mfa.irvn.nl
- Modulaire Gemeenschappelijke regeling Rijk van Nijmegen -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number 61:c7:36:a4:05:d4:22:73:86:68:39:57:97:2d:bf:a3 was issued on by Sectigo Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Modulaire Gemeenschappelijke regeling Rijk van Nijmegen
Organization:
Modulaire Gemeenschappelijke regeling Rijk van Nijmegen
Organization unit: ICT Rijk van Nijmegen
Organization unit: ICT Rijk van Nijmegen
Address:
Nieuwe Dukenburgseweg 21 A
Postal code: 6534AD
State / Province: Gelderland
Locality: Nijmegen
Country: NL
Postal code: 6534AD
State / Province: Gelderland
Locality: Nijmegen
Country: NL
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): 61:c7:36:a4:05:d4:22:73:86:68:39:57:97:2d:bf:a3Serial Number (int): 129969490911326399913687178929704386467
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: b4:b8:f3:01:a6:e5:02:ad:d1:a2:ba:db:ac:7f:15:0e:ae:51:c1:e2
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): 48:02:f5:d1:96:0a:78:de:e2:98:bb:6e:24:e6:b1:b1:be:0c:97:78
Fingerprint (sha256): 2c:a0:ae:89:8c:8c:4c:3c:b4:7f:60:b6:c6:d7:62:56:06:1d:fd:84:bf:d2:69:a9:07:a6:3c:1d:7a:a4:08:33
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate mfa.irvn.nl
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mfa.irvn.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
mfa.irvn.nl
www.mfa.irvn.nl
www.mfa.irvn.nl
Other certificates including the domain name irvn.nl
(limited to 100 certificates)
irvn.nl
zaaksysteem.data.irvn.nl
data.irvn.nl
govroam.irvn.nl
ftp.ggi.irvn.nl
ciscocloud.irvn.nl
eva.data.irvn.nl
irvn.nl
xs.irvn.nl
zsh.irvn.nl
djuma.data.irvn.nl
dg.irvn.nl
xs.irvn.nl
services.irvn.nl
dg.irvn.nl
mfa.irvn.nl
xs.irvn.nl
ftp.ggi.irvn.nl
support.irvn.nl
oc.irvn.nl
oc.irvn.nl
sts.irvn.nl
wizportaal.data.irvn.nl
webapps.irvn.nl
mfa.irvn.nl
autodiscover.irvn.nl
autodiscover.irvn.nl
samen.irvn.nl
login.irvn.nl
portal.irvn.nl
samen.irvn.nl
ciscocloud.irvn.nl
sts.irvn.nl
logon.irvn.nl
autodiscover.irvn.nl
wachtwoord.irvn.nl
irvn.nl
mfa.irvn.nl
govroam.irvn.nl
data.gemnet.irvn.nl
wizportaal.data.irvn.nl
portal.irvn.nl
ftp.irvn.nl
zaaksysteem.data.irvn.nl
govroam.irvn.nl
djuma.data.irvn.nl
micollab.irvn.nl
xs.irvn.nl
dg.irvn.nl
data-test.gemnet.irvn.nl
irvn.nl
autodiscover.irvn.nl
login.irvn.nl
eva.data.irvn.nl
dgtest.irvn.nl
wachtwoord.irvn.nl
autodiscover.irvn.nl
xs.irvn.nl
samen.irvn.nl
services.irvn.nl
logon.irvn.nl
xs.irvn.nl
webmail.irvn.nl
data-test.irvn.nl
ftp.irvn.nl
dgtest.irvn.nl
myprint.irvn.nl
xs.irvn.nl
zaaksysteem.data.irvn.nl
data.irvn.nl
govroam.irvn.nl
ftp.ggi.irvn.nl
ciscocloud.irvn.nl
eva.data.irvn.nl
irvn.nl
xs.irvn.nl
zsh.irvn.nl
djuma.data.irvn.nl
dg.irvn.nl
xs.irvn.nl
services.irvn.nl
dg.irvn.nl
mfa.irvn.nl
xs.irvn.nl
ftp.ggi.irvn.nl
support.irvn.nl
oc.irvn.nl
oc.irvn.nl
sts.irvn.nl
wizportaal.data.irvn.nl
webapps.irvn.nl
mfa.irvn.nl
autodiscover.irvn.nl
autodiscover.irvn.nl
samen.irvn.nl
login.irvn.nl
portal.irvn.nl
samen.irvn.nl
ciscocloud.irvn.nl
sts.irvn.nl
logon.irvn.nl
autodiscover.irvn.nl
wachtwoord.irvn.nl
irvn.nl
mfa.irvn.nl
govroam.irvn.nl
data.gemnet.irvn.nl
wizportaal.data.irvn.nl
portal.irvn.nl
ftp.irvn.nl
zaaksysteem.data.irvn.nl
govroam.irvn.nl
djuma.data.irvn.nl
micollab.irvn.nl
xs.irvn.nl
dg.irvn.nl
data-test.gemnet.irvn.nl
irvn.nl
autodiscover.irvn.nl
login.irvn.nl
eva.data.irvn.nl
dgtest.irvn.nl
wachtwoord.irvn.nl
autodiscover.irvn.nl
xs.irvn.nl
samen.irvn.nl
services.irvn.nl
logon.irvn.nl
xs.irvn.nl
webmail.irvn.nl
data-test.irvn.nl
ftp.irvn.nl
dgtest.irvn.nl
myprint.irvn.nl
xs.irvn.nl
Certificate
The complete raw certificate details for mfa.irvn.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgIQYcc2pAXUInOGaDlXly2/ozANBgkqhkiG9w0BAQsFADCB lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy dmVyIENBMB4XDTIwMDEwNjAwMDAwMFoXDTIyMDEyMDIzNTk1OVowgeMxCzAJBgNV BAYTAk5MMQ8wDQYDVQQREwY2NTM0QUQxEzARBgNVBAgTCkdlbGRlcmxhbmQxETAP BgNVBAcTCE5pam1lZ2VuMSMwIQYDVQQJExpOaWV1d2UgRHVrZW5idXJnc2V3ZWcg MjEgQTFAMD4GA1UEChM3TW9kdWxhaXJlIEdlbWVlbnNjaGFwcGVsaWprZSByZWdl bGluZyBSaWprIHZhbiBOaWptZWdlbjEeMBwGA1UECxMVSUNUIFJpamsgdmFuIE5p am1lZ2VuMRQwEgYDVQQDEwttZmEuaXJ2bi5ubDCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBALArh1qqYMrHsuTX8t8cdk5xHR6B0ZyvaRd9tEYWT7TduUYO CNTLOwV6bG5xBtyQH24xA6MOmKZZ4eJaz54x5G89c6NWohHUvXEyUFO1vJtpnQ2Y //tiwHF1IR1yvYctX8H1ySk+1RAQXH085vb1wRCiu9EHanEBhpaW7Y99wg28+3n7 FTpGGwRMHIpQdWCPbHA6gE//ydbF1fLXrjw/xQBpCWMBqDgVNhVgE1HMZDpLfoqb /I8YCXfkF8tXjn6F198FnqKJLqR9Nr3TvGUc7MOSQrIYXNlIxo2z6XG62Bvayhog A2xh20cRsfww6PvnNWKREJoard/Su7d7sdjXPNUCAwEAAaOCAfQwggHwMB8GA1Ud IwQYMBaAFBfZ1iUnZ/kxwklD2TA2RIxsqU/rMB0GA1UdDgQWBBS0uPMBpuUCrdGi utusfxUOrlHB4jAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSgYDVR0gBEMwQTA1BgwrBgEEAbIxAQIB AwQwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EM AQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2VjdGlnby5jb20vU2Vj dGlnb1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmww gYoGCCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5zZWN0aWdv LmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZl ckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wJwYD VR0RBCAwHoILbWZhLmlydm4ubmyCD3d3dy5tZmEuaXJ2bi5ubDATBgorBgEEAdZ5 AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAUf8yFKB1rBwvPDk9S40sEOK Og/B3i6P/bgVm39jfVaQ8m1RvNBKuL0pkid60UbEWgeRTQZdhcob69PR3mgV1TEM Uhg7I2pYa2iOAjOi8FKYoyHFkYS/Uq1gMias9eBWV3ishLXFe+IAz/G+mB2bZ5/K ZjoMs73sGYtsCE+0rBzMOo9lQL1WDC80fXlTJf3qx7Zi0sYtR+KWv1XOIVfBRWR6 EvBpaKIi75KErRr4rt6/HIMEH3bwFEKqF9+j4Q6MScbvd+xQL7+Euah8JaRghizb W3P6/95lc3KV61ZzxjKqzxabfbQZHpLWCF2tPXU9SNBID+lGIXXzQ7u6PeR4Vg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCuHWqpgysey5Nfy3xx2 TnEdHoHRnK9pF320RhZPtN25Rg4I1Ms7BXpsbnEG3JAfbjEDow6Yplnh4lrPnjHk bz1zo1aiEdS9cTJQU7W8m2mdDZj/+2LAcXUhHXK9hy1fwfXJKT7VEBBcfTzm9vXB EKK70QdqcQGGlpbtj33CDbz7efsVOkYbBEwcilB1YI9scDqAT//J1sXV8teuPD/F AGkJYwGoOBU2FWATUcxkOkt+ipv8jxgJd+QXy1eOfoXX3wWeookupH02vdO8ZRzs w5JCshhc2UjGjbPpcbrYG9rKGiADbGHbRxGx/DDo++c1YpEQmhqt39K7t3ux2Nc8 1QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 129969490911326399913687178929704386467 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-06 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-20 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '6534AD' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gelderland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Nijmegen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Nieuwe Dukenburgseweg 21 A' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Modulaire Gemeenschappelijke regeling Rijk van Nijmegen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ICT Rijk van Nijmegen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mfa.irvn.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22239406489411458598632196176192207070165636613204403233439353121896072203075660703777594849350109793688960097249790894704123772478878808938265775442096334553498630221659452077989700181272324630743975717107537817228637065251128669208111479383576186608982706764038917039263291858848772848602922956794768648192263728730452512627512644113880151378973452924036259596104019148848824661035836937590589175773558679485824380125246578866850447405956812299281813677882581272604546324386254382712828674715090031217039280459036192913389327144431827749399682842256870281860672279724594572884874983234563119492836094327303534230741 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b4b8f301a6e502add1a2badbac7f150eae51c1e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mfa.irvn.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mfa.irvn.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000147fcc85281d6b070bcf0e4f52e34b0438a3a0fc1de2e8ffdb8159b7f637d5690f26d51bcd04ab8bd2992277ad146c45a07914d065d85ca1bebd3d1de6815d5310c52183b236a586b688e0233a2f05298a321c59184bf52ad603226acf5e0565778ac84b5c57be200cff1be981d9b679fca663a0cb3bdec198b6c084fb4ac1ccc3a8f6540bd560c2f347d795325fdeac7b662d2c62d47e296bf55ce2157c145647a12f06968a222ef9284ad1af8aedebf1c83041f76f01442aa17dfa3e10e8c49c6ef77ec502fbf84b9a87c25a460862cdb5b73faffde65737295eb5673c632aacf169b7db4191e92d6085dad3d753d48d0480fe9462175f343bbba3de47856