lithium.liacs.nl
- Universiteit Leiden -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number 0a:ce:cc:70:6d:72:ca:cd:cc:63:96:52:65:88:f5:60 was issued on by GEANT Vereniging.
With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Universiteit Leiden
Organization:
Universiteit Leiden
State / Province:
Zuid-Holland
Country: NL
Country: NL
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate will expire on
Certificate Details
Serial Number (hex): 0a:ce:cc:70:6d:72:ca:cd:cc:63:96:52:65:88:f5:60Serial Number (int): 14366039629693321087190184045583070560
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: f0:b6:40:9f:0f:cd:f9:a8:f8:6d:1e:d2:bb:69:30:a6:d2:93:4e:6d
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): b5:cf:99:1b:ee:3b:7a:61:a6:1a:44:ee:49:13:01:0a:1e:f1:34:d5
Fingerprint (sha256): 3a:3d:f4:c2:48:c2:27:b1:cd:a9:b0:93:d1:c1:80:34:6d:ef:43:c2:11:7e:ec:f8:9b:04:6b:82:64:41:87:0f
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate lithium.liacs.nl
10
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lithium.liacs.nl
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
lithium.liacs.nl
ida-society.org
marcospruit.nl
patternsthatmatter.org
tdslab.nl
webserver.liacs.nl
www.ida-society.org
www.marcospruit.nl
www.patternsthatmatter.org
www.tdslab.nl
ida-society.org
marcospruit.nl
patternsthatmatter.org
tdslab.nl
webserver.liacs.nl
www.ida-society.org
www.marcospruit.nl
www.patternsthatmatter.org
www.tdslab.nl
Other certificates including the domain name liacs.nl
(limited to 100 certificates)
tls.automattic.com
deleidscheflesch.nl
tls.automattic.com
deleidscheflesch.nl
git.liacs.nl
deleidscheflesch.nl
git.liacs.nl
deleidscheflesch.nl
basilisk.liacs.nl
deleidscheflesch.nl
naco.liacs.nl
deleidscheflesch.nl
bio-imaging.liacs.nl
deleidscheflesch.nl
erumpent.liacs.nl
erumpent.liacs.nl
tornado-p-https.web.leidenuniv.nl
keep.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
deleidscheflesch.nl
deleidscheflesch.nl
basilisk.liacs.nl
elaborant.com
deleidscheflesch.nl
deleidscheflesch.nl
naco.liacs.nl
iohanalyzer.liacs.nl
lcm.liacs.nl
git.liacs.nl
deleidscheflesch.nl
tornado-p-https.web.leidenuniv.nl
deleidscheflesch.nl
tls.automattic.com
git.liacs.nl
basilisk.liacs.nl
deleidscheflesch.nl
computingfrontiers.org
ada.liacs.leidenuniv.nl
basilisk.liacs.nl
basilisk.liacs.nl
tls.automattic.com
tornado-p-https.web.leidenuniv.nl
cyttron.org
tls.automattic.com
lcm.liacs.nl
elaborant.com
keep.leidenuniv.nl
deleidscheflesch.nl
deleidscheflesch.nl
tls.automattic.com
press.liacs.nl
git.liacs.nl
deleidscheflesch.nl
cf19.liacs.nl
lithium.liacs.nl
bio-imaging.liacs.nl
tls.automattic.com
bio-imaging.liacs.nl
lithium.liacs.nl
deleidscheflesch.nl
deleidscheflesch.nl
deleidscheflesch.nl
tls.automattic.com
cml.liacs.nl
bio-imaging.liacs.nl
bio-imaging.liacs.nl
bio-imaging.liacs.nl
deleidscheflesch.nl
basilisk.liacs.nl
deleidscheflesch.nl
deleidscheflesch.nl
basilisk.liacs.nl
deleidscheflesch.nl
naco.liacs.nl
deleidscheflesch.nl
deleidscheflesch.nl
keep.leidenuniv.nl
tls.automattic.com
erumpent.liacs.nl
git.liacs.nl
git.liacs.nl
erumpent.liacs.nl
deleidscheflesch.nl
elaborant.com
deleidscheflesch.nl
naco.liacs.nl
git.liacs.nl
cml.liacs.nl
keep.leidenuniv.nl
lcm.liacs.nl
naco.liacs.nl
bio-imaging.liacs.nl
press.liacs.nl
press.liacs.nl
deleidscheflesch.nl
theory.liacs.nl
deleidscheflesch.nl
bio-imaging.liacs.nl
erumpent.liacs.nl
deleidscheflesch.nl
tls.automattic.com
deleidscheflesch.nl
git.liacs.nl
deleidscheflesch.nl
git.liacs.nl
deleidscheflesch.nl
basilisk.liacs.nl
deleidscheflesch.nl
naco.liacs.nl
deleidscheflesch.nl
bio-imaging.liacs.nl
deleidscheflesch.nl
erumpent.liacs.nl
erumpent.liacs.nl
tornado-p-https.web.leidenuniv.nl
keep.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
deleidscheflesch.nl
deleidscheflesch.nl
basilisk.liacs.nl
elaborant.com
deleidscheflesch.nl
deleidscheflesch.nl
naco.liacs.nl
iohanalyzer.liacs.nl
lcm.liacs.nl
git.liacs.nl
deleidscheflesch.nl
tornado-p-https.web.leidenuniv.nl
deleidscheflesch.nl
tls.automattic.com
git.liacs.nl
basilisk.liacs.nl
deleidscheflesch.nl
computingfrontiers.org
ada.liacs.leidenuniv.nl
basilisk.liacs.nl
basilisk.liacs.nl
tls.automattic.com
tornado-p-https.web.leidenuniv.nl
cyttron.org
tls.automattic.com
lcm.liacs.nl
elaborant.com
keep.leidenuniv.nl
deleidscheflesch.nl
deleidscheflesch.nl
tls.automattic.com
press.liacs.nl
git.liacs.nl
deleidscheflesch.nl
cf19.liacs.nl
lithium.liacs.nl
bio-imaging.liacs.nl
tls.automattic.com
bio-imaging.liacs.nl
lithium.liacs.nl
deleidscheflesch.nl
deleidscheflesch.nl
deleidscheflesch.nl
tls.automattic.com
cml.liacs.nl
bio-imaging.liacs.nl
bio-imaging.liacs.nl
bio-imaging.liacs.nl
deleidscheflesch.nl
basilisk.liacs.nl
deleidscheflesch.nl
deleidscheflesch.nl
basilisk.liacs.nl
deleidscheflesch.nl
naco.liacs.nl
deleidscheflesch.nl
deleidscheflesch.nl
keep.leidenuniv.nl
tls.automattic.com
erumpent.liacs.nl
git.liacs.nl
git.liacs.nl
erumpent.liacs.nl
deleidscheflesch.nl
elaborant.com
deleidscheflesch.nl
naco.liacs.nl
git.liacs.nl
cml.liacs.nl
keep.leidenuniv.nl
lcm.liacs.nl
naco.liacs.nl
bio-imaging.liacs.nl
press.liacs.nl
press.liacs.nl
deleidscheflesch.nl
theory.liacs.nl
deleidscheflesch.nl
bio-imaging.liacs.nl
erumpent.liacs.nl
Certificate
The complete raw certificate details for lithium.liacs.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJADCCBuigAwIBAgIQCs7McG1yys3MY5ZSZYj1YDANBgkqhkiG9w0BAQwFADBE MQswCQYDVQQGEwJOTDEZMBcGA1UEChMQR0VBTlQgVmVyZW5pZ2luZzEaMBgGA1UE AxMRR0VBTlQgT1YgUlNBIENBIDQwHhcNMjQwNTI3MDAwMDAwWhcNMjUwNTI3MjM1 OTU5WjBdMQswCQYDVQQGEwJOTDEVMBMGA1UECBMMWnVpZC1Ib2xsYW5kMRwwGgYD VQQKExNVbml2ZXJzaXRlaXQgTGVpZGVuMRkwFwYDVQQDExBsaXRoaXVtLmxpYWNz Lm5sMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwu9qyq6/gg8wmrtT TsJsfpgmv95eiB+plZOJBOxXRRVVzYWTZriuxV3DvG1Mk+jBaTaiSfKLohIhuecf 4eQP2NWJu22VMqSeaYlNfyxISytBexnpbzAtyweIOAhJvllBVFpfB8of/YhKEkEw SE/7M2az55+qsCNV+i65AQGibRYZQCu/ORRMK5ST/g9JGZmJPGyy6Zc9B+KEVZ6/ ATWNsd73tZkMBQ5XbDXKzZEHOrGXVbqtZupYw0BKZf+pf4hZJRzWwPWBtLRuTh+m rgjX2f/alfbuNuUV3MZeOZ3bKCGiCPU38AXcfxSWzA134gn5xHtheE1kTSDA/VlF pxxjfoZ6Cu9ekvmlLRy65q+ENV+/CTY83ZkNOoaaO7SEdxVAGBamjqf6Mp/9vy7w Fz+X5S+u4VtvGm0IeMwFFGe/NLhEfLyPR2+6kYTQdJ3ybdiltUh4k/kRplQF06dz BqyoDmxvNhomqpZFakDaNU/jdWRtWM3UnLAXEybSFIkyrZBU1JfeovsqkpuxrCaC /Kw+CaODbXVM+lrf/byhEHfh7SEN9FCJul6f2CTA+2ynnUKrLqxfQgndns6qfXsu 86GhEk69wZgOWubFiJgjIYlqb39u+zVUhgHKIM5qVtP75dDlxGVu5wePq5FQm6T+ 7t0JciNiX6ane/StHoGqyKVDDi8CAwEAAaOCA9MwggPPMB8GA1UdIwQYMBaAFG8d NUkQbDL6WaCevIroH5W+cXoMMB0GA1UdDgQWBBTwtkCfD835qPhtHtK7aTCm0pNO bTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICTzAlMCMGCCsG AQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIwPwYDVR0f BDgwNjA0oDKgMIYuaHR0cDovL0dFQU5ULmNybC5zZWN0aWdvLmNvbS9HRUFOVE9W UlNBQ0E0LmNybDB1BggrBgEFBQcBAQRpMGcwOgYIKwYBBQUHMAKGLmh0dHA6Ly9H RUFOVC5jcnQuc2VjdGlnby5jb20vR0VBTlRPVlJTQUNBNC5jcnQwKQYIKwYBBQUH MAGGHWh0dHA6Ly9HRUFOVC5vY3NwLnNlY3RpZ28uY29tMIIBfwYKKwYBBAHWeQIE AgSCAW8EggFrAWkAdwDPEVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3zsw7CAAA AY+6DIFzAAAEAwBIMEYCIQCmV8uVPKpMSqOOMvzcqqSdFkdAGCZdYFu+WZE3xB+H dAIhAOzi1hoeeWVnV8uHezfxxY9B7uyvjpef81MyCeID/OFnAHYAouMK5EXvva2b fjjtR2d3U9eCW4SU1yteGyzEuVCkR+cAAAGPugyBMQAABAMARzBFAiB9//CN1tvF t/KXHhLavE+Gfj1rRFKHCsv3HnP3oDbdjgIhAJIgo5aPwqSdKMotL2QcJXpCmtBI FZ0u8C3ltr0vca24AHYATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8A AAGPugyBKwAABAMARzBFAiBoTA7KVskgr/HS31bhEgHoy6CenX1v0LUXvV2L3Gxz mQIhAMRB1tkayvWAtCMdhVq12NpRpZCWo8BAYXNdJOyUk23EMIHJBgNVHREEgcEw gb6CEGxpdGhpdW0ubGlhY3MubmyCD2lkYS1zb2NpZXR5Lm9yZ4IObWFyY29zcHJ1 aXQubmyCFnBhdHRlcm5zdGhhdG1hdHRlci5vcmeCCXRkc2xhYi5ubIISd2Vic2Vy dmVyLmxpYWNzLm5sghN3d3cuaWRhLXNvY2lldHkub3JnghJ3d3cubWFyY29zcHJ1 aXQubmyCGnd3dy5wYXR0ZXJuc3RoYXRtYXR0ZXIub3Jngg13d3cudGRzbGFiLm5s MA0GCSqGSIb3DQEBDAUAA4ICAQAny9jwRkRjZPOsX9fwpnheoms+D/9WTVG8rKDu X4+h1iCSY6aDC8CcAqm/9GgHfwgQQLsd3hGvjGwqyQhK66FQtL406mDvxFp6i1lT 7R31jV9ef8qEHp6CUJNC12BmbzRe3ghiRadpZW2E6MnwHQ2KGReXEJxS93J0LEAu 307klVd+gb5K+14OIjMJocG2P813Xpi1BB2vJJgnEvkqHqbHzjdUMXDURVfl4P8a 0L2PUA9PSCckQu77mm1Fg1C4unjCa7ovqcQqdK8QPTYRD210SMaboBwwXrijXjR4 k6oub9L0Tmjf1GDe577hHdF6sqVYut5yDRmti6Zd1QMHgnbbYkEzDmgSQ3MsLlCn Bjxoe6+7KfsJHl75tfNCQKE0XG5y1ah0/0Hq09WgrA0jh7R7qid03+2/r2lBXczU BCebWW8xfCdjdadS1FySPiffDcUwjFWoqSvcGPw+9KHxNceCIKBbFCIPMvzRVzFe d+T6kRCsI9W4VJ3OcbRu57/J7ZmPy1ZPti6gH3l6W5lKNkfNfOWQKyJ5QlWiyiu3 MOKZ8WDsD28L16q62md3rC/ixYS9bQ+Wvbgz5M4kdvHo0BPds1trRofazMMsHhNe DHUuvGRjEdVxnIb+NNv5I3KvMnzhjkOJWyS+WWcvWzTa7fYRzUyDdu900T7MJF2u Y0cquA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwu9qyq6/gg8wmrtTTsJs fpgmv95eiB+plZOJBOxXRRVVzYWTZriuxV3DvG1Mk+jBaTaiSfKLohIhuecf4eQP 2NWJu22VMqSeaYlNfyxISytBexnpbzAtyweIOAhJvllBVFpfB8of/YhKEkEwSE/7 M2az55+qsCNV+i65AQGibRYZQCu/ORRMK5ST/g9JGZmJPGyy6Zc9B+KEVZ6/ATWN sd73tZkMBQ5XbDXKzZEHOrGXVbqtZupYw0BKZf+pf4hZJRzWwPWBtLRuTh+mrgjX 2f/alfbuNuUV3MZeOZ3bKCGiCPU38AXcfxSWzA134gn5xHtheE1kTSDA/VlFpxxj foZ6Cu9ekvmlLRy65q+ENV+/CTY83ZkNOoaaO7SEdxVAGBamjqf6Mp/9vy7wFz+X 5S+u4VtvGm0IeMwFFGe/NLhEfLyPR2+6kYTQdJ3ybdiltUh4k/kRplQF06dzBqyo DmxvNhomqpZFakDaNU/jdWRtWM3UnLAXEybSFIkyrZBU1JfeovsqkpuxrCaC/Kw+ CaODbXVM+lrf/byhEHfh7SEN9FCJul6f2CTA+2ynnUKrLqxfQgndns6qfXsu86Gh Ek69wZgOWubFiJgjIYlqb39u+zVUhgHKIM5qVtP75dDlxGVu5wePq5FQm6T+7t0J ciNiX6ane/StHoGqyKVDDi8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 14366039629693321087190184045583070560 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-27 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universiteit Leiden' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lithium.liacs.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 795266327230896756178036084296805329431075651561306668937048845636207850322296817077424999303531371338706718630302413484246369952342443612246513342937695708376680279817343331451840408775297462248247373490625304310378731059622332897146550502588147554674642972516179454521968889918102853743359530201305784628748707266968970596854326224339116948036384415396280253888372097135902471206920847944139000546920307653646198658054983516222441900744788708985209766028059983009523125358229807700365723940540217862742895653868058594812293304106193063140292053662021351773531922293597339818211579476577714542859610871121106640304600560944465809535445073089022578181822808884145614578387153287699489769632237814739811006501006111483643208109095905461550947474401482944393519117406884189326889184591034160171787565006788996277523993135297216154718867973612892427296044966558166353905352378815301223423846460164085660477942105692351287049889154890361419210411908393378110385500242409298537187892980789981398186238280004796135631797504360148703946098761125078269434327735659004642705575581876353317656010529689180482211540047127238265750192400574741119166814140992137675282746276270364989123119503052672048205867251549586424122554482860817945112809007 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f0b6409f0fcdf9a8f86d1ed2bb6930a6d2934e6d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007700cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018fba0c81730000040300483046022100a657cb953caa4c4aa38e32fcdcaaa49d16474018265d605bbe599137c41f8774022100ece2d61a1e79656757cb877b37f1c58f41eeecaf8e979ff3533209e203fce167007600a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018fba0c8131000004030047304502207dfff08dd6dbc5b7f2971e12dabc4f867e3d6b4452870acbf71e73f7a036dd8e0221009220a3968fc2a49d28ca2d2f641c257a429ad048159d2ef02de5b6bd2f71adb80076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018fba0c812b00000403004730450220684c0eca56c920aff1d2df56e11201e8cba09e9d7d6fd0b517bd5d8bdc6c7399022100c441d6d91acaf580b4231d855ab5d8da51a59096a3c04061735d24ec94936dc4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (193 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lithium.liacs.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ida-society.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marcospruit.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'patternsthatmatter.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tdslab.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webserver.liacs.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ida-society.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.marcospruit.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.patternsthatmatter.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tdslab.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0027cbd8f046446364f3ac5fd7f0a6785ea26b3e0fff564d51bcaca0ee5f8fa1d6209263a6830bc09c02a9bff468077f081040bb1dde11af8c6c2ac9084aeba150b4be34ea60efc45a7a8b5953ed1df58d5f5e7fca841e9e82509342d760666f345ede086245a769656d84e8c9f01d0d8a191797109c52f772742c402edf4ee495577e81be4afb5e0e223309a1c1b63fcd775e98b5041daf24982712f92a1ea6c7ce37543170d44557e5e0ff1ad0bd8f500f4f48272442eefb9a6d458350b8ba78c26bba2fa9c42a74af103d36110f6d7448c69ba01c305eb8a35e347893aa2e6fd2f44e68dfd460dee7bee11dd17ab2a558bade720d19ad8ba65dd503078276db6241330e681243732c2e50a7063c687bafbb29fb091e5ef9b5f34240a1345c6e72d5a874ff41ead3d5a0ac0d2387b47baa2774dfedbfaf69415dccd404279b596f317c276375a752d45c923e27df0dc5308c55a8a92bdc18fc3ef4a1f135c78220a05b14220f32fcd157315e77e4fa9110ac23d5b8549dce71b46ee7bfc9ed998fcb564fb62ea01f797a5b994a3647cd7ce5902b22794255a2ca2bb730e299f160ec0f6f0bd7aabada6777ac2fe2c584bd6d0f96bdb833e4ce2476f1e8d013ddb35b6b4687daccc32c1e135e0c752ebc646311d5719c86fe34dbf92372af327ce18e43895b24be59672f5b34daedf611cd4c8376ef74d13ecc245dae63472ab8