web.universiteitleiden.nl
- Universiteit Leiden -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number 88:06:c3:85:ee:fc:c4:49:50:f8:c7:e7:92:14:74:e4 was issued on by GEANT Vereniging.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Universiteit Leiden
Organization:
Universiteit Leiden
State / Province:
Zuid-Holland
Country: NL
Country: NL
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 88:06:c3:85:ee:fc:c4:49:50:f8:c7:e7:92:14:74:e4Serial Number (int): 180810126889081102733879118685892015332
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: b4:c9:9e:58:57:fe:94:3a:eb:c8:7b:6c:73:ad:56:c7:68:dc:09:cf
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): 58:b0:4c:dd:3c:42:bf:59:5a:86:f6:92:c4:75:5f:8c:2c:f4:e7:a8
Fingerprint (sha256): 0e:ad:84:8f:c8:5a:24:ff:69:3b:25:4b:b5:62:1a:e0:9e:33:34:00:33:0b:f4:56:25:49:9f:06:cb:9c:48:80
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate web.universiteitleiden.nl
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for web.universiteitleiden.nl
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
web.universiteitleiden.nl
Other certificates including the domain name universiteitleiden.nl
(limited to 100 certificates)
bachelors.universiteitleiden.nl
scharrelaar-p1.leidenuniv.nl
springoffer.universiteitleiden.nl
weblectures-a.leidenuniv.nl
phdcareerplatform.universiteitleiden.nl
mentornetwerk.universiteitleiden.nl
form.services.universiteitleiden.nl
mentornetwerk.universiteitleiden.nl
studiegids-p.leidenuniv.nl
ooievaar.web.leidenuniv.nl
scharrelaar-p3.leidenuniv.nl
helpdesk.universiteitleiden.nl
depthoffield.universiteitleiden.nl
aqa.universiteitleiden.nl
acquisitions.library.universiteitleiden.nl
cms-a.universiteitleiden.nl
planon-a.universiteitleiden.nl
web.universiteitleiden.nl
grasparkiet.leidenuniv.nl
aqa.universiteitleiden.nl
trail.universiteitleiden.nl
cms.universiteitleiden.nl
depthoffield.universiteitleiden.nl
www.universiteitleiden.nl
masters.universiteitleiden.nl
sapbo-acc.universiteitleiden.nl
planon-t.universiteitleiden.nl
ooievaar.web.leidenuniv.nl
ask-a-librarian.universiteitleiden.nl
scharrelaar-p3.leidenuniv.nl
presto-a.universiteitleiden.nl
grasparkiet.leidenuniv.nl
webpresentations-a.universiteitleiden.nl
mentornetwerk.universiteitleiden.nl
mfa.services.universiteitleiden.nl
mysites.universiteitleiden.nl
bachelors.universiteitleiden.nl
tornado-p-https.web.leidenuniv.nl
mfa-a.services.universiteitleiden.nl
www.jotform3.leidenuniv.nl
finder.library.universiteitleiden.nl
scriptiebeoordeling-law.universiteitleiden.nl
planon.universiteitleiden.nl
redirectservice.universiteitleiden.nl
wiki.cfer.universiteitleiden.nl
tornado-p-https.web.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
wbs.universiteitleiden.nl
tdm.universiteitleiden.nl
video.universiteitleiden.nl
planon.universiteitleiden.nl
aqa.universiteitleiden.nl
lu-card-activeren-a.universiteitleiden.nl
studiegids.universiteitleiden.nl
tornado-p-https.web.leidenuniv.nl
video.universiteitleiden.nl
helpdesk-o.universiteitleiden.nl
mentornetwerk.universiteitleiden.nl
phdcareerplatform.universiteitleiden.nl
planon-a.universiteitleiden.nl
lenteactie.universiteitleiden.nl
aqa.universiteitleiden.nl
acquisitions.library.universiteitleiden.nl
aqa.universiteitleiden.nl
benb.universiteitleiden.nl
aqa.universiteitleiden.nl
aqa.universiteitleiden.nl
topaza-t.leidenuniv.nl
www-r.universiteitleiden.nl
omeroweb.services.universiteitleiden.nl
kokmeeuw.leidenuniv.nl
aqa.universiteitleiden.nl
indonesie.universiteitleiden.nl
gitlab.services.universiteitleiden.nl
scharrelaar-p3.leidenuniv.nl
studyspots.universiteitleiden.nl
mfa-a.services.universiteitleiden.nl
phdcareerplatform.universiteitleiden.nl
grasparkiet.leidenuniv.nl
rooster.universiteitleiden.nl
tornado-p-https.web.leidenuniv.nl
jatos.services.universiteitleiden.nl
webpresentations.universiteitleiden.nl
bookandbyte.universiteitleiden.nl
hop-qa.leidenuniv.nl
brightspacesupport.universiteitleiden.nl
sshgw01.alice.universiteitleiden.nl
numerusfixus.universiteitleiden.nl
weblectures.leidenuniv.nl
aqa.universiteitleiden.nl
account-a.services.universiteitleiden.nl
p-issc-009996.infra.leidenuniv.nl
jatos-t.services.universiteitleiden.nl
finder.library.universiteitleiden.nl
aqa.universiteitleiden.nl
lithium.liacs.nl
scharrelaar-p1.leidenuniv.nl
depthoffield.universiteitleiden.nl
indonesie.universiteitleiden.nl
aqa.universiteitleiden.nl
scharrelaar-p1.leidenuniv.nl
springoffer.universiteitleiden.nl
weblectures-a.leidenuniv.nl
phdcareerplatform.universiteitleiden.nl
mentornetwerk.universiteitleiden.nl
form.services.universiteitleiden.nl
mentornetwerk.universiteitleiden.nl
studiegids-p.leidenuniv.nl
ooievaar.web.leidenuniv.nl
scharrelaar-p3.leidenuniv.nl
helpdesk.universiteitleiden.nl
depthoffield.universiteitleiden.nl
aqa.universiteitleiden.nl
acquisitions.library.universiteitleiden.nl
cms-a.universiteitleiden.nl
planon-a.universiteitleiden.nl
web.universiteitleiden.nl
grasparkiet.leidenuniv.nl
aqa.universiteitleiden.nl
trail.universiteitleiden.nl
cms.universiteitleiden.nl
depthoffield.universiteitleiden.nl
www.universiteitleiden.nl
masters.universiteitleiden.nl
sapbo-acc.universiteitleiden.nl
planon-t.universiteitleiden.nl
ooievaar.web.leidenuniv.nl
ask-a-librarian.universiteitleiden.nl
scharrelaar-p3.leidenuniv.nl
presto-a.universiteitleiden.nl
grasparkiet.leidenuniv.nl
webpresentations-a.universiteitleiden.nl
mentornetwerk.universiteitleiden.nl
mfa.services.universiteitleiden.nl
mysites.universiteitleiden.nl
bachelors.universiteitleiden.nl
tornado-p-https.web.leidenuniv.nl
mfa-a.services.universiteitleiden.nl
www.jotform3.leidenuniv.nl
finder.library.universiteitleiden.nl
scriptiebeoordeling-law.universiteitleiden.nl
planon.universiteitleiden.nl
redirectservice.universiteitleiden.nl
wiki.cfer.universiteitleiden.nl
tornado-p-https.web.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
wbs.universiteitleiden.nl
tdm.universiteitleiden.nl
video.universiteitleiden.nl
planon.universiteitleiden.nl
aqa.universiteitleiden.nl
lu-card-activeren-a.universiteitleiden.nl
studiegids.universiteitleiden.nl
tornado-p-https.web.leidenuniv.nl
video.universiteitleiden.nl
helpdesk-o.universiteitleiden.nl
mentornetwerk.universiteitleiden.nl
phdcareerplatform.universiteitleiden.nl
planon-a.universiteitleiden.nl
lenteactie.universiteitleiden.nl
aqa.universiteitleiden.nl
acquisitions.library.universiteitleiden.nl
aqa.universiteitleiden.nl
benb.universiteitleiden.nl
aqa.universiteitleiden.nl
aqa.universiteitleiden.nl
topaza-t.leidenuniv.nl
www-r.universiteitleiden.nl
omeroweb.services.universiteitleiden.nl
kokmeeuw.leidenuniv.nl
aqa.universiteitleiden.nl
indonesie.universiteitleiden.nl
gitlab.services.universiteitleiden.nl
scharrelaar-p3.leidenuniv.nl
studyspots.universiteitleiden.nl
mfa-a.services.universiteitleiden.nl
phdcareerplatform.universiteitleiden.nl
grasparkiet.leidenuniv.nl
rooster.universiteitleiden.nl
tornado-p-https.web.leidenuniv.nl
jatos.services.universiteitleiden.nl
webpresentations.universiteitleiden.nl
bookandbyte.universiteitleiden.nl
hop-qa.leidenuniv.nl
brightspacesupport.universiteitleiden.nl
sshgw01.alice.universiteitleiden.nl
numerusfixus.universiteitleiden.nl
weblectures.leidenuniv.nl
aqa.universiteitleiden.nl
account-a.services.universiteitleiden.nl
p-issc-009996.infra.leidenuniv.nl
jatos-t.services.universiteitleiden.nl
finder.library.universiteitleiden.nl
aqa.universiteitleiden.nl
lithium.liacs.nl
scharrelaar-p1.leidenuniv.nl
depthoffield.universiteitleiden.nl
indonesie.universiteitleiden.nl
aqa.universiteitleiden.nl
Certificate
The complete raw certificate details for web.universiteitleiden.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIZDCCBkygAwIBAgIRAIgGw4Xu/MRJUPjH55IUdOQwDQYJKoZIhvcNAQEMBQAw RDELMAkGA1UEBhMCTkwxGTAXBgNVBAoTEEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNV BAMTEUdFQU5UIE9WIFJTQSBDQSA0MB4XDTIzMDEzMDAwMDAwMFoXDTI0MDEzMDIz NTk1OVowZjELMAkGA1UEBhMCTkwxFTATBgNVBAgTDFp1aWQtSG9sbGFuZDEcMBoG A1UEChMTVW5pdmVyc2l0ZWl0IExlaWRlbjEiMCAGA1UEAxMZd2ViLnVuaXZlcnNp dGVpdGxlaWRlbi5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALoU rGT+vTHXquK7T5YX7uJ2kkRS3Ng27CAruJSivGurZoK667Dlf1v1sa1Ve4Rb+ZhJ 0/Lsu/ay5NCJWRmPabv4tMxOkTfofnk/ZES1vQVaCx5jFHpMrw5QQ+pf4QTixd0P wWFCqkQxdiTNJSASVAchdqxNYOorfAcvHXoRmjE1jHNsu8mb/wm8PuTj4mPZ4SLI JghqYAgE54eMSRnqkHFQ5YKWMzGgW1TlyNdV1NsieVb9hWilliWPtm0LG6/I441G E9DcC09WfDvb3ZEcF5nZE5x/pj2wTvkMhNx8eUjObjBnb/qVhBslxsCRmipzAHWF K3agg1UULmwakQE/MJ3bPXDDndfWMfqgKxHLbB7A4Ro+IBlY3W3cPBf1zBuA9tOG 5l28mETHf1Z3gP3653VOhtjIAr4/zokApq/tUX0uptK/gL+ICOYkJ5ZGP98ki1HR dmagpd+nqyhAqmKcjIPF371/M+vm5k4BwUPuvUvyo08NcepeKBwhjsLtVYRb3S+B 3JRo0FdwlZemG1g+XmDydoYDjrdG4R5C9xc37LWS4NGlmHXLphxspQ4QkBNA4fDV DqWmlrRzkPcwMJmxqHEV96/T5fdi4Zk7bXMq7QIMsYqQ9l+XUheSXrsNVhvSc3MV aj/SRsBWcur+QH9QY3CwFl+0r+2cemUd0V3nrVEpAgMBAAGjggMtMIIDKTAfBgNV HSMEGDAWgBRvHTVJEGwy+lmgnryK6B+VvnF6DDAdBgNVHQ4EFgQUtMmeWFf+lDrr yHtsc61Wx2jcCc8wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQEC Ak8wJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EM AQICMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9HRUFOVC5jcmwuc2VjdGlnby5j b20vR0VBTlRPVlJTQUNBNC5jcmwwdQYIKwYBBQUHAQEEaTBnMDoGCCsGAQUFBzAC hi5odHRwOi8vR0VBTlQuY3J0LnNlY3RpZ28uY29tL0dFQU5UT1ZSU0FDQTQuY3J0 MCkGCCsGAQUFBzABhh1odHRwOi8vR0VBTlQub2NzcC5zZWN0aWdvLmNvbTCCAX8G CisGAQQB1nkCBAIEggFvBIIBawFpAHUAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhC Cp/mZ0xaOnQAAAGGAuQk6gAABAMARjBEAiB3iET9Kz4O87YHHtKaSVI1JD8S46Xq JgpsA6l5lBy6lAIgZ7VqFkqhmlxRVooJp5l8fcPKAVLWP+ePstg+oT5QJUEAdwDa tr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYYC5CSyAAAEAwBIMEYC IQD+j82kzCjcvJg6bqNwMOgOKq/UQnO1ELOfYFcERSOhxwIhALGdHC2ORHZuA87G HALls3p1UEWDHVxXZUx7e4VTT5svAHcA7s3QZNXbGs7FXLedtM0TojKHRny87N7D UUhZRnEftZsAAAGGAuQkfwAABAMASDBGAiEA/4UEQPay+5iZygvPUmEEk36MOFXM wHVoO5dIerlm+50CIQCVwqiLetcaKjjcBJZT1h4Xr+d69Dasne0KME73FhAxUDAk BgNVHREEHTAbghl3ZWIudW5pdmVyc2l0ZWl0bGVpZGVuLm5sMA0GCSqGSIb3DQEB DAUAA4ICAQAObx1f5GcgwSclcahqLyI8OM5DUnRTsrz+UIwn+CTbIZ6wPoVnroHK 8Pr/TZENG374BHKQavAagqb0PRDhgDrzPRJHv83IytbM3RCGE2v9PnzoMqBPpvs7 uPMOJGc49NTmHRTHccTT7oSkV+iebfHBQJXH0nlzCMo3DPV+FyJiIY6EjccxMhL6 Nii/xClZF1vfTujuTPFj2WiyMGrrvi2pJ+q2D/TiZh4bfP/Pz2Q4TJADr8pXusbX 3b66ueYnteiAcZFjHrNj5q9a87pBt84hrC7zf1Ha3k5o3do7l00Q4XlywrVs6xzM KGpbH46haud09A9Tuh6qW2jNfmTsbwuMkSVJU1zBmXiMNP9lY7Any0V2t2k/9DzI rx52tsxfbTUkgbAIJs3UfGlqoRW51/oh3sAkFOQzLmY5tvlLoVMa0uC5DiEq8iI+ cgRZhHgATUPM80NcnhYuL9g0Yx2mwOHl8J9n2t+RTEqxK6W+J6xOJCTdjj4hSLmz pcj5P7+ucLGpTRizLig3Mf7gl8rgVIzQwRVMNJeMlHa6tD70soRz0/tNvgaRl1SH nw+eHWp0RBLsjZUY8X7AHTK4Pae7V9QipJkF+fftQaeSXUeIOFIZjhphF8sqJ7HD GR4l5hIKAxkMx9+E3fgVx8yzLENPdtXXsBqF9uughCWOUGsWHUKawg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuhSsZP69Mdeq4rtPlhfu 4naSRFLc2DbsICu4lKK8a6tmgrrrsOV/W/WxrVV7hFv5mEnT8uy79rLk0IlZGY9p u/i0zE6RN+h+eT9kRLW9BVoLHmMUekyvDlBD6l/hBOLF3Q/BYUKqRDF2JM0lIBJU ByF2rE1g6it8By8dehGaMTWMc2y7yZv/Cbw+5OPiY9nhIsgmCGpgCATnh4xJGeqQ cVDlgpYzMaBbVOXI11XU2yJ5Vv2FaKWWJY+2bQsbr8jjjUYT0NwLT1Z8O9vdkRwX mdkTnH+mPbBO+QyE3Hx5SM5uMGdv+pWEGyXGwJGaKnMAdYUrdqCDVRQubBqRAT8w nds9cMOd19Yx+qArEctsHsDhGj4gGVjdbdw8F/XMG4D204bmXbyYRMd/VneA/frn dU6G2MgCvj/OiQCmr+1RfS6m0r+Av4gI5iQnlkY/3ySLUdF2ZqCl36erKECqYpyM g8XfvX8z6+bmTgHBQ+69S/KjTw1x6l4oHCGOwu1VhFvdL4HclGjQV3CVl6YbWD5e YPJ2hgOOt0bhHkL3FzfstZLg0aWYdcumHGylDhCQE0Dh8NUOpaaWtHOQ9zAwmbGo cRX3r9Pl92LhmTttcyrtAgyxipD2X5dSF5Jeuw1WG9JzcxVqP9JGwFZy6v5Af1Bj cLAWX7Sv7Zx6ZR3RXeetUSkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 180810126889081102733879118685892015332 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-30 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-30 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universiteit Leiden' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'web.universiteitleiden.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 759143250476764080700233935309828442122774129788394946220281841282982271660858413915656974808926098782097782768882265632144262809799140234186682203696932859180736011403645764530535875709968300872376437299593543121600386280085741372089032713788521170164091576403691509265222522664061669045627997674827457733290992263576000325537015754054351267296909300984541846568147817382388496116355380473152082472592023355845198963747027216410937524943019850192608706174338458670560139971448454491073869805248873542793674401112977055079287355019810809596611297510474716393176185254236965826298352180856202274575838461758547451806983063556667945577486069874616173122648845719990762763696736725446556219991361626679282348536248512014306608215114151331955322990750730457328082560911046270901536146800932890719418614905863915292355957437385359582785160045633508590595352317393219535291392755502537808689319962452748372674752168223714091503153634932258373538365967581374273388182678581055391372597988862237561374831766684105281396564857571143115248002222590263659893941716707695122226343117326552750410271108898415411217577685083334869731938913726432719702712690502870973183341080302132437628020934320352441699023085604475960749069358774061795243807017 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b4c99e5857fe943aebc87b6c73ad56c768dc09cf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 016900750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018602e424ea00000403004630440220778844fd2b3e0ef3b6071ed29a495235243f12e3a5ea260a6c03a979941cba94022067b56a164aa19a5c51568a09a7997c7dc3ca0152d63fe78fb2d83ea13e502541007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018602e424b20000040300483046022100fe8fcda4cc28dcbc983a6ea37030e80e2aafd44273b510b39f6057044523a1c7022100b19d1c2d8e44766e03cec61c02e5b37a755045831d5c57654c7b7b85534f9b2f007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018602e4247f0000040300483046022100ff850440f6b2fb9899ca0bcf526104937e8c3855ccc075683b97487ab966fb9d02210095c2a88b7ad71a2a38dc049653d61e17afe77af436ac9ded0a304ef716103150 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'web.universiteitleiden.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 000e6f1d5fe46720c1272571a86a2f223c38ce43527453b2bcfe508c27f824db219eb03e8567ae81caf0faff4d910d1b7ef80472906af01a82a6f43d10e1803af33d1247bfcdc8cad6ccdd1086136bfd3e7ce832a04fa6fb3bb8f30e246738f4d4e61d14c771c4d3ee84a457e89e6df1c14095c7d2797308ca370cf57e172262218e848dc7313212fa3628bfc42959175bdf4ee8ee4cf163d968b2306aebbe2da927eab60ff4e2661e1b7cffcfcf64384c9003afca57bac6d7ddbebab9e627b5e8807191631eb363e6af5af3ba41b7ce21ac2ef37f51dade4e68ddda3b974d10e17972c2b56ceb1ccc286a5b1f8ea16ae774f40f53ba1eaa5b68cd7e64ec6f0b8c912549535cc199788c34ff6563b027cb4576b7693ff43cc8af1e76b6cc5f6d352481b00826cdd47c696aa115b9d7fa21dec02414e4332e6639b6f94ba1531ad2e0b90e212af2223e7204598478004d43ccf3435c9e162e2fd834631da6c0e1e5f09f67dadf914c4ab12ba5be27ac4e2424dd8e3e2148b9b3a5c8f93fbfae70b1a94d18b32e283731fee097cae0548cd0c1154c34978c9476bab43ef4b28473d3fb4dbe06919754879f0f9e1d6a744412ec8d9518f17ec01d32b83da7bb57d422a49905f9f7ed41a7925d47883852198e1a6117cb2a27b1c3191e25e6120a03190cc7df84ddf815c7ccb32c434f76d5d7b01a85f6eba084258e506b161d429ac2