*.weblog.leidenuniv.nl
- Universiteit Leiden -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number 18:b3:55:e0:7b:75:b4:c6:fb:0c:e8:4f:d7:c0:3e:b9 was issued on by GEANT Vereniging.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Universiteit Leiden
Organization:
Universiteit Leiden
State / Province:
Zuid-Holland
Country: NL
Country: NL
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate will expire on
Certificate Details
Serial Number (hex): 18:b3:55:e0:7b:75:b4:c6:fb:0c:e8:4f:d7:c0:3e:b9Serial Number (int): 32832634826649382907828672189941431993
Serial Number lenght: 125 bits, 16 octets
SubjectKeyId: a2:bf:9e:45:7a:10:be:59:f7:47:de:5b:fc:42:91:d3:ed:5f:ef:8e
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): bf:45:f2:0a:ae:35:5a:59:0e:cf:41:bb:f3:92:2a:bc:f3:ac:26:7b
Fingerprint (sha256): 0b:e2:48:2f:fa:da:c5:59:46:c1:45:76:c8:d1:c2:cf:ce:e0:ef:4a:d0:4e:3e:7c:05:79:0d:c8:9c:7f:fa:bc
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate *.weblog.leidenuniv.nl
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.weblog.leidenuniv.nl
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.weblog.leidenuniv.nl
weblog.leidenuniv.nl
weblog.leidenuniv.nl
Other certificates including the domain name leidenuniv.nl
(limited to 100 certificates)
web2print.leidenuniv.nl
nmr.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
leidenlawblog.nl
scharrelaar-p1.leidenuniv.nl
cas.physics.leidenuniv.nl
ppsn2020.liacs.leidenuniv.nl
datamining.liacs.leidenuniv.nl
issc.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
lucris.leidenuniv.nl
celspin-p.issc.leidenuniv.nl
foreman-develop.infra.leidenuniv.nl
leidenuniv.nl
SALMS01.leidenuniv.nl
director1-dev.srvtest.leidenuniv.nl
icga.leidenuniv.nl
uaccess.leidenuniv.nl
jira.issc.leidenuniv.nl
prosobab.leidenuniv.nl
scriptiebeoordeling-hum.leidenuniv.nl
www.math.leidenuniv.nl
Planon-BenO-t.leidenuniv.nl
login.uaccess.leidenuniv.nl
vrops-cluster.luci.leidenuniv.nl
issc.leidenuniv.nl
noah.backup.leidenuniv.nl
u-ldap-dev.srvtest.leidenuniv.nl
p-luci-001131.infra.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
socrates.leidenuniv.nl
uaccess.leidenuniv.nl
tornado-a-https.web.leidenuniv.nl
leidenuniv.nl
lacdrvirtuallab-qa.leidenuniv.nl
sapgax.issc.leidenuniv.nl
vg5.strw.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
avior.math.leidenuniv.nl
blackboardstaging.leidenuniv.nl
weblectures-a.leidenuniv.nl
usis.leidenuniv.nl
strwmail.strw.leidenuniv.nl
sapeca.leidenuniv.nl
phdcareerplatform.universiteitleiden.nl
u-tools.srvtest.leidenuniv.nl
aristotle.leidenuniv.nl
sapsra.leidenuniv.nl
www.strw.leidenuniv.nl
jss.leidenuniv.nl
mail.physics.leidenuniv.nl
mysite.leidenuniv.nl
kwartel-a.leidenuniv.nl
p-issc-007122.vuw.leidenuniv.nl
splbs02.vuw.leidenuniv.nl
huisstijl.leidenuniv.nl
form.services.universiteitleiden.nl
wagner-p.leidenuniv.nl
pontus.lorentz.leidenuniv.nl
leidenarthistoryblog.nl
smtp.leidenuniv.nl
studiegids-p.leidenuniv.nl
ooievaar.web.leidenuniv.nl
spapp30.vuw.leidenuniv.nl
saufb01.vuw.leidenuniv.nl
schildspin-dev.issc.leidenuniv.nl
lms-wyn-disp03.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
lists.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
webdav.leidenuniv.nl
scharrelaar-p3.leidenuniv.nl
helpdesk.universiteitleiden.nl
libcblog.nl
phdtrack-a.leidenuniv.nl
teams.leidenuniv.nl
evasys.leidenuniv.nl
x-ldap.leidenuniv.nl
cups.issc.leidenuniv.nl
uaccess.leidenuniv.nl
europeanbordercommunities.eu
webprojects.strw.leidenuniv.nl
science.leidenuniv.nl
vg5.strw.leidenuniv.nl
*.weblog.leidenuniv.nl
strwmgmt.strw.leidenuniv.nl
cms-a.universiteitleiden.nl
splic09.ilo.leidenuniv.nl
*.weblog.leidenuniv.nl
pinkashaw-o4.iam-ota.leidenuniv.nl
bankiva.leidenuniv.nl
rds-a.campus.leidenuniv.nl
phdtrack.leidenuniv.nl
planon-a.universiteitleiden.nl
jack-qa.web.leidenuniv.nl
web2print-t.leidenuniv.nl
grasparkiet.leidenuniv.nl
filosofie.leidenuniv.nl
jenkins.issc.leidenuniv.nl
www.readeronline.leidenuniv.nl
nmr.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
leidenlawblog.nl
scharrelaar-p1.leidenuniv.nl
cas.physics.leidenuniv.nl
ppsn2020.liacs.leidenuniv.nl
datamining.liacs.leidenuniv.nl
issc.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
lucris.leidenuniv.nl
celspin-p.issc.leidenuniv.nl
foreman-develop.infra.leidenuniv.nl
leidenuniv.nl
SALMS01.leidenuniv.nl
director1-dev.srvtest.leidenuniv.nl
icga.leidenuniv.nl
uaccess.leidenuniv.nl
jira.issc.leidenuniv.nl
prosobab.leidenuniv.nl
scriptiebeoordeling-hum.leidenuniv.nl
www.math.leidenuniv.nl
Planon-BenO-t.leidenuniv.nl
login.uaccess.leidenuniv.nl
vrops-cluster.luci.leidenuniv.nl
issc.leidenuniv.nl
noah.backup.leidenuniv.nl
u-ldap-dev.srvtest.leidenuniv.nl
p-luci-001131.infra.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
socrates.leidenuniv.nl
uaccess.leidenuniv.nl
tornado-a-https.web.leidenuniv.nl
leidenuniv.nl
lacdrvirtuallab-qa.leidenuniv.nl
sapgax.issc.leidenuniv.nl
vg5.strw.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
avior.math.leidenuniv.nl
blackboardstaging.leidenuniv.nl
weblectures-a.leidenuniv.nl
usis.leidenuniv.nl
strwmail.strw.leidenuniv.nl
sapeca.leidenuniv.nl
phdcareerplatform.universiteitleiden.nl
u-tools.srvtest.leidenuniv.nl
aristotle.leidenuniv.nl
sapsra.leidenuniv.nl
www.strw.leidenuniv.nl
jss.leidenuniv.nl
mail.physics.leidenuniv.nl
mysite.leidenuniv.nl
kwartel-a.leidenuniv.nl
p-issc-007122.vuw.leidenuniv.nl
splbs02.vuw.leidenuniv.nl
huisstijl.leidenuniv.nl
form.services.universiteitleiden.nl
wagner-p.leidenuniv.nl
pontus.lorentz.leidenuniv.nl
leidenarthistoryblog.nl
smtp.leidenuniv.nl
studiegids-p.leidenuniv.nl
ooievaar.web.leidenuniv.nl
spapp30.vuw.leidenuniv.nl
saufb01.vuw.leidenuniv.nl
schildspin-dev.issc.leidenuniv.nl
lms-wyn-disp03.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
lists.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
webdav.leidenuniv.nl
scharrelaar-p3.leidenuniv.nl
helpdesk.universiteitleiden.nl
libcblog.nl
phdtrack-a.leidenuniv.nl
teams.leidenuniv.nl
evasys.leidenuniv.nl
x-ldap.leidenuniv.nl
cups.issc.leidenuniv.nl
uaccess.leidenuniv.nl
europeanbordercommunities.eu
webprojects.strw.leidenuniv.nl
science.leidenuniv.nl
vg5.strw.leidenuniv.nl
*.weblog.leidenuniv.nl
strwmgmt.strw.leidenuniv.nl
cms-a.universiteitleiden.nl
splic09.ilo.leidenuniv.nl
*.weblog.leidenuniv.nl
pinkashaw-o4.iam-ota.leidenuniv.nl
bankiva.leidenuniv.nl
rds-a.campus.leidenuniv.nl
phdtrack.leidenuniv.nl
planon-a.universiteitleiden.nl
jack-qa.web.leidenuniv.nl
web2print-t.leidenuniv.nl
grasparkiet.leidenuniv.nl
filosofie.leidenuniv.nl
jenkins.issc.leidenuniv.nl
www.readeronline.leidenuniv.nl
Certificate
The complete raw certificate details for *.weblog.leidenuniv.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIczCCBlugAwIBAgIQGLNV4Ht1tMb7DOhP18A+uTANBgkqhkiG9w0BAQwFADBE MQswCQYDVQQGEwJOTDEZMBcGA1UEChMQR0VBTlQgVmVyZW5pZ2luZzEaMBgGA1UE AxMRR0VBTlQgT1YgUlNBIENBIDQwHhcNMjMxMjA1MDAwMDAwWhcNMjQxMjA0MjM1 OTU5WjBjMQswCQYDVQQGEwJOTDEVMBMGA1UECBMMWnVpZC1Ib2xsYW5kMRwwGgYD VQQKExNVbml2ZXJzaXRlaXQgTGVpZGVuMR8wHQYDVQQDDBYqLndlYmxvZy5sZWlk ZW51bml2Lm5sMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwCgo0FYl md73OeuEtB5nO3z4D6whtL45mVM888gUudt/3lfw6uWWZYBoSYoBXOd+3bCIP/rX HmUA1dx+PWWrG3VvmY08ldfu5eOlcJzpg/pYdDwnwxbowuiEb1/u1g6fIxYG3HJA t9w/FFeHyJsUgvI/dzmb9I5c8RiMIgnQ+K/qgV8RS7tHxDVhghddRFGwMpchXkSN aWupEoqqk5pgYqDaCFKb5NZi+wogV1zJ2nmBIcLgiuJz8VUuhEJARapzlnQ9XAcz NjNTXa0wKKWDEy0UUQlMmm5aFIjxc7YP4r/LF4QocPnKAYH7BMcW8qaCoTlZQvHe vDfuLi+vYTLg6pxRQyOX3gXmHR9aR5WKQW1G1JKEmlK5Ui1ZMZSLjh+1ZXW2lmnF G5eTgD+39nPU8TzfR2mtznOUUuPy3bczuygDMj7lvl1tpFm9wTIBJP+HEL7XHAbY cA9t5mCat3xZSCTpXQdtw5HOLhbV/XIkRZPs8OPQo0EsMF/Lk5nCvSKZVMmyCuU0 34rWDU/x219Gsetw5Fqymppi6Fl3A78ofHPxHVHTaC79ZG2+xu/7B0H7frwzjABY G2nnGe9O6MjQH2v1vaGNjOqOxCcs/yi9jqTxbdkc9p5Bz+BGHX/FAOY6a9QQ/ncY uQQAIgaZXFAUIa0dyJspNz/Kmrtc3J6rL3ECAwEAAaOCA0AwggM8MB8GA1UdIwQY MBaAFG8dNUkQbDL6WaCevIroH5W+cXoMMB0GA1UdDgQWBBSiv55FehC+WfdH3lv8 QpHT7V/vjjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICTzAl MCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIw PwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL0dFQU5ULmNybC5zZWN0aWdvLmNvbS9H RUFOVE9WUlNBQ0E0LmNybDB1BggrBgEFBQcBAQRpMGcwOgYIKwYBBQUHMAKGLmh0 dHA6Ly9HRUFOVC5jcnQuc2VjdGlnby5jb20vR0VBTlRPVlJTQUNBNC5jcnQwKQYI KwYBBQUHMAGGHWh0dHA6Ly9HRUFOVC5vY3NwLnNlY3RpZ28uY29tMIIBfwYKKwYB BAHWeQIEAgSCAW8EggFrAWkAdgB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+Zn TFo6dAAAAYw6sCjYAAAEAwBHMEUCIQDA9bDMs7o5BRL4TCz3W9gWOwFSIKeP7VYR fXBmvydNkgIgF7xXJ4k/MAcJo3P5HmuUfxAspotgmogLu3aM6je+25wAdwA/F0tP 1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF7PhkbgAAAYw6sCo3AAAEAwBIMEYCIQDS iv88jEYlmPGbsksWDDyhoqpr4kdVyD+FqfxHcuUGOAIhAMcGacmHfe69Kwk1iLcR DlgNefVWCJmMnZ4UyUipROnjAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZ RnEftZsAAAGMOrApCQAABAMARzBFAiBsAVsa+iHqfr4ORJI18F0EprC347NOBO3f 6k+honh0gwIhAN3tCldDQpQjX7ChvA2eojQrc0pVVdz0NNKX5WU5Mu+1MDcGA1Ud EQQwMC6CFioud2VibG9nLmxlaWRlbnVuaXYubmyCFHdlYmxvZy5sZWlkZW51bml2 Lm5sMA0GCSqGSIb3DQEBDAUAA4ICAQBiob1cuYHU/lh2dCHBu9WGs7hpbXFhSG2L uWiKZQ6uaQXs1j3jCtIe8opN2qxqklyPUGl2mKlw0RJGNZ8rFn2QdM44MbJrG59z s6gj58LL3s65aoJq/vEwhNx3qaCrZK8FHmpRgzAVAtdlgg4TQXCH5b8ZNUKQmDSf 8bYJjJA3arIfFoVMf1U0hDtDcUAB3zoYjaYiT7JKvypfTyT4BMWImGre3PIwiq7C M3Esot/Di/eR0uQquEJ8SMtn8aCBYQPO1vGmVJzyjESZWGRA50K+6yl9XkguN5p5 tDP2njJa2wG0LaipMFY0Agk86KLc5OcRQqo0RwAQGAyLTz5dS01elcYUFRrGcu2H 0WU5nlNTkpv74x4lg2sIg5XohAe3W3Zu6xnGeqFSqBwTPHT090qSCDX7ZypxmMDr 7RAYPaza2rzCiN8AfLvtruU8QnjfB6lUpbmeHJn5gU6LmRRxT8uuLwJy9lr+A/Wr 1NXCSEtrb2ZgkZh+DJ3cn9M/FIAe6x9FhsrTXI6YzotUBTJmu7LNOsPrQFWt8dfg Qj5F8HaziW/vwSU/kTY92qqNdKGYKODujuVwHLDBPtA+ooesp0WmXmdm4atkBV1P zvGRIR2tfpFavrqBXsYnG1Fbv1pljJpOXdnW6GVQ3H3IBP/F1TJPSenOuZ7OiXhs VuVht4PusA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwCgo0FYlmd73OeuEtB5n O3z4D6whtL45mVM888gUudt/3lfw6uWWZYBoSYoBXOd+3bCIP/rXHmUA1dx+PWWr G3VvmY08ldfu5eOlcJzpg/pYdDwnwxbowuiEb1/u1g6fIxYG3HJAt9w/FFeHyJsU gvI/dzmb9I5c8RiMIgnQ+K/qgV8RS7tHxDVhghddRFGwMpchXkSNaWupEoqqk5pg YqDaCFKb5NZi+wogV1zJ2nmBIcLgiuJz8VUuhEJARapzlnQ9XAczNjNTXa0wKKWD Ey0UUQlMmm5aFIjxc7YP4r/LF4QocPnKAYH7BMcW8qaCoTlZQvHevDfuLi+vYTLg 6pxRQyOX3gXmHR9aR5WKQW1G1JKEmlK5Ui1ZMZSLjh+1ZXW2lmnFG5eTgD+39nPU 8TzfR2mtznOUUuPy3bczuygDMj7lvl1tpFm9wTIBJP+HEL7XHAbYcA9t5mCat3xZ SCTpXQdtw5HOLhbV/XIkRZPs8OPQo0EsMF/Lk5nCvSKZVMmyCuU034rWDU/x219G setw5Fqymppi6Fl3A78ofHPxHVHTaC79ZG2+xu/7B0H7frwzjABYG2nnGe9O6MjQ H2v1vaGNjOqOxCcs/yi9jqTxbdkc9p5Bz+BGHX/FAOY6a9QQ/ncYuQQAIgaZXFAU Ia0dyJspNz/Kmrtc3J6rL3ECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 32832634826649382907828672189941431993 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-04 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universiteit Leiden' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.weblog.leidenuniv.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 783931646122924870331828891889076218550853428608703923791617738991887292547408645122367373527021971343257273872355154233505509546829117280854327361630075792924798958104686042321163912338909372976251610092524599071333527219295371708038797686275906963881893313098395601840976756249232442512312615853166988979016208689892315932595256815641368315825026299449737021098618068249513707600402371269413090622520555937098356204506921461208949597590252306111057351050425992519880239316343648015615945410167287991806370577603147418496783034272811248166649478931234107366720395415785891245349165206911716667915413828521276374800190530681169648261377330930686833017286496984057565416655682730761485614197943231345462446983654871925989519746749978533606752482218406284046803539736222426979958564051334325630347087691203934436705029103409927696145504984187015187367011416383693681845438236876335836635307649511265826536475633970255448677025044862565841102219604946010000666619572862077871572944600296773930384977319249534487518286133594264993085247308992480186027208200491151678973525051969331736888761311730147266140844493510277879227547318474135859373969956387960543141236628887429693772520588826309650500411475201384971878452063758411085560622961 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a2bf9e457a10be59f747de5bfc4291d3ed5fef8e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 016900760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c3ab028d80000040300473045022100c0f5b0ccb3ba390512f84c2cf75bd8163b015220a78fed56117d7066bf274d92022017bc5727893f300709a373f91e6b947f102ca68b609a880bbb768cea37bedb9c0077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018c3ab02a370000040300483046022100d28aff3c8c462598f19bb24b160c3ca1a2aa6be24755c83f85a9fc4772e50638022100c70669c9877deebd2b093588b7110e580d79f55608998c9d9e14c948a944e9e3007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c3ab02909000004030047304502206c015b1afa21ea7ebe0e449235f05d04a6b0b7e3b34e04eddfea4fa1a2787483022100dded0a57434294235fb0a1bc0d9ea2342b734a5555dcf434d297e5653932efb5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.weblog.leidenuniv.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'weblog.leidenuniv.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0062a1bd5cb981d4fe58767421c1bbd586b3b8696d7161486d8bb9688a650eae6905ecd63de30ad21ef28a4ddaac6a925c8f50697698a970d11246359f2b167d9074ce3831b26b1b9f73b3a823e7c2cbdeceb96a826afef13084dc77a9a0ab64af051e6a5183301502d765820e13417087e5bf1935429098349ff1b6098c90376ab21f16854c7f5534843b43714001df3a188da6224fb24abf2a5f4f24f804c588986adedcf2308aaec233712ca2dfc38bf791d2e42ab8427c48cb67f1a0816103ced6f1a6549cf28c4499586440e742beeb297d5e482e379a79b433f69e325adb01b42da8a930563402093ce8a2dce4e71142aa34470010180c8b4f3e5d4b4d5e95c614151ac672ed87d165399e5353929bfbe31e25836b088395e88407b75b766eeb19c67aa152a81c133c74f4f74a920835fb672a7198c0ebed10183dacdadabcc288df007cbbedaee53c4278df07a954a5b99e1c99f9814e8b9914714fcbae2f0272f65afe03f5abd4d5c2484b6b6f666091987e0c9ddc9fd33f14801eeb1f4586cad35c8e98ce8b54053266bbb2cd3ac3eb4055adf1d7e0423e45f076b3896fefc1253f91363ddaaa8d74a19828e0ee8ee5701cb0c13ed03ea287aca745a65e6766e1ab64055d4fcef191211dad7e915abeba815ec6271b515bbf5a658c9a4e5dd9d6e86550dc7dc804ffc5d5324f49e9ceb99ece89786c56e561b783eeb0