api.expenseclaims.uva.nl
- Universiteit van Amsterdam -
Issued by TERENA SSL CA 3
About this certificate
This digital certificate with serial number 0b:62:2d:25:6d:56:74:56:be:c5:60:58:14:d4:1a:64 was issued on by TERENA.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Universiteit van Amsterdam
Organization:
Universiteit van Amsterdam
Organization unit: ICT Services
Organization unit: ICT Services
Locality:
Amsterdam
Country: NL
Country: NL
TERENA
Organization:
TERENA
State / Province:
Noord-Holland
Locality: Amsterdam
Country: NL
Locality: Amsterdam
Country: NL
This certificate has expire since
Certificate Details
Serial Number (hex): 0b:62:2d:25:6d:56:74:56:be:c5:60:58:14:d4:1a:64Serial Number (int): 15131268719483048148179408077714627172
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: da:1a:54:e6:a5:0c:31:b6:46:6b:dc:58:2b:d1:4b:ad:89:4e:7d:50
AuthorityKeyId: 67:fd:88:20:14:27:98:c7:09:d2:25:19:bb:e9:51:11:63:75:50:62
Fingerprint (sha1): eb:90:d5:99:68:15:83:e2:14:c2:d9:63:05:06:96:d6:4f:08:25:14
Fingerprint (sha256): 11:5a:a2:43:4b:f0:67:11:9d:c2:82:26:c3:ff:66:5d:cd:e5:de:03:0e:c5:2f:73:f8:cc:6b:5b:7c:6d:68:79
Issuing Certificate URL: http://cacerts.digicert.com/TERENASSLCA3.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/TERENASSLCA3.crl
CRL Distribution Point: http://crl4.digicert.com/TERENASSLCA3.crl
Check the revocation status for certificate api.expenseclaims.uva.nl
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for api.expenseclaims.uva.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
api.expenseclaims.uva.nl
webapp-prd1.forux.nl
webapp-prd1.forux.nl
Other certificates including the domain name uva.nl
(limited to 100 certificates)
elrond.ic.uva.nl
spin.spinnet.eu
parijs-deeltijd2016.humanities.uva.nl
sap-dev-rudx.ic.uva.nl
fullfabric.com
mobiusportal.uva.dev.icts.education
medewerker.uva.nl
schoolmuseum.uba.uva.nl
filmstudies.nl
amsterdam1544.humanities.uva.nl
www.fon.hum.uva.nl
studiegids.beheer.uva.nl
agile099.science.uva.nl
smdmmstreamprd.ic.uva.nl
idm-beheer.ic.uva.nl
academy.socsci.uva.nl
humanities.uva.nl
blendedlearning.socsci.uva.nl
sap-acc-ruax.ic.uva.nl
transparency.humanities.uva.nl
dutchcycling.socsci.uva.nl
educsys.uva.nl
slpl.science.uva.nl
ahmpostcolonialmemory.humanities.uva.nl
publichistory.humanities.uva.nl
zaken.test.uva.nl
roosterportal-tst.uva.nl
humanities.uva.nl
onderzoekmobw.socsci.uva.nl
cas-acc.ic.uva.nl
content-dev.sap.uva.nl
analytics.ic.uva.nl
agile042.science.uva.nl
ruacpi.sap.uva.nl
smdmmstreamprd.ic.uva.nl
antondekom.humanities.uva.nl
digitaal.uba.uva.nl
mijn.usc.uva.nl
id-dev.ic.uva.nl
cas5-acc.lb.uva.nl
www.fnwi.uva.nl
nra-tst.sis.uva.nl
peoplexs.humanities.uva.nl
www.startmedewerker.uva.nl
docentenkamer.humanities.uva.nl
seop.illc.uva.nl
dom-prd1.ic.uva.nl
gbs-prd-kb2.gbs.uva.nl
antondekom.humanities.uva.nl
cleverdon.hum.uva.nl
acc.sis.uva.nl
feeding-the-city.create.humanities.uva.nl
learninglab.uva.nl
secure-apis.hva.nl
spin.spinnet.eu
webformulieren.uva.nl
smdmm3sb-prd.lb.uva.nl
corpnet.uva.nl
usc.uva.nl
readers.uva.nl
blackboard.uva.nl
gartnerportal.uva.prd.icts.education
agile117.science.uva.nl
paying-dev.uva.nl
agile152.science.uva.nl
www.gbs-prd-kb2.gbs.uva.nl
evasys.uva.nl
dpc.uba.uva.nl
100yearsofenglish.humanities.uva.nl
tlc.uva.nl
sils-fairspace.science.uva.nl
comtesttool.humanities.uva.nl
secure.uva.nl
smdmmstreamprd.ic.uva.nl
maven.ic.uva.nl
filmstudies.nl
cities.humanities.uva.nl
netbox.forux.nl
diensten.uba.uva.nl
agile235.science.uva.nl
axiom.humanities.uva.nl
studiegids.beheer.uva.nl
gitlab.ic.uva.nl
datanose.science.uva.nl
ldapad.uva.nl
educsys.uva.nl
vanmensending.humanities.uva.nl
agile123.science.uva.nl
appstore.uva.nl
reader.humanities.uva.nl
archives.uba.uva.nl
ex2016-prd-hva.lb.uva.nl
cf.humanities.uva.nl
cms-prd-www.lb.uva.nl
api.paying.uva.nl
*.proxy.uba.uva.nl
medina.ic.uva.nl
publicintervention.humanities.uva.nl
www.usc.uva.nl
parola.humanities.uva.nl
spin.spinnet.eu
parijs-deeltijd2016.humanities.uva.nl
sap-dev-rudx.ic.uva.nl
fullfabric.com
mobiusportal.uva.dev.icts.education
medewerker.uva.nl
schoolmuseum.uba.uva.nl
filmstudies.nl
amsterdam1544.humanities.uva.nl
www.fon.hum.uva.nl
studiegids.beheer.uva.nl
agile099.science.uva.nl
smdmmstreamprd.ic.uva.nl
idm-beheer.ic.uva.nl
academy.socsci.uva.nl
humanities.uva.nl
blendedlearning.socsci.uva.nl
sap-acc-ruax.ic.uva.nl
transparency.humanities.uva.nl
dutchcycling.socsci.uva.nl
educsys.uva.nl
slpl.science.uva.nl
ahmpostcolonialmemory.humanities.uva.nl
publichistory.humanities.uva.nl
zaken.test.uva.nl
roosterportal-tst.uva.nl
humanities.uva.nl
onderzoekmobw.socsci.uva.nl
cas-acc.ic.uva.nl
content-dev.sap.uva.nl
analytics.ic.uva.nl
agile042.science.uva.nl
ruacpi.sap.uva.nl
smdmmstreamprd.ic.uva.nl
antondekom.humanities.uva.nl
digitaal.uba.uva.nl
mijn.usc.uva.nl
id-dev.ic.uva.nl
cas5-acc.lb.uva.nl
www.fnwi.uva.nl
nra-tst.sis.uva.nl
peoplexs.humanities.uva.nl
www.startmedewerker.uva.nl
docentenkamer.humanities.uva.nl
seop.illc.uva.nl
dom-prd1.ic.uva.nl
gbs-prd-kb2.gbs.uva.nl
antondekom.humanities.uva.nl
cleverdon.hum.uva.nl
acc.sis.uva.nl
feeding-the-city.create.humanities.uva.nl
learninglab.uva.nl
secure-apis.hva.nl
spin.spinnet.eu
webformulieren.uva.nl
smdmm3sb-prd.lb.uva.nl
corpnet.uva.nl
usc.uva.nl
readers.uva.nl
blackboard.uva.nl
gartnerportal.uva.prd.icts.education
agile117.science.uva.nl
paying-dev.uva.nl
agile152.science.uva.nl
www.gbs-prd-kb2.gbs.uva.nl
evasys.uva.nl
dpc.uba.uva.nl
100yearsofenglish.humanities.uva.nl
tlc.uva.nl
sils-fairspace.science.uva.nl
comtesttool.humanities.uva.nl
secure.uva.nl
smdmmstreamprd.ic.uva.nl
maven.ic.uva.nl
filmstudies.nl
cities.humanities.uva.nl
netbox.forux.nl
diensten.uba.uva.nl
agile235.science.uva.nl
axiom.humanities.uva.nl
studiegids.beheer.uva.nl
gitlab.ic.uva.nl
datanose.science.uva.nl
ldapad.uva.nl
educsys.uva.nl
vanmensending.humanities.uva.nl
agile123.science.uva.nl
appstore.uva.nl
reader.humanities.uva.nl
archives.uba.uva.nl
ex2016-prd-hva.lb.uva.nl
cf.humanities.uva.nl
cms-prd-www.lb.uva.nl
api.paying.uva.nl
*.proxy.uba.uva.nl
medina.ic.uva.nl
publicintervention.humanities.uva.nl
www.usc.uva.nl
parola.humanities.uva.nl
Certificate
The complete raw certificate details for api.expenseclaims.uva.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFbTCCBFWgAwIBAgIQC2ItJW1WdFa+xWBYFNQaZDANBgkqhkiG9w0BAQsFADBk MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJ QW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wg Q0EgMzAeFw0xODAyMDUwMDAwMDBaFw0yMDAyMTAxMjAwMDBaMIGAMQswCQYDVQQG EwJOTDESMBAGA1UEBxMJQW1zdGVyZGFtMSMwIQYDVQQKExpVbml2ZXJzaXRlaXQg dmFuIEFtc3RlcmRhbTEVMBMGA1UECxMMSUNUIFNlcnZpY2VzMSEwHwYDVQQDExhh cGkuZXhwZW5zZWNsYWltcy51dmEubmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDW2l0XYaBlZuuzUxif/yWzQdTva3tuDAiLOSKiMEnC6LkIDPYVlbnX IVQxK3blh8MzLIR/GfAQMibkvER50R1L5qmWinv+dJ66S8X74qkcnqPcTwKu+fHe pxGtvUM0nM2hbOlGnxjHu3Vj7jazD4I2Vae0bOxNnEEjjfYQ2gGnIwYAPoTylr1o oSZf8M4eWPGlSGvvnryGny7oF5Rdf4tXtD8f0spc/i1Gq30jyE7BC+Nqm+ia57JL D5aiaGtPE02PPA6azArFKvQDad9w9BgQeQ6bj7e9/bUyGSQDxI16tENw8zZgMCWe yfsi31hcqNmV0cwbKYoc7OMsEfl5ssS5AgMBAAGjggH8MIIB+DAfBgNVHSMEGDAW gBRn/YggFCeYxwnSJRm76VERY3VQYjAdBgNVHQ4EFgQU2hpU5qUMMbZGa9xYK9FL rYlOfVAwOQYDVR0RBDIwMIIYYXBpLmV4cGVuc2VjbGFpbXMudXZhLm5sghR3ZWJh cHAtcHJkMS5mb3J1eC5ubDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRp Z2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3JsMC+gLaArhilodHRwOi8vY3JsNC5k aWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG /WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT MAgGBmeBDAECAjBuBggrBgEFBQcBAQRiMGAwJAYIKwYBBQUHMAGGGGh0dHA6Ly9v Y3NwLmRpZ2ljZXJ0LmNvbTA4BggrBgEFBQcwAoYsaHR0cDovL2NhY2VydHMuZGln aWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcnQwDAYDVR0TAQH/BAIwADATBgorBgEE AdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV73fTYiVBSar0fP4CEPF j54YrqAyOrD8I6VQO/hUvaQOETZD9k/R4tocRSZNC1jEWX79ALnntNxtxOmHjBEu smU7/vWSIkAJgcFsCl/PmigQpgDGUMbm593QZcSqLnmJuRcttvJp6W5dVsMjAPlf /qJxFvBzEibz68OOQxwOIsY5CjKWsrBNTBVg+DhjH3GKejvdLUrAHPPsm81BlHt3 ev+UPB+QR8GLE8Mb/eTw+tpdh5ierb1fXZcJhoXY+Uq5FgE+4KFqdKZg+UB5Jn/V qmyKtxkJ4fyTZA236c+uw9wmOjpdBFqHIvBITBa3v+nhCtuXyw3PyDN/NtYRe15J Tw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tpdF2GgZWbrs1MYn/8l s0HU72t7bgwIizkiojBJwui5CAz2FZW51yFUMSt25YfDMyyEfxnwEDIm5LxEedEd S+aplop7/nSeukvF++KpHJ6j3E8Crvnx3qcRrb1DNJzNoWzpRp8Yx7t1Y+42sw+C NlWntGzsTZxBI432ENoBpyMGAD6E8pa9aKEmX/DOHljxpUhr7568hp8u6BeUXX+L V7Q/H9LKXP4tRqt9I8hOwQvjapvomueySw+WomhrTxNNjzwOmswKxSr0A2nfcPQY EHkOm4+3vf21MhkkA8SNerRDcPM2YDAlnsn7It9YXKjZldHMGymKHOzjLBH5ebLE uQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15131268719483048148179408077714627172 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Noord-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amsterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA SSL CA 3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-02-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-10 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amsterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universiteit van Amsterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ICT Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'api.expenseclaims.uva.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27122676385900651507913592291139945407903654679250102996424592812425475683242066111105629852171821436627402410622113411392637985932888943136067730405562915058955303641135661525811275626567366525123852002520190662609817482284300957268303338748395202406770602389476662831219810933877297756207024926850769411410767164139641876982397640521688333205631054051408267300915240425624686526776591820928981201357043681321774302921729211692473213317698565904365724737477544419419707243156294160303132560715938709455127316749701776283604012441473547302945053756041922268576344187768833258871482936177786543663159488808518077826233 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 67fd8820142798c709d22519bbe9511163755062 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) da1a54e6a50c31b6466bdc582bd14bad894e7d50 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.expenseclaims.uva.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webapp-prd1.forux.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/TERENASSLCA3.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/TERENASSLCA3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (98 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/TERENASSLCA3.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0057bddf4d88950526abd1f3f80843c58f9e18aea0323ab0fc23a5503bf854bda40e113643f64fd1e2da1c45264d0b58c4597efd00b9e7b4dc6dc4e9878c112eb2653bfef59222400981c16c0a5fcf9a2810a600c650c6e6e7ddd065c4aa2e7989b9172db6f269e96e5d56c32300f95ffea27116f0731226f3ebc38e431c0e22c6390a3296b2b04d4c1560f838631f718a7a3bdd2d4ac01cf3ec9bcd41947b777aff943c1f9047c18b13c31bfde4f0fada5d87989eadbd5f5d97098685d8f94ab916013ee0a16a74a660f94079267fd5aa6c8ab71909e1fc93640db7e9cfaec3dc263a3a5d045a8722f0484c16b7bfe9e10adb97cb0dcfc8337f36d6117b5e494f