*.proxy04.bnl.lu
- Bibliothèque nationale de Luxembourg -
Issued by TERENA SSL CA 3
About this certificate
This digital certificate with serial number 01:98:50:38:1a:bf:c4:b8:b6:a4:46:68:d8:06:d9:b7 was issued on by TERENA.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Bibliothèque nationale de Luxembourg
Organization:
Bibliothèque nationale de Luxembourg
Locality:
Luxembourg
Country: LU
Country: LU
TERENA
Organization:
TERENA
State / Province:
Noord-Holland
Locality: Amsterdam
Country: NL
Locality: Amsterdam
Country: NL
This certificate has expire since
Certificate Details
Serial Number (hex): 01:98:50:38:1a:bf:c4:b8:b6:a4:46:68:d8:06:d9:b7Serial Number (int): 2120084156106046682970902920316770743
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: 8d:6f:07:7b:53:58:d3:fa:1e:48:2b:cb:64:ac:6c:5f:32:66:2f:18
AuthorityKeyId: 67:fd:88:20:14:27:98:c7:09:d2:25:19:bb:e9:51:11:63:75:50:62
Fingerprint (sha1): d8:18:eb:cc:e6:a8:0d:ee:d9:fd:0f:7b:f3:25:ea:61:ea:7e:eb:d9
Fingerprint (sha256): 4f:03:fc:e3:7e:ea:76:5c:7c:d9:38:02:24:e2:48:61:9b:eb:2e:24:98:39:1b:d7:4c:98:ee:ee:81:09:16:30
Issuing Certificate URL: http://cacerts.digicert.com/TERENASSLCA3.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/TERENASSLCA3.crl
CRL Distribution Point: http://crl4.digicert.com/TERENASSLCA3.crl
Check the revocation status for certificate *.proxy04.bnl.lu
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.proxy04.bnl.lu
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.proxy04.bnl.lu
proxy04.bnl.lu
proxy04.bnl.lu
Other certificates including the domain name bnl.lu
(limited to 100 certificates)
*.proxy02.bnl.lu
*.proxy.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
bnl.lu
auth.bnl.lu
*.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
auth.bnl.lu
*.proxy04.bnl.lu
bnl.lu
*.proxy04.bnl.lu
auth3.bnl.lu
bnl.lu
luxemburgensia.bnl.lu
*.proxy.bnl.lu
analytics.bnl.lu
bnl.lu
windbook.bnl.lu
bnl.lu
bnl.lu
wifiportal-1.bnl.lu
auth-dev.bnl.lu
*.bnl.lu
*.proxy03.bnl.lu
auth1.bnl.lu
bnl.lu
auth1.bnl.lu
bnl.lu
analytics.bnl.lu
*.proxy03.bnl.lu
bnl.lu
windbook.bnl.lu
mia.bnl.lu
*.proxy03.bnl.lu
*.proxy.bnl.lu
bnl.lu
auth.bnl.lu
auth3.bnl.lu
lida.bnl.lu
bnl.lu
*.proxy04.bnl.lu
*.proxy.bnl.lu
luxemburgensia.bnl.lu
bnl.lu
*.proxy.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
bnl.lu
auth.bnl.lu
*.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
auth.bnl.lu
*.proxy04.bnl.lu
bnl.lu
*.proxy04.bnl.lu
auth3.bnl.lu
bnl.lu
luxemburgensia.bnl.lu
*.proxy.bnl.lu
analytics.bnl.lu
bnl.lu
windbook.bnl.lu
bnl.lu
bnl.lu
wifiportal-1.bnl.lu
auth-dev.bnl.lu
*.bnl.lu
*.proxy03.bnl.lu
auth1.bnl.lu
bnl.lu
auth1.bnl.lu
bnl.lu
analytics.bnl.lu
*.proxy03.bnl.lu
bnl.lu
windbook.bnl.lu
mia.bnl.lu
*.proxy03.bnl.lu
*.proxy.bnl.lu
bnl.lu
auth.bnl.lu
auth3.bnl.lu
lida.bnl.lu
bnl.lu
*.proxy04.bnl.lu
*.proxy.bnl.lu
luxemburgensia.bnl.lu
bnl.lu
Certificate
The complete raw certificate details for *.proxy04.bnl.lu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHtzCCBp+gAwIBAgIQAZhQOBq/xLi2pEZo2AbZtzANBgkqhkiG9w0BAQsFADBk MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJ QW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wg Q0EgMzAeFw0xOTAyMTUwMDAwMDBaFw0yMTAyMTkxMjAwMDBaMG0xCzAJBgNVBAYT AkxVMRMwEQYDVQQHEwpMdXhlbWJvdXJnMS4wLAYDVQQKDCVCaWJsaW90aMOocXVl IG5hdGlvbmFsZSBkZSBMdXhlbWJvdXJnMRkwFwYDVQQDDBAqLnByb3h5MDQuYm5s Lmx1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApthBw1cge8ebTwOA xcdvb2t/z4+2R7KT4qtM4hcpNKSbWfSsZtQ+kAElgKuWKEXsyA4ZzDlYt8PE1BWa VZjsUtvhL4IjJpk7CiggKZ2mjRRPlZm15AvgdtO37gdojI/pb6fZBLKPGO+vba0v bLR7tkPFWVQWYvm2NFbARo1EufosapAfOakr0ABvqdJ6s95cyUjbn8r54GdA4Ynr ESqf1FyS37oQQf1G6wGgyoemzqZhCkR29I8bQYITDOAZuYLtQxr8JC6eG+kYFAKq eI1D2OpMJWV/SXYYDE9fsG7CrBeMjqB2WlX/w/t1wNVdRssOv1qjcmawBzD6D2+R Rve2y/Fbb6IzORuzl563CllL1sRYb2/WcZeupFZUemqos8CJsisK5oI7D+C45o7W sfGaNhArcdIZzd1PReFU69PyPvVM+Mj5aZWCRHKEy44mOia74GV5SquV6MM6t6D8 ZpG0j/l+afs/eQLiDQdH98H8G94KCrjaOB7H1DE9gpuf0lCPwIJSbl3ZIT4+/zza ChH+uiy1KY+rBucsK85WMVDpVSCcSgrcaJpQkyGi2HOgxUeymMUNcU8/hzRxjIC7 /S9A5MRSEHD6eNHyx8qh/RzrQr1oCO5IqRSZf7nRHyjkQk4R4zKnf0bzWcVckmF7 23l4mgJQ2O43rGy3W782Psph6iECAwEAAaOCA1owggNWMB8GA1UdIwQYMBaAFGf9 iCAUJ5jHCdIlGbvpURFjdVBiMB0GA1UdDgQWBBSNbwd7U1jT+h5IK8tkrGxfMmYv GDArBgNVHREEJDAighAqLnByb3h5MDQuYm5sLmx1gg5wcm94eTA0LmJubC5sdTAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsG A1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9URVJFTkFT U0xDQTMuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vVEVSRU5B U1NMQ0EzLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIB FhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjBuBggrBgEF BQcBAQRiMGAwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTA4 BggrBgEFBQcwAoYsaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL1RFUkVOQVNT TENBMy5jcnQwDAYDVR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFn AHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFo8VbIjwAABAMA RzBFAiEA6+4GXypVGGF+1XMLG1ExS3r/yHwAB0LiAyWIdAYCRoMCIG2QDqOHDU83 Uo8FZGfXhIVm949P5PPLSKHl2zkJyI0BAHUAh3W/51l8+IxDmV+9827/Vo1HVjb/ SrVgwbTq/16ggw8AAAFo8VbJcQAABAMARjBEAiB6L1UVAZzLSJTeI+jCiHk7OA2i 59tpCj6FFWh2Ufp1jgIgTYGGBNrlib8oDU7x7a9ttRC7LOM8L0Oz2YBnCvg+DpAA dgBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/0zOWtbaBqAAAAWjxVsihAAAEAwBH MEUCIHHUiCtkTJi7yesKgWYF5uOUO9xUYGIb3eEzVzuF6Sw2AiEAnFXDjKeXNV8A RDwyJ1Ff1sf5Efk7RBE+hT/fCdmW8vQwDQYJKoZIhvcNAQELBQADggEBACRsgtMl UCLTHiYG+gHQvQFkpfBbkWRIZilMgGxoGoWvZV0mW1G3GUZwXVNtqU5WEZXQG/t/ tZbwuT4s4gBx60X1TFHNE4xUlINNq2TLIAUmGYwEq3qGOE9tg8zgRMHbdHFHxwLZ 7H/e/4xgtqQFvFEYPLYXkcL4r8oXkpJMzm/de26AJQiYke6j2hCpBdO81DEG7DH1 hQLyjyuzYWg3205u1OWPtF4zrS9mI8OnKeoqqi26tDa9pc9z9abn2r1BXaqNFx0B o0gDj/rKhK/RhC+O9E6tYzN/n4X6PUlXjMPKSjDPonZOhmWNz8EExzQI/C8WqGq+ Nkva9Gl0IAuCCxs= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApthBw1cge8ebTwOAxcdv b2t/z4+2R7KT4qtM4hcpNKSbWfSsZtQ+kAElgKuWKEXsyA4ZzDlYt8PE1BWaVZjs UtvhL4IjJpk7CiggKZ2mjRRPlZm15AvgdtO37gdojI/pb6fZBLKPGO+vba0vbLR7 tkPFWVQWYvm2NFbARo1EufosapAfOakr0ABvqdJ6s95cyUjbn8r54GdA4YnrESqf 1FyS37oQQf1G6wGgyoemzqZhCkR29I8bQYITDOAZuYLtQxr8JC6eG+kYFAKqeI1D 2OpMJWV/SXYYDE9fsG7CrBeMjqB2WlX/w/t1wNVdRssOv1qjcmawBzD6D2+RRve2 y/Fbb6IzORuzl563CllL1sRYb2/WcZeupFZUemqos8CJsisK5oI7D+C45o7WsfGa NhArcdIZzd1PReFU69PyPvVM+Mj5aZWCRHKEy44mOia74GV5SquV6MM6t6D8ZpG0 j/l+afs/eQLiDQdH98H8G94KCrjaOB7H1DE9gpuf0lCPwIJSbl3ZIT4+/zzaChH+ uiy1KY+rBucsK85WMVDpVSCcSgrcaJpQkyGi2HOgxUeymMUNcU8/hzRxjIC7/S9A 5MRSEHD6eNHyx8qh/RzrQr1oCO5IqRSZf7nRHyjkQk4R4zKnf0bzWcVckmF723l4 mgJQ2O43rGy3W782Psph6iECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2120084156106046682970902920316770743 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Noord-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amsterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA SSL CA 3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-15 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-02-19 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'LU' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Luxembourg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bibliothèque nationale de Luxembourg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.proxy04.bnl.lu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 680667208751648822779567953914485660708275574507548418732422835644981917803048088792312096352504401017827140501625878961894027500518413930355876957147476251162043483372206343286351920723711241328228577968657452481673531090209595153036291975410961506699521037592341127856468803781442785077339783227515466445577420392196373572255662485875541684220384460046138401741744943656032729946375504035914216757347013049588902653842955357981422872496652778234435260301551180699734345616963950279355476399899392748946523112560995073622152220173132333429851026479179002498472446924645190216495320369331005329124441951507527219809224255088942385995708886173852708429901776229327263822552902806180815151715776519603258047683651807523879361770630327307090882549542567998201257171178563509452237609114735081354191061873922184809456655825043170126844452274822557610986601829949099476013528152554907570770317044763413066037259989187177493947663739692524340761058146835589117975799305969412362709077075446330090709968595808207890195310173021438846673144885276236517591329677546076847340795558440024569107528115317242341606963992030212940927295951063950556533345599821509261403209147565410064865779369409515194837298408714760995275368157740751778782243361 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 67fd8820142798c709d22519bbe9511163755062 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8d6f077b5358d3fa1e482bcb64ac6c5f32662f18 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.proxy04.bnl.lu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'proxy04.bnl.lu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/TERENASSLCA3.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/TERENASSLCA3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (98 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/TERENASSLCA3.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000168f156c88f0000040300473045022100ebee065f2a5518617ed5730b1b51314b7affc87c000742e2032588740602468302206d900ea3870d4f37528f056467d7848566f78f4fe4f3cb48a1e5db3909c88d010075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f00000168f156c971000004030046304402207a2f5515019ccb4894de23e8c288793b380da2e7db690a3e8515687651fa758e02204d818604dae589bf280d4ef1edaf6db510bb2ce33c2f43b3d980670af83e0e900076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a800000168f156c8a10000040300473045022071d4882b644c98bbc9eb0a816605e6e3943bdc5460621bdde133573b85e92c360221009c55c38ca797355f00443c3227515fd6c7f911f93b44113e853fdf09d996f2f4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00246c82d3255022d31e2606fa01d0bd0164a5f05b91644866294c806c681a85af655d265b51b71946705d536da94e561195d01bfb7fb596f0b93e2ce20071eb45f54c51cd138c5494834dab64cb200526198c04ab7a86384f6d83cce044c1db747147c702d9ec7fdeff8c60b6a405bc51183cb61791c2f8afca1792924cce6fdd7b6e8025089891eea3da10a905d3bcd43106ec31f58502f28f2bb3616837db4e6ed4e58fb45e33ad2f6623c3a729ea2aaa2dbab436bda5cf73f5a6e7dabd415daa8d171d01a348038ffaca84afd1842f8ef44ead63337f9f85fa3d49578cc3ca4a30cfa2764e86658dcfc104c73408fc2f16a86abe364bdaf46974200b820b1b