www.surfdomeinen.nl
- SURF B.V. -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number 95:e9:15:db:8e:24:6a:d6:a7:d4:39:67:9d:53:e5:48 was issued on by GEANT Vereniging.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
SURF B.V.
Organization:
SURF B.V.
State / Province:
Utrecht
Country: NL
Country: NL
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate will expire on
Certificate Details
Serial Number (hex): 95:e9:15:db:8e:24:6a:d6:a7:d4:39:67:9d:53:e5:48Serial Number (int): 199265219865551244463764589886907344200
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: c7:ce:72:ad:be:43:b8:f3:a4:7b:89:b7:16:b8:48:c5:73:83:6c:71
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): 8b:f9:9a:d9:1d:f7:ec:e0:66:ca:fc:13:a9:e2:50:9a:cf:6b:af:47
Fingerprint (sha256): 36:be:60:55:ae:4b:f2:ed:e8:9c:9a:15:86:08:ad:3f:42:2a:79:3d:4b:db:60:ca:a6:77:b8:fc:75:15:a1:af
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate www.surfdomeinen.nl
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.surfdomeinen.nl
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.surfdomeinen.nl
devel.surfdomeinen.nl
domeinen-devel.surfnet.nl
domeinen.surfnet.nl
surfdomeinen.nl
devel.surfdomeinen.nl
domeinen-devel.surfnet.nl
domeinen.surfnet.nl
surfdomeinen.nl
Other certificates including the domain name surfdomeinen.nl
(limited to 100 certificates)
www.surfdomeinen.nl
sirene.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
portal-api-test.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
stargate.surfdomeinen.nl
sirene.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
portal-api-test.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
www.surfdomeinen.nl
stargate.surfdomeinen.nl
Certificate
The complete raw certificate details for www.surfdomeinen.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIoTCCBomgAwIBAgIRAJXpFduOJGrWp9Q5Z51T5UgwDQYJKoZIhvcNAQEMBQAw RDELMAkGA1UEBhMCTkwxGTAXBgNVBAoTEEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNV BAMTEUdFQU5UIE9WIFJTQSBDQSA0MB4XDTIzMDcwMzAwMDAwMFoXDTI0MDcwMjIz NTk1OVowUTELMAkGA1UEBhMCTkwxEDAOBgNVBAgTB1V0cmVjaHQxEjAQBgNVBAoT CVNVUkYgQi5WLjEcMBoGA1UEAxMTd3d3LnN1cmZkb21laW5lbi5ubDCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBANOlu8UzXOgJtwAvqB11MseQx5JB4oIV rXsz2lmIdXP37qBjeg/cCkTfyxWRoToIkSXnXerhkxLqR6uf50Xt4zDznaG8KYx/ PPptAAIkVt8+QDWxYwi45d/Ow8W/m1ew3DnKP+MzmJWi5EZa9z3s6aZFc21BfTFS KKh9WZdB1qiTgalQsCvO9xSZYn9NdJkAHMpn/xImCmuMmEUyV4MblZvGu9oTmpam o8WW/CuoOJGG19NkVs5wbCSTY6FuaKPJpXNsf94roJuAeUT2KcEfhBU7gWY2Xne8 FS1+cIayRpyPiTwH0kGWtywZRNAhxE4Zhqoo8yHx+KYdCfcZVzgG8j4r5fufx8SU qlLtgcmv61HCuclrDpDRGTB54jZBJnvK5D4KySoRgn3GQDBU7HELl7apABzBxsgv QfLxES/XymLwEYB+WVfbk5nagMapohupr9CNkGpCTRUSEYvMx1QGzfGmoN7GILmC LPDJHbJaYAmHnG7Eangbn4mfrcxVwR2PP4HqtdK/7uTDc87HPt+BQP7j9d4/3WO7 n2iOKEt2FG2hVPTQIcClRXZcIFPWBcZasJr98u+qTb3XQkjRYK1auHqO/d2ZTbOm Gc3Opey8xMEz1U4yBewj9T28pNonRf2jdscNgLtOHWNwJNRAwPWrggeYtBgNr2O5 huOSWDHxsLpNAgMBAAGjggN/MIIDezAfBgNVHSMEGDAWgBRvHTVJEGwy+lmgnryK 6B+VvnF6DDAdBgNVHQ4EFgQUx85yrb5DuPOke4m3FrhIxXODbHEwDgYDVR0PAQH/ BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAk8wJTAjBggrBgEFBQcCARYXaHR0 cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQICMD8GA1UdHwQ4MDYwNKAyoDCG Lmh0dHA6Ly9HRUFOVC5jcmwuc2VjdGlnby5jb20vR0VBTlRPVlJTQUNBNC5jcmww dQYIKwYBBQUHAQEEaTBnMDoGCCsGAQUFBzAChi5odHRwOi8vR0VBTlQuY3J0LnNl Y3RpZ28uY29tL0dFQU5UT1ZSU0FDQTQuY3J0MCkGCCsGAQUFBzABhh1odHRwOi8v R0VBTlQub2NzcC5zZWN0aWdvLmNvbTCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFp AHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGJGnewtAAABAMA RzBFAiEArYMhrxB4eIiXQv+le1OVtjygUkI4yeH9Xr6rHZwU2p4CIBonLmNX6uMr NSQjF9Bkg69GdyHUyI5k0bLtEFQy1EzfAHYA2ra/az+1tiKfm8K7XGvocJFxbLtR hIU0vaQ9MEjX+6sAAAGJGnew/gAABAMARzBFAiAXRW5tz5JhSK5es1r9H67PQF/Q q7+CK/xcHoItJcxgqAIhANQT3RebPEYQsnjInFXEasH1WwXh/2FBo2nhSdHCmnX3 AHcA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGJGnew3wAABAMA SDBGAiEAqJsq9c9eW4+7fRSsHCzjHmwd4XRQdp4yXSBaOzI5OaACIQCSy7pA6fXi zhfyK+dWmSdfH+2gwMH7Oh4E81XObL+AHzB2BgNVHREEbzBtghN3d3cuc3VyZmRv bWVpbmVuLm5sghVkZXZlbC5zdXJmZG9tZWluZW4ubmyCGWRvbWVpbmVuLWRldmVs LnN1cmZuZXQubmyCE2RvbWVpbmVuLnN1cmZuZXQubmyCD3N1cmZkb21laW5lbi5u bDANBgkqhkiG9w0BAQwFAAOCAgEApLVJe4lNNSqEHNUvFmr6f5vqseG3pQD6VpPZ TxQd2r0mrc5OHdjqs3A8Wnut/XKfrkRoT2CI2mOyKzrqOhsuSty1qWg671LxRyIA 1o8/LYz98ZyTXxbvQ71kAWWLGSnl52ojyYhY5RjSIBL2MCf/+BLOIq7GBeye38uG oH0Z6xBQXV82+VHCIQyeX74rj4r9h9xzKS9kyykgd8LrvBt8yOrGE0F1LzHTvXiH L/OjrIDjktB+UUXk2Bg/YrFd6iiRTMKipWu3VmwtBynd6UUojwBpsUF1lsV1QiJQ tNKkgCj0w4St9Vhbo80SxH3mCJfFoR36ZNdoi/pfaIHIPiriAsP+3b595ox6BNjJ K4iotdU2FqodSO6RZhSFL4kXPHNDmRrz2S2iEIlRRSwgE5OqC9nmm+DEW6Pl1/P7 OllBNq5mt4CSu/0P05aGb7OLtBlC9KCeIO0/a7/6oabO6zRrq2pBBXHmdYsYRouX SPTiYkKzNgeLuKWwk9P8byDu65VeT1U/BetLkzEuYl6kFdn9jmhJmhpZvrvHsevw WNvQ3VvnszEZg+wo8OxWN/CvGqwFNsjCe9IUtGZ4ymWEiB36xhA/dVrRfddKQ/cJ mOS3/kCGAsS5ReP/g0WqfSrcGHsfsaIWqc/KrA2TAkVInZ3LJuuJQoWA4WyedfSC JsskjB0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA06W7xTNc6Am3AC+oHXUy x5DHkkHighWtezPaWYh1c/fuoGN6D9wKRN/LFZGhOgiRJedd6uGTEupHq5/nRe3j MPOdobwpjH88+m0AAiRW3z5ANbFjCLjl387Dxb+bV7DcOco/4zOYlaLkRlr3Pezp pkVzbUF9MVIoqH1Zl0HWqJOBqVCwK873FJlif010mQAcymf/EiYKa4yYRTJXgxuV m8a72hOalqajxZb8K6g4kYbX02RWznBsJJNjoW5oo8mlc2x/3iugm4B5RPYpwR+E FTuBZjZed7wVLX5whrJGnI+JPAfSQZa3LBlE0CHEThmGqijzIfH4ph0J9xlXOAby Pivl+5/HxJSqUu2Bya/rUcK5yWsOkNEZMHniNkEme8rkPgrJKhGCfcZAMFTscQuX tqkAHMHGyC9B8vERL9fKYvARgH5ZV9uTmdqAxqmiG6mv0I2QakJNFRIRi8zHVAbN 8aag3sYguYIs8MkdslpgCYecbsRqeBufiZ+tzFXBHY8/geq10r/u5MNzzsc+34FA /uP13j/dY7ufaI4oS3YUbaFU9NAhwKVFdlwgU9YFxlqwmv3y76pNvddCSNFgrVq4 eo793ZlNs6YZzc6l7LzEwTPVTjIF7CP1Pbyk2idF/aN2xw2Au04dY3Ak1EDA9auC B5i0GA2vY7mG45JYMfGwuk0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 199265219865551244463764589886907344200 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-02 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Utrecht' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SURF B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.surfdomeinen.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 863446045225489783364359955699569170873843051683931921010840299242707178708189931780975028762548712444750761688445192402491560263810956336116115644642396577314300102026652799799358087009808861815861080908615416549457620335503922180143767548444367075302604055342444219040285167083214847918149397893049806078183856846165998590812443136820381973051139709400296787478915309247291250859686840605903241145264784922296621065080177678085817027661193467934970502257948762649356982303157392550180835840509766289785346289337589384891643381563286739166016969651231877373280048620440681208234295213950190371020916732648697560542482989950822379697629651333706753246914103494915140013805024936295267131684435391843272068153833351924706598022251976619860129307687763032050608297950446539799477110516718441343852761758048351001366403675613612711599309896988123930160126044622714276646499490688751385837390285960788226514935082183744496233278713826710021333171854694850383630085605308716790959003840628866774107838283635317795485224847081473970827175185447994666300166714866310374246966990771780579109841750457222890152185635146640173309121090362923395579947286603756914346990949452061071629579094748525836828891062943277922422059205651901519489972813 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c7ce72adbe43b8f3a47b89b716b848c573836c71 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 016900760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a74000001891a77b0b40000040300473045022100ad8321af107878889742ffa57b5395b63ca0524238c9e1fd5ebeab1d9c14da9e02201a272e6357eae32b35242317d06483af467721d4c88e64d1b2ed105432d44cdf007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab000001891a77b0fe0000040300473045022017456e6dcf926148ae5eb35afd1faecf405fd0abbf822bfc5c1e822d25cc60a8022100d413dd179b3c4610b278c89c55c46ac1f55b05e1ff6141a369e149d1c29a75f7007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001891a77b0df0000040300483046022100a89b2af5cf5e5b8fbb7d14ac1c2ce31e6c1de17450769e325d205a3b323939a002210092cbba40e9f5e2ce17f22be75699275f1feda0c0c1fb3a1e04f355ce6cbf801f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (111 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.surfdomeinen.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'devel.surfdomeinen.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'domeinen-devel.surfnet.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'domeinen.surfnet.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'surfdomeinen.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00a4b5497b894d352a841cd52f166afa7f9beab1e1b7a500fa5693d94f141ddabd26adce4e1dd8eab3703c5a7badfd729fae44684f6088da63b22b3aea3a1b2e4adcb5a9683aef52f1472200d68f3f2d8cfdf19c935f16ef43bd6401658b1929e5e76a23c98858e518d22012f63027fff812ce22aec605ec9edfcb86a07d19eb10505d5f36f951c2210c9e5fbe2b8f8afd87dc73292f64cb292077c2ebbc1b7cc8eac61341752f31d3bd78872ff3a3ac80e392d07e5145e4d8183f62b15dea28914cc2a2a56bb7566c2d0729dde945288f0069b1417596c575422250b4d2a48028f4c384adf5585ba3cd12c47de60897c5a11dfa64d7688bfa5f6881c83e2ae202c3feddbe7de68c7a04d8c92b88a8b5d53616aa1d48ee916614852f89173c7343991af3d92da2108951452c201393aa0bd9e69be0c45ba3e5d7f3fb3a594136ae66b78092bbfd0fd396866fb38bb41942f4a09e20ed3f6bbffaa1a6ceeb346bab6a410571e6758b18468b9748f4e26242b336078bb8a5b093d3fc6f20eeeb955e4f553f05eb4b93312e625ea415d9fd8e68499a1a59bebbc7b1ebf058dbd0dd5be7b3311983ec28f0ec5637f0af1aac0536c8c27bd214b46678ca6584881dfac6103f755ad17dd74a43f70998e4b7fe408602c4b945e3ff8345aa7d2adc187b1fb1a216a9cfcaac0d930245489d9dcb26eb89428580e16c9e75f48226cb248c1d