icga.leidenuniv.nl
- Universiteit Leiden -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number 35:6c:6a:79:46:ad:61:11:0b:19:57:2f:ef:76:e2:ea was issued on by Sectigo Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Universiteit Leiden
Organization:
Universiteit Leiden
State / Province:
Zuid-Holland
Country: NL
Country: NL
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): 35:6c:6a:79:46:ad:61:11:0b:19:57:2f:ef:76:e2:eaSerial Number (int): 71012011381221507189063594564702888682
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: 08:91:4f:be:a4:fb:25:d4:39:66:65:3a:1c:a9:14:4f:76:9c:eb:c0
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): a4:e3:44:86:2a:e8:3f:28:c9:fb:72:36:1d:0a:80:5a:28:e4:6f:3e
Fingerprint (sha256): 02:a1:7a:15:d9:86:53:11:d0:7f:3a:23:78:f3:2b:f1:fa:26:4e:a9:68:b6:71:33:4f:9a:59:6c:b6:56:4a:4f
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate icga.leidenuniv.nl
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for icga.leidenuniv.nl
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
icga.leidenuniv.nl
www.icga.leidenuniv.nl
www.icga.leidenuniv.nl
Other certificates including the domain name leidenuniv.nl
(limited to 100 certificates)
web2print.leidenuniv.nl
nmr.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
leidenlawblog.nl
scharrelaar-p1.leidenuniv.nl
cas.physics.leidenuniv.nl
ppsn2020.liacs.leidenuniv.nl
datamining.liacs.leidenuniv.nl
issc.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
lucris.leidenuniv.nl
celspin-p.issc.leidenuniv.nl
foreman-develop.infra.leidenuniv.nl
leidenuniv.nl
SALMS01.leidenuniv.nl
director1-dev.srvtest.leidenuniv.nl
icga.leidenuniv.nl
uaccess.leidenuniv.nl
jira.issc.leidenuniv.nl
prosobab.leidenuniv.nl
scriptiebeoordeling-hum.leidenuniv.nl
www.math.leidenuniv.nl
Planon-BenO-t.leidenuniv.nl
login.uaccess.leidenuniv.nl
vrops-cluster.luci.leidenuniv.nl
issc.leidenuniv.nl
noah.backup.leidenuniv.nl
u-ldap-dev.srvtest.leidenuniv.nl
p-luci-001131.infra.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
socrates.leidenuniv.nl
uaccess.leidenuniv.nl
tornado-a-https.web.leidenuniv.nl
leidenuniv.nl
lacdrvirtuallab-qa.leidenuniv.nl
sapgax.issc.leidenuniv.nl
vg5.strw.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
avior.math.leidenuniv.nl
blackboardstaging.leidenuniv.nl
weblectures-a.leidenuniv.nl
usis.leidenuniv.nl
strwmail.strw.leidenuniv.nl
sapeca.leidenuniv.nl
phdcareerplatform.universiteitleiden.nl
u-tools.srvtest.leidenuniv.nl
aristotle.leidenuniv.nl
sapsra.leidenuniv.nl
www.strw.leidenuniv.nl
jss.leidenuniv.nl
mail.physics.leidenuniv.nl
mysite.leidenuniv.nl
kwartel-a.leidenuniv.nl
p-issc-007122.vuw.leidenuniv.nl
splbs02.vuw.leidenuniv.nl
huisstijl.leidenuniv.nl
form.services.universiteitleiden.nl
wagner-p.leidenuniv.nl
pontus.lorentz.leidenuniv.nl
leidenarthistoryblog.nl
smtp.leidenuniv.nl
studiegids-p.leidenuniv.nl
ooievaar.web.leidenuniv.nl
spapp30.vuw.leidenuniv.nl
saufb01.vuw.leidenuniv.nl
schildspin-dev.issc.leidenuniv.nl
lms-wyn-disp03.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
lists.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
webdav.leidenuniv.nl
scharrelaar-p3.leidenuniv.nl
helpdesk.universiteitleiden.nl
libcblog.nl
phdtrack-a.leidenuniv.nl
teams.leidenuniv.nl
evasys.leidenuniv.nl
x-ldap.leidenuniv.nl
cups.issc.leidenuniv.nl
uaccess.leidenuniv.nl
europeanbordercommunities.eu
webprojects.strw.leidenuniv.nl
science.leidenuniv.nl
vg5.strw.leidenuniv.nl
*.weblog.leidenuniv.nl
strwmgmt.strw.leidenuniv.nl
cms-a.universiteitleiden.nl
splic09.ilo.leidenuniv.nl
*.weblog.leidenuniv.nl
pinkashaw-o4.iam-ota.leidenuniv.nl
bankiva.leidenuniv.nl
rds-a.campus.leidenuniv.nl
phdtrack.leidenuniv.nl
planon-a.universiteitleiden.nl
jack-qa.web.leidenuniv.nl
web2print-t.leidenuniv.nl
grasparkiet.leidenuniv.nl
filosofie.leidenuniv.nl
jenkins.issc.leidenuniv.nl
www.readeronline.leidenuniv.nl
nmr.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
leidenlawblog.nl
scharrelaar-p1.leidenuniv.nl
cas.physics.leidenuniv.nl
ppsn2020.liacs.leidenuniv.nl
datamining.liacs.leidenuniv.nl
issc.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
lucris.leidenuniv.nl
celspin-p.issc.leidenuniv.nl
foreman-develop.infra.leidenuniv.nl
leidenuniv.nl
SALMS01.leidenuniv.nl
director1-dev.srvtest.leidenuniv.nl
icga.leidenuniv.nl
uaccess.leidenuniv.nl
jira.issc.leidenuniv.nl
prosobab.leidenuniv.nl
scriptiebeoordeling-hum.leidenuniv.nl
www.math.leidenuniv.nl
Planon-BenO-t.leidenuniv.nl
login.uaccess.leidenuniv.nl
vrops-cluster.luci.leidenuniv.nl
issc.leidenuniv.nl
noah.backup.leidenuniv.nl
u-ldap-dev.srvtest.leidenuniv.nl
p-luci-001131.infra.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
socrates.leidenuniv.nl
uaccess.leidenuniv.nl
tornado-a-https.web.leidenuniv.nl
leidenuniv.nl
lacdrvirtuallab-qa.leidenuniv.nl
sapgax.issc.leidenuniv.nl
vg5.strw.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
avior.math.leidenuniv.nl
blackboardstaging.leidenuniv.nl
weblectures-a.leidenuniv.nl
usis.leidenuniv.nl
strwmail.strw.leidenuniv.nl
sapeca.leidenuniv.nl
phdcareerplatform.universiteitleiden.nl
u-tools.srvtest.leidenuniv.nl
aristotle.leidenuniv.nl
sapsra.leidenuniv.nl
www.strw.leidenuniv.nl
jss.leidenuniv.nl
mail.physics.leidenuniv.nl
mysite.leidenuniv.nl
kwartel-a.leidenuniv.nl
p-issc-007122.vuw.leidenuniv.nl
splbs02.vuw.leidenuniv.nl
huisstijl.leidenuniv.nl
form.services.universiteitleiden.nl
wagner-p.leidenuniv.nl
pontus.lorentz.leidenuniv.nl
leidenarthistoryblog.nl
smtp.leidenuniv.nl
studiegids-p.leidenuniv.nl
ooievaar.web.leidenuniv.nl
spapp30.vuw.leidenuniv.nl
saufb01.vuw.leidenuniv.nl
schildspin-dev.issc.leidenuniv.nl
lms-wyn-disp03.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
lists.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
webdav.leidenuniv.nl
scharrelaar-p3.leidenuniv.nl
helpdesk.universiteitleiden.nl
libcblog.nl
phdtrack-a.leidenuniv.nl
teams.leidenuniv.nl
evasys.leidenuniv.nl
x-ldap.leidenuniv.nl
cups.issc.leidenuniv.nl
uaccess.leidenuniv.nl
europeanbordercommunities.eu
webprojects.strw.leidenuniv.nl
science.leidenuniv.nl
vg5.strw.leidenuniv.nl
*.weblog.leidenuniv.nl
strwmgmt.strw.leidenuniv.nl
cms-a.universiteitleiden.nl
splic09.ilo.leidenuniv.nl
*.weblog.leidenuniv.nl
pinkashaw-o4.iam-ota.leidenuniv.nl
bankiva.leidenuniv.nl
rds-a.campus.leidenuniv.nl
phdtrack.leidenuniv.nl
planon-a.universiteitleiden.nl
jack-qa.web.leidenuniv.nl
web2print-t.leidenuniv.nl
grasparkiet.leidenuniv.nl
filosofie.leidenuniv.nl
jenkins.issc.leidenuniv.nl
www.readeronline.leidenuniv.nl
Certificate
The complete raw certificate details for icga.leidenuniv.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIH8DCCBtigAwIBAgIQNWxqeUatYRELGVcv73bi6jANBgkqhkiG9w0BAQsFADCB lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy dmVyIENBMB4XDTI0MDEyODAwMDAwMFoXDTI1MDEyNzIzNTk1OVowXzELMAkGA1UE BhMCTkwxFTATBgNVBAgTDFp1aWQtSG9sbGFuZDEcMBoGA1UEChMTVW5pdmVyc2l0 ZWl0IExlaWRlbjEbMBkGA1UEAxMSaWNnYS5sZWlkZW51bml2Lm5sMIICIjANBgkq hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0chygkPv4NaBYPUoQNnVYCm2Gir5jZq+ FqhBRrAgdE/xyW8hIAW5LnPn9iwcEKQFGu+E3fcYan7PdTa+yipqHlUiSFdWdJUK sqHhw64wDnPr0vedR6lb5D43/3+/VRiWr4QJ3pNpvzkEd8wM1zUhzpQznOIHov3a zLlVJmrpSG5KQ8RAarMLawcg03LAbzneLxUfTMbYsMYZh4WeG79SchOdRaQPP1nK KZfEHyvos2DaqvV+10JgvdKA34v2VUW1HsyMMc5paw6lsu7lXOOk1X4Txj6HiI2m E2e1xBLjtbGfrs0zCFIDkUJiGcKeF8rp+fZoLZSOzThg5kWxMCKvH7GTI+nfHUbA hgeKJo3efy4eMRPJ5LSYIwITeuswIUVjYWG8cxRGraakqj2gXHQ34b0weS7sFA40 VqIDKFwLrzPUZdG26qiUi0JyztcyKxBWeglMtIMBsDgQehvetQIz7YZkUDvTj73f xlMlIWtMeTZeDJC0Dc3gyf5ISfiYPIe9Auku/Wx92n8E8W3ronkBVbMHEL34ycLp sCZLuVW3NGqqCNznMR1BgqNCEWB5EIEiqxmJC+kNX6ENre2AHDz9FZEPsRv/dqcL 8KINn3sLCA6yyHHwOqLItzIeoLyvcG1BLKZOHya09uYXpdzJcjlkU7l6eSPMC0yp 9utYdKAp+rsCAwEAAaOCA28wggNrMB8GA1UdIwQYMBaAFBfZ1iUnZ/kxwklD2TA2 RIxsqU/rMB0GA1UdDgQWBBQIkU++pPsl1DlmZTocqRRPdpzrwDAOBgNVHQ8BAf8E BAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH AwIwSgYDVR0gBEMwQTA1BgwrBgEEAbIxAQIBAwQwJTAjBggrBgEFBQcCARYXaHR0 cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BNoEuG SWh0dHA6Ly9jcmwuc2VjdGlnby5jb20vU2VjdGlnb1JTQU9yZ2FuaXphdGlvblZh bGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYoGCCsGAQUFBwEBBH4wfDBVBggr BgEFBQcwAoZJaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5p emF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYX aHR0cDovL29jc3Auc2VjdGlnby5jb20wggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoB aAB1AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAABjVJ7doYAAAQD AEYwRAIgHm5NREMQqe6F7mQYnJIsVbMRYZhWBfItl2EXOzWTDMACIEJMM/TnV+/D e8dq50nYjkgUUX/XEdsWR91OKt456R2uAHcAouMK5EXvva2bfjjtR2d3U9eCW4SU 1yteGyzEuVCkR+cAAAGNUnt2ygAABAMASDBGAiEA0refb9J9GaMGYSYe1q1RksIk JpUrjIWSPhk+bfHkcvQCIQDwRlOXiTxUO/aBIcPVACKKutXWcHapdy4b+4vQfsRD wQB2AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjVJ7dlwAAAQD AEcwRQIgOVyBVBFT+8FpcMfKzqFBoZ12KbuXosVFv7CjSF9pMOMCIQDkiImCK9tS DSgyGSnQ3Xq68Fvp7dlQGzSU+ppIxqqNMTA1BgNVHREELjAsghJpY2dhLmxlaWRl bnVuaXYubmyCFnd3dy5pY2dhLmxlaWRlbnVuaXYubmwwDQYJKoZIhvcNAQELBQAD ggEBAADyZDTHHKgbqKG1MGHzWa+Up0za2kikTd2OAl/6X198X+dE4Jcke3lvETrl 2C9ok/sWRi6yubs9LL3iBleq1xZe2V18qJlKBJjJ5/9H558yvEEfUTKk5Wo298+1 Hqw0LhrsLGDrTb02K1gIt9M0KJERQvAt+puW3vnkZyjjD9VKZNpugg05l9LLKRCO 5qsrFDEiI585BS+4opNOyhQCeZFfhvjmMwN4rL2snmBaMtAh5QLLQOCuKdoV9DVB jgTMR/utrW9VQimXVlK+5EALpk0ijR5GEMXULh1WFJbL0AK9T0coBkV7vF8gr0HO lHdAJfmrOYKYeCfmtHbRHSE6ruU= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0chygkPv4NaBYPUoQNnV YCm2Gir5jZq+FqhBRrAgdE/xyW8hIAW5LnPn9iwcEKQFGu+E3fcYan7PdTa+yipq HlUiSFdWdJUKsqHhw64wDnPr0vedR6lb5D43/3+/VRiWr4QJ3pNpvzkEd8wM1zUh zpQznOIHov3azLlVJmrpSG5KQ8RAarMLawcg03LAbzneLxUfTMbYsMYZh4WeG79S chOdRaQPP1nKKZfEHyvos2DaqvV+10JgvdKA34v2VUW1HsyMMc5paw6lsu7lXOOk 1X4Txj6HiI2mE2e1xBLjtbGfrs0zCFIDkUJiGcKeF8rp+fZoLZSOzThg5kWxMCKv H7GTI+nfHUbAhgeKJo3efy4eMRPJ5LSYIwITeuswIUVjYWG8cxRGraakqj2gXHQ3 4b0weS7sFA40VqIDKFwLrzPUZdG26qiUi0JyztcyKxBWeglMtIMBsDgQehvetQIz 7YZkUDvTj73fxlMlIWtMeTZeDJC0Dc3gyf5ISfiYPIe9Auku/Wx92n8E8W3ronkB VbMHEL34ycLpsCZLuVW3NGqqCNznMR1BgqNCEWB5EIEiqxmJC+kNX6ENre2AHDz9 FZEPsRv/dqcL8KINn3sLCA6yyHHwOqLItzIeoLyvcG1BLKZOHya09uYXpdzJcjlk U7l6eSPMC0yp9utYdKAp+rsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 71012011381221507189063594564702888682 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universiteit Leiden' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'icga.leidenuniv.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 855839960369248331864187593470154848165389623484226951011592073601636548913433479007220562465203125231333388688993639234218888586833049104441257692160141993297701999947035689166487237987129673489435920773201411056660607990137879744446686004099755486463860265906658493140100325916503314128943717219789910987063201076223283647030037017844823919780844864143435613696720202899925829510895661415482359474094819108521380487273766483992379492692918945340992010917490413998591234956955501586355956519889588036679654868997146312268046979203072471048456808243896843216308560037136550566836513439963190510633877768291695144808815955073155928866163548555124094457579804074502151797160828378724176697628646806405428752105138543418258346909246196122608119588750971552353396200720048674133902045553965984107179807594766693261684558604671144801412532000501442297202765945366970616026094660136489803238878203964530644951846363558022143547560049044135344068142603013273369963997484961548171794761339129911154812690007159703777551732066252503730048194374831591376003081003003642638910820710716652410742466875142838127358108786827583177205170027467811505306462764286462220562809751282656439400245906726872203854389609307649693590173254956893466704607931 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 08914fbea4fb25d43966653a1ca9144f769cebc0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007500cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018d527b7686000004030046304402201e6e4d444310a9ee85ee64189c922c55b31161985605f22d9761173b35930cc00220424c33f4e757efc37bc76ae749d88e4814517fd711db1647dd4e2ade39e91dae007700a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018d527b76ca0000040300483046022100d2b79f6fd27d19a30661261ed6ad5192c22426952b8c85923e193e6df1e472f4022100f0465397893c543bf68121c3d500228abad5d67076a9772e1bfb8bd07ec443c10076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d527b765c00000403004730450220395c81541153fbc16970c7cacea141a19d7629bb97a2c545bfb0a3485f6930e3022100e48889822bdb520d28321929d0dd7abaf05be9edd9501b3494fa9a48c6aa8d31 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'icga.leidenuniv.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.icga.leidenuniv.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0000f26434c71ca81ba8a1b53061f359af94a74cdada48a44ddd8e025ffa5f5f7c5fe744e097247b796f113ae5d82f6893fb16462eb2b9bb3d2cbde20657aad7165ed95d7ca8994a0498c9e7ff47e79f32bc411f5132a4e56a36f7cfb51eac342e1aec2c60eb4dbd362b5808b7d33428911142f02dfa9b96def9e46728e30fd54a64da6e820d3997d2cb29108ee6ab2b143122239f39052fb8a2934eca140279915f86f8e6330378acbdac9e605a32d021e502cb40e0ae29da15f435418e04cc47fbadad6f554229975652bee4400ba64d228d1e4610c5d42e1d561496cbd002bd4f472806457bbc5f20af41ce94774025f9ab3982987827e6b476d11d213aaee5