leidenuniv.nl
- Universiteit Leiden -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number 3f:bf:64:b1:67:84:a9:3a:9c:ab:84:98:a0:3c:b2:76 was issued on by GEANT Vereniging.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Universiteit Leiden
Organization:
Universiteit Leiden
State / Province:
Zuid-Holland
Country: NL
Country: NL
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 3f:bf:64:b1:67:84:a9:3a:9c:ab:84:98:a0:3c:b2:76Serial Number (int): 84735134730812315642743015435851838070
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: f4:b1:4b:51:10:db:c5:93:75:e1:c2:f2:b8:45:f5:44:6e:1e:f9:cf
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): 9c:f1:00:38:13:fe:32:2c:9f:03:eb:e3:3c:9f:0a:f8:77:a0:36:54
Fingerprint (sha256): 02:4c:04:53:40:f3:e0:9c:fa:f3:da:3e:da:6b:90:96:b6:ea:c6:b7:fd:6c:d9:1b:46:80:95:f3:2e:44:60:5f
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate leidenuniv.nl
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for leidenuniv.nl
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
leidenuniv.nl
www.leidenuniv.nl
www.leidenuniv.nl
Other certificates including the domain name leidenuniv.nl
(limited to 100 certificates)
web2print.leidenuniv.nl
nmr.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
leidenlawblog.nl
scharrelaar-p1.leidenuniv.nl
cas.physics.leidenuniv.nl
ppsn2020.liacs.leidenuniv.nl
datamining.liacs.leidenuniv.nl
issc.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
lucris.leidenuniv.nl
celspin-p.issc.leidenuniv.nl
foreman-develop.infra.leidenuniv.nl
leidenuniv.nl
SALMS01.leidenuniv.nl
director1-dev.srvtest.leidenuniv.nl
icga.leidenuniv.nl
uaccess.leidenuniv.nl
jira.issc.leidenuniv.nl
prosobab.leidenuniv.nl
scriptiebeoordeling-hum.leidenuniv.nl
www.math.leidenuniv.nl
Planon-BenO-t.leidenuniv.nl
login.uaccess.leidenuniv.nl
vrops-cluster.luci.leidenuniv.nl
issc.leidenuniv.nl
noah.backup.leidenuniv.nl
u-ldap-dev.srvtest.leidenuniv.nl
p-luci-001131.infra.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
socrates.leidenuniv.nl
uaccess.leidenuniv.nl
tornado-a-https.web.leidenuniv.nl
leidenuniv.nl
lacdrvirtuallab-qa.leidenuniv.nl
sapgax.issc.leidenuniv.nl
vg5.strw.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
avior.math.leidenuniv.nl
blackboardstaging.leidenuniv.nl
weblectures-a.leidenuniv.nl
usis.leidenuniv.nl
strwmail.strw.leidenuniv.nl
sapeca.leidenuniv.nl
phdcareerplatform.universiteitleiden.nl
u-tools.srvtest.leidenuniv.nl
aristotle.leidenuniv.nl
sapsra.leidenuniv.nl
www.strw.leidenuniv.nl
jss.leidenuniv.nl
mail.physics.leidenuniv.nl
mysite.leidenuniv.nl
kwartel-a.leidenuniv.nl
p-issc-007122.vuw.leidenuniv.nl
splbs02.vuw.leidenuniv.nl
huisstijl.leidenuniv.nl
form.services.universiteitleiden.nl
wagner-p.leidenuniv.nl
pontus.lorentz.leidenuniv.nl
leidenarthistoryblog.nl
smtp.leidenuniv.nl
studiegids-p.leidenuniv.nl
ooievaar.web.leidenuniv.nl
spapp30.vuw.leidenuniv.nl
saufb01.vuw.leidenuniv.nl
schildspin-dev.issc.leidenuniv.nl
lms-wyn-disp03.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
lists.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
webdav.leidenuniv.nl
scharrelaar-p3.leidenuniv.nl
helpdesk.universiteitleiden.nl
libcblog.nl
phdtrack-a.leidenuniv.nl
teams.leidenuniv.nl
evasys.leidenuniv.nl
x-ldap.leidenuniv.nl
cups.issc.leidenuniv.nl
uaccess.leidenuniv.nl
europeanbordercommunities.eu
webprojects.strw.leidenuniv.nl
science.leidenuniv.nl
vg5.strw.leidenuniv.nl
*.weblog.leidenuniv.nl
strwmgmt.strw.leidenuniv.nl
cms-a.universiteitleiden.nl
splic09.ilo.leidenuniv.nl
*.weblog.leidenuniv.nl
pinkashaw-o4.iam-ota.leidenuniv.nl
bankiva.leidenuniv.nl
rds-a.campus.leidenuniv.nl
phdtrack.leidenuniv.nl
planon-a.universiteitleiden.nl
jack-qa.web.leidenuniv.nl
web2print-t.leidenuniv.nl
grasparkiet.leidenuniv.nl
filosofie.leidenuniv.nl
jenkins.issc.leidenuniv.nl
www.readeronline.leidenuniv.nl
nmr.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
leidenlawblog.nl
scharrelaar-p1.leidenuniv.nl
cas.physics.leidenuniv.nl
ppsn2020.liacs.leidenuniv.nl
datamining.liacs.leidenuniv.nl
issc.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
lucris.leidenuniv.nl
celspin-p.issc.leidenuniv.nl
foreman-develop.infra.leidenuniv.nl
leidenuniv.nl
SALMS01.leidenuniv.nl
director1-dev.srvtest.leidenuniv.nl
icga.leidenuniv.nl
uaccess.leidenuniv.nl
jira.issc.leidenuniv.nl
prosobab.leidenuniv.nl
scriptiebeoordeling-hum.leidenuniv.nl
www.math.leidenuniv.nl
Planon-BenO-t.leidenuniv.nl
login.uaccess.leidenuniv.nl
vrops-cluster.luci.leidenuniv.nl
issc.leidenuniv.nl
noah.backup.leidenuniv.nl
u-ldap-dev.srvtest.leidenuniv.nl
p-luci-001131.infra.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
socrates.leidenuniv.nl
uaccess.leidenuniv.nl
tornado-a-https.web.leidenuniv.nl
leidenuniv.nl
lacdrvirtuallab-qa.leidenuniv.nl
sapgax.issc.leidenuniv.nl
vg5.strw.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
avior.math.leidenuniv.nl
blackboardstaging.leidenuniv.nl
weblectures-a.leidenuniv.nl
usis.leidenuniv.nl
strwmail.strw.leidenuniv.nl
sapeca.leidenuniv.nl
phdcareerplatform.universiteitleiden.nl
u-tools.srvtest.leidenuniv.nl
aristotle.leidenuniv.nl
sapsra.leidenuniv.nl
www.strw.leidenuniv.nl
jss.leidenuniv.nl
mail.physics.leidenuniv.nl
mysite.leidenuniv.nl
kwartel-a.leidenuniv.nl
p-issc-007122.vuw.leidenuniv.nl
splbs02.vuw.leidenuniv.nl
huisstijl.leidenuniv.nl
form.services.universiteitleiden.nl
wagner-p.leidenuniv.nl
pontus.lorentz.leidenuniv.nl
leidenarthistoryblog.nl
smtp.leidenuniv.nl
studiegids-p.leidenuniv.nl
ooievaar.web.leidenuniv.nl
spapp30.vuw.leidenuniv.nl
saufb01.vuw.leidenuniv.nl
schildspin-dev.issc.leidenuniv.nl
lms-wyn-disp03.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
lists.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
webdav.leidenuniv.nl
scharrelaar-p3.leidenuniv.nl
helpdesk.universiteitleiden.nl
libcblog.nl
phdtrack-a.leidenuniv.nl
teams.leidenuniv.nl
evasys.leidenuniv.nl
x-ldap.leidenuniv.nl
cups.issc.leidenuniv.nl
uaccess.leidenuniv.nl
europeanbordercommunities.eu
webprojects.strw.leidenuniv.nl
science.leidenuniv.nl
vg5.strw.leidenuniv.nl
*.weblog.leidenuniv.nl
strwmgmt.strw.leidenuniv.nl
cms-a.universiteitleiden.nl
splic09.ilo.leidenuniv.nl
*.weblog.leidenuniv.nl
pinkashaw-o4.iam-ota.leidenuniv.nl
bankiva.leidenuniv.nl
rds-a.campus.leidenuniv.nl
phdtrack.leidenuniv.nl
planon-a.universiteitleiden.nl
jack-qa.web.leidenuniv.nl
web2print-t.leidenuniv.nl
grasparkiet.leidenuniv.nl
filosofie.leidenuniv.nl
jenkins.issc.leidenuniv.nl
www.readeronline.leidenuniv.nl
Certificate
The complete raw certificate details for leidenuniv.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIXTCCBkWgAwIBAgIQP79ksWeEqTqcq4SYoDyydjANBgkqhkiG9w0BAQwFADBE MQswCQYDVQQGEwJOTDEZMBcGA1UEChMQR0VBTlQgVmVyZW5pZ2luZzEaMBgGA1UE AxMRR0VBTlQgT1YgUlNBIENBIDQwHhcNMjMwMzA4MDAwMDAwWhcNMjQwMzA3MjM1 OTU5WjBaMQswCQYDVQQGEwJOTDEVMBMGA1UECBMMWnVpZC1Ib2xsYW5kMRwwGgYD VQQKExNVbml2ZXJzaXRlaXQgTGVpZGVuMRYwFAYDVQQDEw1sZWlkZW51bml2Lm5s MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8Nm1nM1ENJsVWpZhlbY JcDehrlTwIagqMke+ReTVCKapKyM2YV7d6jaFvsGgrsvZ1W6z8SSFQXja4kyFkvS oU1JyDHkzNGZkHybaztAdyseeap6wW+lBH2RODZoyn0DW1WlOneNdcCKRiZMD6cJ qCd7MZ3MLvRbdBLZgyjsYhidynk38gSFEbzCCKBHHUHV5/gZBLtFiGU6ZAUWkj8Z khIG3LNhrSdKGx4PrYIhy8E/SveyesMFe4pUEWbGLrfg4fiOOABVcQafXPdNygX7 aerr96hk9cUvBMEKTuUQrTBBgIHWTH3/vZLUyLkHi2XKOlk+I+fKrt0+koL/S671 IIfEDe7acrQgWSelw8NRs+A0KNmZSEO4ScqVBvsjAig6wx8NKN8O6/jvMNRX5dyu Zd/cO4mfrAuv7USrqsAOn56s/3i3KlXOK21C8/lnlRIDqhMq3JQaygnml3AnPhhv xYn6T1sv+m+Cy1Vlo4jL+8rdnzBiL0bhdwIaubGVuPnYYRXFDElplvq3y/RS/Pp6 EP4eAcUAvQbmMT8Bg+2PNgxTjAUaSjqoub3ginm0qO2w5AmsbiBnZA9eh5YgrBqL IfwOqD03PtRkkDoFxifUzGt7MiUrkZN2rqxVn/+Ysc9tf4E9plDvkPBbHdHq9cPc PXFaviSZo4h/rhX51RADPekCAwEAAaOCAzMwggMvMB8GA1UdIwQYMBaAFG8dNUkQ bDL6WaCevIroH5W+cXoMMB0GA1UdDgQWBBT0sUtRENvFk3XhwvK4RfVEbh75zzAO BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICTzAlMCMGCCsGAQUF BwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIwPwYDVR0fBDgw NjA0oDKgMIYuaHR0cDovL0dFQU5ULmNybC5zZWN0aWdvLmNvbS9HRUFOVE9WUlNB Q0E0LmNybDB1BggrBgEFBQcBAQRpMGcwOgYIKwYBBQUHMAKGLmh0dHA6Ly9HRUFO VC5jcnQuc2VjdGlnby5jb20vR0VBTlRPVlJTQUNBNC5jcnQwKQYIKwYBBQUHMAGG HWh0dHA6Ly9HRUFOVC5vY3NwLnNlY3RpZ28uY29tMIIBfgYKKwYBBAHWeQIEAgSC AW4EggFqAWgAdgB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYbB h/aXAAAEAwBHMEUCIQD+EELYI018jtnJij28Uu8UEwbvbIbx3c7+35ucCYFWqAIg QFKaaK6IOB7+UxKIvocgBqxk6zPPSWAT16QWBVDxNksAdgDatr9rP7W2Ip+bwrtc a+hwkXFsu1GEhTS9pD0wSNf7qwAAAYbBh/buAAAEAwBHMEUCIQCuAiF/PR2wZ/2G gXwZIXY33NrWMKG0jC2pvIbsfzBIDAIgdS+7nU+5VEkDdefK5UR8QYN2wCSRjRYN v7QV6Q/QSDEAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYbB h/b+AAAEAwBHMEUCIH8y5GEVB5XKxLqohNnSq2nS4lRmwdJz5t+tivDNE5L7AiEA trLJEbA4CgXOpILQJZI3KoocT9J9J5xp3X4c+BdNvhEwKwYDVR0RBCQwIoINbGVp ZGVudW5pdi5ubIIRd3d3LmxlaWRlbnVuaXYubmwwDQYJKoZIhvcNAQEMBQADggIB AFx1eSStozjB051MBoBRO0XXC+771lgpQn5ji9RCAHjZyotMBGT5kzCyFoiK/HSk W0npD8cV148o4/23oz4P9tQV0zY3XTzhVHONpn67+vjj9YlagNrtynZeLyGPUI3q MZtei6lA/8XL2i84s1S1OrWOownoKGUl9CngpPJpScZSjWxFTPYLeUSntOn1FfVq BGiWRZCUHgLG3od4PLFoxHhwmFyIgXZk/u00Qnm1Xdlb4kCZ6HInLT6Q8sQU8ate 24Md31ORuVvkWv3UrvqsN9QIYnkj2WPBGNFYdgDskKbhkHmFdlx35Iy0viooVYkr kCt5ajtYxOzTvFu6yZBSH3T9YgunlzMlygFQKNvlLqR9ZELE77yq6pf0rpypYbIh aCiZLfO0t9FHtokM4EF8NMpXGkw/9ckh1jyeLsczq3NoEQGbbd2v6pge4LKo89gt ccdEBhhX9k16riwqLxp3gBkO63o4dFIWZmPQxOTHYr8Kej5PQZX1u3GaW6aAlRRn ZZGhm2wp7TWlGFiSLYpAqguGNNf3cyzJQRZKAvsI/xz77WLE8MlxN6wcqJF4ris+ v5H908z3pL43841gCzQUMqr48TLiHoPH+L77e2xSQgaAvSjL/7Dy9zaQjO2lfSa3 X7+BAEMp4tOmo6DbI656qwBlSLpGLrlc2r+1b6tfKwjq -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8Nm1nM1ENJsVWpZhlbY JcDehrlTwIagqMke+ReTVCKapKyM2YV7d6jaFvsGgrsvZ1W6z8SSFQXja4kyFkvS oU1JyDHkzNGZkHybaztAdyseeap6wW+lBH2RODZoyn0DW1WlOneNdcCKRiZMD6cJ qCd7MZ3MLvRbdBLZgyjsYhidynk38gSFEbzCCKBHHUHV5/gZBLtFiGU6ZAUWkj8Z khIG3LNhrSdKGx4PrYIhy8E/SveyesMFe4pUEWbGLrfg4fiOOABVcQafXPdNygX7 aerr96hk9cUvBMEKTuUQrTBBgIHWTH3/vZLUyLkHi2XKOlk+I+fKrt0+koL/S671 IIfEDe7acrQgWSelw8NRs+A0KNmZSEO4ScqVBvsjAig6wx8NKN8O6/jvMNRX5dyu Zd/cO4mfrAuv7USrqsAOn56s/3i3KlXOK21C8/lnlRIDqhMq3JQaygnml3AnPhhv xYn6T1sv+m+Cy1Vlo4jL+8rdnzBiL0bhdwIaubGVuPnYYRXFDElplvq3y/RS/Pp6 EP4eAcUAvQbmMT8Bg+2PNgxTjAUaSjqoub3ginm0qO2w5AmsbiBnZA9eh5YgrBqL IfwOqD03PtRkkDoFxifUzGt7MiUrkZN2rqxVn/+Ysc9tf4E9plDvkPBbHdHq9cPc PXFaviSZo4h/rhX51RADPekCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 84735134730812315642743015435851838070 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-08 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-07 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universiteit Leiden' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'leidenuniv.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 684414502429882276667384357226802260505460692258974546294182751765062296440072435548651747253303698140608300635521854233750576652910629231433399426900772563447796914249947498724296885413837376270433024848366228582416124880678762857859921367051959541210391061296804965903159584152457745487095479101456767117729007983594926189225962266946392878231682461518302785357973159248286326346195195222197439584552964826151660725887608425955971229310525451226817942014140829096993683317150214186160997647663531921597853815064229573810102882665303075112445077487828688322808717670546517651434897399506287351311248240556723068440898450819651721183169988678770079957011822845568266840081529333642618130481556018603632745032212341853884662137390040512532842868918951755270590659430878277343404151325312849316053688925557274525354435117964868129641272892130685468331762197484453484746378410116929409200845961910772670955173051207979761050752934162506654995522867073782967132261607071435353076396576628532135015412267030229289271108831638238603478022439246125630065934008462913604759086979724441863149994183763943714171849659372709496148930466998147167577584343550299663858226142788440001086430086714943367010017136068372861500395245602924432212573673 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f4b14b5110dbc59375e1c2f2b845f5446e1ef9cf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 016800760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a7400000186c187f6970000040300473045022100fe1042d8234d7c8ed9c98a3dbc52ef141306ef6c86f1ddcefedf9b9c098156a8022040529a68ae88381efe531288be872006ac64eb33cf496013d7a4160550f1364b007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000186c187f6ee0000040300473045022100ae02217f3d1db067fd86817c19217637dcdad630a1b48c2da9bc86ec7f30480c0220752fbb9d4fb954490375e7cae5447c418376c024918d160dbfb415e90fd04831007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000186c187f6fe000004030047304502207f32e461150795cac4baa884d9d2ab69d2e25466c1d273e6dfad8af0cd1392fb022100b6b2c911b0380a05cea482d02592372a8a1c4fd27d279c69dd7e1cf8174dbe11 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'leidenuniv.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.leidenuniv.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 005c757924ada338c1d39d4c0680513b45d70beefbd65829427e638bd4420078d9ca8b4c0464f99330b216888afc74a45b49e90fc715d78f28e3fdb7a33e0ff6d415d336375d3ce154738da67ebbfaf8e3f5895a80daedca765e2f218f508dea319b5e8ba940ffc5cbda2f38b354b53ab58ea309e8286525f429e0a4f26949c6528d6c454cf60b7944a7b4e9f515f56a0468964590941e02c6de87783cb168c47870985c88817664feed344279b55dd95be24099e872272d3e90f2c414f1ab5edb831ddf5391b95be45afdd4aefaac37d408627923d963c118d1587600ec90a6e1907985765c77e48cb4be2a2855892b902b796a3b58c4ecd3bc5bbac990521f74fd620ba7973325ca015028dbe52ea47d6442c4efbcaaea97f4ae9ca961b2216828992df3b4b7d147b6890ce0417c34ca571a4c3ff5c921d63c9e2ec733ab736811019b6dddafea981ee0b2a8f3d82d71c744061857f64d7aae2c2a2f1a7780190eeb7a387452166663d0c4e4c762bf0a7a3e4f4195f5bb719a5ba6809514676591a19b6c29ed35a51858922d8a40aa0b8634d7f7732cc941164a02fb08ff1cfbed62c4f0c97137ac1ca89178ae2b3ebf91fdd3ccf7a4be37f38d600b341432aaf8f132e21e83c7f8befb7b6c52420680bd28cbffb0f2f736908ceda57d26b75fbf81004329e2d3a6a3a0db23ae7aab006548ba462eb95cdabfb56fab5f2b08ea