hbca.client.just.fgov.be
- Federale Overheidsdienst Justitie -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number e2:be:d0:b0:6d:15:2c:bd:db:19:d4:8c:e2:29:ff:ed was issued on by GEANT Vereniging.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Federale Overheidsdienst Justitie
Organization:
Federale Overheidsdienst Justitie
State / Province:
Brussels Hoofdstedelijk Gewest
Country: BE
Country: BE
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): e2:be:d0:b0:6d:15:2c:bd:db:19:d4:8c:e2:29:ff:edSerial Number (int): 301396296169626231382739066987355963373
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 1b:e8:db:72:98:4a:71:50:f7:97:80:cd:5c:c7:e6:2c:6b:b6:f3:7c
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): 96:aa:48:f5:cf:df:0b:0a:b6:f1:d2:29:95:d6:86:af:9a:aa:04:c3
Fingerprint (sha256): 04:69:0d:13:4d:ec:7e:2c:6a:0b:93:97:8e:dc:ef:1c:0e:3e:b6:fe:57:bf:53:6b:07:a3:52:57:85:a3:51:88
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate hbca.client.just.fgov.be
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for hbca.client.just.fgov.be
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
hbca.client.just.fgov.be
www.hbca.client.just.fgov.be
www.hbca.client.just.fgov.be
Other certificates including the domain name fgov.be
(limited to 100 certificates)
kruispuntbank.fgov.be
eservices.minfin.fgov.be
dabs-acc.ext.wss.just.fgov.be
bpp.economie.fgov.be
www.business.belgium.be
minfin.be
eolf.economie.fgov.be
cap.mobilit.fgov.be
wwwacc.capac-hvw.fgov.be
ilite.wss.just.fgov.be
air.mobilit.fgov.be
justsignal-acc.client.just.fgov.be
www.rsvz.fgov.be
webdwtc01.rrn.fgov.be
jft-acc.wss.just.fgov.be
www.capac-hvw.fgov.be
www.incc.fgov.be
sdvampf001.intra.just.fgov.be
spvwebtpi001.intra.just.fgov.be
webdwtc01.rrn.fgov.be
portal.health.fgov.be
HVB-Liege.just.fgov.be
apptst.riziv.fgov.be
moncomptedevacances.be
*.ehealth-09.paas.cloud.ehealth.fgov.be
www.ehealth.fgov.be
natgw-eessi.ksz-bcss.fgov.be
wahlen.fgov.be
c-b2b.SPFETCS-FODWASO.fgov.be
www.likiv.fgov.be
www.capac-hvw.fgov.be
appsoc.caami-hziv.fgov.be
bibforum.fgov.be
*.statbel.fgov.be
appsoc.caami-hziv.fgov.be
ccff02.minfin.fgov.be
handicap.belgium.be
news.sfpd.fgov.be
ede.onssrszlss.fgov.be
hbca.client.just.fgov.be
savdiv000.intra.just.fgov.be
eucertificates.economie.fgov.be
handicap.belgium.be
residencepalace.be
archi.ccecrb.fgov.be
auth-signing.sigedis.fgov.be
premier.be
www.mybenefits.fgov.be
auth.minfin.fgov.be
www.rsvz.be
vsp.smals.be
forfaitdebase.economie.fgov.be
login.dev.mobilit.fgov.be
mailings.ibz.fgov.be
FODJ-STS-Token-Signing-2018.just.fgov.be
bel1fedlaeaacc01.fed.oncsfm.com
meldpunt.belgie.be
ibz.be
telework.just.fgov.be
circa.health.fgov.be
PAUTH.riziv.fgov.be
e.koba.be
accreditation-new.belgium.be
b2b-tst.rsvz-inasti.fgov.be
stvjira000.intra.just.fgov.be
spvnpsradius001.intra.just.fgov.be
auth.meta.fgov.be
ede.onssrszlss.fgov.be
emm.rrn.fgov.be
*.vpn2.fanc.fgov.be
kce.fgov.be
savelasticb000.intra.just.fgov.be
appsoc.caami-hziv.fgov.be
rsvz-inasti.fgov.be
adldsacc.integration.just.fgov.be
spvxwiki000.intra.just.fgov.be
bgcturn.intra.just.fgov.be
biblio.intra.just.fgov.be
arttiepe.intra.just.fgov.be
www.sigedis.fgov.be
fgov.be
www.riziv.fgov.be
savsdstatbe000.intra.just.fgov.be
viewportal.integration.just.fgov.be
www.decroo.belgie.be
bel1fedlaeaacc01.fed.oncsfm.com
www.capac-hvw.fgov.be
HVB-Mons-test.just.fgov.be
nrmobility.mobilit.fgov.be
infradocs.just.fgov.be
ccff02.minfin.fgov.be
test.ehealthplatform.info
www.caami-hziv.fgov.be
ibz.be
acc-cjcsr.just.fgov.be
www.webapp.rrn.fgov.be
*.apps-acc.mobilit.fgov.be
casfactory-dev.intra.just.fgov.be
enigloket.acc.mobilit.fgov.be
DAC-X3.rsvz-inasti.fgov.be
eservices.minfin.fgov.be
dabs-acc.ext.wss.just.fgov.be
bpp.economie.fgov.be
www.business.belgium.be
minfin.be
eolf.economie.fgov.be
cap.mobilit.fgov.be
wwwacc.capac-hvw.fgov.be
ilite.wss.just.fgov.be
air.mobilit.fgov.be
justsignal-acc.client.just.fgov.be
www.rsvz.fgov.be
webdwtc01.rrn.fgov.be
jft-acc.wss.just.fgov.be
www.capac-hvw.fgov.be
www.incc.fgov.be
sdvampf001.intra.just.fgov.be
spvwebtpi001.intra.just.fgov.be
webdwtc01.rrn.fgov.be
portal.health.fgov.be
HVB-Liege.just.fgov.be
apptst.riziv.fgov.be
moncomptedevacances.be
*.ehealth-09.paas.cloud.ehealth.fgov.be
www.ehealth.fgov.be
natgw-eessi.ksz-bcss.fgov.be
wahlen.fgov.be
c-b2b.SPFETCS-FODWASO.fgov.be
www.likiv.fgov.be
www.capac-hvw.fgov.be
appsoc.caami-hziv.fgov.be
bibforum.fgov.be
*.statbel.fgov.be
appsoc.caami-hziv.fgov.be
ccff02.minfin.fgov.be
handicap.belgium.be
news.sfpd.fgov.be
ede.onssrszlss.fgov.be
hbca.client.just.fgov.be
savdiv000.intra.just.fgov.be
eucertificates.economie.fgov.be
handicap.belgium.be
residencepalace.be
archi.ccecrb.fgov.be
auth-signing.sigedis.fgov.be
premier.be
www.mybenefits.fgov.be
auth.minfin.fgov.be
www.rsvz.be
vsp.smals.be
forfaitdebase.economie.fgov.be
login.dev.mobilit.fgov.be
mailings.ibz.fgov.be
FODJ-STS-Token-Signing-2018.just.fgov.be
bel1fedlaeaacc01.fed.oncsfm.com
meldpunt.belgie.be
ibz.be
telework.just.fgov.be
circa.health.fgov.be
PAUTH.riziv.fgov.be
e.koba.be
accreditation-new.belgium.be
b2b-tst.rsvz-inasti.fgov.be
stvjira000.intra.just.fgov.be
spvnpsradius001.intra.just.fgov.be
auth.meta.fgov.be
ede.onssrszlss.fgov.be
emm.rrn.fgov.be
*.vpn2.fanc.fgov.be
kce.fgov.be
savelasticb000.intra.just.fgov.be
appsoc.caami-hziv.fgov.be
rsvz-inasti.fgov.be
adldsacc.integration.just.fgov.be
spvxwiki000.intra.just.fgov.be
bgcturn.intra.just.fgov.be
biblio.intra.just.fgov.be
arttiepe.intra.just.fgov.be
www.sigedis.fgov.be
fgov.be
www.riziv.fgov.be
savsdstatbe000.intra.just.fgov.be
viewportal.integration.just.fgov.be
www.decroo.belgie.be
bel1fedlaeaacc01.fed.oncsfm.com
www.capac-hvw.fgov.be
HVB-Mons-test.just.fgov.be
nrmobility.mobilit.fgov.be
infradocs.just.fgov.be
ccff02.minfin.fgov.be
test.ehealthplatform.info
www.caami-hziv.fgov.be
ibz.be
acc-cjcsr.just.fgov.be
www.webapp.rrn.fgov.be
*.apps-acc.mobilit.fgov.be
casfactory-dev.intra.just.fgov.be
enigloket.acc.mobilit.fgov.be
DAC-X3.rsvz-inasti.fgov.be
Certificate
The complete raw certificate details for hbca.client.just.fgov.be in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIoTCCBomgAwIBAgIRAOK+0LBtFSy92xnUjOIp/+0wDQYJKoZIhvcNAQEMBQAw RDELMAkGA1UEBhMCTkwxGTAXBgNVBAoTEEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNV BAMTEUdFQU5UIE9WIFJTQSBDQSA0MB4XDTIyMDUxMDAwMDAwMFoXDTIzMDUxMDIz NTk1OVowgYUxCzAJBgNVBAYTAkJFMScwJQYDVQQIEx5CcnVzc2VscyBIb29mZHN0 ZWRlbGlqayBHZXdlc3QxKjAoBgNVBAoTIUZlZGVyYWxlIE92ZXJoZWlkc2RpZW5z dCBKdXN0aXRpZTEhMB8GA1UEAxMYaGJjYS5jbGllbnQuanVzdC5mZ292LmJlMIIC IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0a3PES3xlxKG1PphKTi2X7pu Em4KnudtIV/DIfsuQhTXE7GhK4mZSq3xgOfCwadeyDBkt4/DGukma8sXeRy3Sz/k RuOZ8oHfQfNyw4HlMNTErcPoCXZVD6hKkIzwaMlubhmUf+pBBe13paGtWSu1DK0H INipSDn24XgcBDiC2MYwL/HDZGWBoeL2vFClBXCoFBXBBh2JKxJ1q+mj+EbhVu0N /ROLwv0/upn05+ZeuD5YUVpYFUeNRowvvk1Tbgh+hfsWn6yJryShkMg2+TXkC6FP BSZirSVyv9Q9OnSmi52pLOV65JUe4uPbKm6uOxvdRJjGpLXeneNtjiAgMDuriJYa RCpEXp0765MHsX+OvjSoQF1L28ZKAo53VMAvlPaUtkCKNPtzo5oOfUZHRaMAsmU+ lTXKLcWkK4yCylFyQsXusksZWD0mGay22K95UXyU/wfMC6rCzn6IsYFwOTMY35gU Z5wnWInSCFi5U4xp3Nlc2gqFkb5ryAfohIzNkzI+lDyEY1TP/y27m8IMV5eknIYR XeKxR/E1rm+UC9QG5t4B00Vl7zcE5LsRU/iRyYCU9ijaH1WjkOHwzPDiPRggqufv Mpsl7AZOV9v+hJHli6MXXyYUWPlc/IuNuu/oy5agboHCrHyXuxhtPkytlcpTT0mp Vl0FLrmYK3LEiiuwFikCAwEAAaOCA0owggNGMB8GA1UdIwQYMBaAFG8dNUkQbDL6 WaCevIroH5W+cXoMMB0GA1UdDgQWBBQb6NtymEpxUPeXgM1cx+Ysa7bzfDAOBgNV HQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICTzAlMCMGCCsGAQUFBwIB FhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIwPwYDVR0fBDgwNjA0 oDKgMIYuaHR0cDovL0dFQU5ULmNybC5zZWN0aWdvLmNvbS9HRUFOVE9WUlNBQ0E0 LmNybDB1BggrBgEFBQcBAQRpMGcwOgYIKwYBBQUHMAKGLmh0dHA6Ly9HRUFOVC5j cnQuc2VjdGlnby5jb20vR0VBTlRPVlJTQUNBNC5jcnQwKQYIKwYBBQUHMAGGHWh0 dHA6Ly9HRUFOVC5vY3NwLnNlY3RpZ28uY29tMEEGA1UdEQQ6MDiCGGhiY2EuY2xp ZW50Lmp1c3QuZmdvdi5iZYIcd3d3LmhiY2EuY2xpZW50Lmp1c3QuZmdvdi5iZTCC AX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHcArfe++nz/EMiLnT2cHj4YarRnKV3P sQwkyoWGNOvcgooAAAGArSzRJQAABAMASDBGAiEA51f+p3brU6FcnVSFGWb+Id6G ZIONWvjGTosQtPoqmd4CIQDNkrpD1HMa/46NKyDq24sFhRWp8ggSoR5BTxGvsb1B ZQB1AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABgK0s0PMAAAQD AEYwRAIgN68Q5OETT61rlcpp+eVppwB2A8Ze4gabhJp00ODdzzACIGDOKX59PUzB Kxgiop1agLo+TQkpwaG92g6FfI/najrQAHcA6D7Q2j71BjUy51covIlryQPTy9ER a+zraeF3fW0GvW4AAAGArSzQuwAABAMASDBGAiEAqpskH5dzM6zjGWOulByodoYw ZruGsy/sdZb2GA0eCKICIQCdmp9/NYXGq6q3A4semh5FdhvM91Hl0rkrEO9YubUe pTANBgkqhkiG9w0BAQwFAAOCAgEAfTWngLzwzTnPG4IJDtPiDs4IhnPXebk7BnSF nY386HU8U8+EJ5l/qYqltADiSNGb//Xcgh0k459uWIvG4D5QyNHnrITIZQJIYKEp ZbLYZfRZPFordqQ8VqSM16eRixWnpdlk8CYq19oUN7GSAgRd2wbOsZCUZ76W8Iof kgltNuLXWxZgaSLzvUv3vKZfbPrTAor1L0iXzJdGXzKPN+P3QIxoglhc5vTJzPan qSzvOtCrmHy3bDwWzXhMMms0Qe2Oa9dHCaCtB8wnR1A4Hb3MO3p1ELu1ZSemYOg0 t+es803oMd8pK7b1yna9fu6yMxW9QsdRXg1fuASnhIZ8px/k0k8EVY6/ethrZ79r 6JZzxNRUBJB08hOCbKTKsxc92apHZ6SY4omr+laEu+h0C1vAZF2yHqi6caKxmgZR jBxGFIsrT0+4uFBkHCFOoqc08cJoK9Jc/3XcfjnnAIuAxQEtKcSCgTZqMGrLcw1O 8BNVVyEnLH6N+AGIizLYBrbC2IubqhKX6C9gcU8KDVv1/HIQ8pU+CsCxUGIezKJP 6NkS/cY8KAV1soj15Mek981f7t+1c+n15wwriQroTq1GZjPtzam6ZbCk639d+uws 6GRBrM1WU2doc2f4krzy5mpLrqQBOZnsLymTEDZxhzRVZU6ukS7+9UzlGFUdw0T0 bYLNrFk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0a3PES3xlxKG1PphKTi2 X7puEm4KnudtIV/DIfsuQhTXE7GhK4mZSq3xgOfCwadeyDBkt4/DGukma8sXeRy3 Sz/kRuOZ8oHfQfNyw4HlMNTErcPoCXZVD6hKkIzwaMlubhmUf+pBBe13paGtWSu1 DK0HINipSDn24XgcBDiC2MYwL/HDZGWBoeL2vFClBXCoFBXBBh2JKxJ1q+mj+Ebh Vu0N/ROLwv0/upn05+ZeuD5YUVpYFUeNRowvvk1Tbgh+hfsWn6yJryShkMg2+TXk C6FPBSZirSVyv9Q9OnSmi52pLOV65JUe4uPbKm6uOxvdRJjGpLXeneNtjiAgMDur iJYaRCpEXp0765MHsX+OvjSoQF1L28ZKAo53VMAvlPaUtkCKNPtzo5oOfUZHRaMA smU+lTXKLcWkK4yCylFyQsXusksZWD0mGay22K95UXyU/wfMC6rCzn6IsYFwOTMY 35gUZ5wnWInSCFi5U4xp3Nlc2gqFkb5ryAfohIzNkzI+lDyEY1TP/y27m8IMV5ek nIYRXeKxR/E1rm+UC9QG5t4B00Vl7zcE5LsRU/iRyYCU9ijaH1WjkOHwzPDiPRgg qufvMpsl7AZOV9v+hJHli6MXXyYUWPlc/IuNuu/oy5agboHCrHyXuxhtPkytlcpT T0mpVl0FLrmYK3LEiiuwFikCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 301396296169626231382739066987355963373 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-05-10 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-10 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Brussels Hoofdstedelijk Gewest' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Federale Overheidsdienst Justitie' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hbca.client.just.fgov.be' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 855415447200160932518037772044626319050463115542301905626366548163556757149413856097460349920602672143878417020680858766138692349161624264536250836528252388660765243139277678947606897361952130946431207521111346660982850802772273597915905159825977719536326115156386029672357761765616924468938461375716577017039877400229929089746440550553026534731485032140185154246652695049710813300313314931805170381325364575418136015468467116961601555653725068613382266439422846855697777095972190811922841371632281335210059337489284616458197563311046230126431677277766300381335237660211148222332758478149563031409463684082233267815186490007300149046229825295922755196295560607030582381775299517483878320190159539255070933894844428831046347969221503546694159333440912363301705118504692844124315705123833282825060694863107566607029224488731583854375979146624208361402537830961967770429366634160808526076037362280662139217284323273042275069203682527361723604010250039057138875942462897008243217985539068829553455033256654608259611349093951477506064491075378264607079235958257661490183535383319054820851548393581123029155695636423559125574102736314206893923332670176664701360486883712099753205701876816579048884364587420861600899200943925837174506788393 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1be8db72984a7150f79780cd5cc7e62c6bb6f37c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hbca.client.just.fgov.be' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hbca.client.just.fgov.be' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000180ad2cd1250000040300483046022100e757fea776eb53a15c9d54851966fe21de8664838d5af8c64e8b10b4fa2a99de022100cd92ba43d4731aff8e8d2b20eadb8b058515a9f20812a11e414f11afb1bd41650075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000180ad2cd0f30000040300463044022037af10e4e1134fad6b95ca69f9e569a7007603c65ee2069b849a74d0e0ddcf30022060ce297e7d3d4cc12b1822a29d5a80ba3e4d0929c1a1bdda0e857c8fe76a3ad0007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000180ad2cd0bb0000040300483046022100aa9b241f977333ace31963ae941ca876863066bb86b32fec7596f6180d1e08a20221009d9a9f7f3585c6abaab7038b1e9a1e45761bccf751e5d2b92b10ef58b9b51ea5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 007d35a780bcf0cd39cf1b82090ed3e20ece088673d779b93b0674859d8dfce8753c53cf8427997fa98aa5b400e248d19bfff5dc821d24e39f6e588bc6e03e50c8d1e7ac84c865024860a12965b2d865f4593c5a2b76a43c56a48cd7a7918b15a7a5d964f0262ad7da1437b19202045ddb06ceb1909467be96f08a1f92096d36e2d75b16606922f3bd4bf7bca65f6cfad3028af52f4897cc97465f328f37e3f7408c6882585ce6f4c9ccf6a7a92cef3ad0ab987cb76c3c16cd784c326b3441ed8e6bd74709a0ad07cc274750381dbdcc3b7a7510bbb56527a660e834b7e7acf34de831df292bb6f5ca76bd7eeeb23315bd42c7515e0d5fb804a784867ca71fe4d24f04558ebf7ad86b67bf6be89673c4d454049074f213826ca4cab3173dd9aa4767a498e289abfa5684bbe8740b5bc0645db21ea8ba71a2b19a06518c1c46148b2b4f4fb8b850641c214ea2a734f1c2682bd25cff75dc7e39e7008b80c5012d29c48281366a306acb730d4ef013555721272c7e8df801888b32d806b6c2d88b9baa1297e82f60714f0a0d5bf5fc7210f2953e0ac0b150621ecca24fe8d912fdc63c280575b288f5e4c7a4f7cd5feedfb573e9f5e70c2b890ae84ead466633edcda9ba65b0a4eb7f5dfaec2ce86441accd565367687367f892bcf2e66a4baea4013999ec2f2993103671873455654eae912efef54ce518551dc344f46d82cdac59