oim-acc-be.lb.uha.nl
- Universiteit van Amsterdam -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number 87:41:16:5e:29:7e:d6:a3:96:54:6f:b4:6a:91:76:40 was issued on by GEANT Vereniging.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Universiteit van Amsterdam
Organization:
Universiteit van Amsterdam
State / Province:
Noord-Holland
Locality: Amsterdam
Country: NL
Locality: Amsterdam
Country: NL
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 87:41:16:5e:29:7e:d6:a3:96:54:6f:b4:6a:91:76:40Serial Number (int): 179783732400069186975491111068772693568
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 22:b3:a9:f1:a1:22:85:09:df:33:16:ee:a8:1f:0d:83:80:74:b7:ce
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): 78:32:41:60:9f:ee:84:36:20:39:47:0d:79:8c:dd:e7:16:f2:6d:7a
Fingerprint (sha256): 95:e1:8e:d4:83:20:d0:18:d2:5f:5c:a5:a7:0a:ea:9c:30:b6:9b:da:9c:49:73:79:9a:d3:1f:54:1e:35:4c:ab
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate oim-acc-be.lb.uha.nl
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for oim-acc-be.lb.uha.nl
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
oim-acc-be.lb.uha.nl
idm-acc-beheer.ic.uva.nl
idm-acc-beheer.ict.hva.nl
idm-acc-beheer.ic.uva.nl
idm-acc-beheer.ict.hva.nl
Other certificates including the domain name uha.nl
(limited to 100 certificates)
radius-acc-authus1.net.uha.nl
vpn-acc-dc-01.net.uha.nl
ex2016-prd-hva.lb.uva.nl
beheervpn-prd.net.uha.nl
ex2016-acc-hva.lb.uha.nl
ex2016-prd-uva.lb.uva.nl
hva.nl
netauth-prd1.net.uha.nl
infoblox.net.uha.nl
authus-acc.net.uha.nl
vpn-dc-01.net.uha.nl
ex2016-acc-uva.lb.uha.nl
netdisco-acc1.forux.nl
radius-prd-authus1.net.uha.nl
netauth-prd.lb.uha.nl
netauth-prd1.net.uha.nl
netauth-prd.lb.uha.nl
fortimanager.net.uha.nl
lb-dc-1.net.uva.nl
ex2016-prd-hva.lb.uha.nl
lb-dc-1.net.uva.nl
fw-gbs-01.net.uha.nl
ex2016-prd-uva.lb.uva.nl
ex2016-prd-hva.lb.uva.nl
iris.ic.uva.nl
oim-prd-be.lb.uha.nl
ex2016-prd-hva.lb.uha.nl
netauth-prd2.net.uha.nl
smtp-prd.lb.uha.nl
authus-prd.net.uha.nl
netauth-prd2.net.uha.nl
ex2016-acc-hva.lb.uha.nl
radius-prd-authus1.net.uha.nl
radius-acc-authus2.net.uha.nl
fortimanager.net.uha.nl
oim-acc-be.lb.uha.nl
smtp-prd3.forux.nl
smtp-prd.lb.uha.nl
hva.nl
radius-prd-authus2.net.uha.nl
netauth-prd1.net.uha.nl
radius-acc-authus2.net.uha.nl
ex2016-prd-uva.lb.uva.nl
authus-dev.net.uha.nl
smtp-prd3.forux.nl
authus-acc.net.uha.nl
authus-prd.net.uha.nl
radius-prd-authus2.net.uha.nl
lb-dc-1.net.uva.nl
nf-store.ic.uva.nl
ex2016-prd-uva.lb.uva.nl
radius-acc-authus1.net.uha.nl
netauth-prd1.net.uha.nl
fortianalyzer.net.uha.nl
netauth-prd.lb.uha.nl
hiab-prd1.mgmt.uha.nl
vpn-acc-dc-01.net.uha.nl
ex2016-prd-hva.lb.uva.nl
beheervpn-prd.net.uha.nl
ex2016-acc-hva.lb.uha.nl
ex2016-prd-uva.lb.uva.nl
hva.nl
netauth-prd1.net.uha.nl
infoblox.net.uha.nl
authus-acc.net.uha.nl
vpn-dc-01.net.uha.nl
ex2016-acc-uva.lb.uha.nl
netdisco-acc1.forux.nl
radius-prd-authus1.net.uha.nl
netauth-prd.lb.uha.nl
netauth-prd1.net.uha.nl
netauth-prd.lb.uha.nl
fortimanager.net.uha.nl
lb-dc-1.net.uva.nl
ex2016-prd-hva.lb.uha.nl
lb-dc-1.net.uva.nl
fw-gbs-01.net.uha.nl
ex2016-prd-uva.lb.uva.nl
ex2016-prd-hva.lb.uva.nl
iris.ic.uva.nl
oim-prd-be.lb.uha.nl
ex2016-prd-hva.lb.uha.nl
netauth-prd2.net.uha.nl
smtp-prd.lb.uha.nl
authus-prd.net.uha.nl
netauth-prd2.net.uha.nl
ex2016-acc-hva.lb.uha.nl
radius-prd-authus1.net.uha.nl
radius-acc-authus2.net.uha.nl
fortimanager.net.uha.nl
oim-acc-be.lb.uha.nl
smtp-prd3.forux.nl
smtp-prd.lb.uha.nl
hva.nl
radius-prd-authus2.net.uha.nl
netauth-prd1.net.uha.nl
radius-acc-authus2.net.uha.nl
ex2016-prd-uva.lb.uva.nl
authus-dev.net.uha.nl
smtp-prd3.forux.nl
authus-acc.net.uha.nl
authus-prd.net.uha.nl
radius-prd-authus2.net.uha.nl
lb-dc-1.net.uva.nl
nf-store.ic.uva.nl
ex2016-prd-uva.lb.uva.nl
radius-acc-authus1.net.uha.nl
netauth-prd1.net.uha.nl
fortianalyzer.net.uha.nl
netauth-prd.lb.uha.nl
hiab-prd1.mgmt.uha.nl
Certificate
The complete raw certificate details for oim-acc-be.lb.uha.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHPTCCBSWgAwIBAgIRAIdBFl4pftajllRvtGqRdkAwDQYJKoZIhvcNAQEMBQAw RDELMAkGA1UEBhMCTkwxGTAXBgNVBAoTEEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNV BAMTEUdFQU5UIE9WIFJTQSBDQSA0MB4XDTIyMDIwMjAwMDAwMFoXDTIzMDIwMjIz NTk1OVowfTELMAkGA1UEBhMCTkwxFjAUBgNVBAgTDU5vb3JkLUhvbGxhbmQxEjAQ BgNVBAcTCUFtc3RlcmRhbTEjMCEGA1UEChMaVW5pdmVyc2l0ZWl0IHZhbiBBbXN0 ZXJkYW0xHTAbBgNVBAMTFG9pbS1hY2MtYmUubGIudWhhLm5sMIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAt2guofxVqvDJRShmxw1Q5sWDO5+J5Mf1GoX6 c9LoGhQ3UOi0X0uf3JUxlrG3bxFW+gUZ/wlVFTa/Ds7W9puItQ38g8CMtGuOJsg4 IpYD8/6wpXjMTpulDPPVcsZs3iXppsqdxM7+YXDVSVVW4FesxpA18kH2/FSsKemC p8KzCw45726i6umQdWT3U/z/+VazxMbEfTOHbvzBr0YSyLNGf/XMLeclPbA+SSUT QkAhq1DrWFXactnRK4Qy7R0JoWN4JLvqBbOFVTj03mmAiiSrAhmew+yyguJvyide a8FQg/Q/bPWhvlCS0qCVUPtSsfsQxaYiW7tGLk7WpVyv641H81sg/afrGXljWkz0 D7qtayp0IMPPpMURPNcAXU5wodWjuC26TkEdPbmTz2ZacuqlmQUyGgzIuGrdPoFW 3G2fiCEo3qpDjVRbSCTUbUQT5eX6G4cfaWuRKyhcUD/LuHQZaOKEffR2xusMkCVa 1Ovgb0oxgRdTL2CvvJiPqcUSQlyGYP3v2He/h4lgmUZR6xAbLdI/keBRD2bAcoT+ MOrd0rjCra3iy6uqAODOtRrxUxghEge3004wc5UNK9OzsOYOvSOr8/uY1YW/OuTw /WnRot42i/Bll1Yj4IFXKyLIgLXoqSN4JG9VsmswiBjmlE8MBigRCinnlw9d9+sA bE1tBUkCAwEAAaOCAe8wggHrMB8GA1UdIwQYMBaAFG8dNUkQbDL6WaCevIroH5W+ cXoMMB0GA1UdDgQWBBQis6nxoSKFCd8zFu6oHw2DgHS3zjAOBgNVHQ8BAf8EBAMC BaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw SQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICTzAlMCMGCCsGAQUFBwIBFhdodHRwczov L3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIwPwYDVR0fBDgwNjA0oDKgMIYuaHR0 cDovL0dFQU5ULmNybC5zZWN0aWdvLmNvbS9HRUFOVE9WUlNBQ0E0LmNybDB1Bggr BgEFBQcBAQRpMGcwOgYIKwYBBQUHMAKGLmh0dHA6Ly9HRUFOVC5jcnQuc2VjdGln by5jb20vR0VBTlRPVlJTQUNBNC5jcnQwKQYIKwYBBQUHMAGGHWh0dHA6Ly9HRUFO VC5vY3NwLnNlY3RpZ28uY29tMBMGCisGAQQB1nkCBAMBAf8EAgUAMFQGA1UdEQRN MEuCFG9pbS1hY2MtYmUubGIudWhhLm5sghhpZG0tYWNjLWJlaGVlci5pYy51dmEu bmyCGWlkbS1hY2MtYmVoZWVyLmljdC5odmEubmwwDQYJKoZIhvcNAQEMBQADggIB ABaCMhGSkQ65Bc9S0v06wNQuCe6CdPtnBWVb65XR1zLbkfUdxL5+T4ijfFnbhfCY BYXq1bCV0Hda1iheo2xfhQFteb7nRGVvqXUe2tiQWJ4OG5aw6TOtgqrd0Mg1vR0O Nmi5b6wMD4t3Na9E6hNuWeAy8EABMAmR/YjFqLg/mmtDatgCTF9OdSJjqHweHmOD jKamYMzXic9PxtxlP5iOEpJf/Yqt1lLgxvOUTXdlr5oEAeGwUeIfBod52exzAM+M JqIaG948nIJMzA/m75lfIHXo5DDNbNA2L2YpR1F+INgdGZEd2zwgwdEgCYx3eQQ7 QSDapMaveiHHXj7RDRn+nqfJWalkWsss2Moxd7vzRe0j/fUlwOW8ilOccmopbu95 anwS4WKw0HJgLGSbRva7mcEo+KEzaaNYn0R0FFhiHJvMTZLXyduB5c4XF0wLWgSh wcmlXpgNqJlsti+kxiUXA6O2Kz4NNTTju/DJVnw9DoZeIk41qiXWYqjseaURVxab vG+YGidNzOe4rqAmXhYfVXjJRZ95+2s5/yAaHez5LM3R1rMLTeDzD6obY9y8MBNj Pnn8BkTmKOVXG1ecCCF3y5Jg1U3g8nf17otEAWn9nr4qePcrpvGlTTx9Ky59kVtT Aq/YaJsJShCwZxTUWRrVCRILYXJFyL7rKwG39B9aC2RW -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAt2guofxVqvDJRShmxw1Q 5sWDO5+J5Mf1GoX6c9LoGhQ3UOi0X0uf3JUxlrG3bxFW+gUZ/wlVFTa/Ds7W9puI tQ38g8CMtGuOJsg4IpYD8/6wpXjMTpulDPPVcsZs3iXppsqdxM7+YXDVSVVW4Fes xpA18kH2/FSsKemCp8KzCw45726i6umQdWT3U/z/+VazxMbEfTOHbvzBr0YSyLNG f/XMLeclPbA+SSUTQkAhq1DrWFXactnRK4Qy7R0JoWN4JLvqBbOFVTj03mmAiiSr Ahmew+yyguJvyidea8FQg/Q/bPWhvlCS0qCVUPtSsfsQxaYiW7tGLk7WpVyv641H 81sg/afrGXljWkz0D7qtayp0IMPPpMURPNcAXU5wodWjuC26TkEdPbmTz2Zacuql mQUyGgzIuGrdPoFW3G2fiCEo3qpDjVRbSCTUbUQT5eX6G4cfaWuRKyhcUD/LuHQZ aOKEffR2xusMkCVa1Ovgb0oxgRdTL2CvvJiPqcUSQlyGYP3v2He/h4lgmUZR6xAb LdI/keBRD2bAcoT+MOrd0rjCra3iy6uqAODOtRrxUxghEge3004wc5UNK9OzsOYO vSOr8/uY1YW/OuTw/WnRot42i/Bll1Yj4IFXKyLIgLXoqSN4JG9VsmswiBjmlE8M BigRCinnlw9d9+sAbE1tBUkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 179783732400069186975491111068772693568 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-02-02 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-02 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Noord-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amsterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universiteit van Amsterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'oim-acc-be.lb.uha.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 748235122759385024399748401448778594103610716330999679453853469298540339681738721658379138043297897248929151454749378824882323238498443322906633824259811823584621128029143282578202733920367642834265884879874913689887574954789205919105902332426072490992859004593780275067225859137742234872274061506653901771066757549440502492536949103241899567454147160551066901890249543368708545682426742227830523191537120707213042857652047122414703102115018919874617373404191776311458925440276580111414212255930883375117117140422782800282941331602100862904879903450241659631581915096057473474475839087590678147367836933413836213998725060201995836525098221265201857850118238616433940258796584905158513329986092167936259761628873739107920587537377128556122524238222176254206556148320486730553488552984782255941021754898778832689453347350118036844832916923489104279892356825847188282847162623927364347034340075448130966467427816969372156692739544954394861449120690872549779647750308725366752912238256336655830140643692229634218615733659764468157085015652020716920934629621667827306700132668078844479958960143343248866408183182389283729267455263872543234462620549938898231385661990804618560314780043104795026193502064869696257820879263240406393433163081 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 22b3a9f1a1228509df3316eea81f0d838074b7ce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (77 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oim-acc-be.lb.uha.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idm-acc-beheer.ic.uva.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idm-acc-beheer.ict.hva.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 001682321192910eb905cf52d2fd3ac0d42e09ee8274fb6705655beb95d1d732db91f51dc4be7e4f88a37c59db85f0980585ead5b095d0775ad6285ea36c5f85016d79bee744656fa9751edad890589e0e1b96b0e933ad82aaddd0c835bd1d0e3668b96fac0c0f8b7735af44ea136e59e032f04001300991fd88c5a8b83f9a6b436ad8024c5f4e752263a87c1e1e63838ca6a660ccd789cf4fc6dc653f988e12925ffd8aadd652e0c6f3944d7765af9a0401e1b051e21f068779d9ec7300cf8c26a21a1bde3c9c824ccc0fe6ef995f2075e8e430cd6cd0362f662947517e20d81d19911ddb3c20c1d120098c7779043b4120daa4c6af7a21c75e3ed10d19fe9ea7c959a9645acb2cd8ca3177bbf345ed23fdf525c0e5bc8a539c726a296eef796a7c12e162b0d072602c649b46f6bb99c128f8a13369a3589f44741458621c9bcc4d92d7c9db81e5ce17174c0b5a04a1c1c9a55e980da8996cb62fa4c6251703a3b62b3e0d3534e3bbf0c9567c3d0e865e224e35aa25d662a8ec79a51157169bbc6f981a274dcce7b8aea0265e161f5578c9459f79fb6b39ff201a1decf92ccdd1d6b30b4de0f30faa1b63dcbc3013633e79fc0644e628e5571b579c082177cb9260d54de0f277f5ee8b440169fd9ebe2a78f72ba6f1a54d3c7d2b2e7d915b5302afd8689b094a10b06714d4591ad509120b617245c8beeb2b01b7f41f5a0b6456