diff --git a/src/main/java/eu/webeid/security/validator/certvalidators/SubjectCertificatePurposeValidator.java b/src/main/java/eu/webeid/security/validator/certvalidators/SubjectCertificatePurposeValidator.java
index 4306a9cc..8332f740 100644
--- a/src/main/java/eu/webeid/security/validator/certvalidators/SubjectCertificatePurposeValidator.java
+++ b/src/main/java/eu/webeid/security/validator/certvalidators/SubjectCertificatePurposeValidator.java
@@ -57,6 +57,7 @@ public static void validateCertificatePurpose(X509Certificate subjectCertificate
             if (usages == null || usages.isEmpty()) {
                 // Digital Signature extension present, but Extended Key Usage extension not present,
                 // assume it is an authentication certificate (e.g. Luxembourg eID).
+                LOG.debug("User certificate has Digital Signature key usage and no Extended Key Usage extension, this means that it can be used for client authentication.");
                 return;
             }
             if (!usages.contains(EXTENDED_KEY_USAGE_CLIENT_AUTHENTICATION)) {