bnl.lu
- Bibliothèque nationale -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number d2:8a:fc:66:19:cf:b1:b9:49:13:8f:09:8e:a8:90:5f was issued on by GEANT Vereniging.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Bibliothèque nationale
Organization:
Bibliothèque nationale
State / Province:
Luxembourg
Country: LU
Country: LU
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): d2:8a:fc:66:19:cf:b1:b9:49:13:8f:09:8e:a8:90:5fSerial Number (int): 279859535337791048365420646582402453599
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 52:14:f7:55:6d:c9:44:0a:72:9b:d3:0c:d0:ec:7d:86:df:bd:a5:16
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): 0a:34:f9:93:1d:2d:c1:67:06:ec:74:28:b1:9e:86:f0:0b:2e:aa:3a
Fingerprint (sha256): ca:02:16:ee:21:98:e0:c1:b1:71:2b:77:33:2d:e8:1f:ef:b0:c8:87:9d:0e:58:45:45:86:34:39:42:45:e0:6c
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate bnl.lu
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for bnl.lu
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bnl.lu
*.bnl.lu
*.bnl.lu
Other certificates including the domain name bnl.lu
(limited to 100 certificates)
*.proxy02.bnl.lu
*.proxy.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
bnl.lu
auth.bnl.lu
*.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
auth.bnl.lu
*.proxy04.bnl.lu
bnl.lu
*.proxy04.bnl.lu
auth3.bnl.lu
bnl.lu
luxemburgensia.bnl.lu
*.proxy.bnl.lu
analytics.bnl.lu
bnl.lu
windbook.bnl.lu
bnl.lu
bnl.lu
wifiportal-1.bnl.lu
auth-dev.bnl.lu
*.bnl.lu
*.proxy03.bnl.lu
auth1.bnl.lu
bnl.lu
auth1.bnl.lu
bnl.lu
analytics.bnl.lu
*.proxy03.bnl.lu
bnl.lu
windbook.bnl.lu
mia.bnl.lu
*.proxy03.bnl.lu
*.proxy.bnl.lu
bnl.lu
auth.bnl.lu
auth3.bnl.lu
lida.bnl.lu
bnl.lu
*.proxy04.bnl.lu
*.proxy.bnl.lu
luxemburgensia.bnl.lu
bnl.lu
*.proxy.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
bnl.lu
auth.bnl.lu
*.bnl.lu
*.proxy02.bnl.lu
*.proxy03.bnl.lu
auth.bnl.lu
auth.bnl.lu
*.proxy04.bnl.lu
bnl.lu
*.proxy04.bnl.lu
auth3.bnl.lu
bnl.lu
luxemburgensia.bnl.lu
*.proxy.bnl.lu
analytics.bnl.lu
bnl.lu
windbook.bnl.lu
bnl.lu
bnl.lu
wifiportal-1.bnl.lu
auth-dev.bnl.lu
*.bnl.lu
*.proxy03.bnl.lu
auth1.bnl.lu
bnl.lu
auth1.bnl.lu
bnl.lu
analytics.bnl.lu
*.proxy03.bnl.lu
bnl.lu
windbook.bnl.lu
mia.bnl.lu
*.proxy03.bnl.lu
*.proxy.bnl.lu
bnl.lu
auth.bnl.lu
auth3.bnl.lu
lida.bnl.lu
bnl.lu
*.proxy04.bnl.lu
*.proxy.bnl.lu
luxemburgensia.bnl.lu
bnl.lu
Certificate
The complete raw certificate details for bnl.lu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIISjCCBjKgAwIBAgIRANKK/GYZz7G5SROPCY6okF8wDQYJKoZIhvcNAQEMBQAw RDELMAkGA1UEBhMCTkwxGTAXBgNVBAoTEEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNV BAMTEUdFQU5UIE9WIFJTQSBDQSA0MB4XDTIyMDYwNzAwMDAwMFoXDTIzMDYwNzIz NTk1OVowVTELMAkGA1UEBhMCTFUxEzARBgNVBAgTCkx1eGVtYm91cmcxIDAeBgNV BAoMF0JpYmxpb3Row6hxdWUgbmF0aW9uYWxlMQ8wDQYDVQQDEwZibmwubHUwggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDBpw055AiWX7x1c5knFODlDzbT /SbI64XR+GaeHCSCT7ukhh/HRKpw7y+c4G5mUxL19NFpeyR2SFCLY0wtrAIIhVwJ bl6VzcA2jdZCZwNcSqke7yZbtPuTPhb3gEvbMxuF6VTITFyEKK9jZD+vLT/FNPEp arujpUgYDkiwm5ADvjfymw2B15xkABZBsRI8rJdT9Fjf0YYB+1Gyn0WNO5cBtBcJ ye93up8BUUMX5g+V3hjjSGzKVzasImadldod7pn/Vs86ONGVIbO9mwhnqSY8aRdr c0dvjCOgf16t+CZtryaR9Saw7LaoLuaAPFswItpB/WVMofC+I8eHA6ganTkMACk7 A5uxAB3y3jBpY0f+tQUi9FcSQypWS3sLNLvTghyYIWhG4WJgCbG+Hp2B4v+EbBHf dZXR6o+PFzjVggFzFvFaHXjmivxzFWTpLv22ggiReVIOYTAIfC7tn7RYEP/Pg8X7 FB+P9+6Cdep1d6hVsbJ2FEJFKuaKk8/AMfFjIBtPGTw/aT8RxLucWUK4210QsOq1 Gth2LdPqCGVfWGjR0TUH3c/NDeaonqWUL6GrmQt8NiLr69PloyPXwk8LsoHYXwCQ alTIHcFIDQ4HqXJ8KjN0QuW9jtQRXTXMQZD+rjFOUuPSIBGVRU+KHbEPKQHC08dR kOtVIVGuWhrTmM46pQIDAQABo4IDJDCCAyAwHwYDVR0jBBgwFoAUbx01SRBsMvpZ oJ68iugflb5xegwwHQYDVR0OBBYEFFIU91VtyUQKcpvTDNDsfYbfvaUWMA4GA1Ud DwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr BgEFBQcDAjBJBgNVHSAEQjBAMDQGCysGAQQBsjEBAgJPMCUwIwYIKwYBBQUHAgEW F2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECAjA/BgNVHR8EODA2MDSg MqAwhi5odHRwOi8vR0VBTlQuY3JsLnNlY3RpZ28uY29tL0dFQU5UT1ZSU0FDQTQu Y3JsMHUGCCsGAQUFBwEBBGkwZzA6BggrBgEFBQcwAoYuaHR0cDovL0dFQU5ULmNy dC5zZWN0aWdvLmNvbS9HRUFOVE9WUlNBQ0E0LmNydDApBggrBgEFBQcwAYYdaHR0 cDovL0dFQU5ULm9jc3Auc2VjdGlnby5jb20wggF/BgorBgEEAdZ5AgQCBIIBbwSC AWsBaQB1AK33vvp8/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABgT4t0SwA AAQDAEYwRAIgRxVsw67AmqQmBj8COX/bSBo05NVD9KnAM4fFS/rDUAcCIF+lhSzn BgGnBRqoF0o2hcUJ7gKylUijGvd0BQl802w6AHcAejKMVNi3LbYg6jjgUh7phBZw MhOFTTvSK8E6V6NS61IAAAGBPi3RRQAABAMASDBGAiEA4bCfJ/0ZMsm30KKc2Hvc 70HP5gnoaWoYC7o1X3o5uvgCIQClcHw8QvJJcplsNq+uLweT/RqXuYxFxTHH7WXe 4+Cw3QB3AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABgT4t0Q4A AAQDAEgwRgIhAJsUTGjm0OttslBiXqcI3GTB5iM6Na22nZINIeXz85z+AiEAhBtx bbu2ek5B9ee9XDzvkGXaux++FCBBka0vNGht8lAwGwYDVR0RBBQwEoIGYm5sLmx1 gggqLmJubC5sdTANBgkqhkiG9w0BAQwFAAOCAgEANJ+8E5pJmg2jUmNfD6OxihMf uAx9Yauiu/Hv1IGtAEkL84qXmLyzu3TSiaeObAQx/AUmFICG8oKklh1QCrd14Gjg Fo1JIZeJL8jRKtg1XIXQupLdFUm226Kisl5SNBRzvNuv9O9KzZs2EtAmjyiRsWkP PMBk6xpiLV2RG0GAhb85f8Cu+d0vZLkj3SzeAWBN7JwWBEdO0gQnI35OsReEbO+J 2lEazsMdCZB4prYkYWwQ/hbdJ8VfnXzWS+vk+NEagMpT2L1LGnjIQmBtL5fhioSk gK2RFZVBCO6lBtfZN0sYsO5tHfhPTSIq4UaERJZiBI6HIP9v1OS+Aiw55zROzuvv LnxWVhnHLAbRT50i7LG8W4HkDR1WG0FKQBAjmx50myD3p4vneedCzERjjBBXe1B6 LQcmDzt6/xJ2BUghsOxlwOpvNVU+NQ7mhuegy8wG0CORwxZsxSTkpV5uTidy66QU S63kEx1eURgvaLnlG6f5+91vPYgl8zP/SlBx+asXGJmFtgi8akmsQjwEIgKjFrx8 6wwnyUrdZWuq6jS1olAuLzuECuKEto9ComVHN5hcEQUR9ow3mSo4hger+xCXw85h m3TXSp1QzNrt9Ueh2E+VLEZb8KNPhzk7TzHIR2CunxMLxWOcZfrpAsQGKYiMb6bl kAiIuA8afBrmxBmlsM8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwacNOeQIll+8dXOZJxTg 5Q820/0myOuF0fhmnhwkgk+7pIYfx0SqcO8vnOBuZlMS9fTRaXskdkhQi2NMLawC CIVcCW5elc3ANo3WQmcDXEqpHu8mW7T7kz4W94BL2zMbhelUyExchCivY2Q/ry0/ xTTxKWq7o6VIGA5IsJuQA7438psNgdecZAAWQbESPKyXU/RY39GGAftRsp9FjTuX AbQXCcnvd7qfAVFDF+YPld4Y40hsylc2rCJmnZXaHe6Z/1bPOjjRlSGzvZsIZ6km PGkXa3NHb4wjoH9erfgmba8mkfUmsOy2qC7mgDxbMCLaQf1lTKHwviPHhwOoGp05 DAApOwObsQAd8t4waWNH/rUFIvRXEkMqVkt7CzS704IcmCFoRuFiYAmxvh6dgeL/ hGwR33WV0eqPjxc41YIBcxbxWh145or8cxVk6S79toIIkXlSDmEwCHwu7Z+0WBD/ z4PF+xQfj/fugnXqdXeoVbGydhRCRSrmipPPwDHxYyAbTxk8P2k/EcS7nFlCuNtd ELDqtRrYdi3T6ghlX1ho0dE1B93PzQ3mqJ6llC+hq5kLfDYi6+vT5aMj18JPC7KB 2F8AkGpUyB3BSA0OB6lyfCozdELlvY7UEV01zEGQ/q4xTlLj0iARlUVPih2xDykB wtPHUZDrVSFRrloa05jOOqUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 279859535337791048365420646582402453599 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-06-07 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-07 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'LU' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Luxembourg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bibliothèque nationale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bnl.lu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 790033458770497972271428226065473129503584520492353595428207852207023251001035568356243493578601301095840173004473397868399658906559522782451540178700475453192948446165131205016907373573022097718915607275531252596826979547451764532608236475020799972042763513405655228922025628254604425869916192778433457105523966726062771574367825987766015427786389266771444812237540046789180789371653821798068673870859486789116736221880522897067468277430704271405671245972033915392722899424077583923498367654039620683541089185587986258415233443986073842789359170761559583662411190301336640038570203428255368958529137541112201070482967329976096862669194321848600673545693016652923666547213692265453611153641954899694855000816904447941353922873556790174051432181112085827556202621754937192218905621910743654544682111778284032627861063218904659958726891331235150206873819387970452340305414350033837968840048574361934362633726823701027208751524109940190593100310698927564492520845188702175795543603682845633477940714650021145080659833776733194287265339612473525239276873276741909025142949213500914427967737201657457500575876787389436604809287463617431475477876757698551920795400070828938905956987389197083789625265846578222122560058327402549443759585957 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5214f7556dc9440a729bd30cd0ec7d86dfbda516 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007500adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a000001813e2dd12c0000040300463044022047156cc3aec09aa426063f02397fdb481a34e4d543f4a9c03387c54bfac3500702205fa5852ce70601a7051aa8174a3685c509ee02b29548a31af77405097cd36c3a0077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb52000001813e2dd1450000040300483046022100e1b09f27fd1932c9b7d0a29cd87bdcef41cfe609e8696a180bba355f7a39baf8022100a5707c3c42f24972996c36afae2f0793fd1a97b98c45c531c7ed65dee3e0b0dd007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001813e2dd10e00000403004830460221009b144c68e6d0eb6db250625ea708dc64c1e6233a35adb69d920d21e5f3f39cfe022100841b716dbbb67a4e41f5e7bd5c3cef9065dabb1fbe14204191ad2f34686df250 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bnl.lu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bnl.lu' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00349fbc139a499a0da352635f0fa3b18a131fb80c7d61aba2bbf1efd481ad00490bf38a9798bcb3bb74d289a78e6c0431fc0526148086f282a4961d500ab775e068e0168d492197892fc8d12ad8355c85d0ba92dd1549b6dba2a2b25e52341473bcdbaff4ef4acd9b3612d0268f2891b1690f3cc064eb1a622d5d911b418085bf397fc0aef9dd2f64b923dd2cde01604dec9c1604474ed20427237e4eb117846cef89da511acec31d099078a6b624616c10fe16dd27c55f9d7cd64bebe4f8d11a80ca53d8bd4b1a78c842606d2f97e18a84a480ad9115954108eea506d7d9374b18b0ee6d1df84f4d222ae14684449662048e8720ff6fd4e4be022c39e7344eceebef2e7c565619c72c06d14f9d22ecb1bc5b81e40d1d561b414a4010239b1e749b20f7a78be779e742cc44638c10577b507a2d07260f3b7aff1276054821b0ec65c0ea6f35553e350ee686e7a0cbcc06d02391c3166cc524e4a55e6e4e2772eba4144bade4131d5e51182f68b9e51ba7f9fbdd6f3d8825f333ff4a5071f9ab17189985b608bc6a49ac423c042202a316bc7ceb0c27c94add656baaea34b5a2502e2f3b840ae284b68f42a2654737985c110511f68c37992a388607abfb1097c3ce619b74d74a9d50ccdaedf547a1d84f952c465bf0a34f87393b4f31c84760ae9f130bc5639c65fae902c40629888c6fa6e5900888b80f1a7c1ae6c419a5b0cf