extern.surfnet.nl

Issued by TERENA SSL CA

About this certificate


This digital certificate with serial number 53:54:32:1b:e3:06:08:cf:ab:d4:54:5f:60:9e:a6:bd was issued on by TERENA .

While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • ERROR: localityName or stateOrProvinceName is required if organizationName is set
  • ERROR: stateOrProvinceName is required if organizationName is set

SURFnet B.V.

Organization: SURFnet B.V.
Organization unit: Services
Country: NL

TERENA

Organization: TERENA
Country: NL

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 53:54:32:1b:e3:06:08:cf:ab:d4:54:5f:60:9e:a6:bd
Serial Number (int): 110763092916165905834623378717954451133
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 7d:d1:0c:35:ea:9e:2e:3f:79:30:c6:02:71:a9:ee:1f:d9:24:eb:49
AuthorityKeyId: 0c:bd:93:68:0c:f3:de:ab:a3:49:6b:2b:37:57:47:ea:90:e3:b9:ed

Fingerprint (sha1): bb:cf:63:45:2e:12:9a:7e:88:08:72:60:6b:d7:4b:fd:6e:cc:05:37
Fingerprint (sha256): bd:c1:19:cf:4b:36:cc:6d:fd:a6:e4:86:d5:3d:00:5a:2e:67:58:11:3f:5d:26:42:81:fe:7e:01:5f:d9:ed:38

Issuing Certificate URL: http://crt.tcs.terena.org/TERENASSLCA.crt

Revocation information

OCSP Server: http://ocsp.tcs.terena.org
CRL Distribution Point: http://crl.tcs.terena.org/TERENASSLCA.crl

Check the revocation status for the current certificate on extern.surfnet.nl
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any other subject alternative names besides the common name of the subject: extern.surfnet.nl

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIQU1QyG+MGCM+r1FRfYJ6mvTANBgkqhkiG9w0BAQUFADA2 MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg U1NMIENBMB4XDTEyMDkyNzAwMDAwMFoXDTE1MDkyNzIzNTk1OVowUzELMAkGA1UE BhMCTkwxFTATBgNVBAoTDFNVUkZuZXQgQi5WLjERMA8GA1UECxMIU2VydmljZXMx GjAYBgNVBAMTEWV4dGVybi5zdXJmbmV0Lm5sMIICIjANBgkqhkiG9w0BAQEFAAOC Ag8AMIICCgKCAgEAq7a3hcUV54u/0MKkUtR3w5WxA/Is8B0dw2U5ttlNtWPjc6XB iXTRtvOAaNB1Z68PEd2qxsIMYge5vSEqNjkfN03tbATISTCIbmcSEqzkvGmHeZ4v UCFVboPCuk19CKtz+v9GbGVBu0pvYQ2upwIY2r70lYUzcRKKsKXfnpjanTV6dS7T +3ggnlf7MBzznaDP2JVOLZ54Wmdw22i82zDKUkhPMyriqmv1MsFhYt+x+fzIXzXb 50ReNzwP1EyA2gl67yR0SZYjtQS2NDaOKNLes7F3znllg5S1zgdBNm4BOUz7gqoS XcQkM4PexawHHwS3iM1HzHi4VQ6xCiu5RCm+RTpC/2JOJh5+CzpWbi9geo+PLJ7O cW+144KFHYwSefRScJAZ4GxXv56oF4A3D2tt+DiTq7fY2KdlBQyahl3Vuu1cp51K C8y8YpRrwNigSdHGr70N+bSR4II+cGtdkhhHeQ1lOE4hKHVD4zyRPfufwGNoI6fv +Wh2afX0ftMswWZG3G8mli1jfXsl3O0ugw2qcZMNwmjhPuJwthea9vIDcSRwSD6T SKXOg0lahirZxSvkQCiGByZ5Xfd6fGPDfQMZ+L4W5LHXG1UF9I72HN3AV4r27woI JJdw+Kt/MRbU/m2qQlOognBhBssBI9cAVoPPTGCkYfutDTkVmBwZkUA2nM0CAwEA AaOCAWQwggFgMB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1Ud DgQWBBR90Qw16p4uP3kwxgJxqe4f2STrSTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGAYDVR0gBBEw DzANBgsrBgEEAbIxAQICHTA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLnRj cy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNybDBtBggrBgEFBQcBAQRhMF8wNQYI KwYBBQUHMAKGKWh0dHA6Ly9jcnQudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0Eu Y3J0MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50Y3MudGVyZW5hLm9yZzAcBgNV HREEFTATghFleHRlcm4uc3VyZm5ldC5ubDANBgkqhkiG9w0BAQUFAAOCAQEAYPCq RGgEuXEZLGu6oxZKHvfUMhrceKqoTiDq7t7aqhZf8j1QTHPcqEU26HsvWT6acF7K eQXZ/lnDPXL2zo3L4u8SqEsERkQq6UYxTU1GLhvX/z3aM7zOS3Ur2anD8pl0jcp0 AG75h/JYaXQqTtMi829EtJ66SQxXkOgBXrgYclBScrYJSzzUrt/kw0JYRG4J1yk8 BInI1xdj2lUSbN3GjXyikogHbFrNzmAKM5E+URzIKFP6oFYTjuIWGT/ZUH5HpSR+ dTHgDG1bnbNz8BlzSeuid9utOpagJRH2rAI7kpoE7AwoGBzW9lNB2cBMUm+vllHl 3hmXeZcf6CHsp4QkMg== -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq7a3hcUV54u/0MKkUtR3 w5WxA/Is8B0dw2U5ttlNtWPjc6XBiXTRtvOAaNB1Z68PEd2qxsIMYge5vSEqNjkf N03tbATISTCIbmcSEqzkvGmHeZ4vUCFVboPCuk19CKtz+v9GbGVBu0pvYQ2upwIY 2r70lYUzcRKKsKXfnpjanTV6dS7T+3ggnlf7MBzznaDP2JVOLZ54Wmdw22i82zDK UkhPMyriqmv1MsFhYt+x+fzIXzXb50ReNzwP1EyA2gl67yR0SZYjtQS2NDaOKNLe s7F3znllg5S1zgdBNm4BOUz7gqoSXcQkM4PexawHHwS3iM1HzHi4VQ6xCiu5RCm+ RTpC/2JOJh5+CzpWbi9geo+PLJ7OcW+144KFHYwSefRScJAZ4GxXv56oF4A3D2tt +DiTq7fY2KdlBQyahl3Vuu1cp51KC8y8YpRrwNigSdHGr70N+bSR4II+cGtdkhhH eQ1lOE4hKHVD4zyRPfufwGNoI6fv+Wh2afX0ftMswWZG3G8mli1jfXsl3O0ugw2q cZMNwmjhPuJwthea9vIDcSRwSD6TSKXOg0lahirZxSvkQCiGByZ5Xfd6fGPDfQMZ +L4W5LHXG1UF9I72HN3AV4r27woIJJdw+Kt/MRbU/m2qQlOognBhBssBI9cAVoPP TGCkYfutDTkVmBwZkUA2nM0CAwEAAQ== -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 110763092916165905834623378717954451133 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-09-27 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-09-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SURFnet B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'extern.surfnet.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 700530931942673470702776325384397893321768421772021442293814754149325651894905673013651644258899816844663676691827094966291905248059877800247936215669485830358439152030246971600150121499314937784119703963197095488746489265107138548997365766336878646480694316282660433867445728342805557766044108770684864010878557802274601803124140811098626244354238683324614559487680338865501330338470620872958764455926073702588251616734393590403744819907511583065050593331976319065468024957361329856193200443630427838420563493430996480319079429439715078063958455069022286806556181072759362372357360486676914012246198383260243428001265984856331995681959852091311870328003729936625077290146668272790781110421902237628999004236065417914413361594263961569367989865651028064770169781107991414369024981399414690016712022008550732243848187233759925943902383710577102977782960673099654097352270649969816659181035347403001586312462613384232404259237848990642111761095421624087356099978840341821442419656598244413549668845435424880022074533200608061764477869711343079339430603505106717972344589817318615407509895636735641030490774127417977762632318928398423165234601865733995060305298568303198014394835912477286096006858769813826296717481977084236383772908749 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0cbd93680cf3deaba3496b2b375747ea90e3b9ed . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7dd10c35ea9e2e3f7930c60271a9ee1fd924eb49 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.29 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.tcs.terena.org/TERENASSLCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (97 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.tcs.terena.org/TERENASSLCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.tcs.terena.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'extern.surfnet.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0060f0aa446804b971192c6bbaa3164a1ef7d4321adc78aaa84e20eaeededaaa165ff23d504c73dca84536e87b2f593e9a705eca7905d9fe59c33d72f6ce8dcbe2ef12a84b0446442ae946314d4d462e1bd7ff3dda33bcce4b752bd9a9c3f299748dca74006ef987f25869742a4ed322f36f44b49eba490c5790e8015eb81872505272b6094b3cd4aedfe4c34258446e09d7293c0489c8d71763da55126cddc68d7ca29288076c5acdce600a33913e511cc82853faa056138ee216193fd9507e47a5247e7531e00c6d5b9db373f0197349eba277dbad3a96a02511f6ac023b929a04ec0c28181cd6f65341d9c04c526faf9651e5de199779971fe821eca7842432