lb-dc-1.net.uva.nl

- Universiteit van Amsterdam -

Issued by GEANT OV RSA CA 4

About this certificate

This digital certificate with serial number 45:79:63:ac:30:e3:81:08:21:4e:9c:d3:0f:22:78:f6 was issued on by GEANT Vereniging.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Universiteit van Amsterdam

Organization: Universiteit van Amsterdam
State / Province: Noord-Holland
Country: NL

GEANT Vereniging

Organization: GEANT Vereniging
Country: NL

This certificate has expire since

Certificate Details

Serial Number (hex): 45:79:63:ac:30:e3:81:08:21:4e:9c:d3:0f:22:78:f6
Serial Number (int): 92347021229966939309980269059713956086
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 09:f4:bf:6d:f7:ff:ff:41:d1:68:00:e7:b5:5a:3e:9a:5f:8a:fc:80
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c

Fingerprint (sha1): dc:e6:37:ba:20:92:60:19:ca:ba:29:97:cc:38:c0:15:df:c0:61:50
Fingerprint (sha256): 62:93:87:ea:61:03:8f:aa:a1:f8:08:cb:97:bc:a8:3a:c9:ab:75:2c:41:06:83:df:80:4f:54:4d:c3:dd:e9:c1

Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt

Revocation information

OCSP Server: http://GEANT.ocsp.sectigo.com
CRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl

Check the revocation status for certificate lb-dc-1.net.uva.nl

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for lb-dc-1.net.uva.nl

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

lb-dc-1.net.uva.nl
lb-dc-1.net.uha.nl
lb-fmb-dc-4.net.uha.nl
lb-fmb-dc-4.net.uva.nl
lb-sp-dc-3.net.uha.nl
lb-sp-dc-3.net.uva.nl

Other certificates including the domain name uva.nl

(limited to 100 certificates)
elrond.ic.uva.nl
spin.spinnet.eu
parijs-deeltijd2016.humanities.uva.nl
sap-dev-rudx.ic.uva.nl
fullfabric.com
mobiusportal.uva.dev.icts.education
medewerker.uva.nl
schoolmuseum.uba.uva.nl
filmstudies.nl
amsterdam1544.humanities.uva.nl
www.fon.hum.uva.nl
studiegids.beheer.uva.nl
agile099.science.uva.nl
smdmmstreamprd.ic.uva.nl
idm-beheer.ic.uva.nl
academy.socsci.uva.nl
humanities.uva.nl
blendedlearning.socsci.uva.nl
sap-acc-ruax.ic.uva.nl
transparency.humanities.uva.nl
dutchcycling.socsci.uva.nl
educsys.uva.nl
slpl.science.uva.nl
ahmpostcolonialmemory.humanities.uva.nl
publichistory.humanities.uva.nl
zaken.test.uva.nl
roosterportal-tst.uva.nl
humanities.uva.nl
onderzoekmobw.socsci.uva.nl
cas-acc.ic.uva.nl
content-dev.sap.uva.nl
analytics.ic.uva.nl
agile042.science.uva.nl
ruacpi.sap.uva.nl
smdmmstreamprd.ic.uva.nl
antondekom.humanities.uva.nl
digitaal.uba.uva.nl
mijn.usc.uva.nl
id-dev.ic.uva.nl
cas5-acc.lb.uva.nl
www.fnwi.uva.nl
nra-tst.sis.uva.nl
peoplexs.humanities.uva.nl
www.startmedewerker.uva.nl
docentenkamer.humanities.uva.nl
seop.illc.uva.nl
dom-prd1.ic.uva.nl
gbs-prd-kb2.gbs.uva.nl
antondekom.humanities.uva.nl
cleverdon.hum.uva.nl
acc.sis.uva.nl
feeding-the-city.create.humanities.uva.nl
learninglab.uva.nl
secure-apis.hva.nl
spin.spinnet.eu
webformulieren.uva.nl
smdmm3sb-prd.lb.uva.nl
corpnet.uva.nl
usc.uva.nl
readers.uva.nl
content-dev.sap.uva.nl
blackboard.uva.nl
gartnerportal.uva.prd.icts.education
agile117.science.uva.nl
paying-dev.uva.nl
agile152.science.uva.nl
www.gbs-prd-kb2.gbs.uva.nl
evasys.uva.nl
dpc.uba.uva.nl
100yearsofenglish.humanities.uva.nl
tlc.uva.nl
sils-fairspace.science.uva.nl
comtesttool.humanities.uva.nl
secure.uva.nl
smdmmstreamprd.ic.uva.nl
maven.ic.uva.nl
filmstudies.nl
cities.humanities.uva.nl
netbox.forux.nl
diensten.uba.uva.nl
agile235.science.uva.nl
axiom.humanities.uva.nl
studiegids.beheer.uva.nl
gitlab.ic.uva.nl
datanose.science.uva.nl
ldapad.uva.nl
educsys.uva.nl
vanmensending.humanities.uva.nl
agile123.science.uva.nl
appstore.uva.nl
reader.humanities.uva.nl
archives.uba.uva.nl
ex2016-prd-hva.lb.uva.nl
cf.humanities.uva.nl
cms-prd-www.lb.uva.nl
api.paying.uva.nl
*.proxy.uba.uva.nl
medina.ic.uva.nl
publicintervention.humanities.uva.nl
www.usc.uva.nl

Certificate

The complete raw certificate details for lb-dc-1.net.uva.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHZDCCBUygAwIBAgIQRXljrDDjgQghTpzTDyJ49jANBgkqhkiG9w0BAQwFADBE
MQswCQYDVQQGEwJOTDEZMBcGA1UEChMQR0VBTlQgVmVyZW5pZ2luZzEaMBgGA1UE
AxMRR0VBTlQgT1YgUlNBIENBIDQwHhcNMjMwMTAxMDAwMDAwWhcNMjQwMTAxMjM1
OTU5WjBnMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDEjMCEG
A1UEChMaVW5pdmVyc2l0ZWl0IHZhbiBBbXN0ZXJkYW0xGzAZBgNVBAMTEmxiLWRj
LTEubmV0LnV2YS5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANPR
h/BbesISGgOiVTZHjcKUTJjybovhvocI7kPvHmAk8MQCxqCqav4pjLTzhownlNg9
O64k+InbO9IyPd6qD6pakVwp+kaOwdJMfqxieM2pQhlXrKs0D9zd8HZops4qSNOd
k6q4RSTyu6Vbr5ijc4SGkKfl4n7ulI8qlP9D4GDsXKctEZ6osPGy2Et9pHIt0Vpj
gPHCIvApI2xsd+dI7KMzhId3d+rqbbGlQWU+8v1Vjv+rlWB3tdEbp0gAFNOKJWO+
GTnU/bJ3BSCgpWrQIZBuiUN1Ep7L1BRBo4fDMs+YKP23Hv/a7w42Ib8DGQ8R0+5Z
703wtLVl7iy3nUvKZxPE5MjIcRcNRJZek2cKeapJMWyoxggrKwfik5xSz21jFsXr
BJ7MtcqQcEIXxkBGmuubWCi2K2L5u2TGZXj3JbsqgbfiNNdFmM2uL/3OLV+fdPn4
Km4AWF+5YATNyfkvKFoGhY7Qas4K6pC/ZqwG0L9BabENqEHHjiQuY4B5/uJpqZ1l
3CylPFi18E1C0LAGeXpniAEtg31UmUwiTubQWDG2hRJnB7jDU9HRcxUOXY4javpS
X+rx687Ccdw51P7UI0ewhTJa0jl/bjFyMWkha+HlRJzws0JMhcRs7s4peKWstD01
qOjmch6v+d98P7f+961SzJvaRAFraqgeWNNyEUZvAgMBAAGjggItMIICKTAfBgNV
HSMEGDAWgBRvHTVJEGwy+lmgnryK6B+VvnF6DDAdBgNVHQ4EFgQUCfS/bff//0HR
aADntVo+ml+K/IAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQEC
Ak8wJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EM
AQICMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9HRUFOVC5jcmwuc2VjdGlnby5j
b20vR0VBTlRPVlJTQUNBNC5jcmwwdQYIKwYBBQUHAQEEaTBnMDoGCCsGAQUFBzAC
hi5odHRwOi8vR0VBTlQuY3J0LnNlY3RpZ28uY29tL0dFQU5UT1ZSU0FDQTQuY3J0
MCkGCCsGAQUFBzABhh1odHRwOi8vR0VBTlQub2NzcC5zZWN0aWdvLmNvbTATBgor
BgEEAdZ5AgQDAQH/BAIFADCBkQYDVR0RBIGJMIGGghJsYi1kYy0xLm5ldC51dmEu
bmyCEmxiLWRjLTEubmV0LnVoYS5ubIIWbGItZm1iLWRjLTQubmV0LnVoYS5ubIIW
bGItZm1iLWRjLTQubmV0LnV2YS5ubIIVbGItc3AtZGMtMy5uZXQudWhhLm5sghVs
Yi1zcC1kYy0zLm5ldC51dmEubmwwDQYJKoZIhvcNAQEMBQADggIBAHrW2x+Pk2zw
WS9ldbYU+K1qOHlW/V9tj10YM+BI5vEWiD7Pv/oNCv1WqHHBGA+iATscJCCJqJOd
oZiPpcwCfCO9MXj2bhKSh9hjDYdyF1qH9qikQiReAi6MkVIZhJSDCKIlQh4I9HcQ
GccxPucLZKGLud58btfmcXUhnAcyLVmMJxYxAdua1Mp2LmUtYMe7DMJ52HOz8dLy
JzHC5npBPaqKptKXhvHLC/D1MGSUvTFxkYTGaFf8DD541HeFFjDMZ+hlig993el+
CX/SDjtsI0qIBJVfF6zq0LCXl+5dHugzwbi+O/FH5bDa85nQ+n1pPadQx9x2FlJU
GqIG3pxLiJxzPZcReXMBfEEwyvaCjKpPZ7KTKUmcRhyXRWtCsImGEmYbB5D0yi8W
Ki992RbAFungQ1KeUxeKAZmbnBpZ0UEZx1qSNrCVyte7LcXj8zaXDmF7BYpOPq6K
w+JoJkr1IaSr25YlUt9wJzf11rgoEn91KHGQeVjXQhlXnx3uKe6ZBcEpKCLPK/7p
whvswywOcS7UGi6g9tUReftabznratS9ywKOH4XzLNhsk+9al2mZNvJes/+3ZwMS
RONaCX7J/vxb4OI57JGgjHuMkNHIgKG5R1Bd6kg22hHj4CaiyAoMUtHiqwRA9n7M
7+CyPkX3lVNbrgLFpwkYUWEIYIomJkKR
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA09GH8Ft6whIaA6JVNkeN
wpRMmPJui+G+hwjuQ+8eYCTwxALGoKpq/imMtPOGjCeU2D07riT4ids70jI93qoP
qlqRXCn6Ro7B0kx+rGJ4zalCGVesqzQP3N3wdmimzipI052TqrhFJPK7pVuvmKNz
hIaQp+Xifu6UjyqU/0PgYOxcpy0Rnqiw8bLYS32kci3RWmOA8cIi8CkjbGx350js
ozOEh3d36uptsaVBZT7y/VWO/6uVYHe10RunSAAU04olY74ZOdT9sncFIKClatAh
kG6JQ3USnsvUFEGjh8Myz5go/bce/9rvDjYhvwMZDxHT7lnvTfC0tWXuLLedS8pn
E8TkyMhxFw1Ell6TZwp5qkkxbKjGCCsrB+KTnFLPbWMWxesEnsy1ypBwQhfGQEaa
65tYKLYrYvm7ZMZlePcluyqBt+I010WYza4v/c4tX590+fgqbgBYX7lgBM3J+S8o
WgaFjtBqzgrqkL9mrAbQv0FpsQ2oQceOJC5jgHn+4mmpnWXcLKU8WLXwTULQsAZ5
emeIAS2DfVSZTCJO5tBYMbaFEmcHuMNT0dFzFQ5djiNq+lJf6vHrzsJx3DnU/tQj
R7CFMlrSOX9uMXIxaSFr4eVEnPCzQkyFxGzuzil4pay0PTWo6OZyHq/533w/t/73
rVLMm9pEAWtqqB5Y03IRRm8CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 92347021229966939309980269059713956086
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-01 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-01 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Noord-Holland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universiteit van Amsterdam'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lb-dc-1.net.uva.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 864144007521642008913313649181090680211910581167816048074456089769223480178430214651888577697360046003828029260567631967484916443743180504261927156717406675324464443578992339092297130340120402113288446287082809580097868513643360351410425373300196710597805864128391183696058653283702756281614912818447439936916737388686931857673646390803859568895418635309398395221432118555264247879091921337285499988788255463252972102323311630123156729029458769231942437214516940773060698454170539449341798528966109101150418213180376522680745111861043791898394897947263825220116576676397490527284638786498014263341495919565126850113513721644055086286144526517640551049598329422030235921530501941171209390422690301598194062272516520746512812826702065652440325466030354666747037358046754236201247224597867499947782396743199570969234144646041613762180161297557450883449713785847448190279968891630362565086796121062107636888236879830824471139696635266855905147860356788854587353951519481624937365865974177892499253272682836093488266322258925049152651519015544488970134199847486494376418206020665038459717649304227274336015836301274882747567889661888856938868950474919728566490124629454220567122740604155364140878151835489049848446004805513850640458139247
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							09f4bf6df7ffff41d16800e7b55a3e9a5f8afc80
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (137 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lb-dc-1.net.uva.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lb-dc-1.net.uha.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lb-fmb-dc-4.net.uha.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lb-fmb-dc-4.net.uva.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lb-sp-dc-3.net.uha.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lb-sp-dc-3.net.uva.nl'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		007ad6db1f8f936cf0592f6575b614f8ad6a387956fd5f6d8f5d1833e048e6f116883ecfbffa0d0afd56a871c1180fa2013b1c242089a8939da1988fa5cc027c23bd3178f66e129287d8630d8772175a87f6a8a442245e022e8c91521984948308a225421e08f4771019c7313ee70b64a18bb9de7c6ed7e67175219c07322d598c27163101db9ad4ca762e652d60c7bb0cc279d873b3f1d2f22731c2e67a413daa8aa6d29786f1cb0bf0f5306494bd31719184c66857fc0c3e78d477851630cc67e8658a0f7ddde97e097fd20e3b6c234a8804955f17acead0b09797ee5d1ee833c1b8be3bf147e5b0daf399d0fa7d693da750c7dc761652541aa206de9c4b889c733d97117973017c4130caf6828caa4f67b29329499c461c97456b42b0898612661b0790f4ca2f162a2f7dd916c016e9e043529e53178a01999b9c1a59d14119c75a9236b095cad7bb2dc5e3f336970e617b058a4e3eae8ac3e268264af521a4abdb962552df702737f5d6b828127f752871907958d74219579f1dee29ee9905c1292822cf2bfee9c21becc32c0e712ed41a2ea0f6d51179fb5a6f39eb6ad4bdcb028e1f85f32cd86c93ef5a97699936f25eb3ffb767031244e35a097ec9fefc5be0e239ec91a08c7b8c90d1c880a1b947505dea4836da11e3e026a2c80a0c52d1e2ab0440f67eccefe0b23e45f795535bae02c5a70918516108608a26264291