usis.leidenuniv.nl
- Universiteit Leiden -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number fe:da:e9:a4:6a:a0:32:be:76:5d:96:ef:14:2e:b3:54 was issued on by GEANT Vereniging.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Universiteit Leiden
Organization:
Universiteit Leiden
State / Province:
Zuid-Holland
Country: NL
Country: NL
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): fe:da:e9:a4:6a:a0:32:be:76:5d:96:ef:14:2e:b3:54Serial Number (int): 338760570472384606123082361224479814484
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: d6:fd:47:10:e7:5f:74:a7:a2:05:34:cb:50:51:ee:39:d2:31:00:67
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): 61:5f:be:a0:d7:c1:db:82:9f:5a:7f:93:0e:72:7a:86:cd:2f:1c:4c
Fingerprint (sha256): 06:3f:66:41:ad:5b:5f:90:2f:99:8c:1b:00:93:7a:be:03:59:cb:1b:59:48:a5:ec:94:33:d3:e8:3c:a4:71:83
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate usis.leidenuniv.nl
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for usis.leidenuniv.nl
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
usis.leidenuniv.nl
Other certificates including the domain name leidenuniv.nl
(limited to 100 certificates)
web2print.leidenuniv.nl
nmr.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
leidenlawblog.nl
scharrelaar-p1.leidenuniv.nl
cas.physics.leidenuniv.nl
ppsn2020.liacs.leidenuniv.nl
datamining.liacs.leidenuniv.nl
issc.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
lucris.leidenuniv.nl
celspin-p.issc.leidenuniv.nl
foreman-develop.infra.leidenuniv.nl
leidenuniv.nl
SALMS01.leidenuniv.nl
director1-dev.srvtest.leidenuniv.nl
uaccess.leidenuniv.nl
jira.issc.leidenuniv.nl
prosobab.leidenuniv.nl
scriptiebeoordeling-hum.leidenuniv.nl
www.math.leidenuniv.nl
Planon-BenO-t.leidenuniv.nl
login.uaccess.leidenuniv.nl
vrops-cluster.luci.leidenuniv.nl
issc.leidenuniv.nl
noah.backup.leidenuniv.nl
u-ldap-dev.srvtest.leidenuniv.nl
p-luci-001131.infra.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
socrates.leidenuniv.nl
uaccess.leidenuniv.nl
tornado-a-https.web.leidenuniv.nl
leidenuniv.nl
lacdrvirtuallab-qa.leidenuniv.nl
sapgax.issc.leidenuniv.nl
vg5.strw.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
avior.math.leidenuniv.nl
blackboardstaging.leidenuniv.nl
usis.leidenuniv.nl
strwmail.strw.leidenuniv.nl
sapeca.leidenuniv.nl
phdcareerplatform.universiteitleiden.nl
u-tools.srvtest.leidenuniv.nl
aristotle.leidenuniv.nl
sapsra.leidenuniv.nl
www.strw.leidenuniv.nl
jss.leidenuniv.nl
mail.physics.leidenuniv.nl
mysite.leidenuniv.nl
kwartel-a.leidenuniv.nl
splbs02.vuw.leidenuniv.nl
huisstijl.leidenuniv.nl
form.services.universiteitleiden.nl
wagner-p.leidenuniv.nl
pontus.lorentz.leidenuniv.nl
leidenarthistoryblog.nl
smtp.leidenuniv.nl
studiegids-p.leidenuniv.nl
ooievaar.web.leidenuniv.nl
spapp30.vuw.leidenuniv.nl
saufb01.vuw.leidenuniv.nl
schildspin-dev.issc.leidenuniv.nl
lms-wyn-disp03.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
lists.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
webdav.leidenuniv.nl
scharrelaar-p3.leidenuniv.nl
helpdesk.universiteitleiden.nl
libcblog.nl
phdtrack-a.leidenuniv.nl
teams.leidenuniv.nl
evasys.leidenuniv.nl
x-ldap.leidenuniv.nl
cups.issc.leidenuniv.nl
uaccess.leidenuniv.nl
europeanbordercommunities.eu
science.leidenuniv.nl
vg5.strw.leidenuniv.nl
*.weblog.leidenuniv.nl
cms-a.universiteitleiden.nl
splic09.ilo.leidenuniv.nl
*.weblog.leidenuniv.nl
pinkashaw-o4.iam-ota.leidenuniv.nl
bankiva.leidenuniv.nl
rds-a.campus.leidenuniv.nl
phdtrack.leidenuniv.nl
planon-a.universiteitleiden.nl
jack-qa.web.leidenuniv.nl
web2print-t.leidenuniv.nl
grasparkiet.leidenuniv.nl
filosofie.leidenuniv.nl
jenkins.issc.leidenuniv.nl
www.readeronline.leidenuniv.nl
illinois.meta.leidenuniv.nl
roepieroepie-p.web.leidenuniv.nl
splms01.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
vg21.physics.leidenuniv.nl
nmr.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
leidenlawblog.nl
scharrelaar-p1.leidenuniv.nl
cas.physics.leidenuniv.nl
ppsn2020.liacs.leidenuniv.nl
datamining.liacs.leidenuniv.nl
issc.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
lucris.leidenuniv.nl
celspin-p.issc.leidenuniv.nl
foreman-develop.infra.leidenuniv.nl
leidenuniv.nl
SALMS01.leidenuniv.nl
director1-dev.srvtest.leidenuniv.nl
uaccess.leidenuniv.nl
jira.issc.leidenuniv.nl
prosobab.leidenuniv.nl
scriptiebeoordeling-hum.leidenuniv.nl
www.math.leidenuniv.nl
Planon-BenO-t.leidenuniv.nl
login.uaccess.leidenuniv.nl
vrops-cluster.luci.leidenuniv.nl
issc.leidenuniv.nl
noah.backup.leidenuniv.nl
u-ldap-dev.srvtest.leidenuniv.nl
p-luci-001131.infra.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
socrates.leidenuniv.nl
uaccess.leidenuniv.nl
tornado-a-https.web.leidenuniv.nl
leidenuniv.nl
lacdrvirtuallab-qa.leidenuniv.nl
sapgax.issc.leidenuniv.nl
vg5.strw.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
avior.math.leidenuniv.nl
blackboardstaging.leidenuniv.nl
usis.leidenuniv.nl
strwmail.strw.leidenuniv.nl
sapeca.leidenuniv.nl
phdcareerplatform.universiteitleiden.nl
u-tools.srvtest.leidenuniv.nl
aristotle.leidenuniv.nl
sapsra.leidenuniv.nl
www.strw.leidenuniv.nl
jss.leidenuniv.nl
mail.physics.leidenuniv.nl
mysite.leidenuniv.nl
kwartel-a.leidenuniv.nl
splbs02.vuw.leidenuniv.nl
huisstijl.leidenuniv.nl
form.services.universiteitleiden.nl
wagner-p.leidenuniv.nl
pontus.lorentz.leidenuniv.nl
leidenarthistoryblog.nl
smtp.leidenuniv.nl
studiegids-p.leidenuniv.nl
ooievaar.web.leidenuniv.nl
spapp30.vuw.leidenuniv.nl
saufb01.vuw.leidenuniv.nl
schildspin-dev.issc.leidenuniv.nl
lms-wyn-disp03.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
lists.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
webdav.leidenuniv.nl
scharrelaar-p3.leidenuniv.nl
helpdesk.universiteitleiden.nl
libcblog.nl
phdtrack-a.leidenuniv.nl
teams.leidenuniv.nl
evasys.leidenuniv.nl
x-ldap.leidenuniv.nl
cups.issc.leidenuniv.nl
uaccess.leidenuniv.nl
europeanbordercommunities.eu
science.leidenuniv.nl
vg5.strw.leidenuniv.nl
*.weblog.leidenuniv.nl
cms-a.universiteitleiden.nl
splic09.ilo.leidenuniv.nl
*.weblog.leidenuniv.nl
pinkashaw-o4.iam-ota.leidenuniv.nl
bankiva.leidenuniv.nl
rds-a.campus.leidenuniv.nl
phdtrack.leidenuniv.nl
planon-a.universiteitleiden.nl
jack-qa.web.leidenuniv.nl
web2print-t.leidenuniv.nl
grasparkiet.leidenuniv.nl
filosofie.leidenuniv.nl
jenkins.issc.leidenuniv.nl
www.readeronline.leidenuniv.nl
illinois.meta.leidenuniv.nl
roepieroepie-p.web.leidenuniv.nl
splms01.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
vg21.physics.leidenuniv.nl
Certificate
The complete raw certificate details for usis.leidenuniv.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIVTCCBj2gAwIBAgIRAP7a6aRqoDK+dl2W7xQus1QwDQYJKoZIhvcNAQEMBQAw RDELMAkGA1UEBhMCTkwxGTAXBgNVBAoTEEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNV BAMTEUdFQU5UIE9WIFJTQSBDQSA0MB4XDTIyMTIyMDAwMDAwMFoXDTIzMTIyMDIz NTk1OVowXzELMAkGA1UEBhMCTkwxFTATBgNVBAgTDFp1aWQtSG9sbGFuZDEcMBoG A1UEChMTVW5pdmVyc2l0ZWl0IExlaWRlbjEbMBkGA1UEAxMSdXNpcy5sZWlkZW51 bml2Lm5sMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAu/uJt111w7TV SamAZ4WCxDyA0xVFca1Pw8LNgft9OzR2RDjFU/5m/4760xbZd3S9bP0YjdmhyL9Q hx07y2GLlVom+RuEtCQ0nGaQvnzpulSI/rLEZRqDHVL4tBzoasUdzjg1v7/+Kg76 BX3zdki13uQVorzfWP1XO7ad9ZvxCv0dUWxt0mAjCDRo5oNJLZuI/C5JyBpWkfGx oKdWRLbbxRFuF8tKJrZMgpERQvmF6SZrt8Dbj7FFIQrBtwKfR4B96i28MqWSgCWq dcece75XlfHdq0uK0v9hOiinzzO9cOP9agnngx4anPKLZvy9RsutnDmAEXd8kEgd 1iyG9tN6IR3AkTehrJ5OgPZuYqUG1APvjNswnBJrxXq3JY/l5hE7ebFUCGSCuChv gxd/0JMLoa0OH3TfQf7S2Q9oRS1B31uKLITc5M5GkusYF8bh5NU5ISrEkm83wyok 4dVjMEdh31tyXmon1yYj17I4yCYz8o7x9q/5fn+YN3QKuLg9fKd3Dr70mJdbrxPx rBClnRUCPKj9mnMEI2ZWh4DffmeDuN1AYIsXn7zZa4rQ2i2sWhRQIBimHAUsKV2v mlQdjHrf4LwayRn+pdl1wVu0ErxQivasQwm7i91i2KqwgE+E7QXerPo8p2lNrZ8I 3/02tzstnsiNmQZl8tYE+1LslnX//ukCAwEAAaOCAyUwggMhMB8GA1UdIwQYMBaA FG8dNUkQbDL6WaCevIroH5W+cXoMMB0GA1UdDgQWBBTW/UcQ5190p6IFNMtQUe45 0jEAZzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICTzAlMCMG CCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIwPwYD VR0fBDgwNjA0oDKgMIYuaHR0cDovL0dFQU5ULmNybC5zZWN0aWdvLmNvbS9HRUFO VE9WUlNBQ0E0LmNybDB1BggrBgEFBQcBAQRpMGcwOgYIKwYBBQUHMAKGLmh0dHA6 Ly9HRUFOVC5jcnQuc2VjdGlnby5jb20vR0VBTlRPVlJTQUNBNC5jcnQwKQYIKwYB BQUHMAGGHWh0dHA6Ly9HRUFOVC5vY3NwLnNlY3RpZ28uY29tMIIBfgYKKwYBBAHW eQIEAgSCAW4EggFqAWgAdgCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yC igAAAYUuzMhnAAAEAwBHMEUCIDcGtd/dR5LXE3IWdcM34Gmon9sUi2cKwXHBkOHK +M3ZAiEAvROk9rGqOzqXheB5GvH0+3HAZ2c166yPMZKR5daieMkAdwB6MoxU2Lct tiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYUuzMgsAAAEAwBIMEYCIQCOMery eR55JrzwvU8Ij2jYRq8zsqmAJx6hYLF2CrlUDgIhAOgvHnP1Ucy0Ol/+obU1r021 TRUrd+6MiewBHo3s1mHeAHUA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0G vW4AAAGFLszIBAAABAMARjBEAiBM2CUVgEQBJWAChpfVJpBcOqGZmti/rp1Gt5ZV UPN9tAIgETaLvvD9oD+BKF419o6XVe21tA35UDySswE+hweHJC0wHQYDVR0RBBYw FIISdXNpcy5sZWlkZW51bml2Lm5sMA0GCSqGSIb3DQEBDAUAA4ICAQAxcVzP+YNg ebf+c+IXy2N9If+vh+JksvsHKENFY6TL4EjKeUSJyqxg/hDS75Mg3x/TK0bUM+c0 oxP9YgHXFq3TKA6rMi7uXOjXZMwVjmkCmao0loOpiJChJ3NJ/+QQY0P+QTYoLPuO mJUsraiqx08UboHFHr/jO/40iLSrXKAUuC3iPdonkpwuw2NUeImX66eb8wXNroFM rBdts0pfjKSrFM/Vup+MWw6zt0puUoKl9ykWGyY7RWWv0ETEABPQmBvxITugjTvE 3spd7R4e5UFlmfbreIFIpUxI/6H9fQV8tBjINprf/NVCdrCe5EKJAG9k0qYw3c4t F/G/yqGCccgCavlg0B6vvTG/omrIlB6qe5U3o5JI0I3JZgzpYdG99IMB5hw+7iDc vMyT+GHQ4Xj63Mns4l2uGhw6JEuFsGrIKki74+jsDcVZ/0z8lhVanOD4Y5WeDl0j mqyZ/BIrsqn4OdvPrHOze+mjTD7BaM7xjk2TnAdbXoMbX1IRKZ1BAfVbtf1OQ581 tZ/lhCr44cV64bd4ZAkGWa9qCJpVPyyGEGu1aY4hrI/90iuDArh/g6DbJRMQLQXn Ce3d+XxrZT8d1mhG2to3zYwBNm+PzOv7KntycuUSYWRI+vMSOjYn9d7xAh5Q0dYe g/Idp1cqRjZn5tAWCLGD1qcQpIQpSSyv9Q== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAu/uJt111w7TVSamAZ4WC xDyA0xVFca1Pw8LNgft9OzR2RDjFU/5m/4760xbZd3S9bP0YjdmhyL9Qhx07y2GL lVom+RuEtCQ0nGaQvnzpulSI/rLEZRqDHVL4tBzoasUdzjg1v7/+Kg76BX3zdki1 3uQVorzfWP1XO7ad9ZvxCv0dUWxt0mAjCDRo5oNJLZuI/C5JyBpWkfGxoKdWRLbb xRFuF8tKJrZMgpERQvmF6SZrt8Dbj7FFIQrBtwKfR4B96i28MqWSgCWqdcece75X lfHdq0uK0v9hOiinzzO9cOP9agnngx4anPKLZvy9RsutnDmAEXd8kEgd1iyG9tN6 IR3AkTehrJ5OgPZuYqUG1APvjNswnBJrxXq3JY/l5hE7ebFUCGSCuChvgxd/0JML oa0OH3TfQf7S2Q9oRS1B31uKLITc5M5GkusYF8bh5NU5ISrEkm83wyok4dVjMEdh 31tyXmon1yYj17I4yCYz8o7x9q/5fn+YN3QKuLg9fKd3Dr70mJdbrxPxrBClnRUC PKj9mnMEI2ZWh4DffmeDuN1AYIsXn7zZa4rQ2i2sWhRQIBimHAUsKV2vmlQdjHrf 4LwayRn+pdl1wVu0ErxQivasQwm7i91i2KqwgE+E7QXerPo8p2lNrZ8I3/02tzst nsiNmQZl8tYE+1LslnX//ukCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 338760570472384606123082361224479814484 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-20 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-20 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universiteit Leiden' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'usis.leidenuniv.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 766901977136359362823724684582040244856312410300933661961310387955535989462086251225812033411695635140672221528908036594651548450592195491293093071118759625363082824260605403937772613542313312197295803359184605442554700266391174316135402910725395097970523255885442365671288808329122261445725723996762300007512982464009599112441451444439395004421268852926220220728050388986460779861675483461979142985113085639968484911389550533864361274838955315751022044126514942183146094605127085554128698680073230170433394539329294733135414808487930078296191356807396265058135794961871701690587626497237107409917667061246717747124208140798203757917360603443894650076732763690719117555076005940670966324194889334600189441284583550581708968756823096271124993775837281047727975263793152709444657989396056195427648779713429914213400340117028645453503966469478948809850957586248909665796358962655055687744619442552556331646037468877557987424807113437916583715341065647490915420576454886021879405724632151291308913987272380499242459139074875085850835987605364561609991776993570192580147406668803197219014265366348037335297283430527034426072747497478307425606468079726235331647260131081935074172206047711578622497946212748701532142234868058885765696847593 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d6fd4710e75f74a7a20534cb5051ee39d2310067 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a000001852eccc867000004030047304502203706b5dfdd4792d713721675c337e069a89fdb148b670ac171c190e1caf8cdd9022100bd13a4f6b1aa3b3a9785e0791af1f4fb71c0676735ebac8f319291e5d6a278c90077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb52000001852eccc82c00000403004830460221008e31eaf2791e7926bcf0bd4f088f68d846af33b2a980271ea160b1760ab9540e022100e82f1e73f551ccb43a5ffea1b535af4db54d152b77ee8c89ec011e8decd661de007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001852eccc804000004030046304402204cd825158044012560028697d526905c3aa1999ad8bfae9d46b7965550f37db4022011368bbef0fda03f81285e35f68e9755edb5b40df9503c92b3013e870787242d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usis.leidenuniv.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0031715ccff9836079b7fe73e217cb637d21ffaf87e264b2fb0728434563a4cbe048ca794489caac60fe10d2ef9320df1fd32b46d433e734a313fd6201d716add3280eab322eee5ce8d764cc158e690299aa349683a98890a1277349ffe4106343fe4136282cfb8e98952cada8aac74f146e81c51ebfe33bfe3488b4ab5ca014b82de23dda27929c2ec36354788997eba79bf305cdae814cac176db34a5f8ca4ab14cfd5ba9f8c5b0eb3b74a6e5282a5f729161b263b4565afd044c40013d0981bf1213ba08d3bc4deca5ded1e1ee5416599f6eb788148a54c48ffa1fd7d057cb418c8369adffcd54276b09ee44289006f64d2a630ddce2d17f1bfcaa18271c8026af960d01eafbd31bfa26ac8941eaa7b9537a39248d08dc9660ce961d1bdf48301e61c3eee20dcbccc93f861d0e178fadcc9ece25dae1a1c3a244b85b06ac82a48bbe3e8ec0dc559ff4cfc96155a9ce0f863959e0e5d239aac99fc122bb2a9f839dbcfac73b37be9a34c3ec168cef18e4d939c075b5e831b5f5211299d4101f55bb5fd4e439f35b59fe5842af8e1c57ae1b77864090659af6a089a553f2c86106bb5698e21ac8ffdd22b8302b87f83a0db2513102d05e709edddf97c6b653f1dd66846dada37cd8c01366f8fccebfb2a7b7272e512616448faf3123a3627f5def1021e50d1d61e83f21da7572a463667e6d01608b183d6a710a48429492caff5