www-legacy.csl.mpg.de
- Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number d6:d4:4b:e7:6c:99:3f:44:9a:3c:1e:50:10:4d:63:d2 was issued on by GEANT Vereniging.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V.
Organization:
Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V.
State / Province:
Bayern
Country: DE
Country: DE
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): d6:d4:4b:e7:6c:99:3f:44:9a:3c:1e:50:10:4d:63:d2Serial Number (int): 285557097548016840414694071069855015890
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 03:04:bd:9f:8e:04:d5:f1:db:0a:3a:44:be:60:e2:9a:f5:df:fc:41
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): b1:41:6b:1e:8c:2d:23:40:ba:58:86:45:df:0e:2a:0b:ea:de:5b:00
Fingerprint (sha256): 00:5b:23:0b:23:35:93:d2:d4:8a:cf:d0:4b:ae:af:df:75:76:0b:fc:1d:11:92:3a:da:1d:03:7e:cb:4e:96:9f
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate www-legacy.csl.mpg.de
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www-legacy.csl.mpg.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www-legacy.csl.mpg.de
www-2019.csl.mpg.de
www-2021.csl.mpg.de
www-2019.csl.mpg.de
www-2021.csl.mpg.de
Other certificates including the domain name mpg.de
(limited to 100 certificates)
vweb14.gwdg.de
reem.mpiwg-berlin.mpg.de
calc.init.mpg.de
gitlab.pks.mpg.de
mpicc.csl.mpg.de
srzadrest-e01.vw.iame.mpg.de
porta.bgc-jena.mpg.de
gitlab.intranet.mpl.mpg.de
kanboard.mpimp-golm.mpg.de
ex-mcsrv1.mpe.mpg.de
www.mpl.mpg.de
s2000-proxmox2.mpibpc.mpg.de
tickets.mpl.mpg.de
shibb-staging.mpcdf.mpg.de
www-legacy.csl.mpg.de
idp.bpcentral.biophys.mpg.de
gv-events.mpg.de
matomo.mpdl.mpg.de
labfolder.mpdl.mpg.de
krapiwa.mpipz.mpg.de
*.mpib-berlin.mpg.de
caramba.bgc-jena.mpg.de
gc-ticket.mpipz.mpg.de
aruba-master.mpikg.mpg.de
nc.molgen.mpg.de
aircapdata.is.tue.mpg.de
common-objective.is.tuebingen.mpg.de
public.web.mpg.de
travel-magic.aesthetics.mpg.de
bcw19.sf.mpg.de
helpdesk.mpimp-golm.mpg.de
ccp-cn01.eva.mpg.de
chlorobox.mpimp-golm.mpg.de
svn.test.mpi-klsb.mpg.de
nagiosext.biochem.mpg.de
vpngv.vw.mpg.de
srzsysmanage1.vw.mpg.de
deepspace.ice.mpg.de
bfish.neuro.mpg.de
sally.molgen.mpg.de
musawwaratgraffiti.mpiwg-berlin.mpg.de
rubin.cbs.mpg.de
knb.mpiwg-berlin.mpg.de
voipgwgefo1.vw.mpg.de
vweb14.gwdg.de
srvgvexp-c02.vw.mpg.de
nextcloud.mpi-klsb.mpg.de
rubinul.tuebingen.mpg.de
mph.tuebingen.mpg.de
colloquia.mpifr-bonn.mpg.de
pubweb.mpi-inf.mpg.de
gc-web.mpipz.mpg.de.mpipz.mpg.de
sslvpn1.mis.mpg.de
lp-bookings.age.mpg.de
lnxsrv-0.mpa-garching.mpg.de
stories.mmg.mpg.de
mail.mucam.mpg.de
fhi-fpr-02-chassis.gnz.mpg.de
proton-vle2.pc.linmpi.mpg.de
atlas-innovations.de
vweb14.gwdg.de
arc-lin-cpt04.mpib-berlin.mpg.de
ftp.mpdl.mpg.de
ncatmaid.tuebingen.mpg.de
db1.aei.mpg.de
csl.mpg.de
desktop.ipp-hgw.mpg.de
intranet.age.mpg.de
www.cbs.mpg.de
prometheus.mpi-inf.mpg.de
resourcespace.mpiwg-berlin.mpg.de
s1020-dc3.d200.bpc.mpg.de
oc.rz-berlin.mpg.de
wiki-virgo.esc.rzg.mpg.de
erebos02.demogr.mpg.de
cvpn01.mis.mpg.de
voucher2.mis.mpg.de
db.arevir.de
npsw-www.mpg.de
ecocn04.eva.mpg.de
kyblab.tuebingen.mpg.de
pc-t6-166.mpipz.mpg.de
voip.ice.mpg.de
scinote.molgen.mpg.de
imap.mis.mpg.de
oak.mpipz.mpg.de
hlltwiki.hll.mpg.de
mail.ip.mpg.de
wints1.pc.linmpi.mpg.de
ds11g-dps2.zmaw.de
typo3-01.mpp.mpg.de
sciform.fkf.mpg.de
wiki.hest.brain.mpg.de
messaging.evolbio.mpg.de
auth-services.vw.mpg.de
extlyncweb.neuro.mpg.de
npsw-xedit.mpg.de
neuro.rzg.mpg.de
hilprecht.mpiwg-berlin.mpg.de
voipgwgv1.vw.mpg.de
reem.mpiwg-berlin.mpg.de
calc.init.mpg.de
gitlab.pks.mpg.de
mpicc.csl.mpg.de
srzadrest-e01.vw.iame.mpg.de
porta.bgc-jena.mpg.de
gitlab.intranet.mpl.mpg.de
kanboard.mpimp-golm.mpg.de
ex-mcsrv1.mpe.mpg.de
www.mpl.mpg.de
s2000-proxmox2.mpibpc.mpg.de
tickets.mpl.mpg.de
shibb-staging.mpcdf.mpg.de
www-legacy.csl.mpg.de
idp.bpcentral.biophys.mpg.de
gv-events.mpg.de
matomo.mpdl.mpg.de
labfolder.mpdl.mpg.de
krapiwa.mpipz.mpg.de
*.mpib-berlin.mpg.de
caramba.bgc-jena.mpg.de
gc-ticket.mpipz.mpg.de
aruba-master.mpikg.mpg.de
nc.molgen.mpg.de
aircapdata.is.tue.mpg.de
common-objective.is.tuebingen.mpg.de
public.web.mpg.de
travel-magic.aesthetics.mpg.de
bcw19.sf.mpg.de
helpdesk.mpimp-golm.mpg.de
ccp-cn01.eva.mpg.de
chlorobox.mpimp-golm.mpg.de
svn.test.mpi-klsb.mpg.de
nagiosext.biochem.mpg.de
vpngv.vw.mpg.de
srzsysmanage1.vw.mpg.de
deepspace.ice.mpg.de
bfish.neuro.mpg.de
sally.molgen.mpg.de
musawwaratgraffiti.mpiwg-berlin.mpg.de
rubin.cbs.mpg.de
knb.mpiwg-berlin.mpg.de
voipgwgefo1.vw.mpg.de
vweb14.gwdg.de
srvgvexp-c02.vw.mpg.de
nextcloud.mpi-klsb.mpg.de
rubinul.tuebingen.mpg.de
mph.tuebingen.mpg.de
colloquia.mpifr-bonn.mpg.de
pubweb.mpi-inf.mpg.de
gc-web.mpipz.mpg.de.mpipz.mpg.de
sslvpn1.mis.mpg.de
lp-bookings.age.mpg.de
lnxsrv-0.mpa-garching.mpg.de
stories.mmg.mpg.de
mail.mucam.mpg.de
fhi-fpr-02-chassis.gnz.mpg.de
proton-vle2.pc.linmpi.mpg.de
atlas-innovations.de
vweb14.gwdg.de
arc-lin-cpt04.mpib-berlin.mpg.de
ftp.mpdl.mpg.de
ncatmaid.tuebingen.mpg.de
db1.aei.mpg.de
csl.mpg.de
desktop.ipp-hgw.mpg.de
intranet.age.mpg.de
www.cbs.mpg.de
prometheus.mpi-inf.mpg.de
resourcespace.mpiwg-berlin.mpg.de
s1020-dc3.d200.bpc.mpg.de
oc.rz-berlin.mpg.de
wiki-virgo.esc.rzg.mpg.de
erebos02.demogr.mpg.de
cvpn01.mis.mpg.de
voucher2.mis.mpg.de
db.arevir.de
npsw-www.mpg.de
ecocn04.eva.mpg.de
kyblab.tuebingen.mpg.de
pc-t6-166.mpipz.mpg.de
voip.ice.mpg.de
scinote.molgen.mpg.de
imap.mis.mpg.de
oak.mpipz.mpg.de
hlltwiki.hll.mpg.de
mail.ip.mpg.de
wints1.pc.linmpi.mpg.de
ds11g-dps2.zmaw.de
typo3-01.mpp.mpg.de
sciform.fkf.mpg.de
wiki.hest.brain.mpg.de
messaging.evolbio.mpg.de
auth-services.vw.mpg.de
extlyncweb.neuro.mpg.de
npsw-xedit.mpg.de
neuro.rzg.mpg.de
hilprecht.mpiwg-berlin.mpg.de
voipgwgv1.vw.mpg.de
Certificate
The complete raw certificate details for www-legacy.csl.mpg.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIrDCCBpSgAwIBAgIRANbUS+dsmT9EmjweUBBNY9IwDQYJKoZIhvcNAQEMBQAw RDELMAkGA1UEBhMCTkwxGTAXBgNVBAoTEEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNV BAMTEUdFQU5UIE9WIFJTQSBDQSA0MB4XDTIzMDEwNjAwMDAwMFoXDTI0MDEwNjIz NTk1OVowgYcxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCYXllcm4xRzBFBgNVBAoM Pk1heC1QbGFuY2stR2VzZWxsc2NoYWZ0IHp1ciBGw7ZyZGVydW5nIGRlciBXaXNz ZW5zY2hhZnRlbiBlLlYuMR4wHAYDVQQDExV3d3ctbGVnYWN5LmNzbC5tcGcuZGUw ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDVuqtFS2yWXwmwudDkPYWt kjeqGtKkcFq3FQ+j1407riUpDH5EK41HE8IzJBx0kAN9Ee58T3MCt86jtzKJZ3ss R098ivInvCrVESohgDd0QmnbJZua6g8OxYbK2DWmsS5THdUi6sBFkHDTfHo3Jzhn lXoFb4+WWGsXt/vVSrQYpEA6J6GwDO4qXFzSkstZbUxiPNsmRPRD2+ZVfjSRIszB 858h+4TBawEf07vpDX9e8ZOQNcDy80piO02rtBUtTz4L5tuF9ON6rKTH3b9O/Vwz VR9C0OffGCpvRJyoTTdKeRpEsDPekdgpsNWzP70/xoyB6ISwXAh6IJU9x3P2F69V NwoJmk2HBh3QXBfF37ud5hjSchCNuQy9cCi3IZPPE362vW7ddndSmFLt0PzHYN5e /yTb0yGB2uKygjZ7Tf7XHcicz4de0q6dmlx1wz8hAlRyh1cWe05mtETEZFe8zdGZ LvUXPrqZuPIPMPyfsXcyx9yekwpOaPiT4byn3wOn0m3Phuzy5a572eRc9IHyy7LC QQ4H8jEeYsVPpVoUN8veAi7MBFFcSwco5ruPMv1G0IGuIUKeffx7V0wu4YFRLtaN PNQbkMMuhjFyRUPyRr5KLiv0D6XXMyjzaPRFV/qopAe9Qlkmp1CtC/4aHI99P4Go dG03Augs8xRa8pqsWSucQwIDAQABo4IDUzCCA08wHwYDVR0jBBgwFoAUbx01SRBs MvpZoJ68iugflb5xegwwHQYDVR0OBBYEFAMEvZ+OBNXx2wo6RL5g4pr13/xBMA4G A1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjBJBgNVHSAEQjBAMDQGCysGAQQBsjEBAgJPMCUwIwYIKwYBBQUH AgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECAjA/BgNVHR8EODA2 MDSgMqAwhi5odHRwOi8vR0VBTlQuY3JsLnNlY3RpZ28uY29tL0dFQU5UT1ZSU0FD QTQuY3JsMHUGCCsGAQUFBwEBBGkwZzA6BggrBgEFBQcwAoYuaHR0cDovL0dFQU5U LmNydC5zZWN0aWdvLmNvbS9HRUFOVE9WUlNBQ0E0LmNydDApBggrBgEFBQcwAYYd aHR0cDovL0dFQU5ULm9jc3Auc2VjdGlnby5jb20wggF/BgorBgEEAdZ5AgQCBIIB bwSCAWsBaQB1AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABhYSS 0pIAAAQDAEYwRAIgKkHHDpTHyi3ksEhUmGDjl0DOtsCI6jf/qEO7xj1rKK8CIHPF 4J2RGrKgsiLSGj8ieHXsohXjTQgU73+ygPAo6n9uAHcA2ra/az+1tiKfm8K7XGvo cJFxbLtRhIU0vaQ9MEjX+6sAAAGFhJLSbwAABAMASDBGAiEAlFVEyPNUV+t1XjYI WXiZNLffY78WIuckfQe+WgVM2LsCIQCIXxekoMI3xGCVUSbDwG2NM4MRV4smz6v1 QD4FevJivAB3AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABhYSS 0jkAAAQDAEgwRgIhALEVkRTpRycbgAnV/8/G3hU4/89lQ/o0q2C3EuB+kPffAiEA 4IRP66jqYoD79KOa66PN6QPqyOTuZiKKLnNTyw22XgkwSgYDVR0RBEMwQYIVd3d3 LWxlZ2FjeS5jc2wubXBnLmRlghN3d3ctMjAxOS5jc2wubXBnLmRlghN3d3ctMjAy MS5jc2wubXBnLmRlMA0GCSqGSIb3DQEBDAUAA4ICAQCXMDenlqricndQcPB/dz4y hAkLQdxuD8cVQnwJNbdQfh9jpTI+FwkXZF7HQrAiCXKb1KJkmSrNEd0Bj/YSoF9v 78lzaW9RECN9o2ZKjxEc8dqeGBWh7FLNRlcBqNBwnURkR59mJOAq0fALkmXSdpuW wjxzZKvI7k/68SAC9Rr8Ll4KjCR2XzU5LXd7diwnlJd3xfT2p5zfdu5yVD+eIfF7 GYjVy0XIF4H1EElgyR8z7Ueyq8ODWqxOa+dP2gjgTwoMRAjcq6Mg9saFl1lhadza H21P3J/K3B3DJBLJWxc98zn51KBOHeECwMjBNmt97xqMh7qg1D6rST5A3IKm211W REpRPGVe8ocp8J03XSYo3OqfbcRcMQN57dCCPZksbx4WB0LsqmOQqltgeqfbpsFK tLUyHtSHGVu3RudeW0FZnIv1U/XU3KspWE/jJ7gVSSuNpd3x38KVUxNWEr+MNc5K EcBc947JRFeF0pO0rp3m9Kwy5PkoWCt7J6sjlaqrrwKi65mos1SnWkTUwkm0+V0t ttOVJNo3M04Dg/GMqZ74srWXhQUhnDsmEAIkDQcG+wgptMr3f0YwBo0uGs50lnaf j/bwdG6eht7Ryt1DiPftF+hBj9caClD4y/FE5HSeVS+Tb1vS11Z8reUwCKNRKZzb b+pyyncTwUQnZfb1akS4OQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1bqrRUtsll8JsLnQ5D2F rZI3qhrSpHBatxUPo9eNO64lKQx+RCuNRxPCMyQcdJADfRHufE9zArfOo7cyiWd7 LEdPfIryJ7wq1REqIYA3dEJp2yWbmuoPDsWGytg1prEuUx3VIurARZBw03x6Nyc4 Z5V6BW+PllhrF7f71Uq0GKRAOiehsAzuKlxc0pLLWW1MYjzbJkT0Q9vmVX40kSLM wfOfIfuEwWsBH9O76Q1/XvGTkDXA8vNKYjtNq7QVLU8+C+bbhfTjeqykx92/Tv1c M1UfQtDn3xgqb0ScqE03SnkaRLAz3pHYKbDVsz+9P8aMgeiEsFwIeiCVPcdz9hev VTcKCZpNhwYd0FwXxd+7neYY0nIQjbkMvXAotyGTzxN+tr1u3XZ3UphS7dD8x2De Xv8k29MhgdrisoI2e03+1x3InM+HXtKunZpcdcM/IQJUcodXFntOZrRExGRXvM3R mS71Fz66mbjyDzD8n7F3MsfcnpMKTmj4k+G8p98Dp9Jtz4bs8uWue9nkXPSB8suy wkEOB/IxHmLFT6VaFDfL3gIuzARRXEsHKOa7jzL9RtCBriFCnn38e1dMLuGBUS7W jTzUG5DDLoYxckVD8ka+Si4r9A+l1zMo82j0RVf6qKQHvUJZJqdQrQv+GhyPfT+B qHRtNwLoLPMUWvKarFkrnEMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 285557097548016840414694071069855015890 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-06 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-06 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bayern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www-legacy.csl.mpg.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 871938964554773098063370379540868535274130141725446460268936274536700436507342010878172127506367914771339785535894555567512360582991343169532909942789319807315221386189012698985715872673767481191800931579074117093052838799786578400749092006892775278872580620352633524596834733186560000017904344159556793811199728074473689473462317519213501747176540733360460681957060232424368034808025082078236855890269606578395118411045840207801537335938250545358013027494665590130541195011792062005518620412133171786903934583240733680386243716521373425464379774424917382333778769233666499368261671645508336992697747477159565787825496079968191442907252037944017916526205309699063216347330096882973817484945401236065242111326569785493174950697258232583052455143600711803244043997566111946717248812291750146728224117652499104170761246592629855400005135200650628414160393638850848706171656706645567735691868730458171968498671402346802393842554223853413222297251708203699426411763776444034614025098058841024037977473038431979837555495123798062024527057857795622498086772477010650730942565409622698547078096901544320772057575750461441427700442646803686688792276460211647404696561100816868577222252555404905856344759890636241141952300263204796692538563651 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0304bd9f8e04d5f1db0a3a44be60e29af5dffc41 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 016900750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a74000001858492d292000004030046304402202a41c70e94c7ca2de4b048549860e39740ceb6c088ea37ffa843bbc63d6b28af022073c5e09d911ab2a0b222d21a3f227875eca215e34d0814ef7fb280f028ea7f6e007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab000001858492d26f0000040300483046022100945544c8f35457eb755e360859789934b7df63bf1622e7247d07be5a054cd8bb022100885f17a4a0c237c460955126c3c06d8d338311578b26cfabf5403e057af262bc007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001858492d2390000040300483046022100b1159114e947271b8009d5ffcfc6de1538ffcf6543fa34ab60b712e07e90f7df022100e0844feba8ea6280fbf4a39aeba3cde903eac8e4ee66228a2e7353cb0db65e09 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-legacy.csl.mpg.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-2019.csl.mpg.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-2021.csl.mpg.de' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00973037a796aae272775070f07f773e3284090b41dc6e0fc715427c0935b7507e1f63a5323e170917645ec742b02209729bd4a264992acd11dd018ff612a05f6fefc973696f5110237da3664a8f111cf1da9e1815a1ec52cd465701a8d0709d4464479f6624e02ad1f00b9265d2769b96c23c7364abc8ee4ffaf12002f51afc2e5e0a8c24765f35392d777b762c27949777c5f4f6a79cdf76ee72543f9e21f17b1988d5cb45c81781f5104960c91f33ed47b2abc3835aac4e6be74fda08e04f0a0c4408dcaba320f6c68597596169dcda1f6d4fdc9fcadc1dc32412c95b173df339f9d4a04e1de102c0c8c1366b7def1a8c87baa0d43eab493e40dc82a6db5d56444a513c655ef28729f09d375d2628dcea9f6dc45c310379edd0823d992c6f1e160742ecaa6390aa5b607aa7dba6c14ab4b5321ed487195bb746e75e5b41599c8bf553f5d4dcab29584fe327b815492b8da5ddf1dfc29553135612bf8c35ce4a11c05cf78ec9445785d293b4ae9de6f4ac32e4f928582b7b27ab2395aaabaf02a2eb99a8b354a75a44d4c249b4f95d2db6d39524da37334e0383f18ca99ef8b2b5978505219c3b261002240d0706fb0829b4caf77f4630068d2e1ace7496769f8ff6f0746e9e86ded1cadd4388f7ed17e8418fd71a0a50f8cbf144e4749e552f936f5bd2d7567cade53008a351299cdb6fea72ca7713c1442765f6f56a44b839