ooievaar.web.leidenuniv.nl
- Universiteit Leiden -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number 82:8d:ec:6b:d4:cf:26:34:e1:13:7a:07:d8:6d:38:f0 was issued on by GEANT Vereniging.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Universiteit Leiden
Organization:
Universiteit Leiden
State / Province:
Zuid-Holland
Country: NL
Country: NL
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate will expire on
Certificate Details
Serial Number (hex): 82:8d:ec:6b:d4:cf:26:34:e1:13:7a:07:d8:6d:38:f0Serial Number (int): 173536548501033575145782756424809265392
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 7c:31:cb:6b:48:d3:cd:d7:f1:c1:f7:5a:f8:62:7e:c3:5c:53:86:05
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): a3:54:37:96:c5:71:68:65:02:bc:3d:bc:96:56:e6:01:3e:b2:3b:c9
Fingerprint (sha256): 11:ed:91:3e:5a:25:63:20:c5:19:23:1a:49:ca:97:cb:1d:f6:9d:7b:b2:c6:e1:53:6f:83:d3:b0:e5:fa:55:37
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate ooievaar.web.leidenuniv.nl
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ooievaar.web.leidenuniv.nl
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ooievaar.web.leidenuniv.nl
digitalscholarship.nl
digmanclass.universiteitleiden.nl
lab.library.universiteitleiden.nl
transcription.digitalscholarship.nl
digitalscholarship.nl
digmanclass.universiteitleiden.nl
lab.library.universiteitleiden.nl
transcription.digitalscholarship.nl
Other certificates including the domain name leidenuniv.nl
(limited to 100 certificates)
web2print.leidenuniv.nl
nmr.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
leidenlawblog.nl
scharrelaar-p1.leidenuniv.nl
cas.physics.leidenuniv.nl
ppsn2020.liacs.leidenuniv.nl
datamining.liacs.leidenuniv.nl
issc.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
lucris.leidenuniv.nl
celspin-p.issc.leidenuniv.nl
foreman-develop.infra.leidenuniv.nl
leidenuniv.nl
SALMS01.leidenuniv.nl
director1-dev.srvtest.leidenuniv.nl
icga.leidenuniv.nl
uaccess.leidenuniv.nl
jira.issc.leidenuniv.nl
prosobab.leidenuniv.nl
scriptiebeoordeling-hum.leidenuniv.nl
www.math.leidenuniv.nl
Planon-BenO-t.leidenuniv.nl
login.uaccess.leidenuniv.nl
vrops-cluster.luci.leidenuniv.nl
issc.leidenuniv.nl
noah.backup.leidenuniv.nl
u-ldap-dev.srvtest.leidenuniv.nl
p-luci-001131.infra.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
socrates.leidenuniv.nl
uaccess.leidenuniv.nl
tornado-a-https.web.leidenuniv.nl
leidenuniv.nl
lacdrvirtuallab-qa.leidenuniv.nl
sapgax.issc.leidenuniv.nl
vg5.strw.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
avior.math.leidenuniv.nl
blackboardstaging.leidenuniv.nl
weblectures-a.leidenuniv.nl
usis.leidenuniv.nl
strwmail.strw.leidenuniv.nl
sapeca.leidenuniv.nl
phdcareerplatform.universiteitleiden.nl
u-tools.srvtest.leidenuniv.nl
aristotle.leidenuniv.nl
sapsra.leidenuniv.nl
www.strw.leidenuniv.nl
jss.leidenuniv.nl
mail.physics.leidenuniv.nl
mysite.leidenuniv.nl
kwartel-a.leidenuniv.nl
p-issc-007122.vuw.leidenuniv.nl
splbs02.vuw.leidenuniv.nl
huisstijl.leidenuniv.nl
form.services.universiteitleiden.nl
wagner-p.leidenuniv.nl
pontus.lorentz.leidenuniv.nl
leidenarthistoryblog.nl
smtp.leidenuniv.nl
studiegids-p.leidenuniv.nl
ooievaar.web.leidenuniv.nl
spapp30.vuw.leidenuniv.nl
saufb01.vuw.leidenuniv.nl
schildspin-dev.issc.leidenuniv.nl
lms-wyn-disp03.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
lists.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
webdav.leidenuniv.nl
scharrelaar-p3.leidenuniv.nl
helpdesk.universiteitleiden.nl
libcblog.nl
phdtrack-a.leidenuniv.nl
teams.leidenuniv.nl
evasys.leidenuniv.nl
x-ldap.leidenuniv.nl
cups.issc.leidenuniv.nl
uaccess.leidenuniv.nl
europeanbordercommunities.eu
science.leidenuniv.nl
vg5.strw.leidenuniv.nl
*.weblog.leidenuniv.nl
strwmgmt.strw.leidenuniv.nl
cms-a.universiteitleiden.nl
splic09.ilo.leidenuniv.nl
*.weblog.leidenuniv.nl
pinkashaw-o4.iam-ota.leidenuniv.nl
bankiva.leidenuniv.nl
rds-a.campus.leidenuniv.nl
phdtrack.leidenuniv.nl
planon-a.universiteitleiden.nl
jack-qa.web.leidenuniv.nl
web2print-t.leidenuniv.nl
grasparkiet.leidenuniv.nl
filosofie.leidenuniv.nl
jenkins.issc.leidenuniv.nl
www.readeronline.leidenuniv.nl
illinois.meta.leidenuniv.nl
nmr.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
leidenlawblog.nl
scharrelaar-p1.leidenuniv.nl
cas.physics.leidenuniv.nl
ppsn2020.liacs.leidenuniv.nl
datamining.liacs.leidenuniv.nl
issc.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
lucris.leidenuniv.nl
celspin-p.issc.leidenuniv.nl
foreman-develop.infra.leidenuniv.nl
leidenuniv.nl
SALMS01.leidenuniv.nl
director1-dev.srvtest.leidenuniv.nl
icga.leidenuniv.nl
uaccess.leidenuniv.nl
jira.issc.leidenuniv.nl
prosobab.leidenuniv.nl
scriptiebeoordeling-hum.leidenuniv.nl
www.math.leidenuniv.nl
Planon-BenO-t.leidenuniv.nl
login.uaccess.leidenuniv.nl
vrops-cluster.luci.leidenuniv.nl
issc.leidenuniv.nl
noah.backup.leidenuniv.nl
u-ldap-dev.srvtest.leidenuniv.nl
p-luci-001131.infra.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
socrates.leidenuniv.nl
uaccess.leidenuniv.nl
tornado-a-https.web.leidenuniv.nl
leidenuniv.nl
lacdrvirtuallab-qa.leidenuniv.nl
sapgax.issc.leidenuniv.nl
vg5.strw.leidenuniv.nl
marishead.lorentz.leidenuniv.nl
avior.math.leidenuniv.nl
blackboardstaging.leidenuniv.nl
weblectures-a.leidenuniv.nl
usis.leidenuniv.nl
strwmail.strw.leidenuniv.nl
sapeca.leidenuniv.nl
phdcareerplatform.universiteitleiden.nl
u-tools.srvtest.leidenuniv.nl
aristotle.leidenuniv.nl
sapsra.leidenuniv.nl
www.strw.leidenuniv.nl
jss.leidenuniv.nl
mail.physics.leidenuniv.nl
mysite.leidenuniv.nl
kwartel-a.leidenuniv.nl
p-issc-007122.vuw.leidenuniv.nl
splbs02.vuw.leidenuniv.nl
huisstijl.leidenuniv.nl
form.services.universiteitleiden.nl
wagner-p.leidenuniv.nl
pontus.lorentz.leidenuniv.nl
leidenarthistoryblog.nl
smtp.leidenuniv.nl
studiegids-p.leidenuniv.nl
ooievaar.web.leidenuniv.nl
spapp30.vuw.leidenuniv.nl
saufb01.vuw.leidenuniv.nl
schildspin-dev.issc.leidenuniv.nl
lms-wyn-disp03.issc.leidenuniv.nl
raf-qa.law.leidenuniv.nl
lists.leidenuniv.nl
zweepspin-p.issc.leidenuniv.nl
webdav.leidenuniv.nl
scharrelaar-p3.leidenuniv.nl
helpdesk.universiteitleiden.nl
libcblog.nl
phdtrack-a.leidenuniv.nl
teams.leidenuniv.nl
evasys.leidenuniv.nl
x-ldap.leidenuniv.nl
cups.issc.leidenuniv.nl
uaccess.leidenuniv.nl
europeanbordercommunities.eu
science.leidenuniv.nl
vg5.strw.leidenuniv.nl
*.weblog.leidenuniv.nl
strwmgmt.strw.leidenuniv.nl
cms-a.universiteitleiden.nl
splic09.ilo.leidenuniv.nl
*.weblog.leidenuniv.nl
pinkashaw-o4.iam-ota.leidenuniv.nl
bankiva.leidenuniv.nl
rds-a.campus.leidenuniv.nl
phdtrack.leidenuniv.nl
planon-a.universiteitleiden.nl
jack-qa.web.leidenuniv.nl
web2print-t.leidenuniv.nl
grasparkiet.leidenuniv.nl
filosofie.leidenuniv.nl
jenkins.issc.leidenuniv.nl
www.readeronline.leidenuniv.nl
illinois.meta.leidenuniv.nl
Certificate
The complete raw certificate details for ooievaar.web.leidenuniv.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIII6TCCBtGgAwIBAgIRAIKN7GvUzyY04RN6B9htOPAwDQYJKoZIhvcNAQEMBQAw RDELMAkGA1UEBhMCTkwxGTAXBgNVBAoTEEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNV BAMTEUdFQU5UIE9WIFJTQSBDQSA0MB4XDTI0MDMxODAwMDAwMFoXDTI1MDMxODIz NTk1OVowZzELMAkGA1UEBhMCTkwxFTATBgNVBAgTDFp1aWQtSG9sbGFuZDEcMBoG A1UEChMTVW5pdmVyc2l0ZWl0IExlaWRlbjEjMCEGA1UEAxMab29pZXZhYXIud2Vi LmxlaWRlbnVuaXYubmwwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC1 GoLDXaTnaWVaBwlrkoOgp+0kjjLvjsABW6ZrJpj9RPRFkHBpJ52SzYN5I/DPygnY FBMZ44jvkag5AAn8PPsY9Sh6b9Ez0GUO3fK2bTGl6LAGom1bK2bEEw47Hf72vT06 eQ0zNMZGJc8lUy8KM0z1TYHkGa2dVK4oHg/7rfbsvf6mVMO9SCna4PK9Zvsv/ljc M+GN7qpJ3pf880K+cGetApoRb2yFIV5jiFleCIOcZNtmi+GlkvM57vS+NC6tQ+rm +M2o6IFe3dvKvTRr3ccn2kdIxTT2C+t/SFCqFDBORkTfflPXeL5YGSTJHFMlxbO+ k359lf4wLfCF7/BVf+d5CvImZEmW5SoyfdYmIbfoXuLsGnf0BNBr/INNFAYQkD45 KAfiL7SJA4+dspCUhmGYMvBIE2tz2D9Nw9qIo7PR7LnobGDQJGfm0H0TgAJrQwcV A41tfuDr++1maCuY5oS1Was99A7i+HrS19EFM8AIyHjLCyUHrzpqJ3Yr1bTjMQls pZHRHoNSAqDUXsPlLr37+9gflXu10MBz2m94h70p4foj/tPETCoRFaVN6YzmfNnb aaEVlZIM2L213TJwFvSjgLIFZxoZ1x9L/VrJYxiVfxwS1t7WnNG6UvtnvH3y4wNY tG54kI2Ae/8ZLT4pSNhh6nDjoJxL13TuQ01sRFAJxwIDAQABo4IDsTCCA60wHwYD VR0jBBgwFoAUbx01SRBsMvpZoJ68iugflb5xegwwHQYDVR0OBBYEFHwxy2tI083X 8cH3WvhifsNcU4YFMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBJBgNVHSAEQjBAMDQGCysGAQQBsjEB AgJPMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeB DAECAjA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vR0VBTlQuY3JsLnNlY3RpZ28u Y29tL0dFQU5UT1ZSU0FDQTQuY3JsMHUGCCsGAQUFBwEBBGkwZzA6BggrBgEFBQcw AoYuaHR0cDovL0dFQU5ULmNydC5zZWN0aWdvLmNvbS9HRUFOVE9WUlNBQ0E0LmNy dDApBggrBgEFBQcwAYYdaHR0cDovL0dFQU5ULm9jc3Auc2VjdGlnby5jb20wggF9 BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AM8RVu7VLnyv84db2Wkum+kacWdKsBfs rAHSW3fOzDsIAAABjlEG/04AAAQDAEcwRQIgLVNj5KBryAhGD1k75OWYpTCoOSft skL20H+ATdCzrfkCIQCy2CkO+Cou1DpBPDe7yY29Yg5LrVXgojHtQe4HFraBgAB2 AKLjCuRF772tm3447Udnd1PXgluElNcrXhssxLlQpEfnAAABjlEG/ywAAAQDAEcw RQIgXQyFIJ1YXkA/AXT52G+G69hDmn9g0YldboMenvKqUwgCIQCAm8WD8gD/mOxy k1CEBwDVG+DYmZVPBkNlB1PkJI5UQQB1AE51oydcmhDDOFts1N8/Uusd8OCOG41p wLH6ZLFimjnfAAABjlEG/ywAAAQDAEYwRAIgb5rK6tzwcKTJqBy2Rrg5zQCggwsY BJ0ohflHmKrDFYwCICrCwehD45WSZvEAyukmNpLZmCMlFja9JOJ9ZLfaFX9PMIGp BgNVHREEgaEwgZ6CGm9vaWV2YWFyLndlYi5sZWlkZW51bml2Lm5sghVkaWdpdGFs c2Nob2xhcnNoaXAubmyCIWRpZ21hbmNsYXNzLnVuaXZlcnNpdGVpdGxlaWRlbi5u bIIhbGFiLmxpYnJhcnkudW5pdmVyc2l0ZWl0bGVpZGVuLm5sgiN0cmFuc2NyaXB0 aW9uLmRpZ2l0YWxzY2hvbGFyc2hpcC5ubDANBgkqhkiG9w0BAQwFAAOCAgEAY/lf wSoj4QO0gBYEbkgV/J4ueaEQHJCGrq/VTvegS06TZFq9pnLaVk3gPJHNHrrd/sCL DSnNDYSOcVJnf/61tWgngh0JnY/n6qFg2NJeWdRK4L4aA7yFKbtrb0PUQ+jIKIPs Y6n/TRrE8dZ8/QqMgC3qZY9Mck2mAqMY7e5HwPO6uADng8ap6BPVK4Lr6vw76qHj mBVgM7L0iU97LL1gX/09rNK7eIYaH+OEJ0XfBMfGH79WLelBSQjaQfxPRULYyEMQ g1Bh6wI6y0PqPQ3wZswbJcviobsgpeapRpD+SHOV3nLEnSLtppgCZ48BqCWR+I8y UAh9fZ99e0bsC8gduHA7PhF1yqpg6t9EUto1BmBUZj4RhtUlNxSFgjgmiKGXlDb2 yZYlgxAAopViXEpMhkXUg1/ClHnRS9PuSvupkuiMVYHgl70Yc0Y8YJHVK7f0iYkU VclGP7Wd99fbOZS6pmFeYUy8BwTe9LVtt5/qJsWiuoDb9b8auCMRenrtN4HbdKnu djUK6yxD0jhtyqvQzIF1KyM+0NMXvlobA2Ftyd8iQ74so6kf0anuDR/hPFS48qJS hFyKp/XYSqwdmLLAmehmobX+vBts1YvhFFVwdW9elqKT5IaQ6/e/GMU/4i/oWESG xAMCF7Q5Bwi8sWTADhrawQr90gXgPtmDooPUOIE= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtRqCw12k52llWgcJa5KD oKftJI4y747AAVumayaY/UT0RZBwaSedks2DeSPwz8oJ2BQTGeOI75GoOQAJ/Dz7 GPUoem/RM9BlDt3ytm0xpeiwBqJtWytmxBMOOx3+9r09OnkNMzTGRiXPJVMvCjNM 9U2B5BmtnVSuKB4P+6327L3+plTDvUgp2uDyvWb7L/5Y3DPhje6qSd6X/PNCvnBn rQKaEW9shSFeY4hZXgiDnGTbZovhpZLzOe70vjQurUPq5vjNqOiBXt3byr00a93H J9pHSMU09gvrf0hQqhQwTkZE335T13i+WBkkyRxTJcWzvpN+fZX+MC3whe/wVX/n eQryJmRJluUqMn3WJiG36F7i7Bp39ATQa/yDTRQGEJA+OSgH4i+0iQOPnbKQlIZh mDLwSBNrc9g/TcPaiKOz0ey56Gxg0CRn5tB9E4ACa0MHFQONbX7g6/vtZmgrmOaE tVmrPfQO4vh60tfRBTPACMh4ywslB686aid2K9W04zEJbKWR0R6DUgKg1F7D5S69 +/vYH5V7tdDAc9pveIe9KeH6I/7TxEwqERWlTemM5nzZ22mhFZWSDNi9td0ycBb0 o4CyBWcaGdcfS/1ayWMYlX8cEtbe1pzRulL7Z7x98uMDWLRueJCNgHv/GS0+KUjY Yepw46CcS9d07kNNbERQCccCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 173536548501033575145782756424809265392 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-18 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-18 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universiteit Leiden' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ooievaar.web.leidenuniv.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 738838055224246031038389279289964205111706163438026220993839599921861475865234640910847398769301335701163076111547952146257206512503348284818854662346253794177695766746506990648954196749892865104650746397145267435099033232472782345288740824903756411122985901908713518787352111176419709626165385183941080835495087789552005730698786761017062651304453231429935958006211172114877095852506929974217115284981933199157381137719264070525169027351724990118137176992753344078221670592132362902333498030921388208191280825369882198264753508989416096141818080274545624864308834718154693661739528838897720247979629325122881781124156565253536811576556454386052193728036095510905447288521516825335673824889365014089559548942941700517712696291451873112386356466179169388929196987942310094318567971078559166232666803979215652756760118134682663438649647662028474326631337644988391223127416998675930416703579368991186503631243985312945667115224511639620846692594054516208179634812078874818518805137425907615484938385563761803546771664294041463953150372695506277855488994138823232594323606779954456159459498488352357353039684652344808463280491297782655224330577028375220244806467346269867069786168651431344712074505655181483105595990192716805417305377223 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7c31cb6b48d3cdd7f1c1f75af8627ec35c538605 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018e5106ff4e000004030047304502202d5363e4a06bc808460f593be4e598a530a83927edb242f6d07f804dd0b3adf9022100b2d8290ef82a2ed43a413c37bbc98dbd620e4bad55e0a231ed41ee0716b68180007600a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018e5106ff2c000004030047304502205d0c85209d585e403f0174f9d86f86ebd8439a7f60d1895d6e831e9ef2aa5308022100809bc583f200ff98ec729350840700d51be0d899954f0643650753e4248e54410075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018e5106ff2c000004030046304402206f9acaeadcf070a4c9a81cb646b839cd00a0830b18049d2885f94798aac3158c02202ac2c1e843e3959266f100cae9263692d99823251636bd24e27d64b7da157f4f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (161 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ooievaar.web.leidenuniv.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'digitalscholarship.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'digmanclass.universiteitleiden.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lab.library.universiteitleiden.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'transcription.digitalscholarship.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0063f95fc12a23e103b48016046e4815fc9e2e79a1101c9086aeafd54ef7a04b4e93645abda672da564de03c91cd1ebaddfec08b0d29cd0d848e7152677ffeb5b56827821d099d8fe7eaa160d8d25e59d44ae0be1a03bc8529bb6b6f43d443e8c82883ec63a9ff4d1ac4f1d67cfd0a8c802dea658f4c724da602a318edee47c0f3bab800e783c6a9e813d52b82ebeafc3beaa1e398156033b2f4894f7b2cbd605ffd3dacd2bb78861a1fe3842745df04c7c61fbf562de9414908da41fc4f4542d8c84310835061eb023acb43ea3d0df066cc1b25cbe2a1bb20a5e6a94690fe487395de72c49d22eda69802678f01a82591f88f3250087d7d9f7d7b46ec0bc81db8703b3e1175caaa60eadf4452da35066054663e1186d52537148582382688a1979436f6c99625831000a295625c4a4c8645d4835fc29479d14bd3ee4afba992e88c5581e097bd1873463c6091d52bb7f489891455c9463fb59df7d7db3994baa6615e614cbc0704def4b56db79fea26c5a2ba80dbf5bf1ab823117a7aed3781db74a9ee76350aeb2c43d2386dcaabd0cc81752b233ed0d317be5a1b03616dc9df2243be2ca3a91fd1a9ee0d1fe13c54b8f2a252845c8aa7f5d84aac1d98b2c099e866a1b5febc1b6cd58be1145570756f5e96a293e48690ebf7bf18c53fe22fe8584486c4030217b4390708bcb164c00e1adac10afdd205e03ed983a283d43881