ncio.nato.int
- NATO -
Issued by GlobalSign RSA OV SSL CA 2018
About this certificate
This digital certificate with serial number 64:bf:f3:4d:63:b7:28:5f:0d:ee:09:18 was issued on by GlobalSign nv-sa.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
NATO
Organization:
NATO
State / Province:
Brussels
Locality: Brussels
Country: BE
Locality: Brussels
Country: BE
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate will expire on
Certificate Details
Serial Number (hex): 64:bf:f3:4d:63:b7:28:5f:0d:ee:09:18Serial Number (int): 31180554776320788163483011352
Serial Number lenght: 95 bits, 12 octets
SubjectKeyId: 9f:c9:10:b0:c2:91:fc:32:d7:5e:2e:3d:4b:ad:dc:39:67:b0:1d:ba
AuthorityKeyId: f8:ef:7f:f2:cd:78:67:a8:de:6f:8f:24:8d:88:f1:87:03:02:b3:eb
Fingerprint (sha1): 5b:4e:21:05:4c:69:79:31:05:c4:f0:e3:de:39:96:38:8b:b6:c3:af
Fingerprint (sha256): 04:75:04:e8:e3:f8:59:68:ba:d6:3d:cc:22:b8:b2:27:e0:5f:10:bf:3c:65:3c:c0:f7:de:72:d2:c2:68:63:b8
Issuing Certificate URL: http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt
Revocation information
OCSP Server: http://ocsp.globalsign.com/gsrsaovsslca2018CRL Distribution Point: http://crl.globalsign.com/gsrsaovsslca2018.crl
Check the revocation status for certificate ncio.nato.int
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ncio.nato.int
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ncio.nato.int
Other certificates including the domain name nato.int
(limited to 100 certificates)
shared.napma.nato.int
meet.nahema.nato.int
ims.nato.int
npc.ncia.nato.int
www.natoschool.nato.int
*.nc3a.nato.int
www.nato.int
extranet.napma.nato.int
extranet.napma.nato.int
ap.ndc.nato.int
ncia.nato.int
apx.ndc.nato.int
elearning.natoschool.nato.int
*.ncia.nato.int
mail.cmre.nato.int
ndcmail.ndc.nato.int
www.asc.nato.int
awds.ndc.nato.int
mdm.napma.nato.int
mail.hrf.tr.nato.int
verity.hq.nato.int
extranet.napma.nato.int
ism.hq.nato.int
captiveportal.nahema.nato.int
msiac.nato.int
guest.napma.nato.int
gss.ncia.nato.int
servicedesk.thwaites.co.uk
ssc.nato.int
ncio.nato.int
dnbl.ncia.nato.int
acquia-sites.com
coi.nato.int
*.nc3a.nato.int
cmre.nato.int
itsupport.valeosnackfoods.com
www.ncia.nato.int
iocore.ivv.ncia.nato.int
www.nspa.nato.int
dnbl.ncia.nato.int
shared.napma.nato.int
awacs.nato.int
*.nacc.nato.int
*.ims.nato.int
redirect.napma.nato.int
nexus.dev.nato.int
acquia-sites.com
iocore-cwix.ivv.ncia.nato.int
*.nciss.nato.int
*.reach.nato.int
acquia-sites.com
emm.hq.nato.int
lldb.jallc.nato.int
apx.ndc.nato.int
ndccds.ndc.nato.int
apy.ndc.nato.int
www.ssc.nato.int
guest.napma.nato.int
sts.reach.nato.int
meet.nahema.nato.int
NSOVPN.natoschool.nato.int
ndccds.ndc.nato.int
skypeaccess.shape.nato.int
labs.academy.ncia.nato.int
shared.napma.nato.int
dev.nato.int
www.ssc.nato.int
amdc2-iss.ncia.nato.int
mail.cmre.nato.int
e-isaf.act.nato.int
*.nshq.nato.int
mdm.napma.nato.int
servicedesk.usspeaking.com
webmail.pia.nato.int
acquia-sites.com
diana.nato.int
jftc.nato.int
ticketing.alphamead.com
selfservice.act.nato.int
verity.hq.nato.int
acquia-sites.com
gp.csp.nato.int
mobile.pan.nato.int
meet.nahema.nato.int
redirect.napma.nato.int
acquia-sites.com
napma.nato.int
msiac.nato.int
extranet.napma.nato.int
extranet.napma.nato.int
guest.napma.nato.int
webmail.cmre.nato.int
haivision.hq.nato.int
*.ndss.nato.int
ssc.nato.int
www.msiac.nato.int
ithelpdesk.dccoilireland.com
servicedesk.thwaites.co.uk
eportal.nspa.nato.int
www.nspa.nato.int
meet.nahema.nato.int
ims.nato.int
npc.ncia.nato.int
www.natoschool.nato.int
*.nc3a.nato.int
www.nato.int
extranet.napma.nato.int
extranet.napma.nato.int
ap.ndc.nato.int
ncia.nato.int
apx.ndc.nato.int
elearning.natoschool.nato.int
*.ncia.nato.int
mail.cmre.nato.int
ndcmail.ndc.nato.int
www.asc.nato.int
awds.ndc.nato.int
mdm.napma.nato.int
mail.hrf.tr.nato.int
verity.hq.nato.int
extranet.napma.nato.int
ism.hq.nato.int
captiveportal.nahema.nato.int
msiac.nato.int
guest.napma.nato.int
gss.ncia.nato.int
servicedesk.thwaites.co.uk
ssc.nato.int
ncio.nato.int
dnbl.ncia.nato.int
acquia-sites.com
coi.nato.int
*.nc3a.nato.int
cmre.nato.int
itsupport.valeosnackfoods.com
www.ncia.nato.int
iocore.ivv.ncia.nato.int
www.nspa.nato.int
dnbl.ncia.nato.int
shared.napma.nato.int
awacs.nato.int
*.nacc.nato.int
*.ims.nato.int
redirect.napma.nato.int
nexus.dev.nato.int
acquia-sites.com
iocore-cwix.ivv.ncia.nato.int
*.nciss.nato.int
*.reach.nato.int
acquia-sites.com
emm.hq.nato.int
lldb.jallc.nato.int
apx.ndc.nato.int
ndccds.ndc.nato.int
apy.ndc.nato.int
www.ssc.nato.int
guest.napma.nato.int
sts.reach.nato.int
meet.nahema.nato.int
NSOVPN.natoschool.nato.int
ndccds.ndc.nato.int
skypeaccess.shape.nato.int
labs.academy.ncia.nato.int
shared.napma.nato.int
dev.nato.int
www.ssc.nato.int
amdc2-iss.ncia.nato.int
mail.cmre.nato.int
e-isaf.act.nato.int
*.nshq.nato.int
mdm.napma.nato.int
servicedesk.usspeaking.com
webmail.pia.nato.int
acquia-sites.com
diana.nato.int
jftc.nato.int
ticketing.alphamead.com
selfservice.act.nato.int
verity.hq.nato.int
acquia-sites.com
gp.csp.nato.int
mobile.pan.nato.int
meet.nahema.nato.int
redirect.napma.nato.int
acquia-sites.com
napma.nato.int
msiac.nato.int
extranet.napma.nato.int
extranet.napma.nato.int
guest.napma.nato.int
webmail.cmre.nato.int
haivision.hq.nato.int
*.ndss.nato.int
ssc.nato.int
www.msiac.nato.int
ithelpdesk.dccoilireland.com
servicedesk.thwaites.co.uk
eportal.nspa.nato.int
www.nspa.nato.int
Certificate
The complete raw certificate details for ncio.nato.int in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgIMZL/zTWO3KF8N7gkYMA0GCSqGSIb3DQEBCwUAMFAxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSYwJAYDVQQDEx1H bG9iYWxTaWduIFJTQSBPViBTU0wgQ0EgMjAxODAeFw0yNDA2MDcwOTExMDVaFw0y NTA3MDkwOTExMDRaMFoxCzAJBgNVBAYTAkJFMREwDwYDVQQIEwhCcnVzc2VsczER MA8GA1UEBxMIQnJ1c3NlbHMxDTALBgNVBAoTBE5BVE8xFjAUBgNVBAMTDW5jaW8u bmF0by5pbnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV5m93Wt0Q O5Dl23wKljrKwDSUM3zIjRXGyL3LvkecyODPFq7Ip1xJpG0It4w/gElatXT+oPMe nPmM8xbuDTMiQsxj+i3dE0+wp1JEUAMErgWG+j8nmMbuIME80pCiMXpdxorWfFV+ vs3Bcx9jhPNMXqfIIZGuB+0vPHgppLyVuOCxGXGuBPqqxbKRhJTeItp7IsKvzXCp nmv+SVRnbaXy6MGdjBPpUGtBH8i2eyBqnlWphK28kHENX8WHzDkBaD5tiojPJ5xy BYTG1RK2029nB+mv4Q8zmm5oR5gouBRLH5He5rX/vtSTZV6opA5pM9IkZq5NkGTO 1HtVHjCRlGilAgMBAAGjggHaMIIB1jAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/ BAIwADCBjgYIKwYBBQUHAQEEgYEwfzBEBggrBgEFBQcwAoY4aHR0cDovL3NlY3Vy ZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvZ3Nyc2FvdnNzbGNhMjAxOC5jcnQwNwYI KwYBBQUHMAGGK2h0dHA6Ly9vY3NwLmdsb2JhbHNpZ24uY29tL2dzcnNhb3Zzc2xj YTIwMTgwVgYDVR0gBE8wTTBBBgkrBgEEAaAyARQwNDAyBggrBgEFBQcCARYmaHR0 cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQICMD8G A1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3Nyc2Fv dnNzbGNhMjAxOC5jcmwwGAYDVR0RBBEwD4INbmNpby5uYXRvLmludDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAU+O9/8s14Z6jeb48k jYjxhwMCs+swHQYDVR0OBBYEFJ/JELDCkfwy114uPUut3DlnsB26MBMGCisGAQQB 1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAX+6zou3rT3aT3OUGazTFd jvj4nIrf7ZC4ao/xXzaguIFoIjhQAvvDtyU1bvm9lVsLIL0cIy3ZHYz44quInLv2 k4sHIFLgNRRIlnEyKMi6djho6GljA9KWAj84V4PJVi3zsuyr9TQ9o4kitg5l2cLX lF5CchxlabNQpGmdN7Dt6zG/XN1/PjfKr0+2+44lf0bSlMtukgkNYjEI9GQ8yrjR ZOUbH3zTYTucZXkqD0PIFqDin93mnFWnXjqzDJ18ADbM/cqcGU8tEA16nbsdAUWL jdH2o8hUtVcF3LB2EA3/ub260I8IhmdXuFAZ7uxf7eRcs1E95CXSsOTnr/rWi08A -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleZvd1rdEDuQ5dt8CpY6 ysA0lDN8yI0Vxsi9y75HnMjgzxauyKdcSaRtCLeMP4BJWrV0/qDzHpz5jPMW7g0z IkLMY/ot3RNPsKdSRFADBK4Fhvo/J5jG7iDBPNKQojF6XcaK1nxVfr7NwXMfY4Tz TF6nyCGRrgftLzx4KaS8lbjgsRlxrgT6qsWykYSU3iLaeyLCr81wqZ5r/klUZ22l 8ujBnYwT6VBrQR/Itnsgap5VqYStvJBxDV/Fh8w5AWg+bYqIzyeccgWExtUSttNv Zwfpr+EPM5puaEeYKLgUSx+R3ua1/77Uk2VeqKQOaTPSJGauTZBkztR7VR4wkZRo pQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 31180554776320788163483011352 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign RSA OV SSL CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-07 09:11:05 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-09 09:11:04 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Brussels' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Brussels' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NATO' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ncio.nato.int' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18923139378180728117716196112747172440321322347301040012721982892532413013453950687551861561315471289272087368945788735471367195743309379245716430623948789876755641801115898819784233654246814305303243743685034430886336945960884404617075845939087508260871035168799840809485932324572478784872113534403327712161314379622727532489707568741252311652405940415108509822552085091196753310239024191589590535006784716306120234416632012794989782821969023985925350636354487943791081490631091720133472025977735202401517837630544916806590688881436392773218806942465452672602347751049560322191495113826369933922193452921382010906789 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.globalsign.com/gsrsaovsslca2018' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gsrsaovsslca2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ncio.nato.int' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f8ef7ff2cd7867a8de6f8f248d88f1870302b3eb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9fc910b0c291fc32d75e2e3d4baddc3967b01dba . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0017fbace8bb7ad3dda4f739419acd315d8ef8f89c8adfed90b86a8ff15f36a0b8816822385002fbc3b725356ef9bd955b0b20bd1c232dd91d8cf8e2ab889cbbf6938b072052e035144896713228c8ba763868e8696303d296023f385783c9562df3b2ecabf5343da38922b60e65d9c2d7945e42721c6569b350a4699d37b0edeb31bf5cdd7f3e37caaf4fb6fb8e257f46d294cb6e92090d623108f4643ccab8d164e51b1f7cd3613b9c65792a0f43c816a0e29fdde69c55a75e3ab30c9d7c0036ccfdca9c194f2d100d7a9dbb1d01458b8dd1f6a3c854b55705dcb076100dffb9bdbad08f08866757b85019eeec5fede45cb3513de425d2b0e4e7affad68b4f00