adfs.rsm.nl
Issued by TERENA SSL CA 2
About this certificate
This digital certificate with serial number c2:84:85:72:44:da:61:f5:ae:a5:55:17:f1:ac:01:18 was issued on by TERENA.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=adfs.rsm.nl,OU=Domain Control Validated
TERENA
Organization:
TERENA
State / Province:
Noord-Holland
Locality: Amsterdam
Country: NL
Locality: Amsterdam
Country: NL
This certificate has expire since
Certificate Details
Serial Number (hex): c2:84:85:72:44:da:61:f5:ae:a5:55:17:f1:ac:01:18Serial Number (int): 258558320981397077986718614401156120856
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: d7:13:68:3b:73:84:04:0f:e1:a0:f3:7f:c5:d1:0d:65:4d:82:6d:5f
AuthorityKeyId: 5b:d0:8a:1c:9a:32:5b:e0:b5:dd:96:54:1b:e1:86:28:b0:fd:b6:bd
Fingerprint (sha1): 02:c8:96:78:cf:69:fb:b2:80:3f:78:b4:b4:ca:b5:ce:79:f0:2c:bd
Fingerprint (sha256): 33:77:77:0d:60:03:90:bf:7b:24:0a:48:0a:35:6f:58:25:86:a7:56:9d:55:5f:27:88:2c:41:22:f3:0e:aa:a0
Issuing Certificate URL: http://crt.usertrust.com/TERENASSLCA2.crt
Revocation information
OCSP Server: http://ocsp.usertrust.comCRL Distribution Point: http://crl.usertrust.com/TERENASSLCA2.crl
Check the revocation status for certificate adfs.rsm.nl
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for adfs.rsm.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
adfs.rsm.nl
Other certificates including the domain name rsm.nl
(limited to 100 certificates)
decosjoin.rsm.nl
alumni.eur.nl
fin.rsm.nl
alumni.myrsm.nl
blog.rsm.nl
api-accept.rsm.nl
talktoastudent.rsm.nl
jobboard.rsm.nl
expertise-search-test.rsm.nl
landing.rsm.nl
jobboard.rsm.nl
www.store.rsm.nl
crm-prod.rsm.nl
store.rsm.nl
blackboard.rsm.nl
expertise-search.rsm.nl
iba-services.rsm.nl
jobboard-test.rsm.nl
iba-apply.rsm.nl
apply.rsm.nl
decostest.rsm.nl
webcast.rsm.nl
webcast.rsm.nl
www.store.rsm.nl
talktoastudent.rsm.nl
jobboard-test.rsm.nl
dilemma-game-test.rsm.nl
ww3.rsm.nl
api.rsm.nl
printmydoc.nl
landing.rsm.nl
eur-api-bundle-accept.service.eur.nl
ecdacommunity.rsm.nl
mailhog-test.rsm.nl
select.rsm.nl
iwill.rsm.nl
iwill.rsm.nl
ecdacommunity.rsm.nl
apply.rsm.nl
graduationplanner.rsm.nl
store.rsm.nl
media.rsm.nl
alumni.eur.nl
lateregistration-accept.rsm.nl
documents.rsm.nl
apply-exchange.rsm.nl
accept.intranet.rsm.nl
stash.rsm.nl
store.rsm.nl
dashboard-accept.imc.rsm.nl
dilemmagame-accept.rsm.nl
apply-test.rsm.nl
apply-accept.rsm.nl
crm-prod.rsm.nl
eur-api-bundle-test.service.eur.nl
decosjoin.rsm.nl
graduationplanner.rsm.nl
exchange.eur.nl
mailings.rsm.nl
store.rsm.nl
apply-exchange-test.rsm.nl
signature.rsm.nl
rsm.nl
mailings.rsm.nl
request-eb.rsm.nl
www.store.rsm.nl
store.rsm.nl
www.store.rsm.nl
adfs.rsm.nl
select.rsm.nl
api.rsm.nl
signature-test.rsm.nl
request-eb.rsm.nl
Dyn365lcm.rsm.nl
www.store.rsm.nl
landing.rsm.nl
dashboard-accept.rsm.nl
thinkdo.rsm.nl
rsmbv-web01.rsm.nl
publications.rsm.nl
expertise-search.rsm.nl
rsm.nl
webcast.rsm.nl
eur-api-bundle.service.eur.nl
top-test.rsm.nl
eur-api-bundle.service.eur.nl
printmydoc.nl
top.rsm.nl
jobboard.rsm.nl
lateregistration.rsm.nl
mailings.rsm.nl
expertise-search.rsm.nl
landing.rsm.nl
landing.rsm.nl
apply-exchange.rsm.nl
printmydoc.nl
expertise-search.rsm.nl
eur-api-bundle-accept.service.eur.nl
jobboard.rsm.nl
store.rsm.nl
alumni.eur.nl
fin.rsm.nl
alumni.myrsm.nl
blog.rsm.nl
api-accept.rsm.nl
talktoastudent.rsm.nl
jobboard.rsm.nl
expertise-search-test.rsm.nl
landing.rsm.nl
jobboard.rsm.nl
www.store.rsm.nl
crm-prod.rsm.nl
store.rsm.nl
blackboard.rsm.nl
expertise-search.rsm.nl
iba-services.rsm.nl
jobboard-test.rsm.nl
iba-apply.rsm.nl
apply.rsm.nl
decostest.rsm.nl
webcast.rsm.nl
webcast.rsm.nl
www.store.rsm.nl
talktoastudent.rsm.nl
jobboard-test.rsm.nl
dilemma-game-test.rsm.nl
ww3.rsm.nl
api.rsm.nl
printmydoc.nl
landing.rsm.nl
eur-api-bundle-accept.service.eur.nl
ecdacommunity.rsm.nl
mailhog-test.rsm.nl
select.rsm.nl
iwill.rsm.nl
iwill.rsm.nl
ecdacommunity.rsm.nl
apply.rsm.nl
graduationplanner.rsm.nl
store.rsm.nl
media.rsm.nl
alumni.eur.nl
lateregistration-accept.rsm.nl
documents.rsm.nl
apply-exchange.rsm.nl
accept.intranet.rsm.nl
stash.rsm.nl
store.rsm.nl
dashboard-accept.imc.rsm.nl
dilemmagame-accept.rsm.nl
apply-test.rsm.nl
apply-accept.rsm.nl
crm-prod.rsm.nl
eur-api-bundle-test.service.eur.nl
decosjoin.rsm.nl
graduationplanner.rsm.nl
exchange.eur.nl
mailings.rsm.nl
store.rsm.nl
apply-exchange-test.rsm.nl
signature.rsm.nl
rsm.nl
mailings.rsm.nl
request-eb.rsm.nl
www.store.rsm.nl
store.rsm.nl
www.store.rsm.nl
adfs.rsm.nl
select.rsm.nl
api.rsm.nl
signature-test.rsm.nl
request-eb.rsm.nl
Dyn365lcm.rsm.nl
www.store.rsm.nl
landing.rsm.nl
dashboard-accept.rsm.nl
thinkdo.rsm.nl
rsmbv-web01.rsm.nl
publications.rsm.nl
expertise-search.rsm.nl
rsm.nl
webcast.rsm.nl
eur-api-bundle.service.eur.nl
top-test.rsm.nl
eur-api-bundle.service.eur.nl
printmydoc.nl
top.rsm.nl
jobboard.rsm.nl
lateregistration.rsm.nl
mailings.rsm.nl
expertise-search.rsm.nl
landing.rsm.nl
landing.rsm.nl
apply-exchange.rsm.nl
printmydoc.nl
expertise-search.rsm.nl
eur-api-bundle-accept.service.eur.nl
jobboard.rsm.nl
store.rsm.nl
Certificate
The complete raw certificate details for adfs.rsm.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEkTCCA3mgAwIBAgIRAMKEhXJE2mH1rqVVF/GsARgwDQYJKoZIhvcNAQELBQAw ZDELMAkGA1UEBhMCTkwxFjAUBgNVBAgTDU5vb3JkLUhvbGxhbmQxEjAQBgNVBAcT CUFtc3RlcmRhbTEPMA0GA1UEChMGVEVSRU5BMRgwFgYDVQQDEw9URVJFTkEgU1NM IENBIDIwHhcNMTUwMjE2MDAwMDAwWhcNMTgwMjE1MjM1OTU5WjA5MSEwHwYDVQQL ExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFDASBgNVBAMTC2FkZnMucnNtLm5s MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxY37AHjZ57Diei/9kjK c0ZH/JXZ85kxTfP4zBQvtDX/S4DOOp/ICp5rrpDFbN/FLdUS0hFAmxXuSIp16qIH kB9bKyjDIxMGDXTJtXSP1KFugeo2fuh0hNEfXxl7ZEIyBh6jzbjIKUJm0AiXr3Mr 3byN9XUKFoclHeFSP+IyEvCBAN9g57MXnc58RZFWJkBkfTOPdVfYYH8Ao7q1W4Yd 1RSkEi/ioG9s5U9eCdsqWzL67pNnjNJCMJEIBNTEh+6ITyP5GrDOdJ6bWJtOjmV5 lkDMk3X8qX33I5I0ip/42mVS0Le4wtG4NyuUCgl93GLS76cXFu7cqYwlVzREMbAF cwIDAQABo4IBZzCCAWMwHwYDVR0jBBgwFoAUW9CKHJoyW+C13ZZUG+GGKLD9tr0w HQYDVR0OBBYEFNcTaDtzhAQP4aDzf8XRDWVNgm1fMA4GA1UdDwEB/wQEAwIFoDAM BgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNV HSAEGzAZMA0GCysGAQQBsjEBAgIdMAgGBmeBDAECATA6BgNVHR8EMzAxMC+gLaAr hilodHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVEVSRU5BU1NMQ0EyLmNybDBsBggr BgEFBQcBAQRgMF4wNQYIKwYBBQUHMAKGKWh0dHA6Ly9jcnQudXNlcnRydXN0LmNv bS9URVJFTkFTU0xDQTIuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2Vy dHJ1c3QuY29tMBYGA1UdEQQPMA2CC2FkZnMucnNtLm5sMA0GCSqGSIb3DQEBCwUA A4IBAQB72V53SiUH1kkBCPAmzOOPjM54il1Ck5Kpsqgi/Cx+TUVWaSb9LPqmptcC 8ae77dQRjxfjKSZvQeOLM0qHPSKX+8bTiboAnPG3/aAmnSUmJb8bq83LV/n1hKWi XNoS8jI7xudAPAJep7vqnJ1nCvuTzEdOcnb3YWHXJqB4eKxr9m0caZBEJg73ppJ+ UOcw/1NYrtHcJnDqB8t6JgIzFgz6L4yGgPPALgGSChM6zrIcpzeuHxOKzf+M/oiM WxE+w9zDeKyJZa0XW/qIY/hOI9CO8CicBNN8y5SUGzT1+rsMsrBq2qdIzorY9Gly hw8ydVp5xVhJYT84yfzhC9hfuLVY -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxY37AHjZ57Diei/9kjK c0ZH/JXZ85kxTfP4zBQvtDX/S4DOOp/ICp5rrpDFbN/FLdUS0hFAmxXuSIp16qIH kB9bKyjDIxMGDXTJtXSP1KFugeo2fuh0hNEfXxl7ZEIyBh6jzbjIKUJm0AiXr3Mr 3byN9XUKFoclHeFSP+IyEvCBAN9g57MXnc58RZFWJkBkfTOPdVfYYH8Ao7q1W4Yd 1RSkEi/ioG9s5U9eCdsqWzL67pNnjNJCMJEIBNTEh+6ITyP5GrDOdJ6bWJtOjmV5 lkDMk3X8qX33I5I0ip/42mVS0Le4wtG4NyuUCgl93GLS76cXFu7cqYwlVzREMbAF cwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 258558320981397077986718614401156120856 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Noord-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amsterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA SSL CA 2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-02-16 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-02-15 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'adfs.rsm.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20587800033013647526203914843029218447147854911730086374820204330756224107535778436814394326982975494287007567673491142380455161711656997523115162086087172286590843436191519609297953805979434964617630197040884976352670389867630999173339309747182161217572652749341708338121713420173362264480873912190915875333935427514047473536886899187242797568060131198448302118021998981512092981170444072078041915220860851229698746442066790808691380122517636134241971735668216363976377621563380369140260443059277165405826635698673615183336199564444902878058731886636296219394742162701323558360829721537208910927503420885612645844339 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5bd08a1c9a325be0b5dd96541be18628b0fdb6bd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d713683b7384040fe1a0f37fc5d10d654d826d5f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.29 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/TERENASSLCA2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/TERENASSLCA2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'adfs.rsm.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007bd95e774a2507d6490108f026cce38f8cce788a5d429392a9b2a822fc2c7e4d45566926fd2cfaa6a6d702f1a7bbedd4118f17e329266f41e38b334a873d2297fbc6d389ba009cf1b7fda0269d252625bf1babcdcb57f9f584a5a25cda12f2323bc6e7403c025ea7bbea9c9d670afb93cc474e7276f76161d726a07878ac6bf66d1c699044260ef7a6927e50e730ff5358aed1dc2670ea07cb7a260233160cfa2f8c8680f3c02e01920a133aceb21ca737ae1f138acdff8cfe888c5b113ec3dcc378ac8965ad175bfa8863f84e23d08ef0289c04d37ccb94941b34f5fabb0cb2b06adaa748ce8ad8f46972870f32755a79c55849613f38c9fce10bd85fb8b558