inloggen-digid.ozf.nl

Issued by QuoVadis CSP - PKI Overheid CA - G2

About this certificate


This digital certificate with serial number 9b:23:8b:05:3e:2e:86:40:16:f7:8d:70:3f:17:a7:35:7f:6f:1a was issued on by QuoVadis Trustlink BV .

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

Cerificate errors/warnings *beta

  • ERROR: Certificate has key usage [KeyAgreement] set
  • ERROR: businessCategory is required for [EV] certificates
  • ERROR: jurisdictionCountryName is required for [EV] certificates

Achmea Interne Diensten N.V.

Company registration number: 00000003301249270000
Organization: Achmea Interne Diensten N.V.
Organization unit: Connectis Hosted Services
State / Province: Utrecht
Locality: Zeist
Country: NL

QuoVadis Trustlink BV

Organization: QuoVadis Trustlink BV
Organization unit: Issuing Certification Authority
State / Province: Utrecht
Locality: Zeist
Country: NL

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 9b:23:8b:05:3e:2e:86:40:16:f7:8d:70:3f:17:a7:35:7f:6f:1a
Serial Number (int): 3459711741997866217421179173760181772994178842
Serial Number lenght: 152 bits, 19 octets

SubjectKeyId: 2f:1b:e3:62:de:0d:59:ef:1a:56:95:01:b1:d9:bc:13:c5:4e:30:c3
AuthorityKeyId: 69:cb:7f:50:76:00:86:53:95:79:12:c1:58:76:1f:13:ef:f2:4d:a3

Fingerprint (sha1): b6:ac:39:f0:2d:d1:ff:a0:2c:69:8d:a8:bc:2a:05:a2:32:b0:5e:c9
Fingerprint (sha256): 70:5f:f5:d8:e0:34:ef:7d:65:01:4a:c3:80:54:21:b5:1b:40:d1:d2:01:e6:80:db:2f:75:5e:ce:75:7c:ca:e1

Issuing Certificate URL: http://trust.quovadisglobal.com/qvocag2.crt

Revocation information

OCSP Server: http://ocsp.quovadisglobal.com
CRL Distribution Point: http://crl.quovadisglobal.com/qvocag2.crl

Check the revocation status for the current certificate on inloggen-digid.ozf.nl
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment
Key Agreement

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any other subject alternative names besides the common name of the subject: inloggen-digid.ozf.nl

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIHmTCCBYGgAwIBAgIUAJsjiwU+LoZAFveNcD8XpzV/bxowDQYJKoZIhvcNAQEL BQAwgYUxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVRdW9WYWRpcyBUcnVzdGxpbmsg QlYxKDAmBgNVBAsMH0lzc3VpbmcgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxLDAq BgNVBAMMI1F1b1ZhZGlzIENTUCAtIFBLSSBPdmVyaGVpZCBDQSAtIEcyMB4XDTEz MTIxMzA4MjQxN1oXDTE2MTIxMzA4MjM1NlowgbkxHTAbBgNVBAUTFDAwMDAwMDAz MzAxMjQ5MjcwMDAwMQswCQYDVQQGEwJOTDEQMA4GA1UECBMHVXRyZWNodDEOMAwG A1UEBxMFWmVpc3QxJTAjBgNVBAoTHEFjaG1lYSBJbnRlcm5lIERpZW5zdGVuIE4u Vi4xIjAgBgNVBAsTGUNvbm5lY3RpcyBIb3N0ZWQgU2VydmljZXMxHjAcBgNVBAMT FWlubG9nZ2VuLWRpZ2lkLm96Zi5ubDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAJG1esdi666NSP9wIGIweeYWam1mLe2qUKvnP8kblvKyCrqtWWt9Wj64 mgoJ6JcTja0oOLBY+2E/E1s05HyS/YbKO8fOe6SOuXxr5dOFpv3WhgSuU6nNSH6Q dk5iDzrwRkvQ5Pm5vXtNRws0qjcAxCFNt1tEzyAlps8tDb5vkt/aTCEnyvaOLhga MDsKMv77c5ycNAWnro1JJi8tYRya2Tm4Jx1jmZ04+2lx8eMSML16Ci17E/A5UDDl Os5TlXSGnyXzqN2AaOf6k4Gl/AYIwmaUZndMYDiQpy+h2h4caEoA0Fko3G+AEVAn RE+AY0Pd/tZO1VZhgI0uBFATfeou3ysCAwEAAaOCAskwggLFMAwGA1UdEwEB/wQC MAAwggExBgNVHSAEggEoMIIBJDCCASAGCmCEEAGHawECBQYwggEQMIHXBggrBgEF BQcCAjCByhqBx1JlbGlhbmNlIG9uIHRoaXMgY2VydGlmaWNhdGUgYnkgYW55IHBh cnR5IGFzc3VtZXMgYWNjZXB0YW5jZSBvZiB0aGUgcmVsZXZhbnQgUXVvVmFkaXMg Q2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQgYW5kIG90aGVyIGRvY3Vt ZW50cyBpbiB0aGUgUXVvVmFkaXMgcmVwb3NpdG9yeSAgKGh0dHA6Ly93d3cucXVv dmFkaXNnbG9iYWwuY29tKS4wNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cucXVvdmFk aXNnbG9iYWwuY29tL3JlcG9zaXRvcnkwYAYDVR0RBFkwV6A+BgorBgEEAYI3FAID oDAMLjIuMTYuNTI4LjEuMTAwMy4xLjMuNS4yLjEtMDAwMDAwMDMzMDEyNDkyNzAw MDCCFWlubG9nZ2VuLWRpZ2lkLm96Zi5ubDBzBggrBgEFBQcBAQRnMGUwKgYIKwYB BQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xvYmFsLmNvbTA3BggrBgEFBQcw AoYraHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdm9jYWcyLmNydDAO BgNVHQ8BAf8EBAMCA6gwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB8G A1UdIwQYMBaAFGnLf1B2AIZTlXkSwVh2HxPv8k2jMDoGA1UdHwQzMDEwL6AtoCuG KWh0dHA6Ly9jcmwucXVvdmFkaXNnbG9iYWwuY29tL3F2b2NhZzIuY3JsMB0GA1Ud DgQWBBQvG+Ni3g1Z7xpWlQGx2bwTxU4wwzANBgkqhkiG9w0BAQsFAAOCAgEAwt+2 VbhQMhgieWfXfLt9dxutswPb6N8vbM5gtvhb21owtYn/vW29SZ8eqpygLvLMn6m8 wbRDbJvQzOAWMj8pqzAGnIsQVX9Se9wzlpnYCKqXfUxxQjQEKSBiyCW2nGWoFwEr KXwQ8/YrfTp553rZ5pdHt0hQjLjkIZjNpP8ff5JCVyEBA59b4pws7DeH2Bw0Cged jT44oAuhVZZm2AzzprvXJzxla9WakUrHE6/RN2BHNP4vG+oxGPnTGmuFNBw+cPza KEPP7rh7WN8U2rOYYWxeGEuEhdpsL+k7fgyDOgnmXzI5GEaajghwCKVBRZ7my92g f6SbVx2eBy638xL9zu1GdfFZ49zOkDNp73ftics8V6tlUd4EhHp02XNaefXaeaWR 698dmMRB90L9r6j3e26izpzJIMjXYJC5yBnka036MOZmNdkwpZV6N2SXb3RaMkFC Iypq7UTst1V2waPKebqsPba61Wd5rXaXa/S1jQsw57KDVF4CFBXQcXFvT/TeJ6ti RB0BDYEQHMQv1KAZ4L5WeZ3zlD8wTdB4ll9j8SceLb3Dr/PJ42jqSaQOQbDxxBJt SbEvdLi7TFp4imSVARsfzJSZacztNFDPX/ximal/b789B/MDtH/4l8AAP4938GMK njYl9ogk7oS0WDTgEUsbFToxMx0EIEsCUvz+7fQ= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbV6x2Lrro1I/3AgYjB5 5hZqbWYt7apQq+c/yRuW8rIKuq1Za31aPriaCgnolxONrSg4sFj7YT8TWzTkfJL9 hso7x857pI65fGvl04Wm/daGBK5Tqc1IfpB2TmIPOvBGS9Dk+bm9e01HCzSqNwDE IU23W0TPICWmzy0Nvm+S39pMISfK9o4uGBowOwoy/vtznJw0BaeujUkmLy1hHJrZ ObgnHWOZnTj7aXHx4xIwvXoKLXsT8DlQMOU6zlOVdIafJfOo3YBo5/qTgaX8BgjC ZpRmd0xgOJCnL6HaHhxoSgDQWSjcb4ARUCdET4BjQ93+1k7VVmGAjS4EUBN96i7f KwIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 3459711741997866217421179173760181772994178842 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'QuoVadis Trustlink BV' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Issuing Certification Authority' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'QuoVadis CSP - PKI Overheid CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-12-13 08:24:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-12-13 08:23:56 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003301249270000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Utrecht' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zeist' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Achmea Interne Diensten N.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Connectis Hosted Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'inloggen-digid.ozf.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18394045148624883419125798519611898433882989270559527126916506341926211233951234449978465914438788136290925007123170521441587109111226160888015879820683845782909799199122964153642408665019142585694086764569269746949195751783738678450753705508700416201462268494652052577342991861970186260155854914988725908820771211640725740377108267221014444183963051974889361729311404420199938412835720326602961890845026910172942729514970388230040928886581854920552679941791922496972076993491186678509132700856674166156581831295579913221289437472268593619901147028497094558962486514048548120164433155475382645009406509228098906414891 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (296 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [82 101 108 105 97 110 99 101 32 111 110 32 116 104 105 115 32 99 101 114 116 105 102 105 99 97 116 101 32 98 121 32 97 110 121 32 112 97 114 116 121 32 97 115 115 117 109 101 115 32 97 99 99 101 112 116 97 110 99 101 32 111 102 32 116 104 101 32 114 101 108 101 118 97 110 116 32 81 117 111 86 97 100 105 115 32 67 101 114 116 105 102 105 99 97 116 105 111 110 32 80 114 97 99 116 105 99 101 32 83 116 97 116 101 109 101 110 116 32 97 110 100 32 111 116 104 101 114 32 100 111 99 117 109 101 110 116 115 32 105 110 32 116 104 101 32 81 117 111 86 97 100 105 115 32 114 101 112 111 115 105 116 111 114 121 32 32 40 104 116 116 112 58 47 47 119 119 119 46 113 117 111 118 97 100 105 115 103 108 111 98 97 108 46 99 111 109 41 46] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.quovadisglobal.com/repository' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.20.2.3 (universalPrincipalName) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '2.16.528.1.1003.1.3.5.2.1-00000003301249270000' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'inloggen-digid.ozf.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.quovadisglobal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://trust.quovadisglobal.com/qvocag2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03a8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 69cb7f5076008653957912c158761f13eff24da3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.quovadisglobal.com/qvocag2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2f1be362de0d59ef1a569501b1d9bc13c54e30c3 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00c2dfb655b8503218227967d77cbb7d771badb303dbe8df2f6cce60b6f85bdb5a30b589ffbd6dbd499f1eaa9ca02ef2cc9fa9bcc1b4436c9bd0cce016323f29ab30069c8b10557f527bdc339699d808aa977d4c71423404292062c825b69c65a817012b297c10f3f62b7d3a79e77ad9e69747b748508cb8e42198cda4ff1f7f9242572101039f5be29c2cec3787d81c340a079d8d3e38a00ba1559666d80cf3a6bbd7273c656bd59a914ac713afd137604734fe2f1bea3118f9d31a6b85341c3e70fcda2843cfeeb87b58df14dab398616c5e184b8485da6c2fe93b7e0c833a09e65f323918469a8e087008a541459ee6cbdda07fa49b571d9e072eb7f312fdceed4675f159e3dcce903369ef77ed89cb3c57ab6551de04847a74d9735a79f5da79a591ebdf1d98c441f742fdafa8f77b6ea2ce9cc920c8d76090b9c819e46b4dfa30e66635d930a5957a3764976f745a324142232a6aed44ecb75576c1a3ca79baac3db6bad56779ad76976bf4b58d0b30e7b283545e021415d071716f4ff4de27ab62441d010d81101cc42fd4a019e0be56799df3943f304dd078965f63f1271e2dbdc3aff3c9e368ea49a40e41b0f1c4126d49b12f74b8bb4c5a788a6495011b1fcc949969cced3450cf5ffc6299a97f6fbf3d07f303b47ff897c0003f8f77f0630a9e3625f68824ee84b45834e0114b1b153a31331d04204b0252fcfeedf4