGAQUFBzAChi5odHRwOi8vR0VB TlQuY3J0LnNlY3RpZ28uY29tL0dFQU5UT1ZSU0FDQTQuY3J0MCkGCCsGAQUFBzAB hh1odHRwOi8vR0VBTlQub2NzcC5zZWN0aWdvLmNvbTCCAYAGCisGAQQB1nkCBAIE ggFwBIIBbAFqAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGK 36lw9QAABAMARzBFAiEAxNdY/mCZ06WVPgp36Ppwv1oWPFjKcjMXkWRMgQ91Vq0C IBV8g5sLpqelK7PXAXYK0fxgRMQaF+1jMEgntgcu5jaDAHcA2ra/az+1tiKfm8K7 XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGK36lxTAAABAMASDBGAiEA+g1VpWewaaqr aJKsoiqepuPClUjMboEAGPH5e0HdZmICIQChEh+RVkWqYhxUTlXQgP5irtv4q22C EMfOVFL7tzPwIAB3AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAAB it+pcSMAAAQDAEgwRgIhALdA0hDpMALZ8HoPdage9EOLhd+ILvYigfp++x2R6zvs AiEA/C1egmSvAH8nqtzlyKXE0dzmb8DBQlXy/CCxbfU/L9AwUgYDVR0RBEswSYIU Ymt0b2kxLmJrLnR1ZGVsZnQubmyCH2Rlc2lnbmluZm9ybWF0aWNzLmJrLnR1ZGVs ZnQubmyCEGRpLmJrLnR1ZGVsZnQubmwwDQYJKoZIhvcNAQEMBQADggIBAAh2yn1W gOyuR6kxqsfcILKkCYrRfjTRIK6Rr/8xGKHYzbBc8ncKuunRtzDF1brQmgYk3d+H RU/7uG2SKfxE+z0c3bQfAS6m3cnP2Rg8JWXPO8HrX8Da2qDYj8mlb5lvuJHJAWz5 6LvCf+f5A1RR7f63/DDEGiR7I97STrp4Iew20wH7zcq3QPMQNvS3VnBwrbwXlnfH WeIZpdVWj4+4A1M/Bch2Gm+YJRv8a2G3cip1JXA2qRn/CrQ46PiZ7oYA6wqFOPan +kHwyHRy5w/I7D4lWXtww0C2sORIZ7E6dQ4gI4HRJzR1DSPfdzOaCEVT6cvRySVV ODt/xNfPJbPTVb69g1zfcqHvi3evw7ajGZ0ag8EA3xM7NMQbvtqRODQABZ2gDr+f 67I4YidgVUFYMr1ZxyKA3Zxw8JBfMeY060CZvm2TjHdAZ6eHaYaZlKy/H/Tbf6ic UrpV/Ul67/NVc3fBPN+Dphdq9cJAqUx+nQTiX6SQIw40d4/bu7KK5fY6WkbDR6Pk k05Gm+0zRBqWZI+sQZTvp0OxJcO8bw9Axu9ayRpYUJ3Z+0jd5GPbf9p+tcJqprJm PvqRDPLVJD4IMjI196ap0ya94e96Z3h3mJhU8nXfco8IAjZtaGLFkIYGvZmAsWk9 Eu/8XR/lyZYPjwNh4I3Y5wdt5Y6MnVvEHho7 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30ngLsUBwGu8J56Ih7+R ym7TQxgeRC9V0s+hK3HsdpaxwxVonZgcP4e+wfKruYJdrqfM67+91zJQ9gorXW4q AaxpVVWO9AvDMac+/MxkxmE8xpWzVbOel2WW7D/9f/K9JOdHRsPb0ERKuAyHvqSV TeAGFfByFKdglS/RIccmf191HCKd+JUE7SO9yoWU4BOyXIRNpAkonTCBHOaVE0/L o0XhLn95k43aqInBs6SxbMoPcf0bwOQi1zyrw98tmoYdV3lT7k7Zce4KPFKx1dDj 1hMtTaEwiI9hE6n8mLtRvvrSqcQUv5SK4fc+eDe3WlVs4B/9leSfmlSFa5GploVT TQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 143355110593210897880749479941564100369 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-29 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-28 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Technische Universiteit Delft' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bktoi1.bk.tudelft.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28187571479575340141335824317476466108371030348033324312190071230527030708674026546116004951016650100558528906091327615583029416414263453073255028247450927880260194025067588643362281632533410434406710045268842065904704321980662272205166269361539982932382910984775903067633127094261962883393212745345612655379482031571765421826189453463336281101920717337630343660921904458310295187071013204994970588651782168394932645629584496800307775768874646819256210654034153106368816136255157480897526252957005402204122780050393205651077603892751949489622085251095582797797410164355208493356870632938668848423493406373227788587853 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e2f3ea245fd095888b3de3884f9ccdce4ca876e8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018adfa970f50000040300473045022100c4d758fe6099d3a5953e0a77e8fa70bf5a163c58ca72331791644c810f7556ad0220157c839b0ba6a7a52bb3d701760ad1fc6044c41a17ed63304827b6072ee63683007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018adfa9714c0000040300483046022100fa0d55a567b069aaab6892aca22a9ea6e3c29548cc6e810018f1f97b41dd6662022100a1121f915645aa621c544e55d080fe62aedbf8ab6d8210c7ce5452fbb733f020007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018adfa971230000040300483046022100b740d210e93002d9f07a0f75a81ef4438b85df882ef62281fa7efb1d91eb3bec022100fc2d5e8264af007f27aadce5c8a5c4d1dce66fc0c14255f2fc20b16df53f2fd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bktoi1.bk.tudelft.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'designinformatics.bk.tudelft.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'di.bk.tudelft.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 000876ca7d5680ecae47a931aac7dc20b2a4098ad17e34d120ae91afff3118a1d8cdb05cf2770abae9d1b730c5d5bad09a0624dddf87454ffbb86d9229fc44fb3d1cddb41f012ea6ddc9cfd9183c2565cf3bc1eb5fc0dadaa0d88fc9a56f996fb891c9016cf9e8bbc27fe7f9035451edfeb7fc30c41a247b23ded24eba7821ec36d301fbcdcab740f31036f4b7567070adbc179677c759e219a5d5568f8fb803533f05c8761a6f98251bfc6b61b7722a75257036a919ff0ab438e8f899ee8600eb0a8538f6a7fa41f0c87472e70fc8ec3e25597b70c340b6b0e44867b13a750e202381d12734750d23df77339a084553e9cbd1c92555383b7fc4d7cf25b3d355bebd835cdf72a1ef8b77afc3b6a3199d1a83c100df133b34c41bbeda91383400059da00ebf9febb23862276055415832bd59c72280dd9c70f0905f31e634eb4099be6d938c774067a78769869994acbf1ff4db7fa89c52ba55fd497aeff3557377c13cdf83a6176af5c240a94c7e9d04e25fa490230e34778fdbbbb28ae5f63a5a46c347a3e4934e469bed33441a96648fac4194efa743b125c3bc6f0f40c6ef5ac91a58509dd9fb48dde463db7fda7eb5c26aa6b2663efa910cf2d5243e08323235f7a6a9d326bde1ef7a677877989854f275df728f0802366d6862c5908606bd9980b1693d12effc5d1fe5c9960f8f0361e08dd8e7076de58e8c9d5bc41e1a3b