*.proxy02.bnl.lu
- Bibliothèque nationale de Luxembourg -
Issued by TERENA SSL CA 3
About this certificate
This digital certificate with serial number 0c:3d:7c:00:2e:55:f6:25:12:d3:bd:7a:c4:e9:03:7d was issued on by TERENA.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Bibliothèque nationale de Luxembourg
Organization:
Bibliothèque nationale de Luxembourg
Locality:
Luxembourg
Country: LU
Country: LU
TERENA
Organization:
TERENA
State / Province:
Noord-Holland
Locality: Amsterdam
Country: NL
Locality: Amsterdam
Country: NL
This certificate has expire since
Certificate Details
Serial Number (hex): 0c:3d:7c:00:2e:55:f6:25:12:d3:bd:7a:c4:e9:03:7dSerial Number (int): 16269981090920699299808684007527875453
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: fd:6f:19:b8:27:5b:2f:45:46:0d:84:a3:86:16:1d:6b:6f:06:8c:0d
AuthorityKeyId: 67:fd:88:20:14:27:98:c7:09:d2:25:19:bb:e9:51:11:63:75:50:62
Fingerprint (sha1): 2d:b6:f4:76:23:e8:21:08:5c:51:f4:7a:c0:5b:de:c3:19:a3:a8:0e
Fingerprint (sha256): 04:0e:8b:3a:ee:eb:2b:09:c8:a4:49:da:5f:4a:d5:9b:28:ba:b1:cb:95:09:e8:92:ec:52:27:c6:e8:55:19:61
Issuing Certificate URL: http://cacerts.digicert.com/TERENASSLCA3.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/TERENASSLCA3.crl
CRL Distribution Point: http://crl4.digicert.com/TERENASSLCA3.crl
Check the revocation status for certificate *.proxy02.bnl.lu
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.proxy02.bnl.lu
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.proxy02.bnl.lu
proxy02.bnl.lu
proxy02.bnl.lu
Other certificates including the domain name bnl.lu
(limited to 100 certificates)
*.proxy02.bnl.lu
*.proxy.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
bnl.lu
auth.bnl.lu
*.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
auth.bnl.lu
*.proxy04.bnl.lu
bnl.lu
*.proxy04.bnl.lu
auth3.bnl.lu
bnl.lu
luxemburgensia.bnl.lu
*.proxy.bnl.lu
analytics.bnl.lu
bnl.lu
windbook.bnl.lu
bnl.lu
bnl.lu
wifiportal-1.bnl.lu
auth-dev.bnl.lu
*.bnl.lu
*.proxy03.bnl.lu
auth1.bnl.lu
bnl.lu
auth1.bnl.lu
bnl.lu
analytics.bnl.lu
*.proxy03.bnl.lu
bnl.lu
windbook.bnl.lu
mia.bnl.lu
*.proxy03.bnl.lu
*.proxy.bnl.lu
bnl.lu
auth.bnl.lu
auth3.bnl.lu
lida.bnl.lu
bnl.lu
*.proxy04.bnl.lu
*.proxy.bnl.lu
luxemburgensia.bnl.lu
bnl.lu
*.proxy.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
bnl.lu
auth.bnl.lu
*.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
auth.bnl.lu
*.proxy04.bnl.lu
bnl.lu
*.proxy04.bnl.lu
auth3.bnl.lu
bnl.lu
luxemburgensia.bnl.lu
*.proxy.bnl.lu
analytics.bnl.lu
bnl.lu
windbook.bnl.lu
bnl.lu
bnl.lu
wifiportal-1.bnl.lu
auth-dev.bnl.lu
*.bnl.lu
*.proxy03.bnl.lu
auth1.bnl.lu
bnl.lu
auth1.bnl.lu
bnl.lu
analytics.bnl.lu
*.proxy03.bnl.lu
bnl.lu
windbook.bnl.lu
mia.bnl.lu
*.proxy03.bnl.lu
*.proxy.bnl.lu
bnl.lu
auth.bnl.lu
auth3.bnl.lu
lida.bnl.lu
bnl.lu
*.proxy04.bnl.lu
*.proxy.bnl.lu
luxemburgensia.bnl.lu
bnl.lu
Certificate
The complete raw certificate details for *.proxy02.bnl.lu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHtzCCBp+gAwIBAgIQDD18AC5V9iUS0716xOkDfTANBgkqhkiG9w0BAQsFADBk MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJ QW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wg Q0EgMzAeFw0xOTEwMjMwMDAwMDBaFw0yMTEwMjcxMjAwMDBaMG0xCzAJBgNVBAYT AkxVMRMwEQYDVQQHEwpMdXhlbWJvdXJnMS4wLAYDVQQKDCVCaWJsaW90aMOocXVl IG5hdGlvbmFsZSBkZSBMdXhlbWJvdXJnMRkwFwYDVQQDDBAqLnByb3h5MDIuYm5s Lmx1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3sN8vmg5x1qxMCdz stLSINpjuN2gdGAERlPn35QQ6X1eso81lGB9z917Uiv/LOThAOiZc6BJOcCWw4X3 kxgG50ZJUxLishYxcrkN9yFMi77W7dALBPsbbE0k+1Uv1jP1AaLSCei7W+6vHnWN 1/VmpFSKcjKcpo1pu2jDler7M/c6Qfv9SfLl7eO4islQew7ILyOPW8AkYbYirObX llGgwpurquz3elo0XhssiJokLai6P/GUwAkDEFJZUD5l4xCprtzOKG0OJL8gM2oU YanuSzBguqE21Lf9PoY0jgWIxqwUbs5NxJ8nUsbyxLzU0YAWzyGNSSHtbLdY0n0s 9T5LkZapD0gRwYLc65c76uVS2tcT4kznRzYIWvZQZFqiX/X24UXbm1dp8srx3e+q L6oq4TLsEDjccdeOLaJyvCwlTYFQ5t6qRSfMCOUaIvmFxNq4qx9DUI4OhS/6P6gR w3bs5lh4eOnKbsnZB+YQDejlyKpSOqIv0YF/qyP21hF4RsQ2bfwciqaudXBKK7yU xAxohrYr18NLJE743JGJUxcPsY/D2W0DVUWmrUDLHF0LFNXjkeTeX+3G2VXZH06p wn3VABWRAnU90IussXRKH4k30D+WPn2mT6NRU5mDeWEUtThyQ8TM35GEgfp+Zl2h 2s8JwcAU92KfsTzzNlHgHTkmwZkCAwEAAaOCA1owggNWMB8GA1UdIwQYMBaAFGf9 iCAUJ5jHCdIlGbvpURFjdVBiMB0GA1UdDgQWBBT9bxm4J1svRUYNhKOGFh1rbwaM DTArBgNVHREEJDAighAqLnByb3h5MDIuYm5sLmx1gg5wcm94eTAyLmJubC5sdTAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsG A1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9URVJFTkFT U0xDQTMuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vVEVSRU5B U1NMQ0EzLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIB FhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjBuBggrBgEF BQcBAQRiMGAwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTA4 BggrBgEFBQcwAoYsaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL1RFUkVOQVNT TENBMy5jcnQwDAYDVR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFn AHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFt+T/7DAAABAMA RjBEAiBO4EBWjlu1hRc+ekzc0Aw2bZ57xYhTNKL1tnnM46fAgQIgQiBFKod4ad7k PbHp+tI2abqQ85bgpsAbl85tO9FL92IAdgCHdb/nWXz4jEOZX73zbv9WjUdWNv9K tWDBtOr/XqCDDwAAAW35P/uNAAAEAwBHMEUCIQDWR2kCe+ZrQ0Ol27z3GIPVtRw9 FOLp3VEbuR5UZy8u/AIgMUMgJltnyfu9cLioJOvmuAUv3e58a6JcF2s1l1QY+OMA dgBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/0zOWtbaBqAAAAW35P/qcAAAEAwBH MEUCIBet8Q90R2ErPI6HnqkCKSHlL4xtHSjqohKLdCC0bBr4AiEAzXW6Bcq8+eSJ Toekhzdl/CTMKf6kEziTY4FMqq4fIsAwDQYJKoZIhvcNAQELBQADggEBADzd7CCJ 8RLu+Cu6XBD2XaCbgjvmCD4zGUkPrP5PewmAbNp/bGVc2XZNcSlykHDe7JzCB/m3 ++VRv3vcGZYywErfpBiJVZxOm4b+bDctkM55k2gpMkdRa24xpJuoS0U36jIvMb6V Be+RpTvyuodqe8vUcWK1I+wdWnve0e3Kpc+TRpbOR/J+D57AM/QABqU4BF61SHGR jaWVhUX1VGxxlkElJt8j1VcmPhlTn+c1BL5YXxzr6vhIte9WI4vIogUD+kLYFilu ga+EXF+ojPojrqT2tNXAkNuKhDgkMIwrtRBQgDWEs20Ca/4YWwC715vR4Rup5oYp BiRUE/G/26f3QQ4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3sN8vmg5x1qxMCdzstLS INpjuN2gdGAERlPn35QQ6X1eso81lGB9z917Uiv/LOThAOiZc6BJOcCWw4X3kxgG 50ZJUxLishYxcrkN9yFMi77W7dALBPsbbE0k+1Uv1jP1AaLSCei7W+6vHnWN1/Vm pFSKcjKcpo1pu2jDler7M/c6Qfv9SfLl7eO4islQew7ILyOPW8AkYbYirObXllGg wpurquz3elo0XhssiJokLai6P/GUwAkDEFJZUD5l4xCprtzOKG0OJL8gM2oUYanu SzBguqE21Lf9PoY0jgWIxqwUbs5NxJ8nUsbyxLzU0YAWzyGNSSHtbLdY0n0s9T5L kZapD0gRwYLc65c76uVS2tcT4kznRzYIWvZQZFqiX/X24UXbm1dp8srx3e+qL6oq 4TLsEDjccdeOLaJyvCwlTYFQ5t6qRSfMCOUaIvmFxNq4qx9DUI4OhS/6P6gRw3bs 5lh4eOnKbsnZB+YQDejlyKpSOqIv0YF/qyP21hF4RsQ2bfwciqaudXBKK7yUxAxo hrYr18NLJE743JGJUxcPsY/D2W0DVUWmrUDLHF0LFNXjkeTeX+3G2VXZH06pwn3V ABWRAnU90IussXRKH4k30D+WPn2mT6NRU5mDeWEUtThyQ8TM35GEgfp+Zl2h2s8J wcAU92KfsTzzNlHgHTkmwZkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16269981090920699299808684007527875453 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Noord-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amsterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA SSL CA 3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-23 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-10-27 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'LU' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Luxembourg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bibliothèque nationale de Luxembourg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.proxy02.bnl.lu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 908796289834002816419564836672266867668607087854159245152840593176880818148154360203246359980522670413297955923053595100321766761232504170390577085810210700514964034834749082356817474747717909405307977376044324526999051636856905047754325593430959229163143846314366270056555690980439654835880521043690842608061715023964805383484023349921843652344641762781975465865825355597744695791861164191867595421151164810813583689964486556133931987273541053295634033859730051016402434436011659211928065843926683961237565530179674515279208663644588457029967384436148309905381086130430797597788416073553555378330355669798294776341402436733237972507704321854451772159282103432778023196823804228413336954443090632112147144854916476532566353129279162031749479187675810302749720472919623075830196417132628967033702823522754925102907762145399935096811331407280369470358026988849486078145278314827652360372454386333937736754890634972041422715403901279211195341054372028531122136205638905310875728761262192279960044772587357061422713388556827684360897633942692677657246998397641214672838906937502238793526297741392146738134546044334701767969257788013165898216846098428289858035287786878245203492217299983213934731281977687940289987172464257666244757864857 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 67fd8820142798c709d22519bbe9511163755062 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fd6f19b8275b2f45460d84a386161d6b6f068c0d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.proxy02.bnl.lu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'proxy02.bnl.lu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/TERENASSLCA3.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/TERENASSLCA3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (98 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/TERENASSLCA3.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016df93ffb0c000004030046304402204ee040568e5bb585173e7a4cdcd00c366d9e7bc5885334a2f5b679cce3a7c08102204220452a877869dee43db1e9fad23669ba90f396e0a6c01b97ce6d3bd14bf7620076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016df93ffb8d0000040300473045022100d64769027be66b4343a5dbbcf71883d5b51c3d14e2e9dd511bb91e54672f2efc0220314320265b67c9fbbd70b8a824ebe6b8052fddee7c6ba25c176b35975418f8e30076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016df93ffa9c0000040300473045022017adf10f7447612b3c8e879ea9022921e52f8c6d1d28eaa2128b7420b46c1af8022100cd75ba05cabcf9e4894e87a4873765fc24cc29fea413389363814caaae1f22c0 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003cddec2089f112eef82bba5c10f65da09b823be6083e3319490facfe4f7b09806cda7f6c655cd9764d7129729070deec9cc207f9b7fbe551bf7bdc199632c04adfa41889559c4e9b86fe6c372d90ce799368293247516b6e31a49ba84b4537ea322f31be9505ef91a53bf2ba876a7bcbd47162b523ec1d5a7bded1edcaa5cf934696ce47f27e0f9ec033f40006a538045eb54871918da5958545f5546c7196412526df23d557263e19539fe73504be585f1cebeaf848b5ef56238bc8a20503fa42d816296e81af845c5fa88cfa23aea4f6b4d5c090db8a843824308c2bb51050803584b36d026bfe185b00bbd79bd1e11ba9e6862906245413f1bfdba7f7410e