bnl.lu
- Bibliothèque nationale -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number 13:69:57:35:6f:cd:7f:f3:79:43:87:69:0d:25:6a:fc was issued on by GEANT Vereniging.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Bibliothèque nationale
Organization:
Bibliothèque nationale
State / Province:
Luxembourg
Country: LU
Country: LU
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 13:69:57:35:6f:cd:7f:f3:79:43:87:69:0d:25:6a:fcSerial Number (int): 25802291893388959552535224681505319676
Serial Number lenght: 125 bits, 16 octets
SubjectKeyId: 61:76:e1:aa:d3:0f:54:a3:57:2e:b5:3e:1e:71:42:c4:10:34:4c:de
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): 4c:38:7a:9c:65:29:ff:e0:a4:e0:ea:3b:ad:1c:a8:16:20:f6:58:37
Fingerprint (sha256): a3:dc:b5:36:46:e2:44:15:c8:09:c8:0c:98:90:e1:25:32:4d:92:8a:ee:15:4a:78:14:3d:9f:d0:bb:bc:77:6a
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate bnl.lu
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for bnl.lu
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bnl.lu
*.bnl.lu
*.bnl.lu
Other certificates including the domain name bnl.lu
(limited to 100 certificates)
*.proxy02.bnl.lu
*.proxy.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
bnl.lu
auth.bnl.lu
*.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
auth.bnl.lu
*.proxy04.bnl.lu
bnl.lu
*.proxy04.bnl.lu
auth3.bnl.lu
bnl.lu
luxemburgensia.bnl.lu
*.proxy.bnl.lu
analytics.bnl.lu
bnl.lu
windbook.bnl.lu
bnl.lu
bnl.lu
wifiportal-1.bnl.lu
auth-dev.bnl.lu
*.bnl.lu
*.proxy03.bnl.lu
auth1.bnl.lu
bnl.lu
auth1.bnl.lu
bnl.lu
analytics.bnl.lu
*.proxy03.bnl.lu
bnl.lu
windbook.bnl.lu
mia.bnl.lu
*.proxy03.bnl.lu
*.proxy.bnl.lu
bnl.lu
auth.bnl.lu
auth3.bnl.lu
lida.bnl.lu
bnl.lu
*.proxy04.bnl.lu
*.proxy.bnl.lu
luxemburgensia.bnl.lu
bnl.lu
*.proxy.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
bnl.lu
auth.bnl.lu
*.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
auth.bnl.lu
*.proxy04.bnl.lu
bnl.lu
*.proxy04.bnl.lu
auth3.bnl.lu
bnl.lu
luxemburgensia.bnl.lu
*.proxy.bnl.lu
analytics.bnl.lu
bnl.lu
windbook.bnl.lu
bnl.lu
bnl.lu
wifiportal-1.bnl.lu
auth-dev.bnl.lu
*.bnl.lu
*.proxy03.bnl.lu
auth1.bnl.lu
bnl.lu
auth1.bnl.lu
bnl.lu
analytics.bnl.lu
*.proxy03.bnl.lu
bnl.lu
windbook.bnl.lu
mia.bnl.lu
*.proxy03.bnl.lu
*.proxy.bnl.lu
bnl.lu
auth.bnl.lu
auth3.bnl.lu
lida.bnl.lu
bnl.lu
*.proxy04.bnl.lu
*.proxy.bnl.lu
luxemburgensia.bnl.lu
bnl.lu
Certificate
The complete raw certificate details for bnl.lu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIRzCCBi+gAwIBAgIQE2lXNW/Nf/N5Q4dpDSVq/DANBgkqhkiG9w0BAQwFADBE MQswCQYDVQQGEwJOTDEZMBcGA1UEChMQR0VBTlQgVmVyZW5pZ2luZzEaMBgGA1UE AxMRR0VBTlQgT1YgUlNBIENBIDQwHhcNMjMwNTI0MDAwMDAwWhcNMjQwNTIzMjM1 OTU5WjBVMQswCQYDVQQGEwJMVTETMBEGA1UECBMKTHV4ZW1ib3VyZzEgMB4GA1UE CgwXQmlibGlvdGjDqHF1ZSBuYXRpb25hbGUxDzANBgNVBAMTBmJubC5sdTCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMHFFVjgztsWzLXcoUQ+F7H2rDUa rT8PDjVGxzGBO9rvEKeEOYhsXbWIG2VHpg+VjpIk5qW9UPVcN1mNVTFj9J7mszs1 yIHgnkpjOYF9XbSWDrpX+L+yQ9AtOenpcXkZDMQlED422kmi8ju30RMSx7KMKuJL Du4c0xYDf+H8NYz2t+JNaShM1KlCpkljxV8ChZNYmPWG+49dQ9rGfzenvYbjndaA JEW7ya58ZgZ0Nxccb2KMewus3vHhbCCvUVBAx7ifsb9ZM7q6ILqIDd84m1eZtigJ SROYnnMOEWna5M+tRhJT7aAqIDcDSBUPgl4PUzvnpKsSdtGmJlLel3sqHuDYWkaJ bA40ycU7OcDbA7Q7TDY9FusHcmMUfC/otV418OtG2KBlpj5EVhJV9QFA4IBNIQRN NLenV8YNOk1ELpjkHFvbKhtvlc7Aj80xpUS3loGlDqbnbPq4FIUCh3Ky1/pzBQJD CiaYTnSdjymyFpLrljzvyXL0f5nMlOH3PUACJhEr1QE8eILfcqjd9wcMrKiz1QJL BdLWosZPPlHAdndYkDvA4Qqy4AQOBx3pBi7sVr5V3TckFj21evy9aEQ019xDTeJY ONMaQcYn6wHK4o0yypYfKA5iehohF6x0SkkVKYIeml9GNNmQlWufo6sbGtH9NurQ guTCPzqbfmDmkJnFAgMBAAGjggMiMIIDHjAfBgNVHSMEGDAWgBRvHTVJEGwy+lmg nryK6B+VvnF6DDAdBgNVHQ4EFgQUYXbhqtMPVKNXLrU+HnFCxBA0TN4wDgYDVR0P AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAk8wJTAjBggrBgEFBQcCARYX aHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQICMD8GA1UdHwQ4MDYwNKAy oDCGLmh0dHA6Ly9HRUFOVC5jcmwuc2VjdGlnby5jb20vR0VBTlRPVlJTQUNBNC5j cmwwdQYIKwYBBQUHAQEEaTBnMDoGCCsGAQUFBzAChi5odHRwOi8vR0VBTlQuY3J0 LnNlY3RpZ28uY29tL0dFQU5UT1ZSU0FDQTQuY3J0MCkGCCsGAQUFBzABhh1odHRw Oi8vR0VBTlQub2NzcC5zZWN0aWdvLmNvbTCCAX0GCisGAQQB1nkCBAIEggFtBIIB aQFnAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGITJ7DJgAA BAMARzBFAiA540n7bCurrhh02F3MNRVcxRoYLjLT/ejWr2k97d4bIgIhAPlBs71e 1f44tI5is9bkyYeIbFivJzZX+neXjcLDjGN2AHYA2ra/az+1tiKfm8K7XGvocJFx bLtRhIU0vaQ9MEjX+6sAAAGITJ7DfwAABAMARzBFAiAIhjCYvo96HgACqF6RWXVU Sv2ZtuChE6Jly79/OmtZdgIhAJBNjbK5Tdj8bCHiSYtSDB6agBD0kTBu04d4koHr Q+n9AHUA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGITJ7DUwAA BAMARjBEAiAE3W0nkQCR5Hu+dtj0pS+c49IA1Y/ANpxMJyib5jDIIgIgfSvzdmYs nxKYq1PDojVRivHM4iENcn4U95G1mLXrRzUwGwYDVR0RBBQwEoIGYm5sLmx1gggq LmJubC5sdTANBgkqhkiG9w0BAQwFAAOCAgEAfG5LRKzXfhrlIPsBW95mc/BlCHwm HzF9B9U7hS1JUz4T7AbJjYGDaGmi358EF07T5SMlO/adfzxvWNREcc7aK6C+HZCB /4OUhCFK65G7d49OhMsiBiLz7D53MjolYI6Rbt0e4nINhRbHOXhlSuLRrS/AfWJf KzUZhi2NK49dzwVGx0way90AsNrzie+o+hirfFLdwh0QlLCvQDPuTP4tp1HQEswc VUikYI1MCKzl5h4X6aWd9EhbCJv9kx7CAWUm+j0iUnYe7Wu3xVUz9GsWNZLVa2KF DFza8b+mGZrHOudFGTGmSzNmxW/lMWIjOJkY54v7GIgmO+iaHrrV0az/rNUKhMoC FtXb/lcB/YckDUeuOFpkKvH2mgkRSY4gj7bnmrj82Cy6HiTwda6hN5U3f+9jVYuV PBhPRUd8ZmR/jX3CF8TVDKFIAc/DeZ0NTLJCU6x/WUexD7WFVwUQd5ZbMEVyuSYp KzFMYLxSmXrKNO7kpjy6EKpJwTsGpViTbKzPdjE0s24EqR6ANIqNxoJR33dxSk5U 6QKJF+ZYIHJXHC9dfXg18gauF9TqfGxYEo44eOcqrbR4VPPRW4XUrbsha+FkurLX rAu0RNPgyNGI2i0jNAgjLqpDLrWMkwNMmL5uHIa7wgkA8Q4swKqPwMSf6her6fPd 2QGQnlsy9zYXYlg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwcUVWODO2xbMtdyhRD4X sfasNRqtPw8ONUbHMYE72u8Qp4Q5iGxdtYgbZUemD5WOkiTmpb1Q9Vw3WY1VMWP0 nuazOzXIgeCeSmM5gX1dtJYOulf4v7JD0C056elxeRkMxCUQPjbaSaLyO7fRExLH sowq4ksO7hzTFgN/4fw1jPa34k1pKEzUqUKmSWPFXwKFk1iY9Yb7j11D2sZ/N6e9 huOd1oAkRbvJrnxmBnQ3FxxvYox7C6ze8eFsIK9RUEDHuJ+xv1kzuroguogN3zib V5m2KAlJE5iecw4Radrkz61GElPtoCogNwNIFQ+CXg9TO+ekqxJ20aYmUt6Xeyoe 4NhaRolsDjTJxTs5wNsDtDtMNj0W6wdyYxR8L+i1XjXw60bYoGWmPkRWElX1AUDg gE0hBE00t6dXxg06TUQumOQcW9sqG2+VzsCPzTGlRLeWgaUOpuds+rgUhQKHcrLX +nMFAkMKJphOdJ2PKbIWkuuWPO/JcvR/mcyU4fc9QAImESvVATx4gt9yqN33Bwys qLPVAksF0taixk8+UcB2d1iQO8DhCrLgBA4HHekGLuxWvlXdNyQWPbV6/L1oRDTX 3ENN4lg40xpBxifrAcrijTLKlh8oDmJ6GiEXrHRKSRUpgh6aX0Y02ZCVa5+jqxsa 0f026tCC5MI/Opt+YOaQmcUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 25802291893388959552535224681505319676 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-24 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-23 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'LU' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Luxembourg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bibliothèque nationale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bnl.lu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 790512047598219346335433787057109971647458491113127940595658923327231089418470428071827560605634103024453915902663895817414376533734501433396583385897744940404160650534383788412368379380485356663907073911796496365195119257549812046258885092923174712759299444133695014521182002020097916796692184714553045188148183043845443915405163395788797329018405402201697334192129024888161593495961531285482596208673338034985053838452027914853923465967114077848435744869153426409004188311657877981684692416586999075614671760041028366719606380024161288631090533824319094266249820335435612865869540554995736565781486299357785151524176939537202656341475702897373172843664871450881424576357174683084520671161139812403873597004726137169106947293705158353662002264285149189652318430362020079249235438911563134618972299666577584630670701738865994690463005646900261557547891616776588842823722198211468367667192875199847131499754783175206843720550575564121242303161147747321544498947668130638381343875627893458613539091318563231687531856949789104125416516271255839731245915234900014679624461365050876384612864509617765313248926782639474232026627916403911588588599888192331491408273702264935013907632147143321537087882292453490116246274301753118299721341381 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6176e1aad30f54a3572eb53e1e7142c410344cde . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 016700760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a74000001884c9ec3260000040300473045022039e349fb6c2babae1874d85dcc35155cc51a182e32d3fde8d6af693dedde1b22022100f941b3bd5ed5fe38b48e62b3d6e4c987886c58af273657fa77978dc2c38c6376007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab000001884c9ec37f0000040300473045022008863098be8f7a1e0002a85e915975544afd99b6e0a113a265cbbf7f3a6b5976022100904d8db2b94dd8fc6c21e2498b520c1e9a8010f491306ed387789281eb43e9fd007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001884c9ec3530000040300463044022004dd6d27910091e47bbe76d8f4a52f9ce3d200d58fc0369c4c27289be630c82202207d2bf376662c9f1298ab53c3a235518af1cce2210d727e14f791b598b5eb4735 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bnl.lu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bnl.lu' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 007c6e4b44acd77e1ae520fb015bde6673f065087c261f317d07d53b852d49533e13ec06c98d81836869a2df9f04174ed3e523253bf69d7f3c6f58d44471ceda2ba0be1d9081ff839484214aeb91bb778f4e84cb220622f3ec3e77323a25608e916edd1ee2720d8516c73978654ae2d1ad2fc07d625f2b3519862d8d2b8f5dcf0546c74c1acbdd00b0daf389efa8fa18ab7c52ddc21d1094b0af4033ee4cfe2da751d012cc1c5548a4608d4c08ace5e61e17e9a59df4485b089bfd931ec2016526fa3d2252761eed6bb7c55533f46b163592d56b62850c5cdaf1bfa6199ac73ae7451931a64b3366c56fe5316223389918e78bfb1888263be89a1ebad5d1acffacd50a84ca0216d5dbfe5701fd87240d47ae385a642af1f69a0911498e208fb6e79ab8fcd82cba1e24f075aea13795377fef63558b953c184f45477c66647f8d7dc217c4d50ca14801cfc3799d0d4cb24253ac7f5947b10fb58557051077965b304572b926292b314c60bc52997aca34eee4a63cba10aa49c13b06a558936caccf763134b36e04a91e80348a8dc68251df77714a4e54e9028917e6582072571c2f5d7d7835f206ae17d4ea7c6c58128e3878e72aadb47854f3d15b85d4adbb216be164bab2d7ac0bb444d3e0c8d188da2d233408232eaa432eb58c93034c98be6e1c86bbc20900f10e2cc0aa8fc0c49fea17abe9f3ddd901909e5b32f736176258