science.leidenuniv.nl
- Universiteit Leiden -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number e5:de:00:bc:40:fd:07:94:4d:02:28:a1:0d:b9:62:b7 was issued on by Sectigo Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Universiteit Leiden
Organization:
Universiteit Leiden
State / Province:
Zuid-Holland
Country: NL
Country: NL
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): e5:de:00:bc:40:fd:07:94:4d:02:28:a1:0d:b9:62:b7Serial Number (int): 305545915852347953963362185514724188855
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 7a:6f:25:71:57:96:6b:17:3e:ea:04:b9:d6:4d:d0:d3:97:36:78:28
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): 52:88:9e:74:ca:b3:d2:c8:e9:d1:05:4e:15:31:dc:ed:18:b0:02:b9
Fingerprint (sha256): 0b:a4:91:2b:b6:ae:ef:04:87:8e:4b:19:b3:c5:38:8b:2c:4f:0d:8b:5a:47:63:d7:df:01:7b:5c:07:93:a1:24
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate science.leidenuniv.nl
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for science.leidenuniv.nl
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
science.leidenuniv.nl
www.science.leidenuniv.nl
www.science.leidenuniv.nl
Other certificates including the domain name leidenuniv.nl
(limited to 100 certificates)
web2print.leidenuniv.nl
nmr.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
leidenlawblog.nl
scharrelaar-p1.leidenuniv.nl
cas.physics.leidenuniv.nl
ppsn2020.liacs.leidenuniv.nl
datamining.liacs.leidenuniv.nl
issc.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
lucris.leidenuniv.nl
celspin-p.issc.leidenuniv.nl
foreman-develop.infra.leidenuniv.nl
leidenuniv.nl
SALMS01.leidenuniv.nl
director1-dev.srvtest.leidenuniv.nl
uaccess.leidenuniv.nl
jira.issc.leidenuniv.nl
prosobab.leidenuniv.nl
scriptiebeoordeling-hum.leidenuniv.nl
www.math.leidenuniv.nl
Planon-BenO-t.leidenuniv.nl
login.uaccess.leidenuniv.nl
vrops-cluster.luci.leidenuniv.nl
issc.leidenuniv.nl
noah.backup.leidenuniv.nl
u-ldap-dev.srvtest.leidenuniv.nl
p-luci-001131.infra.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
socrates.leidenuniv.nl
uaccess.leidenuniv.nl
tornado-a-https.web.leidenuniv.nl
leidenuniv.nl
lacdrvirtuallab-qa.leidenuniv.nl
sapgax.issc.leidenuniv.nl
vg5.strw.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
avior.math.leidenuniv.nl
blackboardstaging.leidenuniv.nl
weblectures-a.leidenuniv.nl
usis.leidenuniv.nl
strwmail.strw.leidenuniv.nl
sapeca.leidenuniv.nl
phdcareerplatform.universiteitleiden.nl
u-tools.srvtest.leidenuniv.nl
aristotle.leidenuniv.nl
sapsra.leidenuniv.nl
www.strw.leidenuniv.nl
jss.leidenuniv.nl
mail.physics.leidenuniv.nl
mysite.leidenuniv.nl
kwartel-a.leidenuniv.nl
splbs02.vuw.leidenuniv.nl
huisstijl.leidenuniv.nl
form.services.universiteitleiden.nl
wagner-p.leidenuniv.nl
pontus.lorentz.leidenuniv.nl
leidenarthistoryblog.nl
smtp.leidenuniv.nl
studiegids-p.leidenuniv.nl
ooievaar.web.leidenuniv.nl
spapp30.vuw.leidenuniv.nl
saufb01.vuw.leidenuniv.nl
schildspin-dev.issc.leidenuniv.nl
lms-wyn-disp03.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
lists.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
webdav.leidenuniv.nl
scharrelaar-p3.leidenuniv.nl
helpdesk.universiteitleiden.nl
libcblog.nl
phdtrack-a.leidenuniv.nl
teams.leidenuniv.nl
evasys.leidenuniv.nl
x-ldap.leidenuniv.nl
cups.issc.leidenuniv.nl
uaccess.leidenuniv.nl
europeanbordercommunities.eu
science.leidenuniv.nl
vg5.strw.leidenuniv.nl
*.weblog.leidenuniv.nl
cms-a.universiteitleiden.nl
splic09.ilo.leidenuniv.nl
*.weblog.leidenuniv.nl
pinkashaw-o4.iam-ota.leidenuniv.nl
bankiva.leidenuniv.nl
rds-a.campus.leidenuniv.nl
phdtrack.leidenuniv.nl
planon-a.universiteitleiden.nl
jack-qa.web.leidenuniv.nl
web2print-t.leidenuniv.nl
grasparkiet.leidenuniv.nl
filosofie.leidenuniv.nl
jenkins.issc.leidenuniv.nl
www.readeronline.leidenuniv.nl
illinois.meta.leidenuniv.nl
roepieroepie-p.web.leidenuniv.nl
splms01.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
nmr.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
leidenlawblog.nl
scharrelaar-p1.leidenuniv.nl
cas.physics.leidenuniv.nl
ppsn2020.liacs.leidenuniv.nl
datamining.liacs.leidenuniv.nl
issc.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
lucris.leidenuniv.nl
celspin-p.issc.leidenuniv.nl
foreman-develop.infra.leidenuniv.nl
leidenuniv.nl
SALMS01.leidenuniv.nl
director1-dev.srvtest.leidenuniv.nl
uaccess.leidenuniv.nl
jira.issc.leidenuniv.nl
prosobab.leidenuniv.nl
scriptiebeoordeling-hum.leidenuniv.nl
www.math.leidenuniv.nl
Planon-BenO-t.leidenuniv.nl
login.uaccess.leidenuniv.nl
vrops-cluster.luci.leidenuniv.nl
issc.leidenuniv.nl
noah.backup.leidenuniv.nl
u-ldap-dev.srvtest.leidenuniv.nl
p-luci-001131.infra.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
socrates.leidenuniv.nl
uaccess.leidenuniv.nl
tornado-a-https.web.leidenuniv.nl
leidenuniv.nl
lacdrvirtuallab-qa.leidenuniv.nl
sapgax.issc.leidenuniv.nl
vg5.strw.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
avior.math.leidenuniv.nl
blackboardstaging.leidenuniv.nl
weblectures-a.leidenuniv.nl
usis.leidenuniv.nl
strwmail.strw.leidenuniv.nl
sapeca.leidenuniv.nl
phdcareerplatform.universiteitleiden.nl
u-tools.srvtest.leidenuniv.nl
aristotle.leidenuniv.nl
sapsra.leidenuniv.nl
www.strw.leidenuniv.nl
jss.leidenuniv.nl
mail.physics.leidenuniv.nl
mysite.leidenuniv.nl
kwartel-a.leidenuniv.nl
splbs02.vuw.leidenuniv.nl
huisstijl.leidenuniv.nl
form.services.universiteitleiden.nl
wagner-p.leidenuniv.nl
pontus.lorentz.leidenuniv.nl
leidenarthistoryblog.nl
smtp.leidenuniv.nl
studiegids-p.leidenuniv.nl
ooievaar.web.leidenuniv.nl
spapp30.vuw.leidenuniv.nl
saufb01.vuw.leidenuniv.nl
schildspin-dev.issc.leidenuniv.nl
lms-wyn-disp03.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
lists.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
webdav.leidenuniv.nl
scharrelaar-p3.leidenuniv.nl
helpdesk.universiteitleiden.nl
libcblog.nl
phdtrack-a.leidenuniv.nl
teams.leidenuniv.nl
evasys.leidenuniv.nl
x-ldap.leidenuniv.nl
cups.issc.leidenuniv.nl
uaccess.leidenuniv.nl
europeanbordercommunities.eu
science.leidenuniv.nl
vg5.strw.leidenuniv.nl
*.weblog.leidenuniv.nl
cms-a.universiteitleiden.nl
splic09.ilo.leidenuniv.nl
*.weblog.leidenuniv.nl
pinkashaw-o4.iam-ota.leidenuniv.nl
bankiva.leidenuniv.nl
rds-a.campus.leidenuniv.nl
phdtrack.leidenuniv.nl
planon-a.universiteitleiden.nl
jack-qa.web.leidenuniv.nl
web2print-t.leidenuniv.nl
grasparkiet.leidenuniv.nl
filosofie.leidenuniv.nl
jenkins.issc.leidenuniv.nl
www.readeronline.leidenuniv.nl
illinois.meta.leidenuniv.nl
roepieroepie-p.web.leidenuniv.nl
splms01.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
Certificate
The complete raw certificate details for science.leidenuniv.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIH+jCCBuKgAwIBAgIRAOXeALxA/QeUTQIooQ25YrcwDQYJKoZIhvcNAQELBQAw gZUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UE AxM0U2VjdGlnbyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl cnZlciBDQTAeFw0yNDAxMjkwMDAwMDBaFw0yNTAxMjgyMzU5NTlaMGIxCzAJBgNV BAYTAk5MMRUwEwYDVQQIEwxadWlkLUhvbGxhbmQxHDAaBgNVBAoTE1VuaXZlcnNp dGVpdCBMZWlkZW4xHjAcBgNVBAMTFXNjaWVuY2UubGVpZGVudW5pdi5ubDCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMn2ZfFLhGAwplVoQpqb4lub7qq9 IU/8eYLZ4S6+s6aT7zBPpBW1HpOIib+pwtFn597t1+32QVYteWN+dpSvnF4+7uPN 0sN/c8wonxP1PD/uS6dc8IvpvpvjYmlklJoqiUKUupCb/tse5FPMprYqiEG5/77d zvhVSXzX0k+IckrIfUDPOPUFfy1oW4fixVv03dt9Qj7K066eYFsabNh+jM2sJGwz uRhghrlCjQQVl6TBQQAnvHB/MlrmOFQw3L9lQEHv+ynnxbYNdxhdpG1truLj8xjo IEVEtwZXsx+b0Bb/GFeZnm9YBVhyH48evIngZHDtdOYvFabaN75Uuen3VEOtMjWx +0ueCExhvXEX5BGMktcMDFu2bO11hjiqYsXBkJzxFs/eVhYXpna/wdWoVTtNKZ3n B3NnrIUStI4rnAykoR+msqtdZrEANabjVwnCgMikdYO+x4z2psNF33JZx6X0tk6h Gn8kJmppDZ+pSjgwmTyhqiCJaML98gUyKjNcne6cCrMNJptXnZzZSTJvmi2d8oPf rpPkkTS8ri234KUhf4J1rRm5S8xVeKfzFH4iX8DoWUZ2EF7EpphdXt2vOgRU+tto 0UbErM0PENFVKJiqMhvCbGVMh2nZIAhF43vQVtX49JvQeYjxAaJCwRshEaTAihUW O6rIpmBI+GKrHPmjAgMBAAGjggN1MIIDcTAfBgNVHSMEGDAWgBQX2dYlJ2f5McJJ Q9kwNkSMbKlP6zAdBgNVHQ4EFgQUem8lcVeWaxc+6gS51k3Q05c2eCgwDgYDVR0P AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMEoGA1UdIARDMEEwNQYMKwYBBAGyMQECAQMEMCUwIwYIKwYBBQUHAgEW F2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+g TaBLhklodHRwOi8vY3JsLnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRp b25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGKBggrBgEFBQcBAQR+MHww VQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JTQU9y Z2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUH MAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMIIBfgYKKwYBBAHWeQIEAgSCAW4E ggFqAWgAdgDPEVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3zsw7CAAAAY1Xov2m AAAEAwBHMEUCIQCDvuaS3xa2pOi9NcS/h37Jw9sm47f1V17nxywBaHAPKAIgfmnW uTmZV4vXoIqt6hOLHhiBjD4Bphzi3UCloISOXmQAdgCi4wrkRe+9rZt+OO1HZ3dT 14JbhJTXK14bLMS5UKRH5wAAAY1Xov11AAAEAwBHMEUCIQCMgf+N34IXvLNs6ebR hwWTGq9zHq812b8jgVfcGWLWGAIgYeymiD7MDo8shglLbvidiXeJae6IwCMe7HWN ow7/OzIAdgBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY1Xov2B AAAEAwBHMEUCIQDcsoBOPuIzP3KeUZxwTBN9SoPNAQfgxWxoO2mHgpC9wAIgP9yF VSEpFypI7GKck7chMTglBQNI7K7zWl0lTyqJDgIwOwYDVR0RBDQwMoIVc2NpZW5j ZS5sZWlkZW51bml2Lm5sghl3d3cuc2NpZW5jZS5sZWlkZW51bml2Lm5sMA0GCSqG SIb3DQEBCwUAA4IBAQBkifyj9WDB9eAEOfhdaFKJzYriWN+VTdUGcgUab93asMcU TTcr4oZMtEx+tQ/H5zjKMIEhtS62HPrBVDwEldlLu8vu19zFRTmdFMsSDJzenalQ 0o2jZxyrVAfBtbu/+vPsonO0xdrQCKb4+12wCLJGRr+VESVCbVY0bhASOYx9RY9m xdR+j5KnNf1jZZmNgwpH/Z/Wat1QvJD8TxCU3M0r2tMai2C55tT5Lf4Ppk12pwcZ S+vjJPRZgz5Fxh7EGFNX+60YGvsYHg6Luj/LuNj+Ct+e3pDYN9Gp26eQERD7mtx7 oVbhJ/opmbEpmBZnAcEOXBTD3dK12yiOgmPBUAns -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyfZl8UuEYDCmVWhCmpvi W5vuqr0hT/x5gtnhLr6zppPvME+kFbUek4iJv6nC0Wfn3u3X7fZBVi15Y352lK+c Xj7u483Sw39zzCifE/U8P+5Lp1zwi+m+m+NiaWSUmiqJQpS6kJv+2x7kU8ymtiqI Qbn/vt3O+FVJfNfST4hySsh9QM849QV/LWhbh+LFW/Td231CPsrTrp5gWxps2H6M zawkbDO5GGCGuUKNBBWXpMFBACe8cH8yWuY4VDDcv2VAQe/7KefFtg13GF2kbW2u 4uPzGOggRUS3BlezH5vQFv8YV5meb1gFWHIfjx68ieBkcO105i8Vpto3vlS56fdU Q60yNbH7S54ITGG9cRfkEYyS1wwMW7Zs7XWGOKpixcGQnPEWz95WFhemdr/B1ahV O00pnecHc2eshRK0jiucDKShH6ayq11msQA1puNXCcKAyKR1g77HjPamw0XfclnH pfS2TqEafyQmamkNn6lKODCZPKGqIIlowv3yBTIqM1yd7pwKsw0mm1ednNlJMm+a LZ3yg9+uk+SRNLyuLbfgpSF/gnWtGblLzFV4p/MUfiJfwOhZRnYQXsSmmF1e3a86 BFT622jRRsSszQ8Q0VUomKoyG8JsZUyHadkgCEXje9BW1fj0m9B5iPEBokLBGyER pMCKFRY7qsimYEj4Yqsc+aMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 305545915852347953963362185514724188855 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-29 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-28 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universiteit Leiden' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'science.leidenuniv.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 823935086611588679648130984200364201946439836701017439128784970184101025796691622613061456502486562916402466197209740370316771554987554817796882700072859616806843333886584084118215786537516900215955313823619726873882848731828876738019132671058683024106835503316933059756713351765983348293568045864532386460918873559092343394269579256049854363684881607417087815523226226284645550610663392431277774288480316957760705429430802085862464421536333412886687426035925905473522886968178524417792125717918584964870859999209860116980720917428693889295062459227994555879290462633364156273490506780569127325598616499945498164967471433364066239082716147779083235555387236712723753176712978564858713233061738433598920986899335518719969703422520451379287047676949420291571137396162764595497621471485458143145325161384358279932846417349136206651789273647603287623893740478984265625826039734176451547733431934307889703127381779732047840162783544666490815005247347917838368115753442537720907691183754533353494454379546433693527434157173207646311037226826632179591835792305081853022076428842286250905075212572243675549110576334846658954684895357328233691872941252831810305278587912907699376344998483583185261873538102876604522016173316901864063851362723 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7a6f257157966b173eea04b9d64dd0d397367828 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018d57a2fda6000004030047304502210083bee692df16b6a4e8bd35c4bf877ec9c3db26e3b7f5575ee7c72c0168700f2802207e69d6b93999578bd7a08aadea138b1e18818c3e01a61ce2dd40a5a0848e5e64007600a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018d57a2fd7500000403004730450221008c81ff8ddf8217bcb36ce9e6d18705931aaf731eaf35d9bf238157dc1962d618022061eca6883ecc0e8f2c86094b6ef89d89778969ee88c0231eec758da30eff3b320076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d57a2fd810000040300473045022100dcb2804e3ee2333f729e519c704c137d4a83cd0107e0c56c683b69878290bdc002203fdc85552129172a48ec629c93b721313825050348ecaef35a5d254f2a890e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'science.leidenuniv.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.science.leidenuniv.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006489fca3f560c1f5e00439f85d685289cd8ae258df954dd50672051a6fdddab0c7144d372be2864cb44c7eb50fc7e738ca308121b52eb61cfac1543c0495d94bbbcbeed7dcc545399d14cb120c9cde9da950d28da3671cab5407c1b5bbbffaf3eca273b4c5dad008a6f8fb5db008b24646bf951125426d56346e1012398c7d458f66c5d47e8f92a735fd6365998d830a47fd9fd66add50bc90fc4f1094dccd2bdad31a8b60b9e6d4f92dfe0fa64d76a707194bebe324f459833e45c61ec4185357fbad181afb181e0e8bba3fcbb8d8fe0adf9ede90d837d1a9dba7901110fb9adc7ba156e127fa2999b12998166701c10e5c14c3ddd2b5db288e8263c15009ec