testoauthtkgi.acc.minfin.be
- Service Public Federal Finances -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number d4:85:df:0b:60:47:bb:60:42:b9:97:74:a8:5e:d5:d8 was issued on by GEANT Vereniging.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Service Public Federal Finances
Organization:
Service Public Federal Finances
State / Province:
Bruxelles-Capitale, Région de
Country: BE
Country: BE
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): d4:85:df:0b:60:47:bb:60:42:b9:97:74:a8:5e:d5:d8Serial Number (int): 282491434467235978643883440130486097368
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 99:82:98:7d:89:c7:9c:33:7d:ab:82:62:7c:d3:1c:3f:8b:f2:61:54
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): d2:65:41:24:c1:92:14:f2:bc:eb:07:fa:80:ae:c7:a5:b6:b7:47:db
Fingerprint (sha256): 13:dd:9f:ef:8c:d0:0d:7e:45:d7:f9:2c:95:ae:c8:69:4e:e5:e0:45:e7:d4:dd:5e:cf:47:d7:20:13:93:4d:d7
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate testoauthtkgi.acc.minfin.be
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for testoauthtkgi.acc.minfin.be
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
testoauthtkgi.acc.minfin.be
testoauthtkgi.dev.minfin.be
testoauthtkgi.internalfrominternet.acc.minfin.be
testoauthtkgi.internalfrominternet.dev.minfin.be
testoauthtkgi.dev.minfin.be
testoauthtkgi.internalfrominternet.acc.minfin.be
testoauthtkgi.internalfrominternet.dev.minfin.be
Other certificates including the domain name minfin.be
(limited to 100 certificates)
minfin.be
fpsfinancesssltest.minfin.be
rrn-sitran-test.minfin.be
mrb.acc.minfin.be
minfin.be
lettercode.minfin.be
ccff-test2.minfin.be
RRN-SITRAN-test.minfin.be
dev-eservices.minfin.be
rrn-sitran-test.minfin.be
ccff-test1.minfin.be
mobmail.minfin.be
mobmail.minfin.be
ac4.dev.minfin.be
fpsfinancesssltest.minfin.be
test-eservices-t.minfin.be
connect.minfin.be
connect.minfin.be
ac4.acc.minfin.be
minfin.be
rrn-sitran-test.minfin.be
test-eservices.minfin.be
dev-eservices.minfin.be
testoauthtkgi.acc.minfin.be
dev-eservices.minfin.be
tsd-internalfrominternet.acc.minfin.be
minfin.be
minfin.be
mrb.dev.minfin.be
cap2-test.minfin.be
mrb.acc.minfin.be
kissic.dev.minfin.be
test-eservices.minfin.be
dev-eservices.minfin.be
rrn-sitran-test.minfin.be
vpn.minfin.be
uumds.minfin.be
eongw.dev.minfin.be
VPNAO-DEV.minfin.be
uumds.minfin.be
extranet.minfin.be
test-eservices.minfin.be
minfin.be
test-eservices.minfin.be
mrb.dev.minfin.be
ccff-test1.minfin.be
cap2-test.minfin.be
tsd-internalfrominternet.acc.minfin.be
tna-git.minfin.be
ac4.acc.minfin.be
ccff-test1.minfin.be
VPNAO.minfin.be
vpnao.minfin.be
308357159-rrn-sitran-test.minfin.be
minfin.be
test-eservices.minfin.be
fediam-t.minfin.be
test-eservices.minfin.be
fediam-i.minfin.be
minfin.be
test-eservices-t.minfin.be
ccff-test1.minfin.be
fpsfinancesssltest.minfin.be
finelts.acc.minfin.be
ccff-test1.minfin.be
lettercode.minfin.be
cap2-test.minfin.be
vpn.minfin.be
pandregister.acc.minfin.be
pangaspfod.acc.minfin.be
vpn.minfin.be
first-dev.minfin.be
da-dev.minfin.be
mail.minfin.be
testoauthclient.internalfrominternet.acc.minfin.be
dynatrace.minfin.be
testoauthclient.internalfrominternet.dev.minfin.be
test-eservices.minfin.be
vpnao.minfin.be
pangaspfod.dev.minfin.be
test-eservices.minfin.be
minfin.be
extranet.minfin.be
vpn.minfin.be
ccff-test1.minfin.be
VPNAO.minfin.be
tna-git.minfin.be
ccff-test1.minfin.be
ecredit.acc.minfin.be
eongw.dev.minfin.be
first-dev.minfin.be
kissic.acc.minfin.be
ccff-test2.minfin.be
fediam-t.minfin.be
extranet.minfin.be
ccff-test1.minfin.be
test-eservices.minfin.be
tna-git.minfin.be
FPS-Finance-BE-CTS-test.minfin.be
fediam-i.minfin.be
fpsfinancesssltest.minfin.be
rrn-sitran-test.minfin.be
mrb.acc.minfin.be
minfin.be
lettercode.minfin.be
ccff-test2.minfin.be
RRN-SITRAN-test.minfin.be
dev-eservices.minfin.be
rrn-sitran-test.minfin.be
ccff-test1.minfin.be
mobmail.minfin.be
mobmail.minfin.be
ac4.dev.minfin.be
fpsfinancesssltest.minfin.be
test-eservices-t.minfin.be
connect.minfin.be
connect.minfin.be
ac4.acc.minfin.be
minfin.be
rrn-sitran-test.minfin.be
test-eservices.minfin.be
dev-eservices.minfin.be
testoauthtkgi.acc.minfin.be
dev-eservices.minfin.be
tsd-internalfrominternet.acc.minfin.be
minfin.be
minfin.be
mrb.dev.minfin.be
cap2-test.minfin.be
mrb.acc.minfin.be
kissic.dev.minfin.be
test-eservices.minfin.be
dev-eservices.minfin.be
rrn-sitran-test.minfin.be
vpn.minfin.be
uumds.minfin.be
eongw.dev.minfin.be
VPNAO-DEV.minfin.be
uumds.minfin.be
extranet.minfin.be
test-eservices.minfin.be
minfin.be
test-eservices.minfin.be
mrb.dev.minfin.be
ccff-test1.minfin.be
cap2-test.minfin.be
tsd-internalfrominternet.acc.minfin.be
tna-git.minfin.be
ac4.acc.minfin.be
ccff-test1.minfin.be
VPNAO.minfin.be
vpnao.minfin.be
308357159-rrn-sitran-test.minfin.be
minfin.be
test-eservices.minfin.be
fediam-t.minfin.be
test-eservices.minfin.be
fediam-i.minfin.be
minfin.be
test-eservices-t.minfin.be
ccff-test1.minfin.be
fpsfinancesssltest.minfin.be
finelts.acc.minfin.be
ccff-test1.minfin.be
lettercode.minfin.be
cap2-test.minfin.be
vpn.minfin.be
pandregister.acc.minfin.be
pangaspfod.acc.minfin.be
vpn.minfin.be
first-dev.minfin.be
da-dev.minfin.be
mail.minfin.be
testoauthclient.internalfrominternet.acc.minfin.be
dynatrace.minfin.be
testoauthclient.internalfrominternet.dev.minfin.be
test-eservices.minfin.be
vpnao.minfin.be
pangaspfod.dev.minfin.be
test-eservices.minfin.be
minfin.be
extranet.minfin.be
vpn.minfin.be
ccff-test1.minfin.be
VPNAO.minfin.be
tna-git.minfin.be
ccff-test1.minfin.be
ecredit.acc.minfin.be
eongw.dev.minfin.be
first-dev.minfin.be
kissic.acc.minfin.be
ccff-test2.minfin.be
fediam-t.minfin.be
extranet.minfin.be
ccff-test1.minfin.be
test-eservices.minfin.be
tna-git.minfin.be
FPS-Finance-BE-CTS-test.minfin.be
fediam-i.minfin.be
Certificate
The complete raw certificate details for testoauthtkgi.acc.minfin.be in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIICjCCBfKgAwIBAgIRANSF3wtgR7tgQrmXdKhe1dgwDQYJKoZIhvcNAQEMBQAw RDELMAkGA1UEBhMCTkwxGTAXBgNVBAoTEEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNV BAMTEUdFQU5UIE9WIFJTQSBDQSA0MB4XDTIyMDExMDAwMDAwMFoXDTIzMDExMDIz NTk1OVowgYYxCzAJBgNVBAYTAkJFMScwJQYDVQQIDB5CcnV4ZWxsZXMtQ2FwaXRh bGUsIFLDqWdpb24gZGUxKDAmBgNVBAoTH1NlcnZpY2UgUHVibGljIEZlZGVyYWwg RmluYW5jZXMxJDAiBgNVBAMTG3Rlc3RvYXV0aHRrZ2kuYWNjLm1pbmZpbi5iZTCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJHMLvGai4jTzGdxLzKue9ev awPI+2ySLSyh7U/crA5HTxmYDuiV7aCpboV2/oFR8F06qlgbUulPgRtVuHdBVI22 bmJsyK7fD3ZJ0p4vhKUiULXZt5X9V8WIY9wUXziPrcgMyU58YvupL3+QByr84YHH itsfaVc6ZIy/LBMJ1l/TfnJo3FTstDvGA193VPADFs4F1LE1SVt6t5g6X22YR41b 32m/VZZs+oLuA8u4s17vM3F7P90Vt6SSGFl2/AuHsnZ4Woh7hDuzHG3qPhNRCcDT YZerggnRjZEUdDNEQsSlP5HP01UzXEWAd4X8G80ap1HHnSWwtipdW8d3yV3goM0C AwEAAaOCA7IwggOuMB8GA1UdIwQYMBaAFG8dNUkQbDL6WaCevIroH5W+cXoMMB0G A1UdDgQWBBSZgph9icecM32rgmJ80xw/i/JhVDAOBgNVHQ8BAf8EBAMCBaAwDAYD VR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0g BEIwQDA0BgsrBgEEAbIxAQICTzAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3Rp Z28uY29tL0NQUzAIBgZngQwBAgIwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL0dF QU5ULmNybC5zZWN0aWdvLmNvbS9HRUFOVE9WUlNBQ0E0LmNybDB1BggrBgEFBQcB AQRpMGcwOgYIKwYBBQUHMAKGLmh0dHA6Ly9HRUFOVC5jcnQuc2VjdGlnby5jb20v R0VBTlRPVlJTQUNBNC5jcnQwKQYIKwYBBQUHMAGGHWh0dHA6Ly9HRUFOVC5vY3Nw LnNlY3RpZ28uY29tMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgCt9776fP8Q yIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAX5DJka9AAAEAwBHMEUCIDwNWIzK 2ACvJY3vjjxJktgYHZIg3w6EMunZ+9mcwmUNAiEA5sPHot5rN+qsi5OktqHL8QO/ hJ5agcEdmnska1zsnY0AdwB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1Lr UgAAAX5DJkaDAAAEAwBIMEYCIQDGlAoj1Wg1JshXqGg1IuH3Iap8rmDPlJUO1Etw sstT1QIhANWo7wPMY4eqp1LDcWvvfTt/rI51bq8vs0yq019AveugAHUA6D7Q2j71 BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4AAAF+QyZGYQAABAMARjBEAiASKSYN 3jdnkxI2jQBs1Antb9+YTllmgeyo1KcVn5mZHAIgWQQ84O1zKYDgbN17Sb1RXwtf dZro9VBe4/YVU2BiKw8wgakGA1UdEQSBoTCBnoIbdGVzdG9hdXRodGtnaS5hY2Mu bWluZmluLmJlght0ZXN0b2F1dGh0a2dpLmRldi5taW5maW4uYmWCMHRlc3RvYXV0 aHRrZ2kuaW50ZXJuYWxmcm9taW50ZXJuZXQuYWNjLm1pbmZpbi5iZYIwdGVzdG9h dXRodGtnaS5pbnRlcm5hbGZyb21pbnRlcm5ldC5kZXYubWluZmluLmJlMA0GCSqG SIb3DQEBDAUAA4ICAQAu5JDECfNhCapXOeeWWFQM+enlh/vBm/K8z4G6lZYTC9lF LX4Bg6kf4EYDPAL4TOgOsLmf1xaJ6YTm9cpCTAaa9uK/9dTV/qS+sQwxhwnePX1l 3rbi3YtrK9orjxOUc+dRAMNhM17EaMMO9DF7fYW0UW55MS88wMHal517SXsuOZMO fiOX5c1VXLaZQQZ02g0FohfArEFMQzRdxNVd/SkGMFShl1EX56Tn4spjnnpwgQ4+ K3dkJBsjZ14Bf8sKDbnYk1ZNKu6vpPwSGjqqBfaPCfJydF4lee6TPuZnOa1cyUS3 EwpvoqYiyC6+uYSHqDpI1HNUk89yahFDzg0wIu0dCrmzkLsPypWkWpsPCm+24CK8 o3Q2co09NcvQdP7Jb+7BCpjt4l8+dIX5UP9BsxSgDa67sN9Hgr4Fef1GrJr7AnDM gkMm9dF8OKLoe5oUQi/ZwSCP3+0Q6g69/bJb/+1lrOPSFCx+Utkg4plI8+bZKdst EMPVJifS3l7V9ARxx2r6HHyayQW30if8LRtt28D4/KGplv7Eieuco039Y4lnDTgp k3vD7JxhKEPSlbeTWf/Q9pHpA1+FyJDxTF0J/MPYjrv8qwEgOUrYKpJ0xBERfTYI mbhj7h4NT+u4hKM6fu0mWKoDxvvrJOg45HdMyJ8Diz2g6+QQs/HT3HA9HuY8Jw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcwu8ZqLiNPMZ3EvMq57 169rA8j7bJItLKHtT9ysDkdPGZgO6JXtoKluhXb+gVHwXTqqWBtS6U+BG1W4d0FU jbZuYmzIrt8PdknSni+EpSJQtdm3lf1XxYhj3BRfOI+tyAzJTnxi+6kvf5AHKvzh gceK2x9pVzpkjL8sEwnWX9N+cmjcVOy0O8YDX3dU8AMWzgXUsTVJW3q3mDpfbZhH jVvfab9Vlmz6gu4Dy7izXu8zcXs/3RW3pJIYWXb8C4eydnhaiHuEO7Mcbeo+E1EJ wNNhl6uCCdGNkRR0M0RCxKU/kc/TVTNcRYB3hfwbzRqnUcedJbC2Kl1bx3fJXeCg zQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 282491434467235978643883440130486097368 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-10 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-10 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bruxelles-Capitale, Région de' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Service Public Federal Finances' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'testoauthtkgi.acc.minfin.be' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18405240794477252138341317867397276070090310842905051740566318376356078724035237803799523423779549930571433277407822529961404780271501716526388093899968269997265645428267732801432012649466456917836297581012255407379210880947473457732514820523640198561257125415940794239269028363658417592517450742430543022761579379313153413587527541086953222839805000096996001298327229799626857813027353350246241866415083656439136419238318033043268825759816434270071557101284928924760609210657182733322406806632280489788730505499789779983855069830894436316400815255364146946081401777605667505362769169140912487136239399951911757062349 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9982987d89c79c337dab82627cd31c3f8bf26154 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017e432646bd000004030047304502203c0d588ccad800af258def8e3c4992d8181d9220df0e8432e9d9fbd99cc2650d022100e6c3c7a2de6b37eaac8b93a4b6a1cbf103bf849e5a81c11d9a7b246b5cec9d8d0077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000017e432646830000040300483046022100c6940a23d5683526c857a8683522e1f721aa7cae60cf94950ed44b70b2cb53d5022100d5a8ef03cc6387aaa752c3716bef7d3b7fac8e756eaf2fb34caad35f40bdeba0007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017e43264661000004030046304402201229260dde37679312368d006cd409ed6fdf984e596681eca8d4a7159f99991c022059043ce0ed732980e06cdd7b49bd515f0b5f759ae8f5505ee3f6155360622b0f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (161 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testoauthtkgi.acc.minfin.be' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testoauthtkgi.dev.minfin.be' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testoauthtkgi.internalfrominternet.acc.minfin.be' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testoauthtkgi.internalfrominternet.dev.minfin.be' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 002ee490c409f36109aa5739e79658540cf9e9e587fbc19bf2bccf81ba9596130bd9452d7e0183a91fe046033c02f84ce80eb0b99fd71689e984e6f5ca424c069af6e2bff5d4d5fea4beb10c318709de3d7d65deb6e2dd8b6b2bda2b8f139473e75100c361335ec468c30ef4317b7d85b4516e79312f3cc0c1da979d7b497b2e39930e7e2397e5cd555cb699410674da0d05a217c0ac414c43345dc4d55dfd29063054a1975117e7a4e7e2ca639e7a70810e3e2b7764241b23675e017fcb0a0db9d893564d2aeeafa4fc121a3aaa05f68f09f272745e2579ee933ee66739ad5cc944b7130a6fa2a622c82ebeb98487a83a48d4735493cf726a1143ce0d3022ed1d0ab9b390bb0fca95a45a9b0f0a6fb6e022bca37436728d3d35cbd074fec96feec10a98ede25f3e7485f950ff41b314a00daebbb0df4782be0579fd46ac9afb0270cc824326f5d17c38a2e87b9a14422fd9c1208fdfed10ea0ebdfdb25bffed65ace3d2142c7e52d920e29948f3e6d929db2d10c3d52627d2de5ed5f40471c76afa1c7c9ac905b7d227fc2d1b6ddbc0f8fca1a996fec489eb9ca34dfd6389670d3829937bc3ec9c612843d295b79359ffd0f691e9035f85c890f14c5d09fcc3d88ebbfcab0120394ad82a9274c411117d360899b863ee1e0d4febb884a33a7eed2658aa03c6fbeb24e838e4774cc89f038b3da0ebe410b3f1d3dc703d1ee63c27