iwelcome-staging.sso.eherkenning.nl

Issued by PositiveSSL CA 2

About this certificate


This digital certificate with serial number 64:05:08:98:e6:d1:c1:0a:9a:2f:6f:b0:93:d5:19:3e was issued on by COMODO CA Limited .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

iwelcome-staging.sso.eherkenning.nl

Organization unit: Domain Control Validated
Organization unit: PositiveSSL

COMODO CA Limited

Organization: COMODO CA Limited

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 64:05:08:98:e6:d1:c1:0a:9a:2f:6f:b0:93:d5:19:3e
Serial Number (int): 132948935436176922177583743799137737022
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: c1:c0:c8:a5:6f:76:66:f0:0b:f8:36:f2:73:6b:59:30:df:72:b7:75
AuthorityKeyId: 99:e4:40:5f:6b:14:5e:3e:05:d9:dd:d3:63:54:fc:62:b8:f7:00:ac

Fingerprint (sha1): 8c:f3:1c:6a:96:b0:aa:07:b4:03:d0:f4:8f:ea:9d:17:19:88:f4:86
Fingerprint (sha256): 02:6f:d1:b2:db:24:70:57:40:ad:e7:61:89:77:20:ad:a5:8e:fb:3b:44:83:d1:53:32:96:bc:4c:45:63:ad:4a

Issuing Certificate URL: http://crt.comodoca.com/PositiveSSLCA2.crt

Revocation information

OCSP Server: http://ocsp.comodoca.com
CRL Distribution Point: http://crl.comodoca.com/PositiveSSLCA2.crl

Check the revocation status for the current certificate on iwelcome-staging.sso.eherkenning.nl
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

iwelcome-staging.sso.eherkenning.nl
www.iwelcome-staging.sso.eherkenning.nl

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIQZAUImObRwQqaL2+wk9UZPjANBgkqhkiG9w0BAQUFADBz MQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD VQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDEZMBcGA1UE AxMQUG9zaXRpdmVTU0wgQ0EgMjAeFw0xNDAxMDkwMDAwMDBaFw0xOTAxMDgyMzU5 NTlaMGcxITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEUMBIGA1UE CxMLUG9zaXRpdmVTU0wxLDAqBgNVBAMTI2l3ZWxjb21lLXN0YWdpbmcuc3NvLmVo ZXJrZW5uaW5nLm5sMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMr8 8AGUcrfI6kNF8vIRIEkxsL4blgkBH2zGeK7lP9TTC4iuIg7Kf7g7/mffgFcPqkY2 k5gyD3Pm3ASLunjIqGLoplP0oasvmPUHRRVC/bUGiW7b2OA6DypaVGQVo8zBCTED SokFvEkAV1F35yNgH/+XHUS5+ml0dLh6q2F0d/Ua32UATOer5ot3FOFYpbxRNujN YxUNf8JAS+FWmK8gedCvt4TxBERz913VDE0pxQzF4BzWCTvYbu54C3zKACWvErys 9fSpuypRWmGKvR7qHNw+FMjS4PoqIvPWR/iEy+zLgVGjM5tOIJc5JJhPEgwcE6g4 lHjVrsYAj4BmjLqERQIDAQABo4IB1zCCAdMwHwYDVR0jBBgwFoAUmeRAX2sUXj4F 2d3TY1T8Yrj3AKwwHQYDVR0OBBYEFMHAyKVvdmbwC/g28nNrWTDfcrd1MA4GA1Ud DwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr BgEFBQcDAjBQBgNVHSAESTBHMDsGCysGAQQBsjEBAgIHMCwwKgYIKwYBBQUHAgEW Hmh0dHA6Ly93d3cucG9zaXRpdmVzc2wuY29tL0NQUzAIBgZngQwBAgEwOwYDVR0f BDQwMjAwoC6gLIYqaHR0cDovL2NybC5jb21vZG9jYS5jb20vUG9zaXRpdmVTU0xD QTIuY3JsMGwGCCsGAQUFBwEBBGAwXjA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5j b21vZG9jYS5jb20vUG9zaXRpdmVTU0xDQTIuY3J0MCQGCCsGAQUFBzABhhhodHRw Oi8vb2NzcC5jb21vZG9jYS5jb20wVwYDVR0RBFAwToIjaXdlbGNvbWUtc3RhZ2lu Zy5zc28uZWhlcmtlbm5pbmcubmyCJ3d3dy5pd2VsY29tZS1zdGFnaW5nLnNzby5l aGVya2VubmluZy5ubDANBgkqhkiG9w0BAQUFAAOCAQEABymnrGA+Xm/pjCK9NzzT wYSfIUaUs9V9CGDNhekb3J1HY9aLrp6VvIJU+hVPfS/part/oPybYLtiuaMe1iw5 1+UmDhisDZXUPvb6Wuu8DuK7weDdQ0nYTg5KvtVq3sgYkq+k9ijp/guxr6fhKYZs BIhHfpzPQ9gvcutZMRYGVLbmWaPFOHSsaX8Q/lZ1B8oTxV1C+z68ufd+KfGtFWXX +4VFFqsQqAEkM/wUTEkOHChkqVg4OTNBIpN6ddifJM9bnR33KPp8iJiOoAQ7SRjT cxmrIvK37jqmUQpnfibz8jznhPoBsPg85VzPCtfbaRYbq+ZJ8rzquYz5fVrhcRoK MA== -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMr88AGUcrfI6kNF8vIR IEkxsL4blgkBH2zGeK7lP9TTC4iuIg7Kf7g7/mffgFcPqkY2k5gyD3Pm3ASLunjI qGLoplP0oasvmPUHRRVC/bUGiW7b2OA6DypaVGQVo8zBCTEDSokFvEkAV1F35yNg H/+XHUS5+ml0dLh6q2F0d/Ua32UATOer5ot3FOFYpbxRNujNYxUNf8JAS+FWmK8g edCvt4TxBERz913VDE0pxQzF4BzWCTvYbu54C3zKACWvErys9fSpuypRWmGKvR7q HNw+FMjS4PoqIvPWR/iEy+zLgVGjM5tOIJc5JJhPEgwcE6g4lHjVrsYAj4BmjLqE RQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 132948935436176922177583743799137737022 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PositiveSSL CA 2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-01-09 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-08 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PositiveSSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'iwelcome-staging.sso.eherkenning.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22822992025706811789506451558952519339903901345520724597988714359868375436627264523795271980697214144407923885419980742628063027355795721131823600104151809640676684582049300745629030178095089350035222801709897358871184829927888945702102800485453922224360303704666931859334895636966999373569571247121555009560481459600806207373980448416626541996817465383300949165980147633961124611755188230643534412191038958340658503344062520423521018799101528557616911079479112522790174818050938604235893580462909049727986823634427732508122001509622670501447911096620658206091607267056594709404171765590038490359093494925735002539077 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 99e4405f6b145e3e05d9ddd36354fc62b8f700ac . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c1c0c8a56f7666f00bf836f2736b5930df72b775 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.positivessl.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/PositiveSSLCA2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/PositiveSSLCA2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iwelcome-staging.sso.eherkenning.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iwelcome-staging.sso.eherkenning.nl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000729a7ac603e5e6fe98c22bd373cd3c1849f214694b3d57d0860cd85e91bdc9d4763d68bae9e95bc8254fa154f7d2fe96abb7fa0fc9b60bb62b9a31ed62c39d7e5260e18ac0d95d43ef6fa5aebbc0ee2bbc1e0dd4349d84e0e4abed56adec81892afa4f628e9fe0bb1afa7e129866c0488477e9ccf43d82f72eb5931160654b6e659a3c53874ac697f10fe567507ca13c55d42fb3ebcb9f77e29f1ad1565d7fb854516ab10a8012433fc144c490e1c2864a9583839334122937a75d89f24cf5b9d1df728fa7c88988ea0043b4918d37319ab22f2b7ee3aa6510a677e26f3f23ce784fa01b0f83ce55ccf0ad7db69161babe649f2bceab98cf97d5ae1711a0a30