my.ips.hz.nl

Issued by TERENA SSL CA

About this certificate


This digital certificate with serial number d9:3b:f8:8f:fa:91:fc:cc:77:16:6d:a0:b6:ea:d2:03 was issued on by TERENA .

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

my.ips.hz.nl

Organization unit: Domain Control Validated

TERENA

Organization: TERENA

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): d9:3b:f8:8f:fa:91:fc:cc:77:16:6d:a0:b6:ea:d2:03
Serial Number (int): 288753862044736984911525875435264725507
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 62:f4:9a:6c:44:2f:ca:a1:c5:2c:86:c6:32:9b:67:9d:bb:f1:1b:54
AuthorityKeyId: 0c:bd:93:68:0c:f3:de:ab:a3:49:6b:2b:37:57:47:ea:90:e3:b9:ed

Fingerprint (sha1): f0:23:a9:f2:aa:39:81:5c:51:e9:1d:08:ca:72:3e:2b:bf:af:f5:e1
Fingerprint (sha256): 95:f4:2e:8c:a8:35:4f:a9:38:a9:94:29:cb:14:32:db:f7:3a:25:92:83:56:26:bc:18:79:92:38:88:f3:b2:25

Issuing Certificate URL: http://crt.tcs.terena.org/TERENASSLCA.crt

Revocation information

OCSP Server: http://ocsp.tcs.terena.org
CRL Distribution Point: http://crl.tcs.terena.org/TERENASSLCA.crl

Check the revocation status for the current certificate on my.ips.hz.nl
5
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

my.ips.hz.nl
api.ips.hz.nl
apps.ips.hz.nl
fs.ips.hz.nl
oauth.ips.hz.nl

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIEpDCCA4ygAwIBAgIRANk7+I/6kfzMdxZtoLbq0gMwDQYJKoZIhvcNAQEFBQAw NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B IFNTTCBDQTAeFw0xNDA0MDgwMDAwMDBaFw0xNzA0MDcyMzU5NTlaMDoxITAfBgNV BAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEVMBMGA1UEAxMMbXkuaXBzLmh6 Lm5sMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNm4H+ijC+DJqK1f c1Mk0ripovXAhCgmNtFL8yEgElzfmr/tJAJBZbDlLtI22q0IfJIhbW0DFF8OF/ze h0+5Wk1VM6p+UEsKRbECD/t7E4fQXb20C4jdEUbZZrC7rBgFT8lyuOr3q4yQQMBE bUTQ7knrQNgm0WsYk6wZx2BLjFkHO/JV33atXNbn8xUF8XJvf8gZF3TsSIxK9V9j 35S1Rdo778vTjM/3PuCaKCAVSKKthavpdAxJSntItgZFUBNRhxGEK+GcV/N94JSs oV8hg/3BJ4dSpU8V+m9usZXuZErdzVzh8GAJsiVujyZaTdYypokXmZI2DAQMXi1j WupxxQIDAQABo4IBpzCCAaMwHwYDVR0jBBgwFoAUDL2TaAzz3qujSWsrN1dH6pDj ue0wHQYDVR0OBBYEFGL0mmxEL8qhxSyGxjKbZ5278RtUMA4GA1UdDwEB/wQEAwIF oDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAi BgNVHSAEGzAZMA0GCysGAQQBsjEBAgIdMAgGBmeBDAECATA6BgNVHR8EMzAxMC+g LaArhilodHRwOi8vY3JsLnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNybDBt BggrBgEFBQcBAQRhMF8wNQYIKwYBBQUHMAKGKWh0dHA6Ly9jcnQudGNzLnRlcmVu YS5vcmcvVEVSRU5BU1NMQ0EuY3J0MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50 Y3MudGVyZW5hLm9yZzBVBgNVHREETjBMggxteS5pcHMuaHoubmyCDWFwaS5pcHMu aHoubmyCDmFwcHMuaXBzLmh6Lm5sggxmcy5pcHMuaHoubmyCD29hdXRoLmlwcy5o ei5ubDANBgkqhkiG9w0BAQUFAAOCAQEAvPqkxRRzLnflRAuASpYpkmcmuDpdUAXK ciO06Lk63JULcbR1oFDJiNO4lRdcO31GgIKEKyrOmy0YmblOlAljHnw+1gaJuFWl /2ckiwcum87NJVC8yXdPnk+z0FxcDYWTGqTjUV/DCBfJKx6rTsT1XV5LL25btCMB GpHwrMW8bETxT1ttIZViivW4m3jMdxCZOA7nzsFoHHqFVkEaZzWeKRBOWf918GZ5 ajpOlwcAyCAs1YDwN2ByuuBzFdgv4St4UEm812mZTioQGudfyG5HABsanPw1V1ho 6gLgqbXtohTviuwTGrU0qkN7V4IIV+iRosgXBgpuScZH8tNLlqe8uA== -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNm4H+ijC+DJqK1fc1Mk 0ripovXAhCgmNtFL8yEgElzfmr/tJAJBZbDlLtI22q0IfJIhbW0DFF8OF/zeh0+5 Wk1VM6p+UEsKRbECD/t7E4fQXb20C4jdEUbZZrC7rBgFT8lyuOr3q4yQQMBEbUTQ 7knrQNgm0WsYk6wZx2BLjFkHO/JV33atXNbn8xUF8XJvf8gZF3TsSIxK9V9j35S1 Rdo778vTjM/3PuCaKCAVSKKthavpdAxJSntItgZFUBNRhxGEK+GcV/N94JSsoV8h g/3BJ4dSpU8V+m9usZXuZErdzVzh8GAJsiVujyZaTdYypokXmZI2DAQMXi1jWupx xQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 288753862044736984911525875435264725507 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-04-08 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-04-07 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'my.ips.hz.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20810443371556009997762101197946176275107090239111867364635336047648467268001994813816873324288990834518919434510165934124154310056587435145254890350928299610625307605475889587028921565230683668370026506038347303761713538603072308353829319088463583023745913926152369735810350456784652102437416085131269111069288638778598413217412970295968976305350389674697833036450071724630058200177576724502480055793093536086676493547096530120681021261448460748475801997282379664213173856477563797234246731209342291838807020888141987258244124316357440301812886074823905837164124906692926316153645455273423859399663591793802873565637 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0cbd93680cf3deaba3496b2b375747ea90e3b9ed . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 62f49a6c442fcaa1c52c86c6329b679dbbf11b54 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.29 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.tcs.terena.org/TERENASSLCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (97 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.tcs.terena.org/TERENASSLCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.tcs.terena.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (78 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'my.ips.hz.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.ips.hz.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apps.ips.hz.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fs.ips.hz.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oauth.ips.hz.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bcfaa4c514732e77e5440b804a9629926726b83a5d5005ca7223b4e8b93adc950b71b475a050c988d3b895175c3b7d468082842b2ace9b2d1899b94e9409631e7c3ed60689b855a5ff67248b072e9bcecd2550bcc9774f9e4fb3d05c5c0d85931aa4e3515fc30817c92b1eab4ec4f55d5e4b2f6e5bb423011a91f0acc5bc6c44f14f5b6d2195628af5b89b78cc771099380ee7cec1681c7a8556411a67359e29104e59ff75f066796a3a4e970700c8202cd580f0376072bae07315d82fe12b785049bcd769994e2a101ae75fc86e47001b1a9cfc35575868ea02e0a9b5eda214ef8aec131ab534aa437b57820857e891a2c817060a6e49c647f2d34b96a7bcb8