idp-sdn.irccs.garr.it

- Consortium GARR -

Issued by TERENA SSL CA 3

About this certificate

This digital certificate with serial number 0d:e8:2a:ec:f3:26:37:bd:ac:67:09:fe:d6:f1:df:62 was issued on by TERENA.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Consortium GARR

Organization: Consortium GARR
Locality: Rome
Country: IT

TERENA

Organization: TERENA
State / Province: Noord-Holland
Locality: Amsterdam
Country: NL

This certificate has expire since

Certificate Details

Serial Number (hex): 0d:e8:2a:ec:f3:26:37:bd:ac:67:09:fe:d6:f1:df:62
Serial Number (int): 18485447450684752890856349250559795042
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 6c:00:a0:9e:cb:9c:64:95:06:28:af:83:56:14:73:48:e0:44:c1:d6
AuthorityKeyId: 67:fd:88:20:14:27:98:c7:09:d2:25:19:bb:e9:51:11:63:75:50:62

Fingerprint (sha1): 24:f4:5e:7c:5a:4b:d5:58:b6:fe:56:57:d8:8f:34:f9:81:ce:d2:84
Fingerprint (sha256): 1e:ac:b6:42:09:ff:a8:1e:b8:15:a6:74:f0:a8:1f:e0:98:7a:ba:b0:50:39:8b:b1:dc:19:df:62:f1:a5:a4:1f

Issuing Certificate URL: http://cacerts.digicert.com/TERENASSLCA3.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/TERENASSLCA3.crl
CRL Distribution Point: http://crl4.digicert.com/TERENASSLCA3.crl

Check the revocation status for certificate idp-sdn.irccs.garr.it

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for idp-sdn.irccs.garr.it

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA512 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

idp-sdn.irccs.garr.it

Other certificates including the domain name garr.it

(limited to 100 certificates)
co.aai.garr.it
learning.garr.it
wiki.garr.it
st-be-ba1-test.infra.garr.it
idp-ospedalesanmartino.irccs.garr.it
idp-iov.irccs.garr.it
idp-css.irccs.garr.it
wkngx2.garr.it
mx2.dir.garr.it
www.garr.it
filesender-test.infra.garr.it
garrbox.garr.it
idp-ubuntu.aai-test.garr.it
test.webmeetings.garr.it
agenda.garr.it
git.garr.it
idp-neuromed.irccs.garr.it
filesender-test.infra.garr.it
enea.workplace.garr.it
dashboard-devel-mellon.cloud.garr.it
gbox.garr.it
dashboard-staging-idem.cloud.garr.it
ca.garr.it
icdi.workplace.garr.it
idp311.idem.garr.it
wiki.garr.it
idp-oasi.irccs.garr.it
vpnsrv.garr.it
webmeetings.garr.it
cartellino.dir.garr.it
keystone-staging.cloud.garr.it
cloud.garr.it
demo-idp.ct1.garrservices.it
eosc.eu
vconf.garr.it
open.meet.garr.it
hv02b-mgmt.bo1.infra.garr.it
eosc.workplace.garr.it
wiki.idem.garr.it
grouper.idem.garr.it
wayf.idem-test.garr.it
pexip-mgmt.infra.garr.it
git.garr.it
le1.test.garr.it
idpopen.garr.it
hv02c.bo1.infra.garr.it
idp-css.irccs.garr.it
aarc-satosa.aai-test.garr.it
idp-maugeri.irccs.garr.it
idp-stellamaris.irccs.garr.it
sg-liferay.garr.it
meeting01.garr.it
www.idem.garr.it
cert.garr.it
rancher.infra.garr.it
idp311.idem.garr.it
idp-fbf.irccs.garr.it
wayf.idem-test.garr.it
grouper.idem.garr.it
sg-liferay.garr.it
lx5.dir.garr.it
hv02d-mgmt.bo1.infra.garr.it
printers.dir.garr.it
wkngx1.garr.it
hv03a.bo1.infra.garr.it
wiki.idem.garr.it
*.mirror.garr.it
vpnops.dir.garr.it
icdi.workplace.garr.it
gridsrv3-4.dir.garr.it
garr.workplace.garr.it
idp-sicilia.izs.garr.it
onlyoffice.cloud.garr.it
idp-fticks-test.aai-test.garr.it
login.sso.garr.it
idp-portici.izs.garr.it
rinnovoconvenzioni.garr.it
www.idem.garr.it
www.support.garr.it
wireless.dir.garr.it
turn-02-preprod.meet.garr.it
gn4-3.workplace.garr.it
registry.idem.garr.it
hv01d-mgmt.bo1.infra.garr.it
idp-sdn.irccs.garr.it
dashboard-staging.cloud.garr.it
sp24-test.garr.it
metadata.dir.garr.it
idp-ieo.irccs.garr.it
idp-css.irccs.garr.it
agenda.garr.it
garr.it
grouper.idem.garr.it
filesender.garr.it
kibana.aai.garr.it
primologin-gbox.garr.it
idp-iccu.beniculturali.garr.it
learning.garr.it
gn4-3.workplace.garr.it
dashboard.cloud.garr.it

Certificate

The complete raw certificate details for idp-sdn.irccs.garr.it in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHlTCCBn2gAwIBAgIQDegq7PMmN72sZwn+1vHfYjANBgkqhkiG9w0BAQ0FADBk
MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJ
QW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wg
Q0EgMzAeFw0xOTA5MzAwMDAwMDBaFw0yMTExMTUxMjAwMDBaMFYxCzAJBgNVBAYT
AklUMQ0wCwYDVQQHEwRSb21lMRgwFgYDVQQKEw9Db25zb3J0aXVtIEdBUlIxHjAc
BgNVBAMTFWlkcC1zZG4uaXJjY3MuZ2Fyci5pdDCCAiIwDQYJKoZIhvcNAQEBBQAD
ggIPADCCAgoCggIBAKvCVEGHhgyOJtSKFbYjxbneA2RbVQ6vzwvXsaBGxafNQIsi
o3JUUCJkJ2j+sgG7rfw4+QzhHPREckiyXXOH3i91Phm9+MUVACD0GBjHf3ZYcJZc
vWXRDG1OBMWs/XjsGKECHyw/Nascr8YfDyHd8LbVbtoUMEajHp+LDAnFZUIkhEmV
R25fDlsrbYp808z8WBCG7O/Rp5qa/NiyUFOmExjffkB9YmY4vloqDhXSrUqIsA+d
SKMfC5SCNvUcA2gbZAE2V2ysAoUML9HDNZx07/NShxQJpTtUvTunW1jdT7DUUqvf
Z9EtgC2HJDv1esH6rvOcoDdwAqRrlurOKWm5Q+r2I3GUtkTan5j8BQdlCVOrttF/
Mmd73rmIkxPBRhR/n3lXv3zbCiEe2dhnSoCK2s2pvDKf9Gyw/Kxfejf5WozCW4me
HdVX3+VMbhwNPoKC1spHIBxTovLwk9TYDr2iqk2siRi4O/LRv17o/3BZ0eTCPq4o
WyDo7ynDjqP/Mx3j+t/gLvDAgmuO36oJf5PLEIv8L0RLqLjxWSOzwKMIVCJXPbS/
xEbttvE0dZi2jl/Aw1i/7rXpeP2MNa0ywqqXim5lIv88nowYgJi3mxOFqz4FcT7x
CIK+KkKEOs3EPhD5MYP2/uZ+K71MClGp4Bpqpa/IfJKd2TahU5Cd5z2rjwsZAgMB
AAGjggNPMIIDSzAfBgNVHSMEGDAWgBRn/YggFCeYxwnSJRm76VERY3VQYjAdBgNV
HQ4EFgQUbACgnsucZJUGKK+DVhRzSOBEwdYwIAYDVR0RBBkwF4IVaWRwLXNkbi5p
cmNjcy5nYXJyLml0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNl
cnQuY29tL1RFUkVOQVNTTENBMy5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2lj
ZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEB
MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYG
Z4EMAQICMG4GCCsGAQUFBwEBBGIwYDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au
ZGlnaWNlcnQuY29tMDgGCCsGAQUFBzAChixodHRwOi8vY2FjZXJ0cy5kaWdpY2Vy
dC5jb20vVEVSRU5BU1NMQ0EzLmNydDAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHW
eQIEAgSCAW0EggFpAWcAdQDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9
ywAAAW2BLKfoAAAEAwBGMEQCIGJnLqcJvaqcx+1aEovCPIzHsbR22EUz1ai1U0/O
iULBAiBVw02L9LvwvNXYp2BLVm88p5NanEpmgeyG9EnyM6THfAB1AId1v+dZfPiM
Q5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABbYEsqFgAAAQDAEYwRAIgWWMNIYTJ
ZKSJW4dW4jS4g45M5BW6N1zXK8L8X21ey5QCIDmCY6EbvxBQc7jsaPGnNP1JmcyG
2+mVW869o3CNLsnqAHcARJRlLrDuzq/EQAfYqP4owNrmgr7YyzG1P9MzlrW2gagA
AAFtgSynXQAABAMASDBGAiEAlsdXRY1iCI08EDxyfOVAydMSbBSjRnNILZHMPoNL
uzYCIQDya4N4Vt6h8vC62IHACquiLB/0nXp/g6Nzba3mGlew1jANBgkqhkiG9w0B
AQ0FAAOCAQEALb7Nt+sxPdbfIO2D13day5e7wfNyq4pNaSOz21UKyg2MobCaAoRr
GeVAQexSAtBBSq7Xq3v0sNeXN7yaRcOy33f81mEE41YkkVTgm70FR0k0Z+KjAdF/
HstRKER+UPxXMAqerkOU/xnerBebgOdFUs/upZsYXSUfQR/o9cUHMhwdfv5GfuS9
guMm8ICH8gXY6omSUMYf3Up6m5rpmvcckuSoReEwGTNjCllSFA6CrB9Z9CjrkpbF
2B/BheyUeDhmtbbL+iO00hprtYOSF1ql3gaP9BzrdJ9u04k6JWahhrx7gCuqzOzV
t5n0h9qM5ZkijUH2Z+iPe/XxC4v1KMFXIg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq8JUQYeGDI4m1IoVtiPF
ud4DZFtVDq/PC9exoEbFp81AiyKjclRQImQnaP6yAbut/Dj5DOEc9ERySLJdc4fe
L3U+Gb34xRUAIPQYGMd/dlhwlly9ZdEMbU4Exaz9eOwYoQIfLD81qxyvxh8PId3w
ttVu2hQwRqMen4sMCcVlQiSESZVHbl8OWyttinzTzPxYEIbs79Gnmpr82LJQU6YT
GN9+QH1iZji+WioOFdKtSoiwD51Iox8LlII29RwDaBtkATZXbKwChQwv0cM1nHTv
81KHFAmlO1S9O6dbWN1PsNRSq99n0S2ALYckO/V6wfqu85ygN3ACpGuW6s4pablD
6vYjcZS2RNqfmPwFB2UJU6u20X8yZ3veuYiTE8FGFH+feVe/fNsKIR7Z2GdKgIra
zam8Mp/0bLD8rF96N/lajMJbiZ4d1Vff5UxuHA0+goLWykcgHFOi8vCT1NgOvaKq
TayJGLg78tG/Xuj/cFnR5MI+rihbIOjvKcOOo/8zHeP63+Au8MCCa47fqgl/k8sQ
i/wvREuouPFZI7PAowhUIlc9tL/ERu228TR1mLaOX8DDWL/utel4/Yw1rTLCqpeK
bmUi/zyejBiAmLebE4WrPgVxPvEIgr4qQoQ6zcQ+EPkxg/b+5n4rvUwKUangGmql
r8h8kp3ZNqFTkJ3nPauPCxkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 18485447450684752890856349250559795042
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Noord-Holland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amsterdam'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA SSL CA 3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-30 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-11-15 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rome'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Consortium GARR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'idp-sdn.irccs.garr.it'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 700715985872216186651126518647067630592821865492555597063465964570527361621043804712814541757372446233572337974419641930829876199362954244620913096509381968494896383879693793187917345190235687002397846936957617663480133519846070097779323597930047183958307706947298408260940495585879563091569583055680254369615787107524929292954080910874795425800859002635248547425342327011662957880015591682913709869942059646592261917078394261143850891337395913566167722522904366632962196012580270484182563432705764837686748846256263813302874631743232858309160979479476631434247232827846501006062836070365053241932754731218360091847385131736074569937301086274592164066251232173906382675385383771388925953722747197788874040069479983707808838939350591063988708696139361889132366385353455916141404432242861564909444605115247295868622937769138791113798113299108388495612125501851653258664799985955685885278434140947960454673195338076743099511399056572983996564253663049082362655774423780928442801578495953766903295904183807229790956319345309802534545073598102536516466808431203589718861947786854331907148654908971284055344661183451061627948707655851479498893174784429437152512092541786860294369700819533334292699604879799090727122749285241836044479826713
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 67fd8820142798c709d22519bbe9511163755062
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6c00a09ecb9c64950628af8356147348e044c1d6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idp-sdn.irccs.garr.it'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/TERENASSLCA3.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/TERENASSLCA3.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (98 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/TERENASSLCA3.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016d812ca7e80000040300463044022062672ea709bdaa9cc7ed5a128bc23c8cc7b1b476d84533d5a8b5534fce8942c1022055c34d8bf4bbf0bcd5d8a7604b566f3ca7935a9c4a6681ec86f449f233a4c77c0075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016d812ca8580000040300463044022059630d2184c964a4895b8756e234b8838e4ce415ba375cd72bc2fc5f6d5ecb940220398263a11bbf105073b8ec68f1a734fd4999cc86dbe9955bcebda3708d2ec9ea0077004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016d812ca75d000004030048304602210096c757458d62088d3c103c727ce540c9d3126c14a34673482d91cc3e834bbb36022100f26b837856dea1f2f0bad881c00aaba22c1ff49d7a7f83a3736dade61a57b0d6
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002dbecdb7eb313dd6df20ed83d7775acb97bbc1f372ab8a4d6923b3db550aca0d8ca1b09a02846b19e54041ec5202d0414aaed7ab7bf4b0d79737bc9a45c3b2df77fcd66104e356249154e09bbd0547493467e2a301d17f1ecb5128447e50fc57300a9eae4394ff19deac179b80e74552cfeea59b185d251f411fe8f5c507321c1d7efe467ee4bd82e326f08087f205d8ea899250c61fdd4a7a9b9ae99af71c92e4a845e1301933630a5952140e82ac1f59f428eb9296c5d81fc185ec94783866b5b6cbfa23b4d21a6bb58392175aa5de068ff41ceb749f6ed3893a2566a186bc7b802baaccecd5b799f487da8ce599228d41f667e88f7bf5f10b8bf528c15722