*.proxy03.bnl.lu
- Bibliothèque nationale de Luxembourg -
Issued by TERENA SSL CA 3
About this certificate
This digital certificate with serial number 07:5e:d7:ec:80:d5:41:bb:85:ae:73:13:02:07:f5:17 was issued on by TERENA.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Bibliothèque nationale de Luxembourg
Organization:
Bibliothèque nationale de Luxembourg
Locality:
Luxembourg
Country: LU
Country: LU
TERENA
Organization:
TERENA
State / Province:
Noord-Holland
Locality: Amsterdam
Country: NL
Locality: Amsterdam
Country: NL
This certificate has expire since
Certificate Details
Serial Number (hex): 07:5e:d7:ec:80:d5:41:bb:85:ae:73:13:02:07:f5:17Serial Number (int): 9797051330979716252638713112385025303
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 80:0e:61:8b:1c:c5:d3:86:b5:c6:4b:af:d6:42:e7:1a:d9:60:a5:9f
AuthorityKeyId: 67:fd:88:20:14:27:98:c7:09:d2:25:19:bb:e9:51:11:63:75:50:62
Fingerprint (sha1): a9:c6:15:11:ab:0d:ff:db:ae:c3:10:fb:56:29:0d:6f:6e:bf:66:a0
Fingerprint (sha256): 13:e7:e7:e9:67:43:84:5a:dd:c6:06:ce:8d:21:02:96:ef:ab:22:2e:9b:7b:a9:52:56:26:c3:b1:5f:ff:9f:47
Issuing Certificate URL: http://cacerts.digicert.com/TERENASSLCA3.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/TERENASSLCA3.crl
CRL Distribution Point: http://crl4.digicert.com/TERENASSLCA3.crl
Check the revocation status for certificate *.proxy03.bnl.lu
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.proxy03.bnl.lu
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.proxy03.bnl.lu
proxy03.bnl.lu
proxy03.bnl.lu
Other certificates including the domain name bnl.lu
(limited to 100 certificates)
*.proxy02.bnl.lu
*.proxy.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
bnl.lu
auth.bnl.lu
*.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
auth.bnl.lu
*.proxy04.bnl.lu
bnl.lu
*.proxy04.bnl.lu
auth3.bnl.lu
bnl.lu
luxemburgensia.bnl.lu
*.proxy.bnl.lu
analytics.bnl.lu
bnl.lu
windbook.bnl.lu
bnl.lu
bnl.lu
wifiportal-1.bnl.lu
auth-dev.bnl.lu
*.bnl.lu
*.proxy03.bnl.lu
auth1.bnl.lu
bnl.lu
auth1.bnl.lu
bnl.lu
analytics.bnl.lu
*.proxy03.bnl.lu
bnl.lu
windbook.bnl.lu
mia.bnl.lu
*.proxy03.bnl.lu
*.proxy.bnl.lu
bnl.lu
auth.bnl.lu
auth3.bnl.lu
lida.bnl.lu
bnl.lu
*.proxy04.bnl.lu
*.proxy.bnl.lu
luxemburgensia.bnl.lu
bnl.lu
*.proxy.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
bnl.lu
auth.bnl.lu
*.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
auth.bnl.lu
*.proxy04.bnl.lu
bnl.lu
*.proxy04.bnl.lu
auth3.bnl.lu
bnl.lu
luxemburgensia.bnl.lu
*.proxy.bnl.lu
analytics.bnl.lu
bnl.lu
windbook.bnl.lu
bnl.lu
bnl.lu
wifiportal-1.bnl.lu
auth-dev.bnl.lu
*.bnl.lu
*.proxy03.bnl.lu
auth1.bnl.lu
bnl.lu
auth1.bnl.lu
bnl.lu
analytics.bnl.lu
*.proxy03.bnl.lu
bnl.lu
windbook.bnl.lu
mia.bnl.lu
*.proxy03.bnl.lu
*.proxy.bnl.lu
bnl.lu
auth.bnl.lu
auth3.bnl.lu
lida.bnl.lu
bnl.lu
*.proxy04.bnl.lu
*.proxy.bnl.lu
luxemburgensia.bnl.lu
bnl.lu
Certificate
The complete raw certificate details for *.proxy03.bnl.lu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIMDCCBxigAwIBAgIQB17X7IDVQbuFrnMTAgf1FzANBgkqhkiG9w0BAQsFADBk MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJ QW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wg Q0EgMzAeFw0yMDAxMjcwMDAwMDBaFw0yMjA0MjkxMjAwMDBaMG0xCzAJBgNVBAYT AkxVMRMwEQYDVQQHEwpMdXhlbWJvdXJnMS4wLAYDVQQKDCVCaWJsaW90aMOocXVl IG5hdGlvbmFsZSBkZSBMdXhlbWJvdXJnMRkwFwYDVQQDDBAqLnByb3h5MDMuYm5s Lmx1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArnomDpcBc0oMksUa mxY3qP2x8MRbudRKLCJqRiD1Sub5l5rlHsbRHq6LAezNd9evYd8/LELTsbFpOJle vmnSXPZac/iDFU7VVPuxQdQgZTOTU2lWon5yoDJfbsJQeBAWJeYBQKnfWoegNJp1 bZn8xQDhDgiI8NQ6TFTnR3MtgJ3EgrXiH4cVkOdlh/PqQ4rVBS+qrt5nhryD20JE /rs7Bl/oc7OGzzF+U9o6yXURu9Ja175AFnJjhz8qS3YoZJXe3ySbuiRcESNxoRoG wSAdwzh7TnyFAEly5AZUBU2bVhFAEr1udtTUtmzqvC4hFowQF/a8aJDT+dNHtOkC gnyhFZxCBw087wu0lVRaDDlaAZpGGEvWWsAVMnsmYiittdstb7x6V+vzgIn9/pea iIBOM27VPqCqrNn5OKdc5g1Gj2ICx0CE/jr+ImNaeGfTeLLWVRIlKY/FejoOrC/s 6vXRg3ncA0B1BSYwhBtP1JzN1wfSBq3m7iKzftEgsKWDHBvbXzh1/YscsswqPgJp Z3FcHe5Css4PfD8iC+0bkZAH8vOpPmNaQKw2rwa7Y4OPc7EXn/S25CrzsUL8eDMN c4vxS+Nxn5i+mk1y0yve6Wra8GqqzX224fh/0EIwC73QvKBjghBx9ZwHJrVEynsF R0LpCLyx8utCSeGNz8UwUvBSF4cCAwEAAaOCA9MwggPPMB8GA1UdIwQYMBaAFGf9 iCAUJ5jHCdIlGbvpURFjdVBiMB0GA1UdDgQWBBSADmGLHMXThrXGS6/WQuca2WCl nzArBgNVHREEJDAighAqLnByb3h5MDMuYm5sLmx1gg5wcm94eTAzLmJubC5sdTAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsG A1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9URVJFTkFT U0xDQTMuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vVEVSRU5B U1NMQ0EzLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIB FhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjBuBggrBgEF BQcBAQRiMGAwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTA4 BggrBgEFBQcwAoYsaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL1RFUkVOQVNT TENBMy5jcnQwDAYDVR0TAQH/BAIwADCCAfYGCisGAQQB1nkCBAIEggHmBIIB4gHg AHcAKXm+8J45OSHwVnOfY6V35b5XfZxgCvj5TV0mXCVdx4QAAAFv5zwdSgAABAMA SDBGAiEAkeHLlfBngvSnrGkKkERcq+C2eXPzNa5jjwtwCSSBlQMCIQDvDuLUny6D ertxIu+wSvkqIOZ8aJcPxMfHH4IK68Y+xAB1ACJFRQdZVSRWlj+hL/H3bYbgIyZj rcBLf13Gg1xu4g8CAAABb+c8HX8AAAQDAEYwRAIgEfQuWrQqwDBrz8hH+0N6tG8m 2EpKCO2UmgweZ/Hy4ccCIG2rXXpJuEoYAL3/YMbYZLgXN2to+rO8Py5IDzEpzKon AHYAUaOw9f0BeZxWbbg3eI8MpHrMGyfL956IQpoN/tSLBeUAAAFv5zwdqAAABAMA RzBFAiB2vR3ouhqCFO4IA31gy+FLbIoQ4GUfFVCyTG1z7uP1xwIhAJrkvy9NGPqP ugND5Rzgj2uDb1Yg8hicApV0i6WPT9PHAHYAQcjKsd8iRkoQxqE6CUKHXk4xixsD 6+tLx2jwkGKWBvYAAAFv5zwdAgAABAMARzBFAiBSy7tgfunNqHBIPFaLRQMzXNtQ waPGaqZmIZ1x+WULYgIhALhm1xdPrtJxJGlA6ssKZIjPjtZ9BXBcNQlsTQz6UBJ8 MA0GCSqGSIb3DQEBCwUAA4IBAQAAQwuK4Gxe97gQA6ax1Abk29X5l/jIu2NKho5c Vvj5vOdAGEWLNUkGZANo04UnfvRDOmmDkb2RsJLys+6mIdmSV2VogXX+VlzrESWt s4KIE4eWeBZ1bgr/4YGQ/CggSO1FWJZOO4jJboGQsUvfxcwU0Gm5bZ3RWeNrtSPT ETNKRyL6/1dtQpMRINqvFWeAdIOAFWEV7vOsUnEtlKxhDrnZN0RrDVGSLE1IXJq3 nA29tXX2pwjetFArHx0+UwlMuPUKftbxD9oUmqyGudLn1i9hrXW0vem6USruf0WZ oOWFwLrutIa0NK7+fLha4dsGkhVkO6eUtG+LeNdCq7NjTHwl -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArnomDpcBc0oMksUamxY3 qP2x8MRbudRKLCJqRiD1Sub5l5rlHsbRHq6LAezNd9evYd8/LELTsbFpOJlevmnS XPZac/iDFU7VVPuxQdQgZTOTU2lWon5yoDJfbsJQeBAWJeYBQKnfWoegNJp1bZn8 xQDhDgiI8NQ6TFTnR3MtgJ3EgrXiH4cVkOdlh/PqQ4rVBS+qrt5nhryD20JE/rs7 Bl/oc7OGzzF+U9o6yXURu9Ja175AFnJjhz8qS3YoZJXe3ySbuiRcESNxoRoGwSAd wzh7TnyFAEly5AZUBU2bVhFAEr1udtTUtmzqvC4hFowQF/a8aJDT+dNHtOkCgnyh FZxCBw087wu0lVRaDDlaAZpGGEvWWsAVMnsmYiittdstb7x6V+vzgIn9/peaiIBO M27VPqCqrNn5OKdc5g1Gj2ICx0CE/jr+ImNaeGfTeLLWVRIlKY/FejoOrC/s6vXR g3ncA0B1BSYwhBtP1JzN1wfSBq3m7iKzftEgsKWDHBvbXzh1/YscsswqPgJpZ3Fc He5Css4PfD8iC+0bkZAH8vOpPmNaQKw2rwa7Y4OPc7EXn/S25CrzsUL8eDMNc4vx S+Nxn5i+mk1y0yve6Wra8GqqzX224fh/0EIwC73QvKBjghBx9ZwHJrVEynsFR0Lp CLyx8utCSeGNz8UwUvBSF4cCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 9797051330979716252638713112385025303 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Noord-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amsterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA SSL CA 3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-27 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-04-29 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'LU' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Luxembourg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bibliothèque nationale de Luxembourg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.proxy03.bnl.lu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 711804642275698195565027637392726393720771517393157345437207693137424670291657282270545731111721158305556214198670427619884441809490311625630559090391144270247630921041235128277197176476541853844078430993191911005147443495766055196725032702237078438696693836591033011348350107541975420456313113948985803894819745031131659611778190589574260915206447119357690447655108258419465809289387590471640704105673520780350788254972512656616658840272666115270200351738430643499600882803382983823283818547459466639493462859514783359450521721882271048760292241685473808756753015041120486759780405045860756872283818976987433967565911980543580962999254821515190640991369363274880213629706658212558664227967780439974365774047327054902400002019069256949062580927668843942798170392507437824137275434892341401078861644882971784116973704541427383742247513805738209641079503025124858046667887773722991302001233714239374667136243188337220712664069313871773447157062659537414980238919106965873641814605618450131529904181857569699605316816110104932103019324890264438788778590117844279061833461957495803673350337446685557095258427916633564483725262690566096402782679017268191494083065698785418283213452531207124347153870506064381184364101781326890044702726023 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 67fd8820142798c709d22519bbe9511163755062 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 800e618b1cc5d386b5c64bafd642e71ad960a59f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.proxy03.bnl.lu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'proxy03.bnl.lu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/TERENASSLCA3.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/TERENASSLCA3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (98 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/TERENASSLCA3.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (486 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (482 bytes) 01e00077002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc7840000016fe73c1d4a000004030048304602210091e1cb95f06782f4a7ac690a90445cabe0b67973f335ae638f0b700924819503022100ef0ee2d49f2e837abb7122efb04af92a20e67c68970fc4c7c71f820aebc63ec40075002245450759552456963fa12ff1f76d86e0232663adc04b7f5dc6835c6ee20f020000016fe73c1d7f0000040300463044022011f42e5ab42ac0306bcfc847fb437ab46f26d84a4a08ed949a0c1e67f1f2e1c702206dab5d7a49b84a1800bdff60c6d864b817376b68fab3bc3f2e480f3129ccaa2700760051a3b0f5fd01799c566db837788f0ca47acc1b27cbf79e88429a0dfed48b05e50000016fe73c1da80000040300473045022076bd1de8ba1a8214ee08037d60cbe14b6c8a10e0651f1550b24c6d73eee3f5c70221009ae4bf2f4d18fa8fba0343e51ce08f6b836f5620f2189c0295748ba58f4fd3c700760041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f60000016fe73c1d020000040300473045022052cbbb607ee9cda870483c568b4503335cdb50c1a3c66aa666219d71f9650b62022100b866d7174faed271246940eacb0a6488cf8ed67d05705c35096c4d0cfa50127c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0000430b8ae06c5ef7b81003a6b1d406e4dbd5f997f8c8bb634a868e5c56f8f9bce74018458b354906640368d385277ef4433a698391bd91b092f2b3eea621d9925765688175fe565ceb1125adb382881387967816756e0affe18190fc282048ed4558964e3b88c96e8190b14bdfc5cc14d069b96d9dd159e36bb523d311334a4722faff576d42931120daaf156780748380156115eef3ac52712d94ac610eb9d937446b0d51922c4d485c9ab79c0dbdb575f6a708deb4502b1f1d3e53094cb8f50a7ed6f10fda149aac86b9d2e7d62f61ad75b4bde9ba512aee7f4599a0e585c0baeeb486b434aefe7cb85ae1db069215643ba794b46f8b78d742abb3634c7c25