demo-idp.ct1.garrservices.it
- Consortium GARR -
Issued by TERENA SSL CA 3
About this certificate
This digital certificate with serial number 09:83:11:5e:4b:27:09:22:76:2d:cf:54:b8:69:25:d3 was issued on by TERENA.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Consortium GARR
Organization:
Consortium GARR
Locality:
Rome
Country: IT
Country: IT
TERENA
Organization:
TERENA
State / Province:
Noord-Holland
Locality: Amsterdam
Country: NL
Locality: Amsterdam
Country: NL
This certificate has expire since
Certificate Details
Serial Number (hex): 09:83:11:5e:4b:27:09:22:76:2d:cf:54:b8:69:25:d3Serial Number (int): 12643595122201410675285884916363503059
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 43:e1:bb:8f:eb:2b:30:71:7d:56:c2:f1:4e:cf:99:34:69:a5:e4:dc
AuthorityKeyId: 67:fd:88:20:14:27:98:c7:09:d2:25:19:bb:e9:51:11:63:75:50:62
Fingerprint (sha1): 5c:78:8f:83:da:cf:26:37:d3:22:ed:d5:00:b0:a5:06:c8:2b:3e:79
Fingerprint (sha256): 0b:d8:cd:00:fe:07:90:bd:01:a8:94:05:44:c9:a5:1f:7a:7a:68:85:44:d6:13:bb:7c:15:24:29:45:8f:34:af
Issuing Certificate URL: http://cacerts.digicert.com/TERENASSLCA3.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/TERENASSLCA3.crl
CRL Distribution Point: http://crl4.digicert.com/TERENASSLCA3.crl
Check the revocation status for certificate demo-idp.ct1.garrservices.it
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for demo-idp.ct1.garrservices.it
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
demo-idp.ct1.garrservices.it
geant-demo-idp.aai-test.garr.it
geant-demo-idp.aai-test.garr.it
Other certificates including the domain name garrservices.it
(limited to 100 certificates)
aarc-tut-sp.pa1.garrservices.it
aarc-tut-1.pa1.garrservices.it
geantsrv44.ct1.garrservices.it
geantsrv25.ct1.garrservices.it
geantsrv800.ct1.garrservices.it
git.garr.it
comanage.idem.garrservices.it
cloud.garr.it
demo-idp.ct1.garrservices.it
ba1-r2-idrac02.ba1.garrservices.it
wiki.idem.garr.it
speedtest.ba1.garrservices.it
aarc-tut-5.pa1.garrservices.it
git.garr.it
comanage.idem.garrservices.it
cidp-api-server.pa1.garrservices.it
ip-90-147-189-62.pa1.garrservices.it
geantsrv100.ct1.garrservices.it
geantsrv13.ct1.garrservices.it
ip-90-147-167-221.ct1.garrservices.it
geantsrv14.ct1.garrservices.it
www.support.garr.it
aarc-tut-12.pa1.garrservices.it
vpn.ba1.garrservices.it
idgw1.pa1.garrservices.it
filesender-ng.cs.garrservices.it
ba1-r1-idrac05.ba1.garrservices.it
liferay-decide.global.garrservices.it
geantsrv8.ct1.garrservices.it
nagios.cloud.garr.it
cs-r1-idrac14.cs.garrservices.it
aarc-tut-10.pa1.garrservices.it
www.cloud.garrservices.it
portal-eiscat-aarc.pa1.garrservices.it
keystone.cloud.garr.it
dashboard.cloud.garrservices.it
wiki.idem.garr.it
aarc-tut-7.pa1.garrservices.it
aarc-tut-idp.pa1.garrservices.it
cloud.garr.it
e3d-mp-ds.pa1.garrservices.it
geantsrv39.ct1.garrservices.it
wiki.idem.garrservices.it
ba1-r1-idrac10.ba1.garrservices.it
geantsvr12.ct1.garrservices.it
gitlab.global.garrservices.it
ip-90-147-167-221.ct1.garrservices.it
geantsrv42.ct1.garrservices.it
geantsrv32.ct1.garrservices.it
ip-90-147-189-68.pa1.garrservices.it
piwik.global.garrservices.it
ip-90-147-167-134.ct1.garrservices.it
aarc-tut-6.pa1.garrservices.it
git.garr.it
filesender2.cs.garrservices.it
geantsrv45.ct1.garrservices.it
openstack.cs.garrservices.it
ba1-r3-idrac12.ba1.garrservices.it
geantsrv43.ct1.garrservices.it
ba1-r1-idrac02.ba1.garrservices.it
geantsrv14.ct1.garrservices.it
mon.ba1.garrservices.it
geantsrv500.ct1.garrservices.it
aarc-tut-17.pa1.garrservices.it
glance.cloud.garr.it
aarc-tut-4.pa1.garrservices.it
keystone-devel.cloud.garr.it
www.support.garr.it
ba1-r2-idrac12.ba1.garrservices.it
geantsvr15.ct1.garrservices.it
ba1-r3-idrac02.ba1.garrservices.it
idp-csd.pa1.garrservices.it
filesender-ng.cs.garrservices.it
filesender2.cs.garrservices.it
daas-playground.cloud.garr.it
geantsrv15.ct1.garrservices.it
dashboard-devel.cloud.garr.it
ip-90-147-167-221.ct1.garrservices.it
aarc-tut-13.pa1.garrservices.it
speedtest.ct1.garrservices.it
ba1-r3-idrac16.ba1.garrservices.it
ba1-r3-idrac01.ba1.garrservices.it
signup-dev.cloud.garr.it
aarc-tut-9.pa1.garrservices.it
geantsrv36.ct1.garrservices.it
keystone-devel.cloud.garr.it
liferay-decide.global.garrservices.it
dashboard.cloud.garr.it
keystone.cloud.garrservices.it
ba1-r2-idrac04.ba1.garrservices.it
ip-90-147-166-216.ct1.garrservices.it
ip-90-147-167-221.ct1.garrservices.it
ip-90-147-189-61.pa1.garrservices.it
git.garr.it
aarc-tut-13.pa1.garrservices.it
aarc-tut-8.pa1.garrservices.it
www.support.garr.it
geantsrv30.ct1.garrservices.it
geantsrv9.ct1.garrservices.it
ip-90-147-188-207.pa1.garrservices.it
aarc-tut-1.pa1.garrservices.it
geantsrv44.ct1.garrservices.it
geantsrv25.ct1.garrservices.it
geantsrv800.ct1.garrservices.it
git.garr.it
comanage.idem.garrservices.it
cloud.garr.it
demo-idp.ct1.garrservices.it
ba1-r2-idrac02.ba1.garrservices.it
wiki.idem.garr.it
speedtest.ba1.garrservices.it
aarc-tut-5.pa1.garrservices.it
git.garr.it
comanage.idem.garrservices.it
cidp-api-server.pa1.garrservices.it
ip-90-147-189-62.pa1.garrservices.it
geantsrv100.ct1.garrservices.it
geantsrv13.ct1.garrservices.it
ip-90-147-167-221.ct1.garrservices.it
geantsrv14.ct1.garrservices.it
www.support.garr.it
aarc-tut-12.pa1.garrservices.it
vpn.ba1.garrservices.it
idgw1.pa1.garrservices.it
filesender-ng.cs.garrservices.it
ba1-r1-idrac05.ba1.garrservices.it
liferay-decide.global.garrservices.it
geantsrv8.ct1.garrservices.it
nagios.cloud.garr.it
cs-r1-idrac14.cs.garrservices.it
aarc-tut-10.pa1.garrservices.it
www.cloud.garrservices.it
portal-eiscat-aarc.pa1.garrservices.it
keystone.cloud.garr.it
dashboard.cloud.garrservices.it
wiki.idem.garr.it
aarc-tut-7.pa1.garrservices.it
aarc-tut-idp.pa1.garrservices.it
cloud.garr.it
e3d-mp-ds.pa1.garrservices.it
geantsrv39.ct1.garrservices.it
wiki.idem.garrservices.it
ba1-r1-idrac10.ba1.garrservices.it
geantsvr12.ct1.garrservices.it
gitlab.global.garrservices.it
ip-90-147-167-221.ct1.garrservices.it
geantsrv42.ct1.garrservices.it
geantsrv32.ct1.garrservices.it
ip-90-147-189-68.pa1.garrservices.it
piwik.global.garrservices.it
ip-90-147-167-134.ct1.garrservices.it
aarc-tut-6.pa1.garrservices.it
git.garr.it
filesender2.cs.garrservices.it
geantsrv45.ct1.garrservices.it
openstack.cs.garrservices.it
ba1-r3-idrac12.ba1.garrservices.it
geantsrv43.ct1.garrservices.it
ba1-r1-idrac02.ba1.garrservices.it
geantsrv14.ct1.garrservices.it
mon.ba1.garrservices.it
geantsrv500.ct1.garrservices.it
aarc-tut-17.pa1.garrservices.it
glance.cloud.garr.it
aarc-tut-4.pa1.garrservices.it
keystone-devel.cloud.garr.it
www.support.garr.it
ba1-r2-idrac12.ba1.garrservices.it
geantsvr15.ct1.garrservices.it
ba1-r3-idrac02.ba1.garrservices.it
idp-csd.pa1.garrservices.it
filesender-ng.cs.garrservices.it
filesender2.cs.garrservices.it
daas-playground.cloud.garr.it
geantsrv15.ct1.garrservices.it
dashboard-devel.cloud.garr.it
ip-90-147-167-221.ct1.garrservices.it
aarc-tut-13.pa1.garrservices.it
speedtest.ct1.garrservices.it
ba1-r3-idrac16.ba1.garrservices.it
ba1-r3-idrac01.ba1.garrservices.it
signup-dev.cloud.garr.it
aarc-tut-9.pa1.garrservices.it
geantsrv36.ct1.garrservices.it
keystone-devel.cloud.garr.it
liferay-decide.global.garrservices.it
dashboard.cloud.garr.it
keystone.cloud.garrservices.it
ba1-r2-idrac04.ba1.garrservices.it
ip-90-147-166-216.ct1.garrservices.it
ip-90-147-167-221.ct1.garrservices.it
ip-90-147-189-61.pa1.garrservices.it
git.garr.it
aarc-tut-13.pa1.garrservices.it
aarc-tut-8.pa1.garrservices.it
www.support.garr.it
geantsrv30.ct1.garrservices.it
geantsrv9.ct1.garrservices.it
ip-90-147-188-207.pa1.garrservices.it
Certificate
The complete raw certificate details for demo-idp.ct1.garrservices.it in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFWDCCBECgAwIBAgIQCYMRXksnCSJ2Lc9UuGkl0zANBgkqhkiG9w0BAQsFADBk MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJ QW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wg Q0EgMzAeFw0xODA5MjAwMDAwMDBaFw0yMDA5MjQxMjAwMDBaMF0xCzAJBgNVBAYT AklUMQ0wCwYDVQQHEwRSb21lMRgwFgYDVQQKEw9Db25zb3J0aXVtIEdBUlIxJTAj BgNVBAMTHGRlbW8taWRwLmN0MS5nYXJyc2VydmljZXMuaXQwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDPV+wflDXBoyYwi6WmqHb6LiqGXxQ4ystCEryH JmS0qpF1xKcpaOcgE3M5uNKKi6E8Wrx/3wgCiZUGggAtlm+TJka5z+hA6P5Apou3 EIpokCzOQ9r7Boww4NslHyzv9H7ZJndMtGc+QT6ptvypbdPLvLgKN4Qj6nDtlkge UFv5c/AXYilsCH6CSHyQ46wEij8ukyirXqRbpb5aBN6RSuV3+oy9J5Ftje2BhiI8 6T5FLMgU6XxrMVCZLu8msBwnqurE47nKFuN11tvjB9eO3J0G+y0div3LA94lBwQV vdtFUx1IAqUzm166+DUOj/yUPyF0Ns4JDa5uGP1wa6urbR8vAgMBAAGjggILMIIC BzAfBgNVHSMEGDAWgBRn/YggFCeYxwnSJRm76VERY3VQYjAdBgNVHQ4EFgQUQ+G7 j+srMHF9VsLxTs+ZNGml5NwwSAYDVR0RBEEwP4IcZGVtby1pZHAuY3QxLmdhcnJz ZXJ2aWNlcy5pdIIfZ2VhbnQtZGVtby1pZHAuYWFpLXRlc3QuZ2Fyci5pdDAOBgNV HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1Ud HwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xD QTMuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vVEVSRU5BU1NM Q0EzLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxo dHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjBuBggrBgEFBQcB AQRiMGAwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTA4Bggr BgEFBQcwAoYsaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENB My5jcnQwDAYDVR0TAQH/BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG 9w0BAQsFAAOCAQEAF9Iy9uhifaODDA4ios4qVNXoh7SEqLTRzZgcIk2UcJZbwgo/ 0mOmhqRqFNutwgsxMm8la5JSlp3Zeruk8pLDfBAiXZplgRqd7+iVqIKiKmJ+bbWN hNKEFt0xnZqHFuIV1u+wXa1OdrlE07ULn7DSYQiaG3i5EKyDBJOPLS8vXeNoPQww rm/d9mwRFOppSuuc85ykDjlPdWCBuTmMph/GiwB9Frb/MztsJ+xW9YDv4ieER8hG fhhaN3xm5YYTHG6yyjB4Tgl3Ma6tba+eCfyA4q105kiltaLOmK9FblkDA4/gUKci oUo7s0CUa0ohkUkxBwfK/Oetj4nJds725EudTA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1fsH5Q1waMmMIulpqh2 +i4qhl8UOMrLQhK8hyZktKqRdcSnKWjnIBNzObjSiouhPFq8f98IAomVBoIALZZv kyZGuc/oQOj+QKaLtxCKaJAszkPa+waMMODbJR8s7/R+2SZ3TLRnPkE+qbb8qW3T y7y4CjeEI+pw7ZZIHlBb+XPwF2IpbAh+gkh8kOOsBIo/LpMoq16kW6W+WgTekUrl d/qMvSeRbY3tgYYiPOk+RSzIFOl8azFQmS7vJrAcJ6rqxOO5yhbjddbb4wfXjtyd BvstHYr9ywPeJQcEFb3bRVMdSAKlM5teuvg1Do/8lD8hdDbOCQ2ubhj9cGurq20f LwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 12643595122201410675285884916363503059 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Noord-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amsterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA SSL CA 3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-20 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-24 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rome' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Consortium GARR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'demo-idp.ct1.garrservices.it' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26174685258045154344355557099417046178941996234481528447924418355143625522511855610697593653582109858805315724688584598890413621190701098099251815447549158264157008142948205334827776099974412441190553634182172771760944029747293099783659753287355861054670547537536211977466265166524764268303099220428659446215539063760315682079400804591887258195041199568378115997470136229059478949892981379274473356035760287768038581417936161651664103157517323752040573018185847808359296773324675253106557526229933970265222421334449588649260426134812267161148882507644315364312628862407662621111170520990024701548627129996758796279599 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 67fd8820142798c709d22519bbe9511163755062 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 43e1bb8feb2b30717d56c2f14ecf993469a5e4dc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'demo-idp.ct1.garrservices.it' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'geant-demo-idp.aai-test.garr.it' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/TERENASSLCA3.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/TERENASSLCA3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (98 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/TERENASSLCA3.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0017d232f6e8627da3830c0e22a2ce2a54d5e887b484a8b4d1cd981c224d9470965bc20a3fd263a686a46a14dbadc20b31326f256b9252969dd97abba4f292c37c10225d9a65811a9defe895a882a22a627e6db58d84d28416dd319d9a8716e215d6efb05dad4e76b944d3b50b9fb0d261089a1b78b910ac8304938f2d2f2f5de3683d0c30ae6fddf66c1114ea694aeb9cf39ca40e394f756081b9398ca61fc68b007d16b6ff333b6c27ec56f580efe2278447c8467e185a377c66e586131c6eb2ca30784e097731aead6daf9e09fc80e2ad74e648a5b5a2ce98af456e5903038fe050a722a14a3bb340946b4a219149310707cafce7ad8f89c976cef6e44b9d4c