*.nmgn.mrc.ukri.org
- UK Research and Innovation -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number 81:11:44:58:72:c5:04:5c:39:e5:98:75:e3:6a:e4:f5 was issued on by GEANT Vereniging.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
UK Research and Innovation
Organization:
UK Research and Innovation
State / Province:
Wiltshire
Country: GB
Country: GB
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 81:11:44:58:72:c5:04:5c:39:e5:98:75:e3:6a:e4:f5Serial Number (int): 171560066714300059339962380162540692725
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 95:98:a2:88:a2:97:5c:20:ea:b4:74:f1:0c:7a:5e:4b:fd:c7:2b:28
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): 71:97:43:84:e5:3a:3b:19:46:d5:94:08:92:f7:f4:f3:9f:b1:33:4a
Fingerprint (sha256): 22:d8:4d:87:7d:52:2a:83:30:6e:13:0a:fa:4e:2a:fb:db:89:b2:fe:cc:c8:5f:93:3c:6f:b8:bf:84:1f:01:d9
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate *.nmgn.mrc.ukri.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.nmgn.mrc.ukri.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.nmgn.mrc.ukri.org
nmgn.mrc.ukri.org
nmgn.mrc.ukri.org
Other certificates including the domain name ukri.org
(limited to 100 certificates)
stfc.ukri.org
nerc.ukri.org
riinfrastructure.ukri.org.uk
ahrc.ukri.org
webhelpdesk.ukri.org
ahrc.ukri.org
store.apps.ukri.org
www.ukri.org
ithelpdesk.ukri.org
ukinnovationhub.ukri.org
*.api.rap-test.ukritfsdigstaging.services.ukri.org
training.ukri.org
uknqt.ukri.org
webhelpdesk.ukri.org
funding-service.ukri.org
bbsrc.ukri.org
guest.ukri.org
energycatalyst.ukri.org
internal.demo-1.ukristaging.services.ukri.org
ui.demo-1.ukristaging.services.ukri.org
www.innovateuk.ukri.org
ausoriwsvlrpm01.ukri.org
beta.innovateukedge.ukri.org
ukfoodsystems.ukri.org
dev.mhp.ukri.org
re.ukri.org
ausoriwsvlrpm01.ukri.org
epsrc.ukri.org
esrc.ukri.org
ukri.org
*.services.ukri.org
r4ri.ukri.org
*.staging.services.ukri.org
vpn.ukri.org
*.sil.uat.innovateuk.ukri.org
helloworld.default.ukristaging.services.ukri.org
portal.nerc.ac.uk
engagementhub.ukri.org
internal.infradev-1.ukristaging.services.ukri.org
*.apps.org-env-0.org.innovateuk.ukri.org
jenkins29skjdnchg.beta.ukri.org
*.api.dev.ukristaging.services.ukri.org
stfc.ukri.org
ahrc.ukri.org
*.dev.whp.ukri.org
nerc.ukri.org
go.innovateuk.ukri.org
*.services.ukri.org
*.dev-1.ukristaging.services.ukri.org
internal.dr-1.ukridr.services.ukri.org
esrc.ukri.org
esrc.ukri.org
testgow.epsrc.ukri.org
stfc.ukri.org
nerc.ukri.org
ahrc.ukri.org
www.mrc.ukri.org
mrc.ukri.org
sts.ukri.org
epsrc.ukri.org
dev.coronavirusexplained.ukri.org
ukri.org
reporting.services.ukri.org
ukfoodsystems.ukri.org
*.api.rap-test.ukritfsdigstaging.services.ukri.org
mrc.ukri.org
vpn.ukri.org
farminginnovation.ukri.org
engagementhub.ukri.org
*.dev.services.ukri.org
ukfoodsystems.ukri.org
san-13-s51.tlsprovisioning.exacttarget.com
san-13-s51.tlsprovisioning.exacttarget.com
gow.bbsrc.ukri.org
redataadmin-uat.services.ukri.org
*.nmgn.mrc.ukri.org
engagementhub.ukri.org
eduroam.ukri.org
anpr1.mscp.ukri.org
*.innovateuk.ukri.org
energycatalyst.ukri.org
anpr1.mscp.ukri.org
uatdirectory.apps.ukri.org
*.test-1.ukristaging.services.ukri.org
engagementhub.ukri.org
vpn.innovateuk.ukri.org
nerc.ukri.org
eduroam.ukri.org
app.info.innovateuk.org
*.api.dr-1.ukridr.services.ukri.org
webhelpdesk.ukri.org
www.bbsrc.ukri.org
epsrc.ukri.org
gow.epsrc.ukri.org
eds.ukri.org
coronavirusexplained.ukri.org
re.ukri.org
reporting.services.ukri.org
yopass.innovateuk.ukri.org
*.staging.innovateuk.ukri.org
nerc.ukri.org
riinfrastructure.ukri.org.uk
ahrc.ukri.org
webhelpdesk.ukri.org
ahrc.ukri.org
store.apps.ukri.org
www.ukri.org
ithelpdesk.ukri.org
ukinnovationhub.ukri.org
*.api.rap-test.ukritfsdigstaging.services.ukri.org
training.ukri.org
uknqt.ukri.org
webhelpdesk.ukri.org
funding-service.ukri.org
bbsrc.ukri.org
guest.ukri.org
energycatalyst.ukri.org
internal.demo-1.ukristaging.services.ukri.org
ui.demo-1.ukristaging.services.ukri.org
www.innovateuk.ukri.org
ausoriwsvlrpm01.ukri.org
beta.innovateukedge.ukri.org
ukfoodsystems.ukri.org
dev.mhp.ukri.org
re.ukri.org
ausoriwsvlrpm01.ukri.org
epsrc.ukri.org
esrc.ukri.org
ukri.org
*.services.ukri.org
r4ri.ukri.org
*.staging.services.ukri.org
vpn.ukri.org
*.sil.uat.innovateuk.ukri.org
helloworld.default.ukristaging.services.ukri.org
portal.nerc.ac.uk
engagementhub.ukri.org
internal.infradev-1.ukristaging.services.ukri.org
*.apps.org-env-0.org.innovateuk.ukri.org
jenkins29skjdnchg.beta.ukri.org
*.api.dev.ukristaging.services.ukri.org
stfc.ukri.org
ahrc.ukri.org
*.dev.whp.ukri.org
nerc.ukri.org
go.innovateuk.ukri.org
*.services.ukri.org
*.dev-1.ukristaging.services.ukri.org
internal.dr-1.ukridr.services.ukri.org
esrc.ukri.org
esrc.ukri.org
testgow.epsrc.ukri.org
stfc.ukri.org
nerc.ukri.org
ahrc.ukri.org
www.mrc.ukri.org
mrc.ukri.org
sts.ukri.org
epsrc.ukri.org
dev.coronavirusexplained.ukri.org
ukri.org
reporting.services.ukri.org
ukfoodsystems.ukri.org
*.api.rap-test.ukritfsdigstaging.services.ukri.org
mrc.ukri.org
vpn.ukri.org
farminginnovation.ukri.org
engagementhub.ukri.org
*.dev.services.ukri.org
ukfoodsystems.ukri.org
san-13-s51.tlsprovisioning.exacttarget.com
san-13-s51.tlsprovisioning.exacttarget.com
gow.bbsrc.ukri.org
redataadmin-uat.services.ukri.org
*.nmgn.mrc.ukri.org
engagementhub.ukri.org
eduroam.ukri.org
anpr1.mscp.ukri.org
*.innovateuk.ukri.org
energycatalyst.ukri.org
anpr1.mscp.ukri.org
uatdirectory.apps.ukri.org
*.test-1.ukristaging.services.ukri.org
engagementhub.ukri.org
vpn.innovateuk.ukri.org
nerc.ukri.org
eduroam.ukri.org
app.info.innovateuk.org
*.api.dr-1.ukridr.services.ukri.org
webhelpdesk.ukri.org
www.bbsrc.ukri.org
epsrc.ukri.org
gow.epsrc.ukri.org
eds.ukri.org
coronavirusexplained.ukri.org
re.ukri.org
reporting.services.ukri.org
yopass.innovateuk.ukri.org
*.staging.innovateuk.ukri.org
Certificate
The complete raw certificate details for *.nmgn.mrc.ukri.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHbDCCBVSgAwIBAgIRAIERRFhyxQRcOeWYdeNq5PUwDQYJKoZIhvcNAQEMBQAw RDELMAkGA1UEBhMCTkwxGTAXBgNVBAoTEEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNV BAMTEUdFQU5UIE9WIFJTQSBDQSA0MB4XDTIyMTAwMzAwMDAwMFoXDTIzMTAwMzIz NTk1OVowZDELMAkGA1UEBhMCR0IxEjAQBgNVBAgTCVdpbHRzaGlyZTEjMCEGA1UE ChMaVUsgUmVzZWFyY2ggYW5kIElubm92YXRpb24xHDAaBgNVBAMMEyoubm1nbi5t cmMudWtyaS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuxkTb RCiC+/226hNdC2uSYjnqt6GNZDU8PVDoHIohzLa04JeoUxFK69mhKgYlpycyAYIJ r2MwVUe0AYaugonvKwW9g5TZj5S+366kyeMnaKm7rNbkY2XrbuXnvkNsyDQkGP5z mahTVv8xR3kN8JEHdBHcQ8dEzD8SY0U0E+Juy1I4/6k+x/7DeBEGVWR5zrDYLiw4 MK0+nJtu7WsK233wxCKFHhfb5Tq6/zhUpqHuk3G1iXP8LuikEmP/NL4JQPeBUL9p BUcvAl1r/8jIrxpQq4W5nDez0VQcPYr1D8h6Y207STUhOsPsfQCRtBLoK8EHGyVP hKlrr1x+iAQ/ZmrJAgMBAAGjggM3MIIDMzAfBgNVHSMEGDAWgBRvHTVJEGwy+lmg nryK6B+VvnF6DDAdBgNVHQ4EFgQUlZiiiKKXXCDqtHTxDHpeS/3HKygwDgYDVR0P AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAk8wJTAjBggrBgEFBQcCARYX aHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQICMD8GA1UdHwQ4MDYwNKAy oDCGLmh0dHA6Ly9HRUFOVC5jcmwuc2VjdGlnby5jb20vR0VBTlRPVlJTQUNBNC5j cmwwdQYIKwYBBQUHAQEEaTBnMDoGCCsGAQUFBzAChi5odHRwOi8vR0VBTlQuY3J0 LnNlY3RpZ28uY29tL0dFQU5UT1ZSU0FDQTQuY3J0MCkGCCsGAQUFBzABhh1odHRw Oi8vR0VBTlQub2NzcC5zZWN0aWdvLmNvbTAxBgNVHREEKjAoghMqLm5tZ24ubXJj LnVrcmkub3JnghFubWduLm1yYy51a3JpLm9yZzCCAXwGCisGAQQB1nkCBAIEggFs BIIBaAFmAHUArfe++nz/EMiLnT2cHj4YarRnKV3PsQwkyoWGNOvcgooAAAGDnl3q HgAABAMARjBEAiAWUiNf4R/Fw8piy/YcNIRNLDgh4WfRPYStJbXUIZDPtAIgeylx 6Djd3sFYJYP0hpl7W8dTEQbmaSBG8bojHtNM1L0AdgB6MoxU2LcttiDqOOBSHumE FnAyE4VNO9IrwTpXo1LrUgAAAYOeXenpAAAEAwBHMEUCIH+fgKrMlXimMe8rNVPr aX7Lz4YIGDiwARajqAwbuN1AAiEA4zP9f3rpA+0bOuL29HDg3NiDQ/XfkLf9TDbP tHXaMHYAdQDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAYOeXem2 AAAEAwBGMEQCIArao067yKi8DVbsIHkIqZwLRQRQj4y28JPWUWBvNHCvAiBAaY7g iQvZFOb4i5a6aPVX2w/jaypi3W1+TfbOjNQiDjANBgkqhkiG9w0BAQwFAAOCAgEA gCvrN/QdK8vI3MO/v2sGdvjZ7j45m13TRpXw2UXUqwcPxBKKIoSxQIQk3z7M9Mnd rJwMPS58SC3e+WNIBOKrqFisvGBMMNwqCmrHsSSdgZjjTpUDWqjrJtac32Duq8Jk cbC/Mq85JQCtvyo+kbVP+ZdrAFD8qMSNLt3hD0ra6l9MThjun54xHfLhhc+ZzWnJ QOgNflLZXrctAqs2dSaqL5jNxsf14ecQczQ405BTSamta22maSKkk/OW5Y61KeMY ougWno8+qf2w9Tc0j+Ls5oUwuUWfuDMFQxKob+kGbPlEe7gJxfiJsAYf7O1Xm172 ub9UMaFsJAdQBot1yfu5xzVj8zVuIbFu4A/8pJD1KiURX47abtVGggwKLNGZIpZX RtH1r3ib3KxU6DQwJPBMnXBD11DSrSaniK2Ux6rdPNv7wcyKf33Uogs54q442O7+ 4B1h0AofcagtZRYrJYklOsky3e/zV751vivu9aWK9By/ci372WusPPH5eqlUw9Mz ND+sulzFUrql2akcXx2tTwgkkAC6r7X/ekRc9qmTCy/ImUWDXHyzz51ZaWSFnQJE Mz9MrrHt4CCxsvkB25J2hZPZ9V2MtWIyo0MK4+baN7hAZi9ZcrpdMHUyKU1lcbY5 5ELqCptKe4nyTnKJW68fGBgs+ejhQuy3VZGD9mB/WJE= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsZE20Qogvv9tuoTXQtr kmI56rehjWQ1PD1Q6ByKIcy2tOCXqFMRSuvZoSoGJacnMgGCCa9jMFVHtAGGroKJ 7ysFvYOU2Y+Uvt+upMnjJ2ipu6zW5GNl627l575DbMg0JBj+c5moU1b/MUd5DfCR B3QR3EPHRMw/EmNFNBPibstSOP+pPsf+w3gRBlVkec6w2C4sODCtPpybbu1rCtt9 8MQihR4X2+U6uv84VKah7pNxtYlz/C7opBJj/zS+CUD3gVC/aQVHLwJda//IyK8a UKuFuZw3s9FUHD2K9Q/IemNtO0k1ITrD7H0AkbQS6CvBBxslT4Spa69cfogEP2Zq yQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 171560066714300059339962380162540692725 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Wiltshire' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'UK Research and Innovation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.nmgn.mrc.ukri.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22063235137505327253927929649297553890242809988073011710914260342705155074627489634074411271864478363527493837708252960840695736415786476940884870934955862882001748599998605936817265894113907841344491841261084230508267472237206857939118628562085202087001789970976927170304038172540259585701672951124864809527730438619458118054669722703230409786611282333873883433483862814326720103726141520808504184932057607581733237843018120282701048909978717665464382246898019157571582544214724186211617424445878272028493227174178313540371554241169820184113147789146847212373563629085088518129438571940593329437605518187608035191497 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9598a288a2975c20eab474f10c7a5e4bfdc72b28 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.nmgn.mrc.ukri.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nmgn.mrc.ukri.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 0166007500adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a000001839e5dea1e000004030046304402201652235fe11fc5c3ca62cbf61c34844d2c3821e167d13d84ad25b5d42190cfb402207b2971e838dddec1582583f486997b5bc7531106e6692046f1ba231ed34cd4bd0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb52000001839e5de9e9000004030047304502207f9f80aacc9578a631ef2b3553eb697ecbcf86081838b00116a3a80c1bb8dd40022100e333fd7f7ae903ed1b3ae2f6f470e0dcd88343f5df90b7fd4c36cfb475da3076007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001839e5de9b6000004030046304402200adaa34ebbc8a8bc0d56ec207908a99c0b4504508f8cb6f093d651606f3470af022040698ee0890bd914e6f88b96ba68f557db0fe36b2a62dd6d7e4df6ce8cd4220e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00802beb37f41d2bcbc8dcc3bfbf6b0676f8d9ee3e399b5dd34695f0d945d4ab070fc4128a2284b1408424df3eccf4c9ddac9c0c3d2e7c482ddef9634804e2aba858acbc604c30dc2a0a6ac7b1249d8198e34e95035aa8eb26d69cdf60eeabc26471b0bf32af392500adbf2a3e91b54ff9976b0050fca8c48d2edde10f4adaea5f4c4e18ee9f9e311df2e185cf99cd69c940e80d7e52d95eb72d02ab367526aa2f98cdc6c7f5e1e710733438d3905349a9ad6b6da66922a493f396e58eb529e318a2e8169e8f3ea9fdb0f537348fe2ece68530b9459fb833054312a86fe9066cf9447bb809c5f889b0061feced579b5ef6b9bf5431a16c240750068b75c9fbb9c73563f3356e21b16ee00ffca490f52a25115f8eda6ed546820c0a2cd19922965746d1f5af789bdcac54e8343024f04c9d7043d750d2ad26a788ad94c7aadd3cdbfbc1cc8a7f7dd4a20b39e2ae38d8eefee01d61d00a1f71a82d65162b2589253ac932ddeff357be75be2beef5a58af41cbf722dfbd96bac3cf1f97aa954c3d333343facba5cc552baa5d9a91c5f1dad4f08249000baafb5ff7a445cf6a9930b2fc89945835c7cb3cf9d596964859d0244333f4caeb1ede020b1b2f901db92768593d9f55d8cb56232a3430ae3e6da37b840662f5972ba5d307532294d6571b639e442ea0a9b4a7b89f24e72895baf1f18182cf9e8e142ecb7559183f6607f5891